IPC: Tests addition and updates for PSA FF 1.0
- Tests addition and updates for PSA FF 1.0
- Remove unused platform files
- Update READMEs for security implication note
- Minor bug fixes
diff --git a/api-tests/CMakeLists.txt b/api-tests/CMakeLists.txt
index a43c3ae..80f7d58 100644
--- a/api-tests/CMakeLists.txt
+++ b/api-tests/CMakeLists.txt
@@ -91,6 +91,9 @@
# list of VERBOSE options
list(APPEND PSA_VERBOSE_OPTIONS 1 2 3 4 5)
+# list of PLATFORM_PSA_ISOLATION_LEVEL options
+list(APPEND PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS 1 2 3)
+
message(STATUS "[PSA] : ----------Process input arguments- start-------------")
# Check for TARGET command line argument
@@ -206,16 +209,26 @@
# Check for VERBOSE
if(NOT DEFINED VERBOSE)
set(VERBOSE 3 CACHE INTERNAL "Default VERBOSE value" FORCE)
- message(STATUS "[PSA] : Defaulting to VERBOSE=3")
+ message(STATUS "[PSA] : Defaulting to VERBOSE=${VERBOSE}")
else()
if(NOT ${VERBOSE} IN_LIST PSA_VERBOSE_OPTIONS)
message(FATAL_ERROR "[PSA] : Error: Unspported value for -DVERBOSE=, supported values are : ${PSA_VERBOSE_OPTIONS}")
endif()
endif()
+# Check for PLATFORM_PSA_ISOLATION_LEVEL
+if(NOT DEFINED PLATFORM_PSA_ISOLATION_LEVEL)
+ set(PLATFORM_PSA_ISOLATION_LEVEL 3 CACHE INTERNAL "Default PLATFORM_PSA_ISOLATION_LEVEL value" FORCE)
+ message(STATUS "[PSA] : Defaulting to PLATFORM_PSA_ISOLATION_LEVEL=${PLATFORM_PSA_ISOLATION_LEVEL}")
+else()
+ if(NOT ${PLATFORM_PSA_ISOLATION_LEVEL} IN_LIST PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS)
+ message(FATAL_ERROR "[PSA] : Error: Unspported value for -DPLATFORM_PSA_ISOLATION_LEVEL=, supported values are : ${PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS}")
+ endif()
+endif()
+
if(NOT DEFINED INCLUDE_PANIC_TESTS)
set(INCLUDE_PANIC_TESTS 0 CACHE INTERNAL "By default panic tests are disabled" FORCE)
- message(STATUS "[PSA] : Defaulting to INCLUDE_PANIC_TESTS=0")
+ message(STATUS "[PSA] : Defaulting to INCLUDE_PANIC_TESTS=${INCLUDE_PANIC_TESTS}")
else()
if(INCLUDE_PANIC_TESTS EQUAL 1)
message(STATUS "[PSA] : Ensure you set watchdog.num to 1 in ${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cfg")
@@ -273,6 +286,7 @@
${PSA_CLIENT_TEST_LIST_INC}
${PSA_SERVER_TEST_LIST_DECLARE_INC}
${PSA_SERVER_TEST_LIST})
+
# Creating CMake list variable from file
file(READ ${PSA_TESTLIST_FILE} PSA_TEST_LIST)
string(REGEX REPLACE "\n" ";" PSA_TEST_LIST "${PSA_TEST_LIST}")
@@ -343,6 +357,7 @@
add_definitions(-DPSA_CMAKE_BUILD)
add_definitions(-D${SUITE})
add_definitions(-DVERBOSE=${VERBOSE})
+add_definitions(-DPLATFORM_PSA_ISOLATION_LEVEL=${PLATFORM_PSA_ISOLATION_LEVEL})
if(${SP_HEAP_MEM_SUPP} EQUAL 1)
add_definitions(-DSP_HEAP_MEM_SUPP)
diff --git a/api-tests/dev_apis/README.md b/api-tests/dev_apis/README.md
index f722b0b..83aac79 100644
--- a/api-tests/dev_apis/README.md
+++ b/api-tests/dev_apis/README.md
@@ -82,11 +82,14 @@
For details on test suite integration, refer to the **Integrating the test suite with the SUT** section of [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf).
+## Security implication
+
+PSA API test suite may run at higher privilege level. An attacker can utilize these tests as a means to elevate privilege which can potentially reveal the platform secure attests. To prevent such security vulnerabilities into the production system, it is strongly recommended that PSA API test suite is run on development platforms. If it is run on production system, make sure system is scrubbed after running the test suite.
+
## License
Arm PSA test suite is distributed under Apache v2.0 License.
-
## Feedback, contributions, and support
- For feedback, use the GitHub Issue Tracker that is associated with this repository.
diff --git a/api-tests/docs/psa_ipc_testlist.md b/api-tests/docs/psa_ipc_testlist.md
index fe0a105..c8343db 100644
--- a/api-tests/docs/psa_ipc_testlist.md
+++ b/api-tests/docs/psa_ipc_testlist.md
@@ -1,122 +1,123 @@
# PSA FF IPC Testcase checklist
-| Tests | Scenario Rules | Client- Server Test Functions Pair | Test Algorithm/Comments/Test Limitation | Rule optional for API compliance? | Is scenario implemented in this release? |
-|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|------------------------------------------|
-| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. Manifest field- psa_framework_version: Version of the PSA Firmware Framework specification this manifest conforms to. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API from both SPE and NSPE side and compare the return value with PSA_FRAMEWORK_VERSION. | Mandatory | Yes |
-| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the minor version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value. <br />2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value. <br />3. Pass SID who is implemented and provides service to NSPE and expect minor number(>0) of given RoT service as return. <br />Perform all above checks from SPE too. | Mandatory | Yes |
-| test_i002 | 1. psa_connect() returns the PSA_ERROR_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error). <br />2. psa_connect() returns the PSA_ERROR_CONNECTION_REFUSED when RoT Service has refused the connection <br />3. psa_wait() returns the Secure Partition interrupt signals that have been asserted from a subset of signals provided by the caller. Returns > 0 when at least one signal is asserted <br />4. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />5. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message. <br />6. The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />7. psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_ERROR_CONNECTION_REFUSED (permanent error) or PSA_ERROR_CONNECTION_BUSY (transient error) status code. <br /> | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() <br />2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() <br />3. RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_BUSY) <br />4. Client tries to connect to same ROT service using psa_connect() again <br />5. This time, RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_REFUSED) <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. <br />2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />3. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message <br />4. psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />5. psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. <br />6. psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. <br />7. psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. <br /> | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service <br /> 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() <br />3. RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). <br />4. Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value <br />5. RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | Following are allowed minor version condition to psa_connect(): <br /> 1. Version policy is not mentioned and requested version is 1 which is default minimum version <br />2. Version policy is STRICT and requested version equals minimum version <br />3. Version policy is relaxed and requested version is smaller than the minimum version <br /> 4. Version policy is relaxed and requested version is euqal to the minimum version <br /> | [client/server]_test_connect_with_allowed_minor_version_policy() | Client tries connecting ROT service of following properties and expects connection to establish: <br /> - Version policy is not mentioned and requested version is 1 which is default minimum version <br /> - Version policy is STRICT and requested version equals minimum version <br /> - Version policy is relaxed and requested version is smaller than the minimum version <br /> - Version policy is relaxed and requested version is equal to the minimum version <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call(): The valid psa_call, make SPM to send PSA_IPC_CALL msg.type to the RoT servicee partition and the successful call should return >=0 handle value. <br />2. psa_call() receives return value >= 0 for RoT-specific return code <br />3. psa_call() receive return value < 0 for RoT-specific error code <br />4. psa_reply(): If the message type is PSA_IPC_CALL, all status codes other than PSA_ERROR_PROGRAMMER_ERROR must be reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service <br />2. Client sends message using psa_call() <br />3. RoT service checks the delivery of PSA_IPC_CALL message type and positive handle value return by psa_get() <br />4. RoT service ends the call using psa_reply(status_code) <br />5. Client checks the return value of psa_call() and Client closes the connectionRepeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. <br />2. Client_id is valid during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT msg type. <br />3. Manifest Parameter- name (required, unique) <br />A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. | [client/server]_test_identity() | - Check the value returned by msg.client_id during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT. For NSPE connection, client_id should be <0 and for SPE, it should be >0. <br />Perform all above steps from NSPE and SPE both. <br />- Access the Partition ID of client partition and compare the value with expected ID value. | Mandatory | Yes |
-| | 1. psa_connect() will return the PSA_ERROR_CONNECTION_REFUSED OR PSA_ERROR_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY to indicate end of concurrent connections limit. <br />Perform above step from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_wait(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. <br />2. psa_wait(): Callers must set RES to zero, implementations must ignore the value of RES. <br /> | [client/server]_test_psa_block_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service psa_wait(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed without while(1) loop. <br />3. RoT service serves the connections by rejecting them. <br />This is a sanity check, a successful handshaking between client and server for requested connection represents check pass. <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_wait(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_poll_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service executes psa_wait(PSA_POLL) in a while loop and checks the API's polling behaviour. <br />3. Call psa_wait(PSA_POLL) when no request is made by client and checks the return value. <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. <br />2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT <br />3. ROT service sets the rhandle with known value. <br />4. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value <br />5. ROT service sets the rhandle with known value other than previously set value <br />6. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value <br />7. The reverse handle for a connection is NULL until psa_set_rhandle() is used <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). <br />2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. <br />3. psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. <br />4. psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. <br />5. psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. <br />6. psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br />7. psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped <br />8. psa_skip(): If There was no remaining data in this input vector, return zero <br />9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br /> | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service <br />2.Client sends four input vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of input vectors size through msg.in_size <br /> - Input vectors content reading through psa_read <br /> -Inbound /Outbound offset reading <br /> -Inbound/Outbound offset skipping <br /> -Zero byte read and skip <br /> -out_len=0 check <br />4. Client recieves the status of RoT service checks and closes the connection <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. <br />2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service <br />2. Client sends four output vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of output vectors size through msg.out_size <br /> - in_len=0 check <br /> - zero byte write <br /> - Out vector writes using psa_write <br /> - Vector write concatenation <br />4. Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero.A memory reference contains a start address and an associated length. A zero-length memory reference is one where the length is zero. The start address of a zero-length memory reference can safely take any value and must be ignored by the implementation. <br />2. psa_call(): If in_len is zero then in_vec is ignored <br />3. sa_call(): If out_len is zero then out_vec is ignored <br />4. psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec()[client/server]_test_zero_length_outvec() | Test zero lenth input vector: <br />1. Client connects to RoT service <br />2. Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Test zero lenth output vector: <br />1. Client connects to RoT service <br />2. Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. <br />2. When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. <br />2. RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original <br />3. RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. <br />4. Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | Mandatory | Yes |
-| test_i004 | The call to psa_connect() is PROGRAMMER ERROR if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i005 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i006 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is Lower than minimum version. <br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i007 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_minor_version() | call psa_connect with SID whose Version policy is RELAXED and requested minor version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. <br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i008 | 1. The call to psa_connect() is PROGRAMMER ERROR if service to non_secure_client is not available <br />2. Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i009 | 1. The call to psa_connect() is PROGRAMMER ERROR if SID is not mentioned in dependencies field. <br />2. Manifest parameter- dependencies (optional) <br />If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unextern_sid_connection() | Call psa_connect with SID which is not mentioned as external SID in manifest and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
-| test_i010 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version higher than minimum version. | [client/server]_test_unspecified_policy_with_higher_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. <br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i011 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version lower than minimum version | [client/server]_test_unspecified_policy_with_lower_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is lower than minimum version and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i012 | The call to psa_close() is PROGRAMMER ERROR if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i013 | The call to psa_get() is PROGRAMMER ERROR if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
-| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
-| test_i015 | The call to psa_get() is PROGRAMMER ERROR if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i016 | The call to psa_get() is PROGRAMMER ERROR if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous.For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i018 | The call to psa_set_rhandle() is PROGRAMMER ERROR if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call | Optional | Yes |
-| test_i019 | The call to psa_set_rhandle() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS, PSA_ERROR_CONNECTION_BUSY and PSA_ERROR_CONNECTION_REFUSED is a PROGRAMMER ERROR. | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i021 | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. (psa_wait API to recieve interrupt signal) <br /> 2. psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. <br />3.psa_eoi(): A signal remains active until it is processed by psa_eoi <br />4. Manifest- irqs (optional, unique)This attribute is a list of IRQ lines which are assigned to the Secure Partition.A Secure Partition always has exclusive access to an assigned IRQ. Secure Partitions are not allowed to share IRQs with other Secure Partitions.Each IRQ specified must provide a signal field. This field contains a symbolic name for the signal, used by the SPM to indicate when the interrupt is asserted. Each IRQ line is declared as either of the following:¿ line_num: A valid IRQ number for the platform.¿ line_name: A named IRQ, represented by a string identifier. | | Generate interrupt for driver partition assigned irq number and checks that:<br />- interrupt is routed to driver patition <br />- psa_wait returns the required irq_signal value<br />- end of interrupt using psa_eoi<br />Test Limitation:<br />1. Rules around sharing of irq lines can't be tested as specifiying it can result into build error.<br />2. Test suite partition manifests are rely on only line_num for specifying irq line number as line_name is subject to resolved in Implementation defined manner. | Mandatory | Yes |
-| test_i022 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i023 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is Null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | Optional | Yes |
-| test_i024 | The call to psa_call() is PROGRAMMER ERROR if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call.Perform this step from NSPE and SPE both. | Optional | Yes |
-| test_i025 | The call to psa_call() is PROGRAMMER ERROR if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE and expect PROGRAMMER ERROR behaviour for API call.<br />Perform this step from NSPE and SPE both. | Optional | Yes |
-| test_i026 | The call to psa_call() is PROGRAMMER ERROR if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs and expect PROGRAMMER ERROR behaviour for API call. <br />Perform this step from NSPE and SPE both. | Optional | Yes |
-| test_i027 | If the message type is PSA_IPC_CALL and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_ERROR_PROGRAMMER_ERROR. After this, the RoT Service will receive no further PSA_IPC_CALL messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. <br />If the SPM does not restart the system in response to the above PROGRAMMER ERROR, then termination of the connection has the following effects:<br />- No further PSA_IPC_CALL messages will be received by the RoT Service for the connection.<br />- The RoT Service will receive a PSA_IPC_DISCONNECT message for the connection to release resources and reset state associated with the connection.<br />- The failing call to psa_call() will return PSA_ERROR_PROGRAMMER_ERROR.<br />- Subsequent calls to psa_call() on the same connection will immediately return PSA_ERROR_PROGRAMMER_ERROR.<br />- The client must call psa_close() to close the connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code equal to PSA_ERROR_PROGRAMMER_ERROR during PSA_IPC_CALL.Client expects either PSA_ERROR_PROGRAMMER_ERROR as returned status code for psa_call or system to get paniced <br />Perform above steps from NSPE and SPE both. | Optional | Yes |
-| test_i028 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i029 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i030 | The call to psa_read() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i031 | The call to psa_read() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i032 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i033 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i034 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i035 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i036 | The call to psa_skip() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i037 | The call to psa_skip() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i038 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i039 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i040 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i041 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i042 | The call to psa_write() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i043 | The call to psa_write() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i044 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i045 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i046 | The call to psa_write() is PROGRAMMER ERROR if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i047 | The call to psa_get() is PROGRAMMER ERROR if The msg pointer provided is not a valid memory reference | [client/server]_test_psa_get_with_invalid_msg_pointer() | Call psa_get with invalid msg pointer and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid pointer is as below:<br />if (ISOLATION_LEVEL > 1)<br /> // PSA RoT Pointer <br /> psa_get(msg_pointer = driver_mmio_base);<br />else<br /> psa_get(msg_pointer = NULL);<br /> | Optional | Yes |
-| test_i048 | The call to psa_call() is PROGRAMMER ERROR if address of in_vec is invalid for client | [client/server]_test_psa_call_with_invalid_invec_pointer | Call psa_call with invalid address for invec and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid invec pointer is as below:<br /> if caller == CALLER_NONSECURE<br /> // PSA RoT pointer<br /> invec_pointer = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invec_pointer = driver_mmio_base;<br /> else<br /> invec_pointer = NULL; | Optional | Yes |
-| test_i049 | The call to psa_call() is PROGRAMMER ERROR if address of out_vec is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_pointer() | Call psa_call with invalid address for outvec and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid outvec pointer is as below:<br /> if caller == CALLER_NONSECURE<br /> // PSA RoT pointer<br /> outvec_pointer = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> outvec_pointer = driver_mmio_base;<br /> else<br /> outvec_pointer = NULL; | Optional | Yes |
-| test_i050 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_base() | Call psa_call with invalid address for psa_invec.base and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid base is as below:<br /> if caller == CALLER_NONSECURE<br /> // PSA RoT pointer<br /> invalid_base = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invalid_base = driver_mmio_base;<br /> else<br /> invalid_base = NULL; | Optional | Yes |
-| test_i051 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_base() | Call psa_call with invalid address for psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid base is as below:<br /> if caller == CALLER_NONSECURE<br /> // PSA RoT pointer<br /> invalid_base = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invalid_base = driver_mmio_base;<br /> else<br /> invalid_base = NULL; | Optional | Yes |
-| test_i052 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_end_addr() | Call psa_call with valid address for psa_invec.base but (psa_invec.base + psa_invec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of base and size are as below:<br /> if caller == CALLER_NONSECURE<br /> valid_base = nspe_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> valid_base = server_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1);<br /> | Optional | Yes |
-| test_i053 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_end_addr() | Call psa_call with valid address for psa_outvec.base but (psa_outvec.base + psa_outvec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of base and size are as below:<br /> if caller == CALLER_NONSECURE<br /> valid_base = nspe_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> valid_base = server_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1);<br /> | Optional | Yes |
-| test_i054 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base is not writable | [client/server]_test_psa_call_with_not_writable_outvec_base() | Call psa_call with not writable (code address) psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i055 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_read_with_invalid_buffer_addr() | Call psa_read with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call.<br />Selection of buffer address is as below:<br />if (ISOLATION_LEVEL > 1)<br /> buffer = driver_mmio_region_base;<br />else <br /> buffer = NULL; <br /> | Optional | Yes |
-| test_i056 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is not writable | [client/server]_test_psa_read_with_not_writable_buffer_addr() | Call psa_read with not writable address (function address- code memory) and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i057 | The call to psa_write() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_write_with_invalid_buffer_addr() | Call psa_write with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of buffer address is as below:<br />if (ISOLATION_LEVEL > 1)<br /> buffer = driver_mmio_region_base;<br />else <br /> buffer = NULL; <br /> | Optional | Yes |
-| test_i058 | 1. psa_notify() is used to asynchronously wake up another Secure Partition. The receiving partition uses psa_wait() to detect, or wait for, assertion of its PSA_DOORBELL signal. The value of partition_id must be greater than zero as the target of notification must be a Secure Partition. <br />2. psa_clear() clears the PSA_DOORBELL signal. <br />3. psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear(). | [client/server]_test_psa_doorbell_signal() | 1. Client connects to RoT service. <br />2. RoT services executes asserts PSA_DOORBELL singal back to client after accepting the connection.<br />3. Client checks the delivery of PSA_DOORBELL singal using psa_wait().<br />4. Client clears the doorbell and closes the connection. <br />5. RoT service receives the closing connection request.<br /> | Mandatory | Yes |
-| test_i059 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_neg_part_id() | Call psa_notify with negative partition id and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i060 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_invalid_pos_part_id() | Call psa_notify with positive partition id which does not exist in the platform and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i061 | The call to psa_clear() is PROGRAMMER ERROR if The Secure Partition¿s doorbell signal is not currently asserted | [client/server]_test_psa_clear_at_unasserted_doorbell_sig() | Call psa_clear when doorbell signal is not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i062 | The call to psa_wait() is PROGRAMMER ERROR if signal_mask does not include any assigned signals. | [client/server_test_psa_wait_with_unassigned_signal() | Call psa_wait with signal mask that doesn't include any assigned signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i063 | psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. Signals that are not in signal_mask should be ignored. | [client/server]_test_psa_wait_signal_mask() | 1. Select signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG); <br />2. Server partition requests the client partition to make connection using sid=SERVER_SECURE_CONNECT_ONLY_SID. This connection request act as irritator to psa_wait(signal_mask) call and it is used to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait.<br />3. NSPE client connects to a server partition using SID whose signal are part of signal_mask<br />4. Server partition executes psa_wait with necessary signal_mask. RoT service checks that returned signal value is subset of signals indicated in the signal_mask <br /> 5. At the end, server partition completes the starved (irritator) connection request of SERVER_SECURE_CONNECT_ONLY_SID. | Mandatory | Yes |
-| test_i064 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not an interrupt signal | driver_test_psa_eoi_with_non_intr_signal() | Call to psa_eoi with non-interrupt signal(PSA_DOORBELL) and expect PROGRAMMER ERROR behaviour for API call.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | Optional | Yes |
-| test_i065 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not currently asserted | driver_test_psa_eoi_with_unasserted_signal() | Call to psa_eoi with interrupt signal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | Optional | Yes |
-| test_i066 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal indicates more than one signal | driver_test_psa_eoi_with_multiple_signals() | Call to psa_eoi with irq_signal provided with multiple signals and expect PROGRAMMER ERROR behaviour for API call.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | Optional | Yes |
-| test_i067 | A Secure Partition is guaranteed to be able to read and write its private heap regions.<br />Manifest Parameter- heap_size. Properties: Optional.<br />This attribute indicates the Secure Partition¿s heap size in bytes.The size value is represented either as a positive integer or as a hexadecimal string.If this field is specified in the manifest then the value must be greater than 0. If this field is not specified in the manifest then the SPM can assume the size is 0. | [client/server]_test_dynamic_mem_alloc_fn() | Test dynamic memory service functions-malloc(), free() and realloc behaviour defined in the specification if these APIs are available to secure partition. Otherwise skip the test. <br /> | Mandatory | Yes |
-| test_i068 | Only Code is executable in secure partition. Writable region must not be executable. | client_test_instr_exec_from_writable_mem() | Execute set of instructions from writable memory and expect internal fault. | Optional | Yes |
-| test_i069 | Only Private data is writable in secure partition. Code space must not be writable. | client_test_write_to_code_space() | Write to code space from secure partition and expect internal fault | Optional | Yes |
-| test_i070 | Only Private data is writable in secure partition. Constant data space must not be writable. | client_test_write_to_const_data() | Write to constant data space and expect internal fault | Optional | Yes |
-| test_i071 | The following memory manipulation functions from <string.h>must be implemented with standard C99 definitions:<br />memcmp()<br />memcpy()<br />memmove()<br />memset() | client_test_mem_manipulation_fn() | 1 .Set buffer content using memset(). Check that content is set as expected.<br />2. Copy one buffer to another buffer using memcpy() and check that buffer is copied correctly. <br />3. Compare two buffers two times, once with equal data and once with unequal data.<br />2. Copy one buffer to another buffer using memmove() and check that buffer is copied correctly. <br /> | Mandatory | Yes |
-| test_i072 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT variables- Global variable. | [client/server]_test_nspe_read_app_rot_variable()<br />[client/server]_test_nspe_write_app_rot_variable() | Access Application RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i073 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT execution stack. | [client/server]_test_nspe_read_app_rot_stack()<br />[client/server]_test_nspe_write_app_rot_stack() | Access Application RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i074 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT heap memory. | [client/server]_test_nspe_read_app_rot_heap()<br />[client/server]_test_nspe_write_app_rot_heap() | Access Application RoT heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i075 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT MMIO region. | [client/server]_test_nspe_read_app_rot_mmio()<br />[client/server]_test_nspe_write_app_rot_mmio() | Access Application RoT MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i076 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT variables- Global variable. | client_test_nspe_read_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_rd()<br />client_test_nspe_write_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i077 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT execution stack. | client_test_nspe_read_psa_rot_stack()<br />driver_test_isolation_psa_rot_stack_rd()<br />client_test_nspe_write_psa_stack_variable()<br />driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i078 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT heap memory. | client_test_nspe_read_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_rd()<br />client_test_nspe_write_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i079 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT MMIO region. | client_test_nspe_read_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_rd()<br />client_test_nspe_write_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i080 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT variables- Global variable. | client_test_app_rot_read_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_rd()<br />client_test_app_rot_write_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i081 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT execution stack. | client_test_app_rot_read_psa_rot_stack()<br />driver_test_isolation_psa_rot_stack_rd()<br />client_test_app_rot_write_psa_stack_variable()<br />driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i082 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT heap memory. | client_test_app_rot_read_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_rd()<br />client_test_app_rot_write_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i083 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT MMIO region. | client_test_app_rot_read_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_rd()<br />client_test_app_rot_write_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i084 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition variables- Global variable. | [client/server]_test_sp_read_other_sp_variable()<br />[client/server]_test_sp_write_other_sp_variable() | Access Application RoT global variable address from other RoT and expect internal fault behavior | Optional | Yes |
-| test_i085 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition execution stack. | [client/server]_test_sp_read_other_sp_stack()<br />[client/server]_test_sp_write_other_sp_stack() | Access Application RoT local variable(stack region) address from other Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i086 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition heap memory. | [client/server]_test_sp_read_other_sp_heap()<br />[client/server]_test_sp_write_other_sp_heap() | Access Application RoT partition heap memory address from other Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i087 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition MMIO region. | [client/server]_test_sp_read_other_sp_mmio() <br />[client/server]_test_sp_write_other_sp_mmio() | Access Application RoT partition MMIO address from other Application RoT and expect internal fault behavior | Optional | Yes |
-| test_l088 | psa_rot_lifecycle_state() function retrieves the current PSA RoT lifecycle state. | server_test_psa_rot_lifecycle_state() | Call psa_rot_lifecycle_state() from secure side and check that return value is within the allowed range. | Mandatory | Yes |
-| | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A:<br />- Variables<br />- Execution stacks<br />- Allocation heap<br />- Memory-mapped I/O regions<br /><br />Where, A & B combination are: A=SPM & B=NSPE | N/A | Future release of test suite will be updated to cover this rule. | N/A | No |
-| | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A:<br />- Variables<br />- Execution stacks<br />- Allocation heap<br />- Memory-mapped I/O regions<br /><br />Where, A & B combination are: A=SPM & B=Application RoT partition | N/A | Future release of test suite will be updated to cover this rule. | N/A | No |
-| | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A:<br />- Variables<br />- Execution stacks<br />- Allocation heap<br />- Memory-mapped I/O regions<br /><br />Where, A & B combination are: A=SPM & B=PSA RoT partition | N/A | Future release of test suite will be updated to cover this rule. | N/A | No |
-| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to read and write its private stack. <br />Manifest Parameter- stack_size (required) <br />Partition's stack size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. | N/A | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful execution of tests partition code without stack access related faults, indirectly verify this field. | N/A | Yes |
-| NO_EXPLICIT_TEST | mmio_regions (optional, unique): <br />List of memory-mapped I/O region objects which the Secure Partition needs access to. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions.<br />An MMIO region can be defined either as a:<br />numbered_region<br />named_region<br />A numbered region consists of a base address and a size. The size must be represented either as a positive integer or as a hexadecimal string. The base address must be represented as a hexadecimal string.<br />MMIO regions must not overlap.<br />An MMIO region must include a permission attribute. The following permissions are available:<br />READ-ONLY<br />READ-WRITE | N/A | Comments:<br />1. PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. <br />2. Rules around sharing of MMIO regions is covered as part of isolation tests.<br />3. Rules around overlapping of MMIO regions can't be tested as specifying that into manifest results into compilation fail. <br />4. Test suite partition manifests are rely on numbered_region only as named_region is subject to resolved in Implementation defined manner. | N/A | Yes |
-| NO_EXPLICIT_TEST | Manifest Parameter- type (required) <br />Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services.Type must be assigned one of the following values:- APPLICATION-ROT- PSA-ROT | N/A | PSA IPC tests partition files are provided with these fields. Access permission behaviour related to these fields will be verified as part of tests covering isolation level rules. | N/A | Yes |
-| NO_EXPLICIT_TEST | Manifest Parameter - description (optional) <br />This attribute contains a human-readable description and comments for the Secure Partition. | N/A | Test suite manifests are provided with these field with adhere to manifest rules. Manifest build tool parser must parse this field without any compilation fail. | N/A | Yes |
-| NO_EXPLICIT_TEST | Manifest Parameter -entry_point (required, unique) <br />The Partition entry point in the form of an C function symbol. A single entry point must be provided and it must have the following signature: <br />void entry_point(void); | N/A | No explicit test written to cover this rule. Test suite manifests are provided with tests partition entry_point. A successful launch and run of tests partition code indirectly verify this field. | N/A | Yes |
-| NO_EXPLICIT_TEST | The SPM must eventually deliver all signals and IPC messages. | N/A | No explicit test written to cover this rule. However all PSA IPC tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. <br />This rule is unbounded and cannot have full coverage. It is good to that things are delivered in a timely manner, however failure will not break compliance. | N/A | Yes |
-| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to execute and read its own code regions and read its own read-only data regions. | N/A | No explicit test written to cover this rule. This is a minimum requirement to able to launch and run secure partition. Failing to provide this, will not be able to run IPC test suite. | N/A | Yes |
-| NOT_COVERED | psa_get returns PSA_ERROR_DOES_NOT_EXIST if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | N/A | This scenario cannot be simulated as test can't generate stimulus where psa_get() API returns PSA_ERROR_DOES_NOT_EXIST. However every instances of psa_get() API call in test suite checks the API return value and re-waits for signal delivery if return value is PSA_ERROR_DOES_NOT_EXIST. | N/A | No |
-| NOT_COVERED | The call to psa_call is PROGRAMMER ERROR if the connection is already handling a request. | N/A | This rule is not verified beacuse of following reasons: <br />- There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_call using same handle.<br />- It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. <br /> | N/A | No |
-| NOT_COVERED | The call to psa_close is PROGRAMMER ERROR if the connection is already handling a request | N/A | This rule is not verified beacuse of following reasons: <br />- There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_close using same handle.<br />- It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. <br /> | N/A | No |
-| NOT_COVERED | Manifest Parameter - priority (required) <br />Partitions must be assigned one of the following priority groups:¿ HIGH¿ NORMAL¿ LOWLOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling. | N/A | Use of these fields are highly dependent on type of SPM scheduling policy, hence can't test the behavious of this field. And test suite partition manifests are provided with priority field equal to LOW. | N/A | No |
-| NOT_COVERED | Secure Partition IDs must be fixed across updates | N/A | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | N/A | No |
+| Tests | Scenario Rules | Client- Server Test Functions Pair | Test Algorithm/Comments/Test Limitation | Rule optional for API compliance? | Is scenario implemented in this release? |
+|-------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|------------------------------------------|
+| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. Manifest field- psa_framework_version: Version of the PSA Firmware Framework specification this manifest conforms to. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API from both SPE and NSPE side and compare the return value with PSA_FRAMEWORK_VERSION. | Mandatory | Yes |
+| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value. <br />2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value. <br />3. Pass SID who is implemented and provides service to NSPE and expect version number(>0) of given RoT service as return value. <br />Perform all above checks from SPE too. | Mandatory | Yes |
+| test_i002 | 1. psa_connect() returns the PSA_ERROR_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error). <br />2. psa_connect() returns the PSA_ERROR_CONNECTION_REFUSED when RoT Service has refused the connection <br />3. psa_wait() returns the Secure Partition interrupt signals that have been asserted from a subset of signals provided by the caller. Returns > 0 when at least one signal is asserted <br />4. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />5. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message. <br />6. The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />7. psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_ERROR_CONNECTION_REFUSED (permanent error) or PSA_ERROR_CONNECTION_BUSY (transient error) status code. <br /> | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() <br />2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() <br />3. RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_BUSY) <br />4. Client tries to connect to same ROT service using psa_connect() again <br />5. This time, RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_REFUSED) <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. <br />2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />3. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message <br />4. psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />5. psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. <br />6. psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. <br />7. psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. <br /> | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service <br /> 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() <br />3. RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). <br />4. Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value <br />5. RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | Following are allowed version condition to psa_connect(): <br /> 1. Version policy is not mentioned and requested version is 1 which is default minimum version <br />2. Version policy is STRICT and requested version equals minimum version <br />3. Version policy is relaxed and requested version is smaller than the minimum version <br /> 4. Version policy is relaxed and requested version is euqal to the minimum version <br /> | [client/server]_test_connect_with_allowed_version_policy() | Client tries connecting ROT service of following properties and expects connection to establish: <br /> 1. Version policy is not mentioned and requested version is 1 which is default minimum version <br /> 2. Version policy is STRICT and requested version equals minimum version <br /> 3. Version policy is relaxed and requested version is smaller than the minimum version <br /> 4. Version policy is relaxed and requested version is equal to the minimum version <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): The valid psa_call makes SPM to send type value(>=) to msg.type of RoT service partition and the successful call should return >=0 handle value. <br />2. psa_call() receives return value >= 0 for RoT-specific return code <br />3. psa_call() receive return value < 0 for RoT-specific error code <br />4. psa_reply(): If the message type is request message, all status codes other than PSA_ERROR_PROGRAMMER_ERROR must be reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service <br />2. Client sends message using psa_call() <br />3. RoT service checks the delivery of request message type and positive handle value return by psa_get() <br />4. RoT service ends the call using psa_reply(status_code) <br />5. Client checks the return value of psa_call() and Client closes the connectionRepeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. <br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): The valid psa_call makes SPM to send type value(>=) to msg.type of RoT service partition<br /> | [client/server]_test_psa_call_with_allowed_type_values() | 1. Client connects to RoT service <br />2. Client sends message using psa_call() with different allowed type values one after another<br />3. RoT service checks the delivery of different request message type values.<br />Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. <br />2. Client_id is valid during connection message, request message and disconnect message. <br />3. Manifest Parameter- name (required, unique) <br />A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. | [client/server]_test_identity() | - Check the value returned by msg.client_id during various message types. For NSPE connection, client_id should be <0 and for SPE, it should be >0. <br />Perform all above steps from NSPE and SPE both. <br />- Access the Partition ID of client partition and compare the value with expected ID value. | Mandatory | Yes |
+| | 1. psa_connect() will return the PSA_ERROR_CONNECTION_REFUSED OR PSA_ERROR_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY to indicate end of concurrent connections limit. <br />Perform above step from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_wait(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. <br />2. psa_wait(): Callers must set RES to zero, implementations must ignore the value of RES. <br /> | [client/server]_test_psa_block_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service psa_wait(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed without while(1) loop. <br />3. RoT service serves the connections by rejecting them. <br />This is a sanity check, a successful handshaking between client and server for requested connection represents check pass. <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_wait(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_poll_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service executes psa_wait(PSA_POLL) in a while loop and checks the API's polling behaviour. <br />3. Call psa_wait(PSA_POLL) when no request is made by client and checks the return value. <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. <br />2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT <br />3. ROT service sets the rhandle with known value. <br />4. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value <br />5. ROT service sets the rhandle with known value other than previously set value <br />6. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value <br />7. The reverse handle for a connection is NULL until psa_set_rhandle() is used <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). <br />2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. <br />3. psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. <br />4. psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. <br />5. psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. <br />6. psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br />7. psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped <br />8. psa_skip(): If There was no remaining data in this input vector, return zero <br />9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br /> | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service <br />2.Client sends four input vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of input vectors size through msg.in_size <br /> - Input vectors content reading through psa_read <br /> -Inbound /Outbound offset reading <br /> -Inbound/Outbound offset skipping <br /> -Zero byte read and skip <br /> -out_len=0 check <br />4. Client recieves the status of RoT service checks and closes the connection <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. <br />2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service <br />2. Client sends four output vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of output vectors size through msg.out_size <br /> - in_len=0 check <br /> - zero byte write <br /> - Out vector writes using psa_write <br /> - Vector write concatenation <br />4. Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero.A memory reference contains a start address and an associated length. A zero-length memory reference is one where the length is zero. The start address of a zero-length memory reference can safely take any value and must be ignored by the implementation. <br />2. psa_call(): If in_len is zero then in_vec is ignored <br />3. sa_call(): If out_len is zero then out_vec is ignored <br />4. psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec()[client/server]_test_zero_length_outvec() | Test zero lenth input vector: <br />1. Client connects to RoT service <br />2. Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Test zero lenth output vector: <br />1. Client connects to RoT service <br />2. Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. <br />2. When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. <br />2. RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original <br />3. RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. <br />4. Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | Mandatory | Yes |
+| test_i004 | The call to psa_connect() is PROGRAMMER ERROR if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i005 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_version() | Call psa_connect with SID whose version policy is STRICT and requested version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i006 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_version() | Call psa_connect with SID whose version policy is STRICT and requested version is Lower than minimum version. <br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i007 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_version() | Call psa_connect with SID whose version policy is RELAXED and requested version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. <br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i008 | 1. The call to psa_connect() is PROGRAMMER ERROR if service to non_secure_client is not available <br />2. Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i009 | 1. The call to psa_connect() is PROGRAMMER ERROR if SID is not mentioned in dependencies field. <br />2. Manifest parameter- dependencies (optional) <br />If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unspecified_dependent_sid() | Call psa_connect with SID which is not mentioned in dependencies list in manifest and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
+| test_i010 | It is not required for the version or version_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of version=1 and version_policy="STRICT". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version higher than minimum version. | [client/server]_test_unspecified_policy_with_higher_version() | Call psa_connect with SID whose version policy is not mentioned in the manifest and requested SID version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. <br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i011 | 1. It is not required for the version or version_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of version=1 and version_policy="STRICT"". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version lower than minimum version <br /> | | | | |
+| 2. RoT Service version must be non-zero positive integer.." | [client/server]_test_unspecified_policy_with_lower_version() | Call psa_connect with SID whose Version policy is not mentioned in the manifest and requested SID version is lower(0) than minimum version(1) and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes | |
+| test_i012 | The call to psa_close() is PROGRAMMER ERROR if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour.<br />Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i013 | The call to psa_get() is PROGRAMMER ERROR if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
+| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
+| test_i015 | The call to psa_get() is PROGRAMMER ERROR if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i016 | The call to psa_get() is PROGRAMMER ERROR if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous.For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i018 | The call to psa_set_rhandle() is PROGRAMMER ERROR if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call | Optional | Yes |
+| test_i019 | The call to psa_set_rhandle() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS, PSA_ERROR_CONNECTION_BUSY and PSA_ERROR_CONNECTION_REFUSED is a PROGRAMMER ERROR. | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i021 | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. (psa_wait API to recieve interrupt signal) <br /> 2. psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. <br />3.psa_eoi(): A signal remains active until it is processed by psa_eoi <br />3. Manifest- irqs (optional, unique)<br />This attribute is a list of IRQ lines which are assigned to the Secure Partition.A Secure Partition always has exclusive access to an assigned IRQ. Secure Partitions are not allowed to share IRQs with other Secure Partitions.<br />Each IRQ specified must provide a signal field. This field contains a symbolic name for the signal, used by the SPM to indicate when the interrupt is asserted. <br />Each IRQ source is declared using the source field. This is a string which identifies the interrupt source in an IMPLEMENTATION DEFINED manner. | | Generate interrupt for driver partition assigned irq source and checks that:<br />- interrupt is routed to driver patition <br />- psa_wait returns the required irq_signal value<br />- end of interrupt using psa_eoi<br />Test Limitation: Rules around sharing of irq lines can't be tested as specifiying it can result into build error. | Mandatory | Yes |
+| test_i022 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i023 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | Optional | Yes |
+| test_i024 | The call to psa_call() is PROGRAMMER ERROR if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call.Perform this step from NSPE and SPE both. | Optional | Yes |
+| test_i025 | The call to psa_call() is PROGRAMMER ERROR if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE and expect PROGRAMMER ERROR behaviour for API call.<br />Perform this step from NSPE and SPE both. | Optional | Yes |
+| test_i026 | The call to psa_call() is PROGRAMMER ERROR if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs and expect PROGRAMMER ERROR behaviour for API call. <br />Perform this step from NSPE and SPE both. | Optional | Yes |
+| test_i027 | If the message type is request message and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_ERROR_PROGRAMMER_ERROR. After this, the RoT Service will receive no further request messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. <br />If the SPM does not restart the system in response to the above PROGRAMMER ERROR, then termination of the connection has the following effects:<br />- No further request messages will be received by the RoT Service for the connection.<br />- The RoT Service will receive a PSA_IPC_DISCONNECT message for the connection to release resources and reset state associated with the connection.<br />- The failing call to psa_call() will return PSA_ERROR_PROGRAMMER_ERROR.<br />- Subsequent calls to psa_call() on the same connection will immediately return PSA_ERROR_PROGRAMMER_ERROR.<br />- The client must call psa_close() to close the connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code equal to PSA_ERROR_PROGRAMMER_ERROR during request message.Client expects either PSA_ERROR_PROGRAMMER_ERROR as returned status code for psa_call or system to get paniced <br />Perform above steps from NSPE and SPE both. | Optional | Yes |
+| test_i028 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i029 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i030 | The call to psa_read() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i031 | The call to psa_read() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i032 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i033 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i034 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i035 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i036 | The call to psa_skip() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i037 | The call to psa_skip() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i038 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i039 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i040 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i041 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i042 | The call to psa_write() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i043 | The call to psa_write() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i044 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i045 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i046 | The call to psa_write() is PROGRAMMER ERROR if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i047 | The call to psa_get() is PROGRAMMER ERROR if The msg pointer provided is not a valid memory reference | [client/server]_test_psa_get_with_invalid_msg_pointer() | Call psa_get with invalid msg pointer and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid pointer is as below:<br />if (ISOLATION_LEVEL > 1)<br /> // PSA RoT Pointer <br /> psa_get(msg_pointer = driver_mmio_base);<br />else<br /> psa_get(msg_pointer = NULL);<br /> | Optional | Yes |
+| test_i048 | The call to psa_call() is PROGRAMMER ERROR if address of in_vec is invalid for client | [client/server]_test_psa_call_with_invalid_invec_pointer | Call psa_call with invalid address for invec and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid invec pointer is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> invec_pointer = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invec_pointer = driver_mmio_base;<br /> else<br /> invec_pointer = NULL; | Optional | Yes |
+| test_i049 | The call to psa_call() is PROGRAMMER ERROR if address of out_vec is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_pointer() | Call psa_call with invalid address for outvec and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid outvec pointer is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> outvec_pointer = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> outvec_pointer = driver_mmio_base;<br /> else<br /> outvec_pointer = NULL; | Optional | Yes |
+| test_i050 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_base() | Call psa_call with invalid address for psa_invec.base and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid base is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> invalid_base = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invalid_base = driver_mmio_base;<br /> else<br /> invalid_base = NULL; | Optional | Yes |
+| test_i051 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_base() | Call psa_call with invalid address for psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of invalid base is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> invalid_base = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invalid_base = driver_mmio_base;<br /> else<br /> invalid_base = NULL; | Optional | Yes |
+| test_i052 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_end_addr() | Call psa_call with valid address for psa_invec.base but (psa_invec.base + psa_invec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of base and size are as below:<br /> if caller == NONSECURE<br /> valid_base = nspe_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> valid_base = server_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1);<br /> | Optional | Yes |
+| test_i053 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_end_addr() | Call psa_call with valid address for psa_outvec.base but (psa_outvec.base + psa_outvec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of base and size are as below:<br /> if caller == NONSECURE<br /> valid_base = nspe_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> valid_base = server_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1);<br /> | Optional | Yes |
+| test_i054 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base is not writable | [client/server]_test_psa_call_with_not_writable_outvec_base() | Call psa_call with not writable (code address) psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i055 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_read_with_invalid_buffer_addr() | Call psa_read with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call.<br />Selection of buffer address is as below:<br />if (ISOLATION_LEVEL > 1)<br /> buffer = driver_mmio_region_base;<br />else <br /> buffer = NULL; <br /> | Optional | Yes |
+| test_i056 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is not writable | [client/server]_test_psa_read_with_not_writable_buffer_addr() | Call psa_read with not writable address (function address- code memory) and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i057 | The call to psa_write() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_write_with_invalid_buffer_addr() | Call psa_write with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call.<br /> Selection of buffer address is as below:<br />if (ISOLATION_LEVEL > 1)<br /> buffer = driver_mmio_region_base;<br />else <br /> buffer = NULL; <br /> | Optional | Yes |
+| test_i058 | 1. psa_notify() is used to asynchronously wake up another Secure Partition. The receiving partition uses psa_wait() to detect, or wait for, assertion of its PSA_DOORBELL signal. The value of partition_id must be greater than zero as the target of notification must be a Secure Partition. <br />2. psa_clear() clears the PSA_DOORBELL signal. <br />3. psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear(). | [client/server]_test_psa_doorbell_signal() | 1. Client connects to RoT service. <br />2. RoT services executes asserts PSA_DOORBELL singal back to client after accepting the connection.<br />3. Client checks the delivery of PSA_DOORBELL singal using psa_wait().<br />4. Client clears the doorbell and closes the connection. <br />5. RoT service receives the closing connection request.<br /> | Mandatory | Yes |
+| test_i059 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_neg_part_id() | Call psa_notify with negative partition id and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i060 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_invalid_pos_part_id() | Call psa_notify with positive partition id which does not exist in the platform and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i061 | The call to psa_clear() is PROGRAMMER ERROR if The Secure Partition¿s doorbell signal is not currently asserted | [client/server]_test_psa_clear_at_unasserted_doorbell_sig() | Call psa_clear when doorbell signal is not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i062 | The call to psa_wait() is PROGRAMMER ERROR if signal_mask does not include any assigned signals. | [client/server_test_psa_wait_with_unassigned_signal() | Call psa_wait with signal mask that doesn't include any assigned signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i063 | psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. Signals that are not in signal_mask should be ignored. | [client/server]_test_psa_wait_signal_mask() | 1. Select signal_mask = (SERVER_UNSPECIFED_VERSION_SIG | SERVER_RELAX_VERSION_SIG); <br />2. Server partition requests the client partition to make connection using sid=SERVER_SECURE_CONNECT_ONLY_SID. This connection request act as irritator to psa_wait(signal_mask) call and it is used to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait.<br />3. NSPE client connects to a server partition using SID whose signal are part of signal_mask<br />4. Server partition executes psa_wait with necessary signal_mask. RoT service checks that returned signal value is subset of signals indicated in the signal_mask <br /> 5. At the end, server partition completes the starved (irritator) connection request of SERVER_SECURE_CONNECT_ONLY_SID. | Mandatory | Yes |
+| test_i064 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not an interrupt signal | driver_test_psa_eoi_with_non_intr_signal() | Call to psa_eoi with non-interrupt signal(PSA_DOORBELL) and expect PROGRAMMER ERROR behaviour for API call.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt source. | Optional | Yes |
+| test_i065 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not currently asserted | driver_test_psa_eoi_with_unasserted_signal() | Call to psa_eoi with interrupt signal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt source. | Optional | Yes |
+| test_i066 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal indicates more than one signal | driver_test_psa_eoi_with_multiple_signals() | Call to psa_eoi with irq_signal provided with multiple signals and expect PROGRAMMER ERROR behaviour for API call.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt source. | Optional | Yes |
+| test_i067 | A Secure Partition is guaranteed to be able to read and write its private heap regions.<br />Manifest Parameter- heap_size. Properties: Optional.<br />This attribute indicates the Secure Partition¿s heap size in bytes.The size value is represented either as a positive integer or as a hexadecimal string.If this field is specified in the manifest then the value must be greater than 0. If this field is not specified in the manifest then the SPM can assume the size is 0. | [client/server]_test_dynamic_mem_alloc_fn() | Test dynamic memory service functions-malloc(), free() and realloc behaviour defined in the specification if these APIs are available to secure partition. Otherwise skip the test. <br /> | Mandatory | Yes |
+| test_i068 | Only Code is executable in secure partition. Writable region must not be executable. | client_test_instr_exec_from_writable_mem() | Execute set of instructions from writable memory and expect internal fault. | Optional | Yes |
+| test_i069 | Only Private data is writable in secure partition. Code space must not be writable. | client_test_write_to_code_space() | Write to code space from secure partition and expect internal fault | Optional | Yes |
+| test_i070 | Only Private data is writable in secure partition. Constant data space must not be writable. | client_test_write_to_const_data() | Write to constant data space and expect internal fault | Optional | Yes |
+| test_i071 | The following memory manipulation functions from <string.h>must be implemented with standard C99 definitions:<br />memcmp()<br />memcpy()<br />memmove()<br />memset() | client_test_mem_manipulation_fn() | 1 .Set buffer content using memset(). Check that content is set as expected.<br />2. Copy one buffer to another buffer using memcpy() and check that buffer is copied correctly. <br />3. Compare two buffers two times, once with equal data and once with unequal data.<br />2. Copy one buffer to another buffer using memmove() and check that buffer is copied correctly. <br /> | Mandatory | Yes |
+| test_i072 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT variables- Global variable. | [client/server]_test_nspe_read_app_rot_variable()<br />[client/server]_test_nspe_write_app_rot_variable() | Access Application RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i073 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT execution stack. | [client/server]_test_nspe_read_app_rot_stack()<br />[client/server]_test_nspe_write_app_rot_stack() | Access Application RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i074 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT heap memory. | [client/server]_test_nspe_read_app_rot_heap()<br />[client/server]_test_nspe_write_app_rot_heap() | Access Application RoT heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i075 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT MMIO region. | [client/server]_test_nspe_read_app_rot_mmio()<br />[client/server]_test_nspe_write_app_rot_mmio() | Access Application RoT MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i076 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT variables- Global variable. | client_test_nspe_read_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_rd()<br />client_test_nspe_write_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i077 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT execution stack. | client_test_nspe_read_psa_rot_stack()<br />driver_test_isolation_psa_rot_stack_rd()<br />client_test_nspe_write_psa_stack_variable()<br />driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i078 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT heap memory. | client_test_nspe_read_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_rd()<br />client_test_nspe_write_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i079 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT MMIO region. | client_test_nspe_read_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_rd()<br />client_test_nspe_write_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i080 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT variables- Global variable. | client_test_app_rot_read_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_rd()<br />client_test_app_rot_write_psa_rot_variable()<br />driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i081 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT execution stack. | client_test_app_rot_read_psa_rot_stack()<br />driver_test_isolation_psa_rot_stack_rd()<br />client_test_app_rot_write_psa_stack_variable()<br />driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i082 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT heap memory. | client_test_app_rot_read_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_rd()<br />client_test_app_rot_write_psa_rot_heap()<br />driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i083 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT MMIO region. | client_test_app_rot_read_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_rd()<br />client_test_app_rot_write_psa_rot_mmio()<br />driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i084 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition variables- Global variable. | [client/server]_test_sp_read_other_sp_variable()<br />[client/server]_test_sp_write_other_sp_variable() | Access Application RoT global variable address from other RoT and expect internal fault behavior | Optional | Yes |
+| test_i085 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition execution stack. | [client/server]_test_sp_read_other_sp_stack()<br />[client/server]_test_sp_write_other_sp_stack() | Access Application RoT local variable(stack region) address from other Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i086 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition heap memory. | [client/server]_test_sp_read_other_sp_heap()<br />[client/server]_test_sp_write_other_sp_heap() | Access Application RoT partition heap memory address from other Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i087 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. <br />Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition MMIO region. | [client/server]_test_sp_read_other_sp_mmio() <br />[client/server]_test_sp_write_other_sp_mmio() | Access Application RoT partition MMIO address from other Application RoT and expect internal fault behavior | Optional | Optional |
+| test_l088 | psa_rot_lifecycle_state() function retrieves the current PSA RoT lifecycle state. | server_test_psa_rot_lifecycle_state() | Call psa_rot_lifecycle_state() from secure side and check that return value is within the allowed range. | Mandatory | Yes |
+| test_i089 | psa_panic() will terminate execution within the calling Secure Partition and will not return. | server_test_psa_panic() | Call psa_panic() from the secure partition and expect PROGRAMMER ERROR behaviour for API call. | Optional | Optional |
+| test_i090 | The call to psa_call() is a PROGRAMMER ERROR if type < 0 | [client/server]_test_psa_call_with_neg_type | Call to psa_call with negative type value and expect PROGRAMMER ERROR behaviour for API call. | Optional | Optional |
+| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to read and write its private stack. <br />Manifest Parameter- stack_size (required) <br />Partition's stack size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. | N/A | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful execution of tests partition code without stack access related faults, indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | mmio_regions (optional, unique): <br />List of memory-mapped I/O region objects which the Secure Partition needs access to. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions.<br />An MMIO region can be defined either as a:<br />numbered_region<br />named_region<br />A numbered region consists of a base address and a size. The size must be represented either as a positive integer or as a hexadecimal string. The base address must be represented as a hexadecimal string.<br />MMIO regions must not overlap.<br />An MMIO region must include a permission attribute. The following permissions are available:<br />READ-ONLY<br />READ-WRITE | N/A | Comments:<br />1. PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. <br />2. Rules around sharing of MMIO regions is covered as part of isolation tests.<br />3. Rules around overlapping of MMIO regions can't be tested as specifying that into manifest results into compilation fail. <br />4. Test suite partition manifests are rely on numbered_region only as named_region is subject to resolved in Implementation defined manner. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter- type (required) <br />Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services.Type must be assigned one of the following values:- APPLICATION-ROT- PSA-ROT | N/A | PSA IPC tests partition files are provided with these fields. Access permission behaviour related to these fields will be verified as part of tests covering isolation level rules. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter - description (optional) <br />This attribute contains a human-readable description and comments for the Secure Partition. | N/A | Test suite manifests are provided with these field with adhere to manifest rules. Manifest build tool parser must parse this field without any compilation fail. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter -entry_point (required, unique) <br />The Partition entry point in the form of an C function symbol. A single entry point must be provided and it must have the following signature: <br />void entry_point(void); | N/A | No explicit test written to cover this rule. Test suite manifests are provided with tests partition entry_point. A successful launch and run of tests partition code indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | The SPM must eventually deliver all signals and IPC messages. | N/A | No explicit test written to cover this rule. However all PSA IPC tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. <br />This rule is unbounded and cannot have full coverage. It is good to that things are delivered in a timely manner, however failure will not break compliance. | N/A | Yes |
+| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to execute and read its own code regions and read its own read-only data regions. | N/A | No explicit test written to cover this rule. This is a minimum requirement to able to launch and run secure partition. Failing to provide this, will not be able to run IPC test suite. | N/A | Yes |
+| NOT_COVERED | psa_get returns PSA_ERROR_DOES_NOT_EXIST if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | N/A | This scenario cannot be simulated as test can't generate stimulus where psa_get() API returns PSA_ERROR_DOES_NOT_EXIST. However every instances of psa_get() API call in test suite checks the API return value and re-waits for signal delivery if return value is PSA_ERROR_DOES_NOT_EXIST. | N/A | No |
+| NOT_COVERED | The call to psa_call is PROGRAMMER ERROR if the connection is already handling a request. | N/A | This rule is not verified beacuse of following reasons: <br />- There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_call using same handle.<br />- It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. <br /> | N/A | No |
+| NOT_COVERED | The call to psa_close is PROGRAMMER ERROR if the connection is already handling a request | N/A | This rule is not verified beacuse of following reasons: <br />- There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_close using same handle.<br />- It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. <br /> | N/A | No |
+| NOT_COVERED | Manifest Parameter - priority (required) <br />Partitions must be assigned one of the following priority groups:¿ HIGH¿ NORMAL¿ LOWLOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling. | N/A | Use of these fields are highly dependent on type of SPM scheduling policy, hence can't test the behavious of this field. And test suite partition manifests are provided with priority field equal to LOW. | N/A | No |
+| NOT_COVERED | Secure Partition IDs must be fixed across updates | N/A | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | N/A | No |
## License
Arm PSA test suite is distributed under Apache v2.0 License.
diff --git a/api-tests/ff/README.md b/api-tests/ff/README.md
index 63ffb63..deb09a8 100644
--- a/api-tests/ff/README.md
+++ b/api-tests/ff/README.md
@@ -58,7 +58,7 @@
<br />Options information:<br />
- -G"<generator_name>" : "Unix Makefiles" to generate Makefiles for Linux and Cygwin. "MinGW Makefiles" to generate Makefiles for cmd.exe on Windows <br />
-- -DTARGET=<platform_name> is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms.<br />
+- -DTARGET=<platform_name> is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521** and **tgt_dev_apis_tfm_musca_a** platforms.<br />
- -DTOOLCHAIN=<tool_chain> Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) and HOST_GCC. Default is GNUARM.<br />
- -DCPU_ARCH=<cpu_architecture_version> is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl and armv7m. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.<br />
- -DSUITE=<suite_name> is the suite name which is the same as the suite name available in **ff/** directory. <br >
@@ -113,6 +113,10 @@
For details on test suite integration, refer to the **Integrating the test suite with the SUT** section of [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf).
+## Security implication
+
+PSA FF test suite may run at higher privilege level. An attacker can utilize these tests as a means to elevate privilege which can potentially reveal the platform secure attests. To prevent such security vulnerabilities into the production system, it is strongly recommended that PSA FF test suite is run on development platforms. If it is run on production system, make sure system is scrubbed after running the test suite.
+
## License
Arm PSA test suite is distributed under Apache v2.0 License.
diff --git a/api-tests/ff/ipc/test_i001/test_i001.c b/api-tests/ff/ipc/test_i001/test_i001.c
index 2e30ff6..be6961d 100644
--- a/api-tests/ff/ipc/test_i001/test_i001.c
+++ b/api-tests/ff/ipc/test_i001/test_i001.c
@@ -56,8 +56,12 @@
val->print(PRINT_TEST, "[Check 2] psa_version\n", 0);
- /*Return PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted
- to access the service. Return minor version of the implemented and allowed RoT Service */
+ /*
+ * Return PSA_VERSION_NONE when the RoT Service is not implemented,
+ * or the caller is not permitted to access the service.
+ * Return version of the implemented and allowed RoT Service
+ */
+
/* psa_version() check for un-implemented SID */
if (psa->version(INVALID_SID) != PSA_VERSION_NONE)
{
@@ -72,7 +76,7 @@
/* psa_version() check for implemented SID but allows only secure connection */
version = psa->version(SERVER_SECURE_CONNECT_ONLY_SID);
if (((caller == CALLER_NONSECURE) && (version != PSA_VERSION_NONE))
- || ((caller == CALLER_SECURE) && (version != 2)))
+ || ((caller == CALLER_SECURE) && (version != SERVER_SECURE_CONNECT_ONLY_VERSION)))
{
status = VAL_STATUS_VERSION_API_FAILED;
val->print(PRINT_ERROR,
@@ -84,8 +88,8 @@
return status;
}
- /* psa_version() returns minor version of the implemented and allowed RoT Service */
- if (psa->version(SERVER_TEST_DISPATCHER_SID) != 1)
+ /* psa_version() returns version of the implemented and allowed RoT Service */
+ if (psa->version(SERVER_TEST_DISPATCHER_SID) != SERVER_TEST_DISPATCHER_VERSION)
{
status = VAL_STATUS_VERSION_API_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i001/test_i001.h b/api-tests/ff/ipc/test_i001/test_i001.h
index 1defb81..191bb17 100644
--- a/api-tests/ff/ipc/test_i001/test_i001.h
+++ b/api-tests/ff/ipc/test_i001/test_i001.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i001)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i001)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i001/test_supp_i001.c b/api-tests/ff/ipc/test_i001/test_supp_i001.c
index 2a33cfa..45ffd93 100644
--- a/api-tests/ff/ipc/test_i001/test_supp_i001.c
+++ b/api-tests/ff/ipc/test_i001/test_supp_i001.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i002/test_i002.c b/api-tests/ff/ipc/test_i002/test_i002.c
index 8bd4858..8463011 100644
--- a/api-tests/ff/ipc/test_i002/test_i002.c
+++ b/api-tests/ff/ipc/test_i002/test_i002.c
@@ -29,8 +29,9 @@
NULL,
client_test_connection_busy_and_reject,
client_test_accept_and_close_connect,
- client_test_connect_with_allowed_minor_version_policy,
+ client_test_connect_with_allowed_version_policy,
client_test_psa_call_with_allowed_status_code,
+ client_test_psa_call_with_allowed_type_values,
client_test_identity,
client_test_spm_concurrent_connect_limit,
client_test_psa_block_behave,
@@ -45,7 +46,7 @@
val->print(PRINT_TEST, "[Check 1] Test busy and reject connect type\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/*
* The RoT Service can't make connection at this moment. It sends
@@ -58,7 +59,7 @@
return VAL_STATUS_INVALID_HANDLE;
}
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* The RoT Service rejected the client because of an application-specific case
* Expect PSA_ERROR_CONNECTION_REFUSED as return
@@ -79,9 +80,9 @@
val->print(PRINT_TEST, "[Check 2] Accept and close connection\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* RoT service accepts the connection. Expecting positive handle */
- if (handle < 0)
+ if (!PSA_HANDLE_IS_VALID(handle))
{
return VAL_STATUS_INVALID_HANDLE;
}
@@ -94,19 +95,22 @@
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_connect_with_allowed_minor_version_policy(caller_security_t caller)
+int32_t client_test_connect_with_allowed_version_policy(caller_security_t caller)
{
psa_handle_t handle = 0;
uint32_t i = 0;
- uint32_t sid[] = {SERVER_UNSPECIFED_MINOR_V_SID,
- SERVER_STRICT_MINOR_VERSION_SID,
- SERVER_RELAX_MINOR_VERSION_SID,
- SERVER_RELAX_MINOR_VERSION_SID};
- uint32_t minor_v[] = {1, 2, 1, 2};
+ uint32_t sid[] = {SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_STRICT_VERSION_SID,
+ SERVER_RELAX_VERSION_SID,
+ SERVER_RELAX_VERSION_SID};
+ uint32_t version[] = {SERVER_UNSPECIFED_VERSION_VERSION,
+ SERVER_STRICT_VERSION_VERSION,
+ SERVER_RELAX_VERSION_VERSION - 1,
+ SERVER_RELAX_VERSION_VERSION};
- val->print(PRINT_TEST, "[Check 3] Test psa_connect with allowed minor version policy\n", 0);
+ val->print(PRINT_TEST, "[Check 3] Test psa_connect with allowed version policy\n", 0);
- /* Connect RoT service with following minor version numbers and expect positive handle for
+ /* Connect RoT service with following version numbers and expect positive handle for
* each connection:
* Case 1. Version policy is not mentioned and requested version is 1 (default minimum version)
* Case 2. Version policy is STRICT and requested version equals minimum version
@@ -116,11 +120,11 @@
for (i = 0; i < (sizeof(sid)/sizeof(sid[0])); i++)
{
- handle = psa->connect(sid[i], minor_v[i]);
- if (handle < 0)
+ handle = psa->connect(sid[i], version[i]);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR,
- "\tpsa_connect failed for minor_v policy. Iteration No=%d\n", i);
+ "\tpsa_connect failed for version policy. Iteration No=%d\n", i);
return VAL_STATUS_INVALID_HANDLE;
}
@@ -136,13 +140,13 @@
psa_handle_t handle = 0;
psa_status_t status_of_call;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Compare status code returned with expected status code */
if (status_of_call != expected_status)
{
@@ -175,6 +179,35 @@
return status;
}
+int32_t client_test_psa_call_with_allowed_type_values(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ int32_t type[] = {PSA_IPC_CALL, 1, 2, INT32_MAX};
+ uint32_t i = 0;
+
+ val->print(PRINT_TEST, "[Check 5] Test psa_call with different type values\n", 0);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
+ {
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ for (i = 0; i < (sizeof(type)/sizeof(type[0])); i++)
+ {
+ /* Send type = type[i] */
+ if (psa->call(handle, type[i], NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tCheck failed for type=%d\n", type[i]);
+ status = VAL_STATUS_CALL_FAILED;
+ break;
+ }
+ }
+
+ psa->close(handle);
+ return status;
+}
+
int32_t client_test_identity(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
@@ -182,10 +215,10 @@
psa_status_t status_of_call;
int id_at_connect = 0, id_at_call = 0;
- val->print(PRINT_TEST, "[Check 5] Test client_id\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ val->print(PRINT_TEST, "[Check 6] Test client_id\n", 0);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
return(VAL_STATUS_INVALID_HANDLE);
}
@@ -193,7 +226,7 @@
psa_outvec resp[2] = {{&id_at_connect, sizeof(id_at_call)},
{&id_at_call, sizeof(id_at_call)}};
- status_of_call = psa->call(handle, NULL, 0, resp, 2);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, resp, 2);
if (status_of_call != PSA_SUCCESS)
@@ -223,14 +256,14 @@
psa_handle_t handle[CONNECT_LIMIT] = {0};
int i= 0, signture = 0;
- val->print(PRINT_TEST, "[Check 6] Test connect limit\n", 0);
+ val->print(PRINT_TEST, "[Check 7] Test connect limit\n", 0);
/* Execute psa_connect in a loop until it returns
* PSA_ERROR_CONNECTION_REFUSED OR PSA_ERROR_CONNECTION_BUSY
*/
while (i < CONNECT_LIMIT)
{
- handle[i] = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle[i] = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Compare handle value */
if ((handle[i] == PSA_ERROR_CONNECTION_REFUSED) || (handle[i] == PSA_ERROR_CONNECTION_BUSY))
{
@@ -266,7 +299,7 @@
for (i = 0; i < CONNECT_NUM; i++)
{
- handle[i] = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle[i] = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (handle[i] != PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_INVALID_HANDLE;
@@ -278,12 +311,12 @@
int32_t client_test_psa_block_behave(caller_security_t caller)
{
- val->print(PRINT_TEST, "[Check 7] Test PSA_BLOCK\n", 0);
+ val->print(PRINT_TEST, "[Check 8] Test PSA_BLOCK\n", 0);
return (client_test_psa_wait());
}
int32_t client_test_psa_poll_behave(caller_security_t caller)
{
- val->print(PRINT_TEST, "[Check 8] Test PSA_POLL\n", 0);
+ val->print(PRINT_TEST, "[Check 9] Test PSA_POLL\n", 0);
return (client_test_psa_wait());
}
diff --git a/api-tests/ff/ipc/test_i002/test_i002.h b/api-tests/ff/ipc/test_i002/test_i002.h
index bce864c..9f36dca 100644
--- a/api-tests/ff/ipc/test_i002/test_i002.h
+++ b/api-tests/ff/ipc/test_i002/test_i002.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i002)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i002)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
#define CONNECT_LIMIT 50
@@ -38,8 +38,9 @@
int32_t client_test_connection_busy_and_reject(caller_security_t);
int32_t client_test_accept_and_close_connect(caller_security_t);
-int32_t client_test_connect_with_allowed_minor_version_policy(caller_security_t);
+int32_t client_test_connect_with_allowed_version_policy(caller_security_t);
int32_t client_test_psa_call_with_allowed_status_code(caller_security_t);
+int32_t client_test_psa_call_with_allowed_type_values(caller_security_t);
int32_t client_test_identity(caller_security_t);
int32_t client_test_spm_concurrent_connect_limit(caller_security_t);
int32_t client_test_psa_block_behave(caller_security_t);
diff --git a/api-tests/ff/ipc/test_i002/test_supp_i002.c b/api-tests/ff/ipc/test_i002/test_supp_i002.c
index 274452b..716b6b2 100644
--- a/api-tests/ff/ipc/test_i002/test_supp_i002.c
+++ b/api-tests/ff/ipc/test_i002/test_supp_i002.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -27,8 +27,9 @@
int32_t server_test_connection_busy_and_reject(void);
int32_t server_test_accept_and_close_connect(void);
-int32_t server_test_connect_with_allowed_minor_version_policy(void);
+int32_t server_test_connect_with_allowed_version_policy(void);
int32_t server_test_psa_call_with_allowed_status_code(void);
+int32_t server_test_psa_call_with_allowed_type_values(void);
int32_t server_test_identity(void);
int32_t server_test_spm_concurrent_connect_limit(void);
int32_t server_test_psa_block_behave(void);
@@ -38,8 +39,9 @@
NULL,
server_test_connection_busy_and_reject,
server_test_accept_and_close_connect,
- server_test_connect_with_allowed_minor_version_policy,
+ server_test_connect_with_allowed_version_policy,
server_test_psa_call_with_allowed_status_code,
+ server_test_psa_call_with_allowed_type_values,
server_test_identity,
server_test_spm_concurrent_connect_limit,
server_test_psa_block_behave,
@@ -58,16 +60,16 @@
* check delivery of PSA_IPC_CONNECT when psa_connect called.
* And msg.handle must be positive.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
return status;
}
- /* Rejecting connection to check behaviour of PSA_CONNECTION_BUSY */
- psa->reply(msg.handle, PSA_CONNECTION_BUSY);
+ /* Rejecting connection to check behaviour of PSA_ERROR_CONNECTION_BUSY */
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_BUSY);
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
return status;
@@ -83,7 +85,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
/* Reject the connection if processing of connect request has failed */
@@ -97,7 +99,7 @@
/* Checking delivery of PSA_IPC_DISCONNECT when psa_close called
* msg.handle must be positive
*/
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
return status;
@@ -110,15 +112,15 @@
return status;
}
-int32_t server_test_connect_with_allowed_minor_version_policy(void)
+int32_t server_test_connect_with_allowed_version_policy(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
int i = 0;
- psa_signal_t signal[4] = {SERVER_UNSPECIFED_MINOR_V_SIG,
- SERVER_STRICT_MINOR_VERSION_SIG,
- SERVER_RELAX_MINOR_VERSION_SIG,
- SERVER_RELAX_MINOR_VERSION_SIG};
+ psa_signal_t signal[4] = {SERVER_UNSPECIFED_VERSION_SIGNAL,
+ SERVER_STRICT_VERSION_SIGNAL,
+ SERVER_RELAX_VERSION_SIGNAL,
+ SERVER_RELAX_VERSION_SIGNAL};
for (i = 0; i < 4; i++)
{
@@ -149,7 +151,7 @@
for (i = 0; i < (sizeof(status_code)/sizeof(status_code[0])); i++)
{
- status = ((val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
if (val->err_check_set(TEST_CHECKPOINT_NUM(208), status))
{
@@ -158,7 +160,7 @@
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(209), status))
{
/* Send status code other than status_code[] to indicate failure
@@ -172,7 +174,7 @@
psa->reply(msg.handle, status_code[i]);
}
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
val->err_check_set(TEST_CHECKPOINT_NUM(210), status);
@@ -180,15 +182,59 @@
return status;
}
+int32_t server_test_psa_call_with_allowed_type_values(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int32_t type[] = {PSA_IPC_CALL, 1, 2, INT32_MAX};
+ uint32_t i = 0;
+
+ status = ((val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ ? VAL_STATUS_ERROR : status);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(211), status))
+ {
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ for (i = 0; i < (sizeof(type)/sizeof(type[0])); i++)
+ {
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(212), status))
+ {
+ psa->reply(msg.handle, -3);
+ break;
+ }
+ else
+ {
+ /* Check recieve of client provided message type */
+ if (msg.type != type[i])
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ psa->reply(msg.handle, -2);
+ break;
+ }
+ psa->reply(msg.handle, PSA_SUCCESS);
+ }
+ }
+
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa->reply(msg.handle, PSA_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(213), status);
+ return status;
+}
+
int32_t server_test_identity(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
int id_at_connect = 0, id_at_call = 0;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(211), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(214), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
@@ -198,8 +244,8 @@
id_at_connect = msg.client_id;
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(212), status))
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(215), status))
{
psa->reply(msg.handle, -3);
}
@@ -212,8 +258,8 @@
psa->reply(msg.handle, PSA_SUCCESS);
}
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- val->err_check_set(TEST_CHECKPOINT_NUM(213), status);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ val->err_check_set(TEST_CHECKPOINT_NUM(216), status);
/* Client ID during disconnect. It should be equal to id_at_call */
if (msg.client_id != id_at_call)
{
@@ -246,14 +292,14 @@
while (1)
{
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
switch(msg.type)
@@ -289,7 +335,7 @@
*/
/* Debug print */
- val->err_check_set(TEST_CHECKPOINT_NUM(214), VAL_STATUS_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(217), VAL_STATUS_SUCCESS);
for (i = 0; i < CONNECT_NUM; i++)
{
@@ -298,7 +344,7 @@
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
/* When MODE is one(PSA_BLOCK), the psa_wait must return non-zero signal value */
- if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait returned with invalid signal value = 0x%x\n", signals);
@@ -306,7 +352,7 @@
}
else
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -316,7 +362,7 @@
}
/* Debug print */
- val->err_check_set(TEST_CHECKPOINT_NUM(215), VAL_STATUS_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(218), VAL_STATUS_SUCCESS);
return VAL_STATUS_SUCCESS;
}
@@ -330,7 +376,7 @@
while (1)
{
/* Debug print */
- val->err_check_set(TEST_CHECKPOINT_NUM(216), VAL_STATUS_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(219), VAL_STATUS_SUCCESS);
/* Loop to receive client request */
while (signals == 0)
@@ -351,7 +397,7 @@
"psa_wait returned with invalid signals_temp = 0x%x\n", signals_temp);
return VAL_STATUS_ERROR;
}
- else if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ else if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait returned with invalid signal value = 0x%x\n", signals);
@@ -359,7 +405,7 @@
}
else
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
count++;
diff --git a/api-tests/ff/ipc/test_i003/test_i003.c b/api-tests/ff/ipc/test_i003/test_i003.c
index a8e795d..0c0cb8d 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_i003.c
@@ -45,7 +45,9 @@
val->print(PRINT_TEST, "[Check 1] Test zero length invec\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -63,7 +65,7 @@
*/
psa_outvec resp[1] = {{&data[2], sizeof(data[2])}};
- status = psa->call(handle, data1, 3, resp, 1);
+ status = psa->call(handle, PSA_IPC_CALL, data1, 3, resp, 1);
if (status < 0)
{
@@ -99,7 +101,9 @@
val->print(PRINT_TEST, "[Check 2] Test zero length outvec\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -118,7 +122,7 @@
{NULL, 0},
{&data[2], sizeof(data[2])}};
- status = psa->call(handle, data1, 1, resp, 3);
+ status = psa->call(handle, PSA_IPC_CALL, data1, 1, resp, 3);
if (status < 0)
{
status = VAL_STATUS_CALL_FAILED;
@@ -157,7 +161,9 @@
val->print(PRINT_TEST, "[Check 3] Test psa_write, psa_read and psa_skip\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -171,7 +177,7 @@
{&data2, sizeof(data2)},
{&data3, sizeof(data3)}};
- status = psa->call(handle, data, 4, NULL, 0);
+ status = psa->call(handle, PSA_IPC_CALL, data, 4, NULL, 0);
if (status < 0)
{
val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n",status);
@@ -194,7 +200,9 @@
val->print(PRINT_TEST, "[Check 4] Test psa_call and psa_write\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -208,7 +216,7 @@
{&data[2], sizeof(data[2])},
{&data[3], sizeof(data[3])}};
- status = psa->call(handle, NULL, 0, resp, 4);
+ status = psa->call(handle, PSA_IPC_CALL, NULL, 0, resp, 4);
if (status < 0)
{
status = VAL_STATUS_CALL_FAILED;
@@ -250,18 +258,21 @@
val->print(PRINT_TEST, "[Check 5] Test psa_set_rhandle API\n", 0);
- /*rhandle value check when PSA_IPC_CONNECT */
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ /* rhandle value check when PSA_IPC_CONNECT */
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
for (i = 0; i < 3; i++)
{
- /*i=0: rhandle value check when PSA_IPC_CALL */
- /*i=1: rhandle value check after calling psa_set_rhandle() */
- /*i:2: rhandle value check after resetting rhandle to other value */
- status = psa->call(handle, NULL, 0, NULL, 0);
+ /* i=0: rhandle value check when PSA_IPC_CALL
+ * i=1: rhandle value check after calling psa_set_rhandle()
+ * i:2: rhandle value check after resetting rhandle to other value
+ */
+ status = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
if (status < 0)
{
val->print(PRINT_ERROR, "psa_call failed. status=%x\n", status);
@@ -283,7 +294,9 @@
val->print(PRINT_TEST, "[Check 6] Test overlapping vectors\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -304,7 +317,7 @@
psa_outvec outvec[2] = {{&data, sizeof(data)},
{&data, sizeof(data)}};
- status = psa->call(handle, invec, 1, outvec, 2);
+ status = psa->call(handle, PSA_IPC_CALL, invec, 1, outvec, 2);
if (status < 0)
{
diff --git a/api-tests/ff/ipc/test_i003/test_i003.h b/api-tests/ff/ipc/test_i003/test_i003.h
index 09e62cd..1d0971b 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.h
+++ b/api-tests/ff/ipc/test_i003/test_i003.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i003)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i003)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i003/test_supp_i003.c b/api-tests/ff/ipc/test_i003/test_supp_i003.c
index eddefce..1043aa7 100644
--- a/api-tests/ff/ipc/test_i003/test_supp_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_supp_i003.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -56,7 +56,7 @@
*/
psa->reply(msg_handle, status_code);
- if (val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
val->print(PRINT_ERROR, "\tdisconnect failed in exit_graceful func\n", 0);
}
@@ -69,14 +69,14 @@
psa_msg_t msg = {0};
int data[5] = {0}, actual_data = 0x22;
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -116,7 +116,7 @@
psa->write(msg.handle, 0, &data[2], msg.out_size[0]);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -127,14 +127,14 @@
psa_msg_t msg={0};
int data[5] ={0}, actual_data=0x11;
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -176,7 +176,7 @@
psa->write(msg.handle, 2, &data[0], msg.out_size[0]);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -189,14 +189,14 @@
actual_data[4] = {0}, i;
psa_msg_t msg = {0};
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -332,7 +332,7 @@
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -343,14 +343,14 @@
int data[5] = {0xaa, 0xbb, 0xcc, 0xdd, 0xee}, i;
psa_msg_t msg = {0};
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -391,7 +391,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -403,7 +403,7 @@
int num;
/*rhandle value check when PSA_IPC_CONNECT */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (msg.rhandle != NULL)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -417,7 +417,7 @@
/*rhandle value check when PSA_IPC_CALL */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (msg.rhandle != NULL)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -433,7 +433,7 @@
psa->set_rhandle(msg.handle, &num);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (*(int *)(msg.rhandle) != num)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -452,7 +452,7 @@
psa->set_rhandle(msg.handle, &num);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (*(int *)(msg.rhandle) != num)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -465,7 +465,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
/* rhandle should retain the value at PSA_IPC_DISCONNECT too */
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (*(int *)(msg.rhandle) != num)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -490,7 +490,7 @@
rd_data[] = {0x0, 0x0},
expected_data[] = {0x11, 0x22};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(207), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -498,7 +498,7 @@
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(208), status))
{
exit_graceful(msg.handle, -1, 0, 0, 0);
@@ -521,7 +521,7 @@
psa->write(msg.handle, 1, &wr_data[1], 1);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
val->err_check_set(TEST_CHECKPOINT_NUM(209), status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i004/test_i004.c b/api-tests/ff/ipc/test_i004/test_i004.c
index 49f05f1..4c003d8 100644
--- a/api-tests/ff/ipc/test_i004/test_i004.c
+++ b/api-tests/ff/ipc/test_i004/test_i004.c
@@ -91,7 +91,7 @@
return VAL_STATUS_ERROR;
}
- if (handle > 0)
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i004/test_i004.h b/api-tests/ff/ipc/test_i004/test_i004.h
index 6d3aa1f..4edf8ea 100644
--- a/api-tests/ff/ipc/test_i004/test_i004.h
+++ b/api-tests/ff/ipc/test_i004/test_i004.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i004)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i004)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i004/test_supp_i004.c b/api-tests/ff/ipc/test_i004/test_supp_i004.c
index c0f484a..f769fc9 100644
--- a/api-tests/ff/ipc/test_i004/test_supp_i004.c
+++ b/api-tests/ff/ipc/test_i004/test_supp_i004.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i005/test_entry_i005.c b/api-tests/ff/ipc/test_i005/test_entry_i005.c
index e0e2295..099d590 100644
--- a/api-tests/ff/ipc/test_i005/test_entry_i005.c
+++ b/api-tests/ff/ipc/test_i005/test_entry_i005.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i005.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 5)
-#define TEST_DESC "Testing STRICT policy with higher minor version\n"
+#define TEST_DESC "Testing STRICT policy with higher version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i005/test_i005.c b/api-tests/ff/ipc/test_i005/test_i005.c
index 3c67a05..db59673 100644
--- a/api-tests/ff/ipc/test_i005/test_i005.c
+++ b/api-tests/ff/ipc/test_i005/test_i005.c
@@ -27,16 +27,16 @@
client_test_t test_i005_client_tests_list[] = {
NULL,
- client_test_strict_policy_higher_minor_version,
+ client_test_strict_policy_higher_version,
NULL,
};
-int32_t client_test_strict_policy_higher_minor_version(caller_security_t caller)
+int32_t client_test_strict_policy_higher_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
- val->print(PRINT_TEST, "[Check 1] Test STRICT policy with higher minor version\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test STRICT policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -71,7 +71,7 @@
/* Test check- Version policy is strict and requested version is bigger than
* the minimum version.
*/
- handle = psa->connect(SERVER_STRICT_MINOR_VERSION_SID, 3);
+ handle = psa->connect(SERVER_STRICT_VERSION_SID, SERVER_STRICT_VERSION_VERSION + 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -85,7 +85,7 @@
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tSTRICT policy with higher minor version should have failed but succeeded\n", 0);
+ "\tSTRICT policy with higher version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i005/test_i005.h b/api-tests/ff/ipc/test_i005/test_i005.h
index 2f398d0..2aca795 100644
--- a/api-tests/ff/ipc/test_i005/test_i005.h
+++ b/api-tests/ff/ipc/test_i005/test_i005.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i005)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i005)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@
extern client_test_t test_i005_client_tests_list[];
-int32_t client_test_strict_policy_higher_minor_version(caller_security_t);
+int32_t client_test_strict_policy_higher_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i005/test_supp_i005.c b/api-tests/ff/ipc/test_i005/test_supp_i005.c
index 7e819f8..6c9526c 100644
--- a/api-tests/ff/ipc/test_i005/test_supp_i005.c
+++ b/api-tests/ff/ipc/test_i005/test_supp_i005.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_strict_policy_higher_minor_version(void);
+int32_t server_test_strict_policy_higher_version(void);
server_test_t test_i005_server_tests_list[] = {
NULL,
- server_test_strict_policy_higher_minor_version,
+ server_test_strict_policy_higher_version,
NULL,
};
-int32_t server_test_strict_policy_higher_minor_version(void)
+int32_t server_test_strict_policy_higher_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_STRICT_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_STRICT_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i006/test_entry_i006.c b/api-tests/ff/ipc/test_i006/test_entry_i006.c
index 2c83556..13f0b7d 100644
--- a/api-tests/ff/ipc/test_i006/test_entry_i006.c
+++ b/api-tests/ff/ipc/test_i006/test_entry_i006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i006.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 6)
-#define TEST_DESC "Testing STRICT policy with lower minor version\n"
+#define TEST_DESC "Testing STRICT policy with lower version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i006/test_i006.c b/api-tests/ff/ipc/test_i006/test_i006.c
index 452508d..7ee0832 100644
--- a/api-tests/ff/ipc/test_i006/test_i006.c
+++ b/api-tests/ff/ipc/test_i006/test_i006.c
@@ -27,16 +27,16 @@
client_test_t test_i006_client_tests_list[] = {
NULL,
- client_test_strict_policy_lower_minor_version,
+ client_test_strict_policy_lower_version,
NULL,
};
-int32_t client_test_strict_policy_lower_minor_version(caller_security_t caller)
+int32_t client_test_strict_policy_lower_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
- val->print(PRINT_TEST, "[Check 1] Test STRICT policy with lower minor version\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test STRICT policy with lower version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -69,7 +69,7 @@
}
/* Version policy is strict and requested version is smaller than the minimum version */
- handle = psa->connect(SERVER_STRICT_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_STRICT_VERSION_SID, SERVER_STRICT_VERSION_VERSION - 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -83,7 +83,7 @@
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tSTRICT policy with lower minor version should have failed but succeeded\n", 0);
+ "\tSTRICT policy with lower version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i006/test_i006.h b/api-tests/ff/ipc/test_i006/test_i006.h
index e3cd3d1..c3ba7c7 100644
--- a/api-tests/ff/ipc/test_i006/test_i006.h
+++ b/api-tests/ff/ipc/test_i006/test_i006.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i006)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i006)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@
extern client_test_t test_i006_client_tests_list[];
-int32_t client_test_strict_policy_lower_minor_version(caller_security_t);
+int32_t client_test_strict_policy_lower_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i006/test_supp_i006.c b/api-tests/ff/ipc/test_i006/test_supp_i006.c
index 7831d06..23ced7e 100644
--- a/api-tests/ff/ipc/test_i006/test_supp_i006.c
+++ b/api-tests/ff/ipc/test_i006/test_supp_i006.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_strict_policy_lower_minor_version(void);
+int32_t server_test_strict_policy_lower_version(void);
server_test_t test_i006_server_tests_list[] = {
NULL,
- server_test_strict_policy_lower_minor_version,
+ server_test_strict_policy_lower_version,
NULL,
};
-int32_t server_test_strict_policy_lower_minor_version(void)
+int32_t server_test_strict_policy_lower_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_STRICT_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_STRICT_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i007/test_entry_i007.c b/api-tests/ff/ipc/test_i007/test_entry_i007.c
index ddfe3cd..86ea352 100644
--- a/api-tests/ff/ipc/test_i007/test_entry_i007.c
+++ b/api-tests/ff/ipc/test_i007/test_entry_i007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i007.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 7)
-#define TEST_DESC "Testing RELAX policy with higher minor version\n"
+#define TEST_DESC "Testing RELAX policy with higher version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i007/test_i007.c b/api-tests/ff/ipc/test_i007/test_i007.c
index 14a3d64..cbbbee5 100644
--- a/api-tests/ff/ipc/test_i007/test_i007.c
+++ b/api-tests/ff/ipc/test_i007/test_i007.c
@@ -27,16 +27,16 @@
client_test_t test_i007_client_tests_list[] = {
NULL,
- client_test_relax_policy_higher_minor_version,
+ client_test_relax_policy_higher_version,
NULL,
};
-int32_t client_test_relax_policy_higher_minor_version(caller_security_t caller)
+int32_t client_test_relax_policy_higher_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
- val->print(PRINT_TEST, "[Check 1] Test RELAX policy with higher minor version\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test RELAX policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -69,7 +69,7 @@
}
/* Version policy is relaxed and requested version is higher than the minimum version */
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 3);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION + 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -83,7 +83,7 @@
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tRELAXED policy with higher minor version should have failed but succeeded\n", 0);
+ "\tRELAXED policy with higher version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i007/test_i007.h b/api-tests/ff/ipc/test_i007/test_i007.h
index 9392229..7929b3a 100644
--- a/api-tests/ff/ipc/test_i007/test_i007.h
+++ b/api-tests/ff/ipc/test_i007/test_i007.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i007)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i007)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@
extern client_test_t test_i007_client_tests_list[];
-int32_t client_test_relax_policy_higher_minor_version(caller_security_t);
+int32_t client_test_relax_policy_higher_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i007/test_supp_i007.c b/api-tests/ff/ipc/test_i007/test_supp_i007.c
index e20d425..96a200e 100644
--- a/api-tests/ff/ipc/test_i007/test_supp_i007.c
+++ b/api-tests/ff/ipc/test_i007/test_supp_i007.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_relax_policy_higher_minor_version(void);
+int32_t server_test_relax_policy_higher_version(void);
server_test_t test_i007_server_tests_list[] = {
NULL,
- server_test_relax_policy_higher_minor_version,
+ server_test_relax_policy_higher_version,
NULL,
};
-int32_t server_test_relax_policy_higher_minor_version(void)
+int32_t server_test_relax_policy_higher_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i008/test_i008.c b/api-tests/ff/ipc/test_i008/test_i008.c
index 982d1d4..d13a4b3 100644
--- a/api-tests/ff/ipc/test_i008/test_i008.c
+++ b/api-tests/ff/ipc/test_i008/test_i008.c
@@ -75,7 +75,7 @@
* It is PROGRAMMER ERROR to connect to secure only access service from nspe.
* Whereas call should succeed if called from spe.
*/
- handle = psa->connect(SERVER_SECURE_CONNECT_ONLY_SID, 1);
+ handle = psa->connect(SERVER_SECURE_CONNECT_ONLY_SID, SERVER_SECURE_CONNECT_ONLY_VERSION);
if (caller == CALLER_NONSECURE)
{
@@ -101,7 +101,7 @@
}
/* Should return positive handle for SPE connection */
- if (handle > 0)
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i008/test_i008.h b/api-tests/ff/ipc/test_i008/test_i008.h
index 9eaaf02..ee762ed 100644
--- a/api-tests/ff/ipc/test_i008/test_i008.h
+++ b/api-tests/ff/ipc/test_i008/test_i008.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i008)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i008)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i008/test_supp_i008.c b/api-tests/ff/ipc/test_i008/test_supp_i008.c
index 22868d3..df13c4c 100644
--- a/api-tests/ff/ipc/test_i008/test_supp_i008.c
+++ b/api-tests/ff/ipc/test_i008/test_supp_i008.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_SECURE_CONNECT_ONLY_SIG, &msg);
+ status = val->process_connect_request(SERVER_SECURE_CONNECT_ONLY_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -63,7 +63,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
}
- status = val->process_disconnect_request(SERVER_SECURE_CONNECT_ONLY_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_SECURE_CONNECT_ONLY_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
diff --git a/api-tests/ff/ipc/test_i009/test_entry_i009.c b/api-tests/ff/ipc/test_i009/test_entry_i009.c
index 992e9e2..8506ac1 100644
--- a/api-tests/ff/ipc/test_i009/test_entry_i009.c
+++ b/api-tests/ff/ipc/test_i009/test_entry_i009.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i009.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 9)
-#define TEST_DESC "Testing unextern SID connection\n"
+#define TEST_DESC "Testing psa_connect with SID unspecified in dependencies\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i009/test_i009.c b/api-tests/ff/ipc/test_i009/test_i009.c
index 5fd1b62..cd53082 100644
--- a/api-tests/ff/ipc/test_i009/test_i009.c
+++ b/api-tests/ff/ipc/test_i009/test_i009.c
@@ -27,15 +27,15 @@
client_test_t test_i009_client_tests_list[] = {
NULL,
- client_test_unextern_sid_connection,
+ client_test_unspecified_dependent_sid,
NULL,
};
-int32_t client_test_unextern_sid_connection(caller_security_t caller)
+int32_t client_test_unspecified_dependent_sid(caller_security_t caller)
{
psa_handle_t handle = 0;
- val->print(PRINT_TEST, "[Check 1] Test unextern SID connection\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test psa_connect with SID unspecified in dependencies\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -70,7 +70,7 @@
* If access between a client Secure Partition and an RoT Service is not specified in
* the manifest, then the client is not allowed to connect to the RoT Service.
*/
- handle = psa->connect(SERVER_UNEXTERN_SID, 2);
+ handle = psa->connect(SERVER_UNEXTERN_SID, SERVER_UNEXTERN_VERSION);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR, "\tunextern SID connection should have failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i009/test_i009.h b/api-tests/ff/ipc/test_i009/test_i009.h
index 661e7ca..35d7e15 100644
--- a/api-tests/ff/ipc/test_i009/test_i009.h
+++ b/api-tests/ff/ipc/test_i009/test_i009.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i009)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i009)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@
extern client_test_t test_i009_client_tests_list[];
-int32_t client_test_unextern_sid_connection(caller_security_t);
+int32_t client_test_unspecified_dependent_sid(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i009/test_supp_i009.c b/api-tests/ff/ipc/test_i009/test_supp_i009.c
index a0f1cca..c6711bc 100644
--- a/api-tests/ff/ipc/test_i009/test_supp_i009.c
+++ b/api-tests/ff/ipc/test_i009/test_supp_i009.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_unextern_sid_connection(void);
+int32_t server_test_unspecified_dependent_sid(void);
server_test_t test_i009_server_tests_list[] = {
NULL,
- server_test_unextern_sid_connection,
+ server_test_unspecified_dependent_sid,
NULL,
};
-int32_t server_test_unextern_sid_connection(void)
+int32_t server_test_unspecified_dependent_sid(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_UNEXTERN_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNEXTERN_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i010/test_entry_i010.c b/api-tests/ff/ipc/test_i010/test_entry_i010.c
index fa42b05..e0e72ef 100644
--- a/api-tests/ff/ipc/test_i010/test_entry_i010.c
+++ b/api-tests/ff/ipc/test_i010/test_entry_i010.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i010.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 10)
-#define TEST_DESC "Testing un-specified minor_policy with higher minor version\n"
+#define TEST_DESC "Testing un-specified version_policy with higher version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i010/test_i010.c b/api-tests/ff/ipc/test_i010/test_i010.c
index 7a2074b..77233b6 100644
--- a/api-tests/ff/ipc/test_i010/test_i010.c
+++ b/api-tests/ff/ipc/test_i010/test_i010.c
@@ -27,17 +27,17 @@
client_test_t test_i010_client_tests_list[] = {
NULL,
- client_test_unspecified_policy_with_higher_minor_ver,
+ client_test_unspecified_policy_with_higher_version,
NULL,
};
-int32_t client_test_unspecified_policy_with_higher_minor_ver(caller_security_t caller)
+int32_t client_test_unspecified_policy_with_higher_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
val->print(PRINT_TEST,
- "[Check 1] Test un-specified minor_policy with higher minor version\n", 0);
+ "[Check 1] Test un-specified version_policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -70,11 +70,11 @@
}
/*
- * The minor_version and minor_policy attributes do not need to be specified.
+ * The SID version and version_policy attributes do not need to be specified.
* If they are not specified in the manifest, the RoT Service will have
- * default attributes of minor_version=1 and minor_policy="STRICT".
+ * default attributes of version=1 and version_policy="STRICT".
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 3);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION + 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -88,7 +88,7 @@
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tun-specified policy with higher minor version should have failed but succeeded\n", 0);
+ "\tun-specified policy with higher version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i010/test_i010.h b/api-tests/ff/ipc/test_i010/test_i010.h
index f299f98..e5dc30d 100644
--- a/api-tests/ff/ipc/test_i010/test_i010.h
+++ b/api-tests/ff/ipc/test_i010/test_i010.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i010)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i010)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@
extern client_test_t test_i010_client_tests_list[];
-int32_t client_test_unspecified_policy_with_higher_minor_ver(caller_security_t);
+int32_t client_test_unspecified_policy_with_higher_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i010/test_supp_i010.c b/api-tests/ff/ipc/test_i010/test_supp_i010.c
index 6f8ffb8..0429ea5 100644
--- a/api-tests/ff/ipc/test_i010/test_supp_i010.c
+++ b/api-tests/ff/ipc/test_i010/test_supp_i010.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_unspecified_policy_with_higher_minor_ver(void);
+int32_t server_test_unspecified_policy_with_higher_version(void);
server_test_t test_i010_server_tests_list[] = {
NULL,
- server_test_unspecified_policy_with_higher_minor_ver,
+ server_test_unspecified_policy_with_higher_version,
NULL,
};
-int32_t server_test_unspecified_policy_with_higher_minor_ver(void)
+int32_t server_test_unspecified_policy_with_higher_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i011/test_entry_i011.c b/api-tests/ff/ipc/test_i011/test_entry_i011.c
index ef4b6f5..a1ca9c7 100644
--- a/api-tests/ff/ipc/test_i011/test_entry_i011.c
+++ b/api-tests/ff/ipc/test_i011/test_entry_i011.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i011.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 11)
-#define TEST_DESC "Testing un-specified minor_policy with lower minor version\n"
+#define TEST_DESC "Testing un-specified version_policy with lower version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i011/test_i011.c b/api-tests/ff/ipc/test_i011/test_i011.c
index 536d04c..e0996aa 100644
--- a/api-tests/ff/ipc/test_i011/test_i011.c
+++ b/api-tests/ff/ipc/test_i011/test_i011.c
@@ -27,17 +27,17 @@
client_test_t test_i011_client_tests_list[] = {
NULL,
- client_test_unspecified_policy_with_lower_minor_ver,
+ client_test_unspecified_policy_with_lower_version,
NULL,
};
-int32_t client_test_unspecified_policy_with_lower_minor_ver(caller_security_t caller)
+int32_t client_test_unspecified_policy_with_lower_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
val->print(PRINT_TEST,
- "[Check 1] Test un-specified minor_policy with higher minor version\n", 0);
+ "[Check 1] Test un-specified version_policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -70,11 +70,13 @@
}
/*
- * The minor_version and minor_policy attributes do not need to be specified.
+ * 1. The SID version and version_policy attributes do not need to be specified.
* If they are not specified in the manifest, the RoT Service will have
- * default attributes of minor_version=1 and minor_policy="STRICT".
+ * default attributes of version=1 and version_policy="STRICT".
+ *
+ * 2. RoT Service version must be non-zero.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 0);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -88,7 +90,7 @@
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tun-specified policy with lower minor version should have failed but succeeded\n", 0);
+ "\tun-specified policy with lower version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i011/test_i011.h b/api-tests/ff/ipc/test_i011/test_i011.h
index 3e0b334..db4436d 100644
--- a/api-tests/ff/ipc/test_i011/test_i011.h
+++ b/api-tests/ff/ipc/test_i011/test_i011.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i011)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i011)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@
extern client_test_t test_i011_client_tests_list[];
-int32_t client_test_unspecified_policy_with_lower_minor_ver(caller_security_t);
+int32_t client_test_unspecified_policy_with_lower_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i011/test_supp_i011.c b/api-tests/ff/ipc/test_i011/test_supp_i011.c
index 87d4a4d..97e05df 100644
--- a/api-tests/ff/ipc/test_i011/test_supp_i011.c
+++ b/api-tests/ff/ipc/test_i011/test_supp_i011.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_unspecified_policy_with_lower_minor_ver(void);
+int32_t server_test_unspecified_policy_with_lower_version(void);
server_test_t test_i011_server_tests_list[] = {
NULL,
- server_test_unspecified_policy_with_lower_minor_ver,
+ server_test_unspecified_policy_with_lower_version,
NULL,
};
-int32_t server_test_unspecified_policy_with_lower_minor_ver(void)
+int32_t server_test_unspecified_policy_with_lower_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i012/test_i012.h b/api-tests/ff/ipc/test_i012/test_i012.h
index fbdd20e..c8b269f 100644
--- a/api-tests/ff/ipc/test_i012/test_i012.h
+++ b/api-tests/ff/ipc/test_i012/test_i012.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i012)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i012)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i012/test_supp_i012.c b/api-tests/ff/ipc/test_i012/test_supp_i012.c
index f6d39b6..0de30cf 100644
--- a/api-tests/ff/ipc/test_i012/test_supp_i012.c
+++ b/api-tests/ff/ipc/test_i012/test_supp_i012.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i013/test_i013.c b/api-tests/ff/ipc/test_i013/test_i013.c
index 9ac96fd..db11275 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_i013.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_get with multiple signals\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i013/test_i013.h b/api-tests/ff/ipc/test_i013/test_i013.h
index 99458c5..efcd988 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.h
+++ b/api-tests/ff/ipc/test_i013/test_i013.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i013)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i013)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i013/test_supp_i013.c b/api-tests/ff/ipc/test_i013/test_supp_i013.c
index fb54c3f..640d71f 100644
--- a/api-tests/ff/ipc/test_i013/test_supp_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_supp_i013.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -57,23 +57,23 @@
* VAL APIs to decide test status.
*/
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* Setting boot.state before test check */
if (val->set_boot_flag(BOOT_EXPECTED_NS))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
/* Unblock client */
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
- val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
}
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_ERROR;
}
/* multiple signals check */
- psa->get((SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG), &msg);
+ psa->get((SERVER_UNSPECIFED_VERSION_SIGNAL | SERVER_RELAX_VERSION_SIGNAL), &msg);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
/* Resetting boot.state to catch unwanted reboot */
diff --git a/api-tests/ff/ipc/test_i014/test_i014.c b/api-tests/ff/ipc/test_i014/test_i014.c
index 3da7d74..b6c260a 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.c
+++ b/api-tests/ff/ipc/test_i014/test_i014.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_get called twice\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i014/test_i014.h b/api-tests/ff/ipc/test_i014/test_i014.h
index e92beb7..0825f26 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.h
+++ b/api-tests/ff/ipc/test_i014/test_i014.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i014)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i014)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i014/test_supp_i014.c b/api-tests/ff/ipc/test_i014/test_supp_i014.c
index fe062f4..ab2e938 100644
--- a/api-tests/ff/ipc/test_i014/test_supp_i014.c
+++ b/api-tests/ff/ipc/test_i014/test_supp_i014.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,10 +59,10 @@
*/
wait:
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* First psa_get call */
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -80,7 +80,7 @@
}
/* Second psa_get call. This should panic */
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
/* Resetting boot.state to catch unwanted reboot */
diff --git a/api-tests/ff/ipc/test_i015/test_i015.c b/api-tests/ff/ipc/test_i015/test_i015.c
index f1854f3..a23157c 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.c
+++ b/api-tests/ff/ipc/test_i015/test_i015.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_get with non-RoT signal\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i015/test_i015.h b/api-tests/ff/ipc/test_i015/test_i015.h
index 70b647c..b74f6c3 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.h
+++ b/api-tests/ff/ipc/test_i015/test_i015.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i015)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i015)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i015/test_supp_i015.c b/api-tests/ff/ipc/test_i015/test_supp_i015.c
index a044796..6b24b66 100644
--- a/api-tests/ff/ipc/test_i015/test_supp_i015.c
+++ b/api-tests/ff/ipc/test_i015/test_supp_i015.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,14 +58,14 @@
* VAL APIs to decide test status.
*/
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
diff --git a/api-tests/ff/ipc/test_i016/test_i016.c b/api-tests/ff/ipc/test_i016/test_i016.c
index 781d317..cec06b9 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.c
+++ b/api-tests/ff/ipc/test_i016/test_i016.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_get with unasserted signal\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i016/test_i016.h b/api-tests/ff/ipc/test_i016/test_i016.h
index 104803c..16c265d 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.h
+++ b/api-tests/ff/ipc/test_i016/test_i016.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i016)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i016)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i016/test_supp_i016.c b/api-tests/ff/ipc/test_i016/test_supp_i016.c
index 7b4d5e1..5818ebd 100644
--- a/api-tests/ff/ipc/test_i016/test_supp_i016.c
+++ b/api-tests/ff/ipc/test_i016/test_supp_i016.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,20 +58,20 @@
* VAL APIs to decide test status.
*/
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
/* Unasserted signal check, call to psa_get should panic */
- psa->get(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ psa->get(SERVER_RELAX_VERSION_SIGNAL, &msg);
/* shouldn't have reached here */
/* Resetting boot.state to catch unwanted reboot */
diff --git a/api-tests/ff/ipc/test_i017/test_i017.c b/api-tests/ff/ipc/test_i017/test_i017.c
index 00a9dc3..4823c46 100644
--- a/api-tests/ff/ipc/test_i017/test_i017.c
+++ b/api-tests/ff/ipc/test_i017/test_i017.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test partition calling its own RoT service\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i017/test_i017.h b/api-tests/ff/ipc/test_i017/test_i017.h
index e5ac1b9..57697d8 100644
--- a/api-tests/ff/ipc/test_i017/test_i017.h
+++ b/api-tests/ff/ipc/test_i017/test_i017.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i017)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i017)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i017/test_supp_i017.c b/api-tests/ff/ipc/test_i017/test_supp_i017.c
index 6c72977..63057a5 100644
--- a/api-tests/ff/ipc/test_i017/test_supp_i017.c
+++ b/api-tests/ff/ipc/test_i017/test_supp_i017.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -75,7 +75,7 @@
}
/* Calling server partition RoT service using IPC and call should panic */
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i018/test_i018.c b/api-tests/ff/ipc/test_i018/test_i018.c
index 0825ddf..fa40d5f 100644
--- a/api-tests/ff/ipc/test_i018/test_i018.c
+++ b/api-tests/ff/ipc/test_i018/test_i018.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_set_rhandle with invalid msg handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i018/test_i018.h b/api-tests/ff/ipc/test_i018/test_i018.h
index 14e05bc..9bf6c7f 100644
--- a/api-tests/ff/ipc/test_i018/test_i018.h
+++ b/api-tests/ff/ipc/test_i018/test_i018.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i018)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i018)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i018/test_supp_i018.c b/api-tests/ff/ipc/test_i018/test_supp_i018.c
index 5a67aba..6a7afe4 100644
--- a/api-tests/ff/ipc/test_i018/test_supp_i018.c
+++ b/api-tests/ff/ipc/test_i018/test_supp_i018.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
int32_t status = VAL_STATUS_SUCCESS;
int num;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i019/test_i019.c b/api-tests/ff/ipc/test_i019/test_i019.c
index a123bb2..941a82c 100644
--- a/api-tests/ff/ipc/test_i019/test_i019.c
+++ b/api-tests/ff/ipc/test_i019/test_i019.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_set_rhandle with null msg handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i019/test_i019.h b/api-tests/ff/ipc/test_i019/test_i019.h
index c4bcfdc..9e1f146 100644
--- a/api-tests/ff/ipc/test_i019/test_i019.h
+++ b/api-tests/ff/ipc/test_i019/test_i019.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i019)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i019)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i019/test_supp_i019.c b/api-tests/ff/ipc/test_i019/test_supp_i019.c
index af063a6..5e4362c 100644
--- a/api-tests/ff/ipc/test_i019/test_supp_i019.c
+++ b/api-tests/ff/ipc/test_i019/test_supp_i019.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,7 +59,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i020/test_i020.c b/api-tests/ff/ipc/test_i020/test_i020.c
index 21d0ab5..7f3dbb5 100644
--- a/api-tests/ff/ipc/test_i020/test_i020.c
+++ b/api-tests/ff/ipc/test_i020/test_i020.c
@@ -39,7 +39,7 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_reply with invalid status code for PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i020/test_i020.h b/api-tests/ff/ipc/test_i020/test_i020.h
index ccad95b..5c820fc 100644
--- a/api-tests/ff/ipc/test_i020/test_i020.h
+++ b/api-tests/ff/ipc/test_i020/test_i020.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i020)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i020)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i020/test_supp_i020.c b/api-tests/ff/ipc/test_i020/test_supp_i020.c
index 816fd66..4bbc184 100644
--- a/api-tests/ff/ipc/test_i020/test_supp_i020.c
+++ b/api-tests/ff/ipc/test_i020/test_supp_i020.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_status_t invalid_status_code = PSA_ERROR_CONNECTION_REFUSED + 0x10;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i021/test_i021.c b/api-tests/ff/ipc/test_i021/test_i021.c
index ca7f3ee..cdb2107 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.c
+++ b/api-tests/ff/ipc/test_i021/test_i021.c
@@ -38,7 +38,7 @@
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@
val->print(PRINT_TEST, "[Check 1] Test irq routing\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -56,7 +56,7 @@
/* Execute driver function related to TEST_INTR_SERVICE */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- if (psa->call(handle, &invec, 1, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0) != PSA_SUCCESS)
{
psa->close(handle);
return VAL_STATUS_SPM_FAILED;
diff --git a/api-tests/ff/ipc/test_i021/test_i021.h b/api-tests/ff/ipc/test_i021/test_i021.h
index f532c7f..d99b1d7 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.h
+++ b/api-tests/ff/ipc/test_i021/test_i021.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i021)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i021)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i021/test_supp_i021.c b/api-tests/ff/ipc/test_i021/test_supp_i021.c
index 672f340..1877450 100644
--- a/api-tests/ff/ipc/test_i021/test_supp_i021.c
+++ b/api-tests/ff/ipc/test_i021/test_supp_i021.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i022/test_i022.c b/api-tests/ff/ipc/test_i022/test_i022.c
index cad50be..366d944 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_i022.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Testing psa_reply with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i022/test_i022.h b/api-tests/ff/ipc/test_i022/test_i022.h
index 8c5b5e1..ad0e570 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.h
+++ b/api-tests/ff/ipc/test_i022/test_i022.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i022)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i022)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i022/test_supp_i022.c b/api-tests/ff/ipc/test_i022/test_supp_i022.c
index e2ba391..f952610 100644
--- a/api-tests/ff/ipc/test_i022/test_supp_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_supp_i022.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i023/test_i023.c b/api-tests/ff/ipc/test_i023/test_i023.c
index d81c284..6e0cff1 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_i023.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Testing psa_reply with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i023/test_i023.h b/api-tests/ff/ipc/test_i023/test_i023.h
index 9029a4b..2bd6660 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.h
+++ b/api-tests/ff/ipc/test_i023/test_i023.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i023)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i023)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i023/test_supp_i023.c b/api-tests/ff/ipc/test_i023/test_supp_i023.c
index 4436e4a..11d871f 100644
--- a/api-tests/ff/ipc/test_i023/test_supp_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_supp_i023.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i024/test_i024.c b/api-tests/ff/ipc/test_i024/test_i024.c
index 70aaf67..40de681 100644
--- a/api-tests/ff/ipc/test_i024/test_i024.c
+++ b/api-tests/ff/ipc/test_i024/test_i024.c
@@ -70,7 +70,7 @@
}
/* Test check- psa_call with INVALID_HANDLE */
- status_of_call = psa->call(INVALID_HANDLE, NULL, 0, NULL, 0);
+ status_of_call = psa->call(INVALID_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i024/test_i024.h b/api-tests/ff/ipc/test_i024/test_i024.h
index 701382e..3015932 100644
--- a/api-tests/ff/ipc/test_i024/test_i024.h
+++ b/api-tests/ff/ipc/test_i024/test_i024.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i024)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i024)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i024/test_supp_i024.c b/api-tests/ff/ipc/test_i024/test_supp_i024.c
index 60d9895..67b4fc9 100644
--- a/api-tests/ff/ipc/test_i024/test_supp_i024.c
+++ b/api-tests/ff/ipc/test_i024/test_supp_i024.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i025/test_i025.c b/api-tests/ff/ipc/test_i025/test_i025.c
index 753d920..da20375 100644
--- a/api-tests/ff/ipc/test_i025/test_i025.c
+++ b/api-tests/ff/ipc/test_i025/test_i025.c
@@ -70,7 +70,7 @@
}
/* Test check- psa_call with NULL HANDLE */
- status_of_call = psa->call(PSA_NULL_HANDLE, NULL, 0, NULL, 0);
+ status_of_call = psa->call(PSA_NULL_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i025/test_i025.h b/api-tests/ff/ipc/test_i025/test_i025.h
index 570c5f3..eaec5a1 100644
--- a/api-tests/ff/ipc/test_i025/test_i025.h
+++ b/api-tests/ff/ipc/test_i025/test_i025.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i025)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i025)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i025/test_supp_i025.c b/api-tests/ff/ipc/test_i025/test_supp_i025.c
index 20f1557..19d70e8 100644
--- a/api-tests/ff/ipc/test_i025/test_supp_i025.c
+++ b/api-tests/ff/ipc/test_i025/test_supp_i025.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i026/test_i026.c b/api-tests/ff/ipc/test_i026/test_i026.c
index 8ead26d..0b186e9 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_i026.c
@@ -70,9 +70,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -87,7 +86,7 @@
}
/* Test check- psa_call with IOVEC > PSA_MAX_IOVEC */
- status_of_call = psa->call(handle, invec, PSA_MAX_IOVEC, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, PSA_MAX_IOVEC, outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i026/test_i026.h b/api-tests/ff/ipc/test_i026/test_i026.h
index 7c46712..98eb2fe 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.h
+++ b/api-tests/ff/ipc/test_i026/test_i026.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i026)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i026)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i026/test_supp_i026.c b/api-tests/ff/ipc/test_i026/test_supp_i026.c
index 4b1794b..dc5b829 100644
--- a/api-tests/ff/ipc/test_i026/test_supp_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_supp_i026.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i027/test_i027.c b/api-tests/ff/ipc/test_i027/test_i027.c
index f12f940..b346fa7 100644
--- a/api-tests/ff/ipc/test_i027/test_i027.c
+++ b/api-tests/ff/ipc/test_i027/test_i027.c
@@ -63,8 +63,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_CONNECTION_DROP_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_CONNECTION_DROP_SID, SERVER_CONNECTION_DROP_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -78,7 +78,7 @@
return VAL_STATUS_ERROR;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -94,14 +94,14 @@
return VAL_STATUS_ERROR;
}
- val->print(PRINT_DEBUG, "\tRecieved PSA_ERROR_PROGRAMMER_ERROR\n", 0);
+ val->print(PRINT_DEBUG, "\tReceived PSA_ERROR_PROGRAMMER_ERROR\n", 0);
/* If this call returns PSA_ERROR_PROGRAMMER_ERROR,
* when a valid connection handle was provided, then
* all subsequent calls to psa_call() with the same connection
* handle will immediately return PSA_ERROR_PROGRAMMER_ERROR.
*/
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
if (status_of_call != PSA_ERROR_PROGRAMMER_ERROR)
{
status = VAL_STATUS_SPM_FAILED;
diff --git a/api-tests/ff/ipc/test_i027/test_i027.h b/api-tests/ff/ipc/test_i027/test_i027.h
index 827196f..9a679ea 100644
--- a/api-tests/ff/ipc/test_i027/test_i027.h
+++ b/api-tests/ff/ipc/test_i027/test_i027.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i027)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i027)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i027/test_supp_i027.c b/api-tests/ff/ipc/test_i027/test_supp_i027.c
index c2eb4d3..fe5374b 100644
--- a/api-tests/ff/ipc/test_i027/test_supp_i027.c
+++ b/api-tests/ff/ipc/test_i027/test_supp_i027.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ status = val->process_connect_request(SERVER_CONNECTION_DROP_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -45,7 +45,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ status = val->process_call_request(SERVER_CONNECTION_DROP_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -62,7 +62,7 @@
* directly after receipt of the PSA_ERROR_PROGRAMMER_ERROR completion to allow
* connection resources within the RoT Service to be released
*/
- status = val->process_disconnect_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_CONNECTION_DROP_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
val->print(PRINT_ERROR, "\tDisconnect request failed\n", 0);
diff --git a/api-tests/ff/ipc/test_i028/test_i028.c b/api-tests/ff/ipc/test_i028/test_i028.c
index cc1d8e0..7e2f112 100644
--- a/api-tests/ff/ipc/test_i028/test_i028.c
+++ b/api-tests/ff/ipc/test_i028/test_i028.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_read at PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* Shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
diff --git a/api-tests/ff/ipc/test_i028/test_i028.h b/api-tests/ff/ipc/test_i028/test_i028.h
index 41b207a..f958ebb 100644
--- a/api-tests/ff/ipc/test_i028/test_i028.h
+++ b/api-tests/ff/ipc/test_i028/test_i028.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i028)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i028)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i028/test_supp_i028.c b/api-tests/ff/ipc/test_i028/test_supp_i028.c
index 3c571e3..02a0023 100644
--- a/api-tests/ff/ipc/test_i028/test_supp_i028.c
+++ b/api-tests/ff/ipc/test_i028/test_supp_i028.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i029/test_i029.c b/api-tests/ff/ipc/test_i029/test_i029.c
index 7c997e4..d208bc8 100644
--- a/api-tests/ff/ipc/test_i029/test_i029.c
+++ b/api-tests/ff/ipc/test_i029/test_i029.c
@@ -37,8 +37,8 @@
val->print(PRINT_TEST, "[Check 1] Test psa_read at PSA_IPC_DISCONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i029/test_i029.h b/api-tests/ff/ipc/test_i029/test_i029.h
index 48a1b75..bc21184 100644
--- a/api-tests/ff/ipc/test_i029/test_i029.h
+++ b/api-tests/ff/ipc/test_i029/test_i029.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i029)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i029)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i029/test_supp_i029.c b/api-tests/ff/ipc/test_i029/test_supp_i029.c
index 0e7aac6..ff9caf9 100644
--- a/api-tests/ff/ipc/test_i029/test_supp_i029.c
+++ b/api-tests/ff/ipc/test_i029/test_supp_i029.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -69,7 +69,7 @@
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i030/test_i030.c b/api-tests/ff/ipc/test_i030/test_i030.c
index 9b1351a..922f131 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_i030.c
@@ -40,15 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_read with NULL handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i030/test_i030.h b/api-tests/ff/ipc/test_i030/test_i030.h
index 20af72f..c5ec886 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.h
+++ b/api-tests/ff/ipc/test_i030/test_i030.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i030)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i030)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i030/test_supp_i030.c b/api-tests/ff/ipc/test_i030/test_supp_i030.c
index 6c67a00..1f46e69 100644
--- a/api-tests/ff/ipc/test_i030/test_supp_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_supp_i030.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i031/test_i031.c b/api-tests/ff/ipc/test_i031/test_i031.c
index 0751f06..25b6975 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_i031.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i031/test_i031.h b/api-tests/ff/ipc/test_i031/test_i031.h
index 6283b61..849197f 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.h
+++ b/api-tests/ff/ipc/test_i031/test_i031.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i031)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i031)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i031/test_supp_i031.c b/api-tests/ff/ipc/test_i031/test_supp_i031.c
index 9bac47a..94f7389 100644
--- a/api-tests/ff/ipc/test_i031/test_supp_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_supp_i031.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i032/test_i032.c b/api-tests/ff/ipc/test_i032/test_i032.c
index be3f1f1..b790271 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_i032.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invec_idx=PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i032/test_i032.h b/api-tests/ff/ipc/test_i032/test_i032.h
index 48e4d8a..327be5a 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.h
+++ b/api-tests/ff/ipc/test_i032/test_i032.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i032)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i032)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i032/test_supp_i032.c b/api-tests/ff/ipc/test_i032/test_supp_i032.c
index e45d47b..2077133 100644
--- a/api-tests/ff/ipc/test_i032/test_supp_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_supp_i032.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i033/test_i033.c b/api-tests/ff/ipc/test_i033/test_i033.c
index e8e803a..79cad60 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_i033.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invec_idx > PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i033/test_i033.h b/api-tests/ff/ipc/test_i033/test_i033.h
index b4f74cc..3ee5558 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.h
+++ b/api-tests/ff/ipc/test_i033/test_i033.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i033)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i033)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i033/test_supp_i033.c b/api-tests/ff/ipc/test_i033/test_supp_i033.c
index 425c255..676c1cd 100644
--- a/api-tests/ff/ipc/test_i033/test_supp_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_supp_i033.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i034/test_i034.c b/api-tests/ff/ipc/test_i034/test_i034.c
index f7f14ff..a5a18b8 100644
--- a/api-tests/ff/ipc/test_i034/test_i034.c
+++ b/api-tests/ff/ipc/test_i034/test_i034.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_skip at PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* Shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
diff --git a/api-tests/ff/ipc/test_i034/test_i034.h b/api-tests/ff/ipc/test_i034/test_i034.h
index 0f0d5b9..0c0001f 100644
--- a/api-tests/ff/ipc/test_i034/test_i034.h
+++ b/api-tests/ff/ipc/test_i034/test_i034.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i034)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i034)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i034/test_supp_i034.c b/api-tests/ff/ipc/test_i034/test_supp_i034.c
index 2580d99..b455d23 100644
--- a/api-tests/ff/ipc/test_i034/test_supp_i034.c
+++ b/api-tests/ff/ipc/test_i034/test_supp_i034.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i035/test_i035.c b/api-tests/ff/ipc/test_i035/test_i035.c
index 1556e7e..aea9bd9 100644
--- a/api-tests/ff/ipc/test_i035/test_i035.c
+++ b/api-tests/ff/ipc/test_i035/test_i035.c
@@ -37,8 +37,8 @@
val->print(PRINT_TEST, "[Check 1] Test psa_skip at PSA_IPC_DISCONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i035/test_i035.h b/api-tests/ff/ipc/test_i035/test_i035.h
index 1312973..8ebc1c3 100644
--- a/api-tests/ff/ipc/test_i035/test_i035.h
+++ b/api-tests/ff/ipc/test_i035/test_i035.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i035)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i035)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i035/test_supp_i035.c b/api-tests/ff/ipc/test_i035/test_supp_i035.c
index a355148..c9caa9e 100644
--- a/api-tests/ff/ipc/test_i035/test_supp_i035.c
+++ b/api-tests/ff/ipc/test_i035/test_supp_i035.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -66,7 +66,7 @@
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i036/test_i036.c b/api-tests/ff/ipc/test_i036/test_i036.c
index 87f6f2a..a54ab14 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_i036.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with NULL handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i036/test_i036.h b/api-tests/ff/ipc/test_i036/test_i036.h
index 7be6f54..ebce979 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.h
+++ b/api-tests/ff/ipc/test_i036/test_i036.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i036)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i036)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i036/test_supp_i036.c b/api-tests/ff/ipc/test_i036/test_supp_i036.c
index b61bbfe..1a47f3f 100644
--- a/api-tests/ff/ipc/test_i036/test_supp_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_supp_i036.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -102,7 +102,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i037/test_i037.c b/api-tests/ff/ipc/test_i037/test_i037.c
index 306990e..c428c43 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_i037.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i037/test_i037.h b/api-tests/ff/ipc/test_i037/test_i037.h
index 051565f..29d6346 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.h
+++ b/api-tests/ff/ipc/test_i037/test_i037.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i037)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i037)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i037/test_supp_i037.c b/api-tests/ff/ipc/test_i037/test_supp_i037.c
index 9ed9963..a4d0f6f 100644
--- a/api-tests/ff/ipc/test_i037/test_supp_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_supp_i037.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -102,7 +102,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i038/test_i038.c b/api-tests/ff/ipc/test_i038/test_i038.c
index 2cb1f9f..b75ed58 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_i038.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with invec_idx=PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i038/test_i038.h b/api-tests/ff/ipc/test_i038/test_i038.h
index 8da20a3..162466f 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.h
+++ b/api-tests/ff/ipc/test_i038/test_i038.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i038)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i038)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i038/test_supp_i038.c b/api-tests/ff/ipc/test_i038/test_supp_i038.c
index 540440d..bcd8dbe 100644
--- a/api-tests/ff/ipc/test_i038/test_supp_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_supp_i038.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -104,7 +104,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i039/test_i039.c b/api-tests/ff/ipc/test_i039/test_i039.c
index 2582094..c6cdd24 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_i039.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with invec_idx > PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i039/test_i039.h b/api-tests/ff/ipc/test_i039/test_i039.h
index e9862df..9d5ae47 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.h
+++ b/api-tests/ff/ipc/test_i039/test_i039.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i039)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i039)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i039/test_supp_i039.c b/api-tests/ff/ipc/test_i039/test_supp_i039.c
index 9b4b3c6..eb788b8 100644
--- a/api-tests/ff/ipc/test_i039/test_supp_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_supp_i039.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -104,7 +104,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i040/test_i040.c b/api-tests/ff/ipc/test_i040/test_i040.c
index 412f0bf..18c95bf 100644
--- a/api-tests/ff/ipc/test_i040/test_i040.c
+++ b/api-tests/ff/ipc/test_i040/test_i040.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_write at PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* Shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
diff --git a/api-tests/ff/ipc/test_i040/test_i040.h b/api-tests/ff/ipc/test_i040/test_i040.h
index de982eb..f865a10 100644
--- a/api-tests/ff/ipc/test_i040/test_i040.h
+++ b/api-tests/ff/ipc/test_i040/test_i040.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i040)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i040)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i040/test_supp_i040.c b/api-tests/ff/ipc/test_i040/test_supp_i040.c
index 8ea608b..2ba2015 100644
--- a/api-tests/ff/ipc/test_i040/test_supp_i040.c
+++ b/api-tests/ff/ipc/test_i040/test_supp_i040.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i041/test_i041.c b/api-tests/ff/ipc/test_i041/test_i041.c
index bd5060d..2866b6c 100644
--- a/api-tests/ff/ipc/test_i041/test_i041.c
+++ b/api-tests/ff/ipc/test_i041/test_i041.c
@@ -37,8 +37,8 @@
val->print(PRINT_TEST, "[Check 1] Test psa_write at PSA_IPC_DISCONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i041/test_i041.h b/api-tests/ff/ipc/test_i041/test_i041.h
index 617639b..c43d574 100644
--- a/api-tests/ff/ipc/test_i041/test_i041.h
+++ b/api-tests/ff/ipc/test_i041/test_i041.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i041)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i041)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i041/test_supp_i041.c b/api-tests/ff/ipc/test_i041/test_supp_i041.c
index 8b3d2b3..d7365ac 100644
--- a/api-tests/ff/ipc/test_i041/test_supp_i041.c
+++ b/api-tests/ff/ipc/test_i041/test_supp_i041.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -69,7 +69,7 @@
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i042/test_i042.c b/api-tests/ff/ipc/test_i042/test_i042.c
index 522f558..9977cb5 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_i042.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_write with NULL handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i042/test_i042.h b/api-tests/ff/ipc/test_i042/test_i042.h
index fd25e4b..42713df 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.h
+++ b/api-tests/ff/ipc/test_i042/test_i042.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i042)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i042)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i042/test_supp_i042.c b/api-tests/ff/ipc/test_i042/test_supp_i042.c
index 1257cdf..0ea1a9a 100644
--- a/api-tests/ff/ipc/test_i042/test_supp_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_supp_i042.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,7 +59,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -68,7 +68,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -101,7 +101,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i043/test_i043.c b/api-tests/ff/ipc/test_i043/test_i043.c
index aeeea43..e068910 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_i043.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i043/test_i043.h b/api-tests/ff/ipc/test_i043/test_i043.h
index e618a3d..56250f9 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.h
+++ b/api-tests/ff/ipc/test_i043/test_i043.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i043)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i043)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i043/test_supp_i043.c b/api-tests/ff/ipc/test_i043/test_supp_i043.c
index 5123753..a5dcc9b 100644
--- a/api-tests/ff/ipc/test_i043/test_supp_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_supp_i043.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i044/test_i044.c b/api-tests/ff/ipc/test_i044/test_i044.c
index 339d84d..f67150a 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_i044.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invec_idx=PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i044/test_i044.h b/api-tests/ff/ipc/test_i044/test_i044.h
index 423b923..19e32d3 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.h
+++ b/api-tests/ff/ipc/test_i044/test_i044.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i044)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i044)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i044/test_supp_i044.c b/api-tests/ff/ipc/test_i044/test_supp_i044.c
index b4e4cae..3b50696 100644
--- a/api-tests/ff/ipc/test_i044/test_supp_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_supp_i044.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i045/test_i045.c b/api-tests/ff/ipc/test_i045/test_i045.c
index a046106..1b4c6b4 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_i045.c
@@ -40,14 +40,14 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invec_idx > PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i045/test_i045.h b/api-tests/ff/ipc/test_i045/test_i045.h
index 66221a8..04e11c0 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.h
+++ b/api-tests/ff/ipc/test_i045/test_i045.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i045)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i045)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i045/test_supp_i045.c b/api-tests/ff/ipc/test_i045/test_supp_i045.c
index 260e6ff..caeb823 100644
--- a/api-tests/ff/ipc/test_i045/test_supp_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_supp_i045.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i046/test_i046.c b/api-tests/ff/ipc/test_i046/test_i046.c
index 7281286..f0efdf5 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_i046.c
@@ -41,8 +41,8 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_write with size overflow\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -50,7 +50,7 @@
psa_outvec resp = {&data, sizeof(data)};
- status_of_call = psa->call(handle, NULL, 0, &resp, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, &resp, 1);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i046/test_i046.h b/api-tests/ff/ipc/test_i046/test_i046.h
index 340bd12..f2f7a7e 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.h
+++ b/api-tests/ff/ipc/test_i046/test_i046.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i046)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i046)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i046/test_supp_i046.c b/api-tests/ff/ipc/test_i046/test_supp_i046.c
index 8a4513a..450d712 100644
--- a/api-tests/ff/ipc/test_i046/test_supp_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_supp_i046.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i047/test_i047.c b/api-tests/ff/ipc/test_i047/test_i047.c
index 3271b93..d08096b 100644
--- a/api-tests/ff/ipc/test_i047/test_i047.c
+++ b/api-tests/ff/ipc/test_i047/test_i047.c
@@ -38,8 +38,8 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_get with invalid msg pointer\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i047/test_i047.h b/api-tests/ff/ipc/test_i047/test_i047.h
index db30d76..c8f2d52 100644
--- a/api-tests/ff/ipc/test_i047/test_i047.h
+++ b/api-tests/ff/ipc/test_i047/test_i047.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i047)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i047)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i047/test_supp_i047.c b/api-tests/ff/ipc/test_i047/test_supp_i047.c
index 82e43df..eeef031 100644
--- a/api-tests/ff/ipc/test_i047/test_supp_i047.c
+++ b/api-tests/ff/ipc/test_i047/test_supp_i047.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,6 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_signal_t signals = 0;
psa_msg_t *invalid_msg = NULL;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
/*
@@ -62,8 +61,8 @@
* VAL APIs to decide test status.
*/
- signals = psa->wait(SERVER_UNSPECIFED_MINOR_V_SIG, PSA_BLOCK);
- if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ signals = psa->wait(SERVER_UNSPECIFED_VERSION_SIGNAL, PSA_BLOCK);
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait returned with invalid signal value = 0x%x\n", signals);
@@ -79,22 +78,13 @@
* msg_pointer = NULL;
*/
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
- {
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
MEMORY_DRIVER_PARTITION_MMIO, 0),
(uint8_t **)&memory_desc,
(uint32_t *)sizeof(memory_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
return status;
}
@@ -110,7 +100,7 @@
}
/* psa_get with invalid msg pointer, call should panic */
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, invalid_msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, invalid_msg);
/* shouldn't have reached here */
val->print(PRINT_ERROR,
diff --git a/api-tests/ff/ipc/test_i048/test_i048.c b/api-tests/ff/ipc/test_i048/test_i048.c
index 13f6d79..d55611a 100644
--- a/api-tests/ff/ipc/test_i048/test_i048.c
+++ b/api-tests/ff/ipc/test_i048/test_i048.c
@@ -37,7 +37,6 @@
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
psa_invec *invalid_invec = NULL;
@@ -66,9 +65,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -102,18 +100,7 @@
invalid_invec = (psa_invec *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_invec = (psa_invec *) memory_desc->start;
}
@@ -126,7 +113,7 @@
}
/* Test check- psa_call with invalid address for in_vec */
- status_of_call = psa->call(handle, invalid_invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invalid_invec, 1, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i048/test_i048.h b/api-tests/ff/ipc/test_i048/test_i048.h
index 05101e2..b614ac5 100644
--- a/api-tests/ff/ipc/test_i048/test_i048.h
+++ b/api-tests/ff/ipc/test_i048/test_i048.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i048)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i048)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i048/test_supp_i048.c b/api-tests/ff/ipc/test_i048/test_supp_i048.c
index 51b11da..167f2c3 100644
--- a/api-tests/ff/ipc/test_i048/test_supp_i048.c
+++ b/api-tests/ff/ipc/test_i048/test_supp_i048.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i049/test_i049.c b/api-tests/ff/ipc/test_i049/test_i049.c
index db4b1f8..590944d 100644
--- a/api-tests/ff/ipc/test_i049/test_i049.c
+++ b/api-tests/ff/ipc/test_i049/test_i049.c
@@ -37,7 +37,6 @@
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
psa_outvec *invalid_outvec = NULL;
@@ -66,9 +65,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -102,18 +100,7 @@
invalid_outvec = (psa_outvec *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_outvec = (psa_outvec *) memory_desc->start;
}
@@ -126,7 +113,7 @@
}
/* Test check- psa_call with invalid address for outvec */
- status_of_call = psa->call(handle, NULL, 0, invalid_outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, invalid_outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i049/test_i049.h b/api-tests/ff/ipc/test_i049/test_i049.h
index 90aa10b..9dcdbaf 100644
--- a/api-tests/ff/ipc/test_i049/test_i049.h
+++ b/api-tests/ff/ipc/test_i049/test_i049.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i049)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i049)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i049/test_supp_i049.c b/api-tests/ff/ipc/test_i049/test_supp_i049.c
index 23b52b8..0d62b78 100644
--- a/api-tests/ff/ipc/test_i049/test_supp_i049.c
+++ b/api-tests/ff/ipc/test_i049/test_supp_i049.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i050/test_i050.c b/api-tests/ff/ipc/test_i050/test_i050.c
index 46f09b5..6418b6e 100644
--- a/api-tests/ff/ipc/test_i050/test_i050.c
+++ b/api-tests/ff/ipc/test_i050/test_i050.c
@@ -37,7 +37,6 @@
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
addr_t *invalid_base = NULL;
@@ -66,9 +65,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -102,18 +100,7 @@
invalid_base = (addr_t *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_base = (addr_t *) memory_desc->start;
}
@@ -128,7 +115,7 @@
psa_invec invec[1] = {{invalid_base, sizeof(addr_t)}};
/* Test check- psa_call with invalid address for psa_invec.base */
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i050/test_i050.h b/api-tests/ff/ipc/test_i050/test_i050.h
index 0c3e111..c946db9 100644
--- a/api-tests/ff/ipc/test_i050/test_i050.h
+++ b/api-tests/ff/ipc/test_i050/test_i050.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i050)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i050)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i050/test_supp_i050.c b/api-tests/ff/ipc/test_i050/test_supp_i050.c
index 9c09445..cf8fb79 100644
--- a/api-tests/ff/ipc/test_i050/test_supp_i050.c
+++ b/api-tests/ff/ipc/test_i050/test_supp_i050.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i051/test_i051.c b/api-tests/ff/ipc/test_i051/test_i051.c
index 0183fc9..2c44181 100644
--- a/api-tests/ff/ipc/test_i051/test_i051.c
+++ b/api-tests/ff/ipc/test_i051/test_i051.c
@@ -37,7 +37,6 @@
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
addr_t *invalid_base = NULL;
@@ -66,9 +65,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -102,18 +100,7 @@
invalid_base = (addr_t *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_base = (addr_t *) memory_desc->start;
}
@@ -128,7 +115,7 @@
psa_outvec outvec[1] = {{invalid_base, sizeof(addr_t)}};
/* Test check- psa_call with invalid address for psa_outvec.base */
- status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i051/test_i051.h b/api-tests/ff/ipc/test_i051/test_i051.h
index 4f76c00..ecd1c22 100644
--- a/api-tests/ff/ipc/test_i051/test_i051.h
+++ b/api-tests/ff/ipc/test_i051/test_i051.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i051)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i051)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i051/test_supp_i051.c b/api-tests/ff/ipc/test_i051/test_supp_i051.c
index 0d3be0b..42cda89 100644
--- a/api-tests/ff/ipc/test_i051/test_supp_i051.c
+++ b/api-tests/ff/ipc/test_i051/test_supp_i051.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i052/test_entry_i052.c b/api-tests/ff/ipc/test_i052/test_entry_i052.c
index ddbc149..bf642a4 100644
--- a/api-tests/ff/ipc/test_i052/test_entry_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_entry_i052.c
@@ -28,7 +28,6 @@
void test_entry(val_api_t *val_api, psa_api_t *psa_api)
{
int32_t status = VAL_STATUS_SUCCESS;
- miscellaneous_desc_t *misc_desc;
val = val_api;
psa = psa_api;
@@ -47,16 +46,7 @@
goto test_exit;
}
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (VAL_ERROR(status))
- {
- goto test_exit;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
/* Switch to secure side (client_partition.c) and execute list of tests available in
test[num]_client_tests_list from Secure side */
diff --git a/api-tests/ff/ipc/test_i052/test_i052.c b/api-tests/ff/ipc/test_i052/test_i052.c
index f90a48f..724ecd3 100644
--- a/api-tests/ff/ipc/test_i052/test_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_i052.c
@@ -67,9 +67,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -126,7 +125,7 @@
psa_invec invec[1] = {{valid_base, invalid_size}};
/* Test check- psa_call with invalid end_addr for psa_invec */
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i052/test_i052.h b/api-tests/ff/ipc/test_i052/test_i052.h
index 32edabc..4b53371 100644
--- a/api-tests/ff/ipc/test_i052/test_i052.h
+++ b/api-tests/ff/ipc/test_i052/test_i052.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i052)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i052)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i052/test_supp_i052.c b/api-tests/ff/ipc/test_i052/test_supp_i052.c
index 31bc32b..760ec0c 100644
--- a/api-tests/ff/ipc/test_i052/test_supp_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_supp_i052.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i053/test_entry_i053.c b/api-tests/ff/ipc/test_i053/test_entry_i053.c
index 014dfaf..0cfea2b 100644
--- a/api-tests/ff/ipc/test_i053/test_entry_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_entry_i053.c
@@ -28,7 +28,6 @@
void test_entry(val_api_t *val_api, psa_api_t *psa_api)
{
int32_t status = VAL_STATUS_SUCCESS;
- miscellaneous_desc_t *misc_desc;
val = val_api;
psa = psa_api;
@@ -47,16 +46,7 @@
goto test_exit;
}
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (VAL_ERROR(status))
- {
- goto test_exit;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
/* Switch to secure side (client_partition.c) and execute list of tests available in
test[num]_client_tests_list from Secure side */
diff --git a/api-tests/ff/ipc/test_i053/test_i053.c b/api-tests/ff/ipc/test_i053/test_i053.c
index 025f5cd..f08febc 100644
--- a/api-tests/ff/ipc/test_i053/test_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_i053.c
@@ -67,9 +67,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -126,7 +125,7 @@
psa_outvec outvec[1] = {{valid_base, invalid_size}};
/* Test check- psa_call with invalid end_addr for psa_outvec */
- status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
diff --git a/api-tests/ff/ipc/test_i053/test_i053.h b/api-tests/ff/ipc/test_i053/test_i053.h
index d1780df..8efc2ed 100644
--- a/api-tests/ff/ipc/test_i053/test_i053.h
+++ b/api-tests/ff/ipc/test_i053/test_i053.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i053)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i053)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i053/test_supp_i053.c b/api-tests/ff/ipc/test_i053/test_supp_i053.c
index 649e3c2..984ef25 100644
--- a/api-tests/ff/ipc/test_i053/test_supp_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_supp_i053.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i054/test_i054.c b/api-tests/ff/ipc/test_i054/test_i054.c
index 8f6f25f..8c7caee 100644
--- a/api-tests/ff/ipc/test_i054/test_i054.c
+++ b/api-tests/ff/ipc/test_i054/test_i054.c
@@ -61,8 +61,8 @@
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -79,7 +79,7 @@
psa_outvec outvec[1] = {{&client_test_psa_call_with_not_writable_outvec_base, sizeof(char)}};
/* Test check- psa_call with not writable psa_outvec.base, call should panic */
- psa->call(handle, NULL, 0, outvec, 1);
+ psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i054/test_i054.h b/api-tests/ff/ipc/test_i054/test_i054.h
index 74d4f46..4850726 100644
--- a/api-tests/ff/ipc/test_i054/test_i054.h
+++ b/api-tests/ff/ipc/test_i054/test_i054.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i054)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i054)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i054/test_supp_i054.c b/api-tests/ff/ipc/test_i054/test_supp_i054.c
index 7544257..ca8f4cc 100644
--- a/api-tests/ff/ipc/test_i054/test_supp_i054.c
+++ b/api-tests/ff/ipc/test_i054/test_supp_i054.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i055/test_i055.c b/api-tests/ff/ipc/test_i055/test_i055.c
index c5d72a7..16582f5 100644
--- a/api-tests/ff/ipc/test_i055/test_i055.c
+++ b/api-tests/ff/ipc/test_i055/test_i055.c
@@ -41,15 +41,15 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invalid buffer addr\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
psa_invec invec[1] = {{&data, sizeof(data)}};
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i055/test_i055.h b/api-tests/ff/ipc/test_i055/test_i055.h
index 0bbd7d4..0f949a0 100644
--- a/api-tests/ff/ipc/test_i055/test_i055.h
+++ b/api-tests/ff/ipc/test_i055/test_i055.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i055)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i055)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i055/test_supp_i055.c b/api-tests/ff/ipc/test_i055/test_supp_i055.c
index 2486795..12439d7 100644
--- a/api-tests/ff/ipc/test_i055/test_supp_i055.c
+++ b/api-tests/ff/ipc/test_i055/test_supp_i055.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,6 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
void *buffer = NULL;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
/*
@@ -61,14 +60,13 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
-
/*
* Selection of invalid buffer addr:
*
@@ -78,23 +76,13 @@
* buffer = NULL;
*/
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
- {
- psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
MEMORY_DRIVER_PARTITION_MMIO, 0),
(uint8_t **)&memory_desc,
(uint32_t *)sizeof(memory_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
@@ -107,8 +95,8 @@
psa->reply(msg.handle, PSA_SUCCESS);
/* Serve psa_call */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
}
@@ -116,7 +104,7 @@
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(205), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
psa->reply(msg.handle, -3);
@@ -141,8 +129,8 @@
}
}
- val->err_check_set(TEST_CHECKPOINT_NUM(206), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i056/test_i056.c b/api-tests/ff/ipc/test_i056/test_i056.c
index 2b1bee3..f0697bc 100644
--- a/api-tests/ff/ipc/test_i056/test_i056.c
+++ b/api-tests/ff/ipc/test_i056/test_i056.c
@@ -41,15 +41,15 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invalid buffer addr\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
psa_invec invec[1] = {{&data, sizeof(data)}};
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i056/test_i056.h b/api-tests/ff/ipc/test_i056/test_i056.h
index f93524e..1c2dcfe 100644
--- a/api-tests/ff/ipc/test_i056/test_i056.h
+++ b/api-tests/ff/ipc/test_i056/test_i056.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i056)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i056)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i056/test_supp_i056.c b/api-tests/ff/ipc/test_i056/test_supp_i056.c
index 3a86310..655d62a 100644
--- a/api-tests/ff/ipc/test_i056/test_supp_i056.c
+++ b/api-tests/ff/ipc/test_i056/test_supp_i056.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,7 +59,7 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -73,7 +73,7 @@
buffer = (void *) &server_test_psa_read_with_not_writable_buffer_addr;
/* Serve psa_call */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -109,7 +109,7 @@
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i057/test_i057.c b/api-tests/ff/ipc/test_i057/test_i057.c
index ca43cb9..2995393 100644
--- a/api-tests/ff/ipc/test_i057/test_i057.c
+++ b/api-tests/ff/ipc/test_i057/test_i057.c
@@ -41,15 +41,15 @@
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invalid buffer addr\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
psa_outvec outvec[1] = {{&data, sizeof(data)}};
- status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i057/test_i057.h b/api-tests/ff/ipc/test_i057/test_i057.h
index de59b55..8fa8a1d 100644
--- a/api-tests/ff/ipc/test_i057/test_i057.h
+++ b/api-tests/ff/ipc/test_i057/test_i057.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i057)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i057)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i057/test_supp_i057.c b/api-tests/ff/ipc/test_i057/test_supp_i057.c
index 2b0510e..e6ad366 100644
--- a/api-tests/ff/ipc/test_i057/test_supp_i057.c
+++ b/api-tests/ff/ipc/test_i057/test_supp_i057.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,6 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
void *buffer = NULL;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
/*
@@ -61,14 +60,13 @@
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
-
/*
* Selection of invalid buffer addr:
*
@@ -78,23 +76,13 @@
* buffer = NULL;
*/
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
- {
- psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
MEMORY_DRIVER_PARTITION_MMIO, 0),
(uint8_t **)&memory_desc,
(uint32_t *)sizeof(memory_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
@@ -107,8 +95,8 @@
psa->reply(msg.handle, PSA_SUCCESS);
/* Server psa_call */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
}
@@ -116,7 +104,7 @@
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(205), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
psa->reply(msg.handle, -3);
@@ -141,8 +129,8 @@
}
}
- val->err_check_set(TEST_CHECKPOINT_NUM(206), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i058/test_i058.c b/api-tests/ff/ipc/test_i058/test_i058.c
index a9a242e..b1fc4fc 100644
--- a/api-tests/ff/ipc/test_i058/test_i058.c
+++ b/api-tests/ff/ipc/test_i058/test_i058.c
@@ -42,8 +42,8 @@
val->print(PRINT_TEST,
"[Check 1] Test PSA_DOORBELL signal\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i058/test_i058.h b/api-tests/ff/ipc/test_i058/test_i058.h
index e08e5ae..180a5cc 100644
--- a/api-tests/ff/ipc/test_i058/test_i058.h
+++ b/api-tests/ff/ipc/test_i058/test_i058.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i058)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i058)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i058/test_supp_i058.c b/api-tests/ff/ipc/test_i058/test_supp_i058.c
index 9a01ef7..72b1bf9 100644
--- a/api-tests/ff/ipc/test_i058/test_supp_i058.c
+++ b/api-tests/ff/ipc/test_i058/test_supp_i058.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@
psa_msg_t msg = {0};
/* Serve psa_connect */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -59,7 +59,7 @@
}
/* Serve psa_close */
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
val->err_check_set(TEST_CHECKPOINT_NUM(202), status);
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i059/test_i059.h b/api-tests/ff/ipc/test_i059/test_i059.h
index 0fc6fdd..a56dd8b 100644
--- a/api-tests/ff/ipc/test_i059/test_i059.h
+++ b/api-tests/ff/ipc/test_i059/test_i059.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i059)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i059)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i059/test_supp_i059.c b/api-tests/ff/ipc/test_i059/test_supp_i059.c
index ed08784..ef0b67a 100644
--- a/api-tests/ff/ipc/test_i059/test_supp_i059.c
+++ b/api-tests/ff/ipc/test_i059/test_supp_i059.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i060/test_i060.h b/api-tests/ff/ipc/test_i060/test_i060.h
index f9813ed..0cdc2be 100644
--- a/api-tests/ff/ipc/test_i060/test_i060.h
+++ b/api-tests/ff/ipc/test_i060/test_i060.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i060)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i060)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i060/test_supp_i060.c b/api-tests/ff/ipc/test_i060/test_supp_i060.c
index 05b3b7f..79d0a16 100644
--- a/api-tests/ff/ipc/test_i060/test_supp_i060.c
+++ b/api-tests/ff/ipc/test_i060/test_supp_i060.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i061/test_i061.h b/api-tests/ff/ipc/test_i061/test_i061.h
index efd59e5..3c3344c 100644
--- a/api-tests/ff/ipc/test_i061/test_i061.h
+++ b/api-tests/ff/ipc/test_i061/test_i061.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i061)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i061)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i061/test_supp_i061.c b/api-tests/ff/ipc/test_i061/test_supp_i061.c
index 1542114..8e78916 100644
--- a/api-tests/ff/ipc/test_i061/test_supp_i061.c
+++ b/api-tests/ff/ipc/test_i061/test_supp_i061.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i062/test_i062.h b/api-tests/ff/ipc/test_i062/test_i062.h
index 13555c7..ddd3cf3 100644
--- a/api-tests/ff/ipc/test_i062/test_i062.h
+++ b/api-tests/ff/ipc/test_i062/test_i062.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i062)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i062)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i062/test_supp_i062.c b/api-tests/ff/ipc/test_i062/test_supp_i062.c
index 30e2d5d..6cec537 100644
--- a/api-tests/ff/ipc/test_i062/test_supp_i062.c
+++ b/api-tests/ff/ipc/test_i062/test_supp_i062.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i063/test_i063.c b/api-tests/ff/ipc/test_i063/test_i063.c
index 1678877..579d5f6 100644
--- a/api-tests/ff/ipc/test_i063/test_i063.c
+++ b/api-tests/ff/ipc/test_i063/test_i063.c
@@ -37,7 +37,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_wait signal mask\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (handle != PSA_ERROR_CONNECTION_REFUSED)
{
@@ -45,7 +45,7 @@
return VAL_STATUS_INVALID_HANDLE;
}
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
if (handle != PSA_ERROR_CONNECTION_REFUSED)
{
diff --git a/api-tests/ff/ipc/test_i063/test_i063.h b/api-tests/ff/ipc/test_i063/test_i063.h
index 867f186..c5115a9 100644
--- a/api-tests/ff/ipc/test_i063/test_i063.h
+++ b/api-tests/ff/ipc/test_i063/test_i063.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i063)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i063)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i063/test_supp_i063.c b/api-tests/ff/ipc/test_i063/test_supp_i063.c
index d7555e9..ab7ccf3 100644
--- a/api-tests/ff/ipc/test_i063/test_supp_i063.c
+++ b/api-tests/ff/ipc/test_i063/test_supp_i063.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,7 @@
psa_signal_t signals = 0;
psa_msg_t msg = {0};
int loop_cnt = 2;
- psa_signal_t signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG);
+ psa_signal_t signal_mask = (SERVER_UNSPECIFED_VERSION_SIGNAL | SERVER_RELAX_VERSION_SIGNAL);
/* Debug print */
val->err_check_set(TEST_CHECKPOINT_NUM(211), VAL_STATUS_SUCCESS);
@@ -45,8 +45,8 @@
* Notify client partition to make SERVER_SECURE_CONNECT_ONLY_SID connection request.
* This connection request act as irritator to psa->wait(signal_mask) call and it is used
* to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait.
- * This means, during the following while loop, returned signal vaule should not be
- * SERVER_SECURE_CONNECT_ONLY_SIG as this signal is not part of signal_mask.
+ * This means, during the following while loop, returned signal value should not be
+ * SERVER_SECURE_CONNECT_ONLY_SIGNAL as this signal is not part of signal_mask.
*/
psa->notify(CLIENT_PARTITION);
@@ -56,8 +56,8 @@
/*
* Rule - Returned signals value must be subset signals indicated in the signal_mask.
- * This mean signal value should be either SERVER_UNSPECIFED_MINOR_V_SIG
- * or SERVER_RELAX_MINOR_VERSION_SIG.
+ * This mean signal value should be either SERVER_UNSPECIFED_VERSION_SIGNAL
+ * or SERVER_RELAX_VERSION_SIGNAL.
*/
if (((signals & signal_mask) == 0) &&
((signals | signal_mask) != signal_mask))
@@ -66,17 +66,17 @@
"psa_wait-1 returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
- else if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ else if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
loop_cnt--;
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
}
- else if (signals & SERVER_RELAX_MINOR_VERSION_SIG)
+ else if (signals & SERVER_RELAX_VERSION_SIGNAL)
{
- if (psa->get(SERVER_RELAX_MINOR_VERSION_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_RELAX_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
loop_cnt--;
@@ -92,15 +92,15 @@
* At the end, completes the starved connection
* request of SERVER_SECURE_CONNECT_ONLY_SID.
*/
- signals = psa->wait(SERVER_SECURE_CONNECT_ONLY_SIG, PSA_BLOCK);
- if ((signals & SERVER_SECURE_CONNECT_ONLY_SIG) == 0)
+ signals = psa->wait(SERVER_SECURE_CONNECT_ONLY_SIGNAL, PSA_BLOCK);
+ if ((signals & SERVER_SECURE_CONNECT_ONLY_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait-2 returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
- if (psa->get(SERVER_SECURE_CONNECT_ONLY_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_SECURE_CONNECT_ONLY_SIGNAL, &msg) != PSA_SUCCESS)
goto wait;
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i064/test_i064.c b/api-tests/ff/ipc/test_i064/test_i064.c
index 9f8cbee..05c4f79 100644
--- a/api-tests/ff/ipc/test_i064/test_i064.c
+++ b/api-tests/ff/ipc/test_i064/test_i064.c
@@ -38,7 +38,7 @@
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with non-interrupt signal\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -55,7 +55,7 @@
/* Execute driver function related to TEST_PSA_EOI_WITH_NON_INTR_SIGNAL */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- psa->call(handle, &invec, 1, NULL, 0);
+ psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
diff --git a/api-tests/ff/ipc/test_i064/test_i064.h b/api-tests/ff/ipc/test_i064/test_i064.h
index d26010e..d89997b 100644
--- a/api-tests/ff/ipc/test_i064/test_i064.h
+++ b/api-tests/ff/ipc/test_i064/test_i064.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i064)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i064)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i064/test_supp_i064.c b/api-tests/ff/ipc/test_i064/test_supp_i064.c
index 5c486a7..58d9638 100644
--- a/api-tests/ff/ipc/test_i064/test_supp_i064.c
+++ b/api-tests/ff/ipc/test_i064/test_supp_i064.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i065/test_i065.c b/api-tests/ff/ipc/test_i065/test_i065.c
index dbc492d..9fe7e9f 100644
--- a/api-tests/ff/ipc/test_i065/test_i065.c
+++ b/api-tests/ff/ipc/test_i065/test_i065.c
@@ -38,7 +38,7 @@
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with multiple signal\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -55,7 +55,7 @@
/* Execute driver function related to TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- psa->call(handle, &invec, 1, NULL, 0);
+ psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
diff --git a/api-tests/ff/ipc/test_i065/test_i065.h b/api-tests/ff/ipc/test_i065/test_i065.h
index 7ea2eb0..c1e1af9 100644
--- a/api-tests/ff/ipc/test_i065/test_i065.h
+++ b/api-tests/ff/ipc/test_i065/test_i065.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i065)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i065)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i065/test_supp_i065.c b/api-tests/ff/ipc/test_i065/test_supp_i065.c
index 5c1d8e0..1ae6f68 100644
--- a/api-tests/ff/ipc/test_i065/test_supp_i065.c
+++ b/api-tests/ff/ipc/test_i065/test_supp_i065.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i066/test_i066.c b/api-tests/ff/ipc/test_i066/test_i066.c
index cb0c1ce..af1797c 100644
--- a/api-tests/ff/ipc/test_i066/test_i066.c
+++ b/api-tests/ff/ipc/test_i066/test_i066.c
@@ -38,7 +38,7 @@
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with multiple signals\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -55,7 +55,7 @@
/* Execute driver function related to TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- psa->call(handle, &invec, 1, NULL, 0);
+ psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
diff --git a/api-tests/ff/ipc/test_i066/test_i066.h b/api-tests/ff/ipc/test_i066/test_i066.h
index ce908ae..fe246a0 100644
--- a/api-tests/ff/ipc/test_i066/test_i066.h
+++ b/api-tests/ff/ipc/test_i066/test_i066.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i066)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i066)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i066/test_supp_i066.c b/api-tests/ff/ipc/test_i066/test_supp_i066.c
index 9b64caa..357883b 100644
--- a/api-tests/ff/ipc/test_i066/test_supp_i066.c
+++ b/api-tests/ff/ipc/test_i066/test_supp_i066.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i067/test_i067.h b/api-tests/ff/ipc/test_i067/test_i067.h
index 8e40820..11e0bb6 100644
--- a/api-tests/ff/ipc/test_i067/test_i067.h
+++ b/api-tests/ff/ipc/test_i067/test_i067.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i067)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i067)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i067/test_supp_i067.c b/api-tests/ff/ipc/test_i067/test_supp_i067.c
index aa5a8bf..4202944 100644
--- a/api-tests/ff/ipc/test_i067/test_supp_i067.c
+++ b/api-tests/ff/ipc/test_i067/test_supp_i067.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i068/test_i068.c b/api-tests/ff/ipc/test_i068/test_i068.c
index b5038ce..61a59f8 100644
--- a/api-tests/ff/ipc/test_i068/test_i068.c
+++ b/api-tests/ff/ipc/test_i068/test_i068.c
@@ -61,9 +61,10 @@
/*
* Copy test_i068_dummy_func function code into data memory
- * Assuming function size to be 32 bytes max
+ * Assuming function size to be 16 bytes max.
+ * Remove thumb bit from address if exists.
*/
- copy_mem(&opcode, &test_i068_dummy_func, NO_OF_BYTES);
+ copy_mem(&opcode, (void *) ((uintptr_t)&test_i068_dummy_func & ~(uintptr_t)0x1), NO_OF_BYTES);
/* Point function pointer to data memory */
fptr = (fptr_t) opcode;
diff --git a/api-tests/ff/ipc/test_i068/test_i068.h b/api-tests/ff/ipc/test_i068/test_i068.h
index 4893548..f7ed66b 100644
--- a/api-tests/ff/ipc/test_i068/test_i068.h
+++ b/api-tests/ff/ipc/test_i068/test_i068.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i068)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i068)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i068/test_supp_i068.c b/api-tests/ff/ipc/test_i068/test_supp_i068.c
index 6fa87d3..ec58682 100644
--- a/api-tests/ff/ipc/test_i068/test_supp_i068.c
+++ b/api-tests/ff/ipc/test_i068/test_supp_i068.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i069/test_i069.h b/api-tests/ff/ipc/test_i069/test_i069.h
index 64d06b5..574f4d8 100644
--- a/api-tests/ff/ipc/test_i069/test_i069.h
+++ b/api-tests/ff/ipc/test_i069/test_i069.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i069)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i069)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i069/test_supp_i069.c b/api-tests/ff/ipc/test_i069/test_supp_i069.c
index 29a3ca1..5dd572c 100644
--- a/api-tests/ff/ipc/test_i069/test_supp_i069.c
+++ b/api-tests/ff/ipc/test_i069/test_supp_i069.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i070/test_i070.h b/api-tests/ff/ipc/test_i070/test_i070.h
index 5cc3046..9da1c68 100644
--- a/api-tests/ff/ipc/test_i070/test_i070.h
+++ b/api-tests/ff/ipc/test_i070/test_i070.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i070)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i070)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i070/test_supp_i070.c b/api-tests/ff/ipc/test_i070/test_supp_i070.c
index 51090fa..62f2e17 100644
--- a/api-tests/ff/ipc/test_i070/test_supp_i070.c
+++ b/api-tests/ff/ipc/test_i070/test_supp_i070.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i071/test_i071.h b/api-tests/ff/ipc/test_i071/test_i071.h
index a18001b..cb75dff 100644
--- a/api-tests/ff/ipc/test_i071/test_i071.h
+++ b/api-tests/ff/ipc/test_i071/test_i071.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i071)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i071)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i071/test_supp_i071.c b/api-tests/ff/ipc/test_i071/test_supp_i071.c
index 7ce17d8..b96ac47 100644
--- a/api-tests/ff/ipc/test_i071/test_supp_i071.c
+++ b/api-tests/ff/ipc/test_i071/test_supp_i071.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i072/test_i072.c b/api-tests/ff/ipc/test_i072/test_i072.c
index 41e2b1a..38fd78a 100644
--- a/api-tests/ff/ipc/test_i072/test_i072.c
+++ b/api-tests/ff/ipc/test_i072/test_i072.c
@@ -36,8 +36,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,12 +45,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -116,7 +118,7 @@
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i072/test_i072.h b/api-tests/ff/ipc/test_i072/test_i072.h
index 565aae7..48eb9b7 100644
--- a/api-tests/ff/ipc/test_i072/test_i072.h
+++ b/api-tests/ff/ipc/test_i072/test_i072.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i072)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i072)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i072/test_supp_i072.c b/api-tests/ff/ipc/test_i072/test_supp_i072.c
index 05cf918..704fb10 100644
--- a/api-tests/ff/ipc/test_i072/test_supp_i072.c
+++ b/api-tests/ff/ipc/test_i072/test_supp_i072.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,10 +40,11 @@
static int32_t send_secure_partition_address(void)
{
- int32_t status = VAL_STATUS_SUCCESS;
- psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ volatile uint32_t *addr = &g_test_i072;
+ psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -52,18 +53,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)&g_test_i072);
+
/* Send Application RoT data address - global variable */
- psa->write(msg.handle, 0, (void *)&g_test_i072, sizeof(g_test_i072));
+ psa->write(msg.handle, 0, (void *)&addr, sizeof(addr));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -87,7 +90,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i073/test_i073.c b/api-tests/ff/ipc/test_i073/test_i073.c
index 01a0a2a..8b8d8b6 100644
--- a/api-tests/ff/ipc/test_i073/test_i073.c
+++ b/api-tests/ff/ipc/test_i073/test_i073.c
@@ -36,8 +36,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,12 +45,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -116,7 +118,7 @@
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, 1)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i073/test_i073.h b/api-tests/ff/ipc/test_i073/test_i073.h
index 8cfdbe5..a2a4bb9 100644
--- a/api-tests/ff/ipc/test_i073/test_i073.h
+++ b/api-tests/ff/ipc/test_i073/test_i073.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i073)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i073)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i073/test_supp_i073.c b/api-tests/ff/ipc/test_i073/test_supp_i073.c
index 114b0a2..a18ec3b 100644
--- a/api-tests/ff/ipc/test_i073/test_supp_i073.c
+++ b/api-tests/ff/ipc/test_i073/test_supp_i073.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,7 +40,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -49,18 +49,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)stack);
+
/* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ psa->write(msg.handle, 0, (void *)&stack, sizeof(uint32_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -78,7 +80,7 @@
status = send_secure_partition_address(&l_test_i073);
/* Dummy print to avoid compiler optimisation on local variable */
- val->print(PRINT_INFO, "\tData value 0x%x\n", l_test_i073);
+ val->print(PRINT_INFO, "\tStack data 0x%x\n", l_test_i073);
return status;
}
@@ -94,7 +96,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i074/test_i074.c b/api-tests/ff/ipc/test_i074/test_i074.c
index 210ab6a..ce91843 100644
--- a/api-tests/ff/ipc/test_i074/test_i074.c
+++ b/api-tests/ff/ipc/test_i074/test_i074.c
@@ -41,8 +41,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, 1);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -50,12 +50,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, BUFFER_SIZE}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -121,7 +123,7 @@
*(uint8_t *)app_rot_addr = (uint8_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i074/test_i074.h b/api-tests/ff/ipc/test_i074/test_i074.h
index ad09a7f..2b47742 100644
--- a/api-tests/ff/ipc/test_i074/test_i074.h
+++ b/api-tests/ff/ipc/test_i074/test_i074.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i074)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i074)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i074/test_supp_i074.c b/api-tests/ff/ipc/test_i074/test_supp_i074.c
index ff79d34..3b72f32 100644
--- a/api-tests/ff/ipc/test_i074/test_supp_i074.c
+++ b/api-tests/ff/ipc/test_i074/test_supp_i074.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -47,7 +47,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -56,18 +56,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)heap);
+
/* Send Application RoT heap address */
- psa->write(msg.handle, 0, (void *)heap, sizeof(BUFFER_SIZE));
+ psa->write(msg.handle, 0, (void *)&heap, sizeof(BUFFER_SIZE));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -106,7 +108,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i075/test_i075.c b/api-tests/ff/ipc/test_i075/test_i075.c
index 2aed38a..84c1c23 100644
--- a/api-tests/ff/ipc/test_i075/test_i075.c
+++ b/api-tests/ff/ipc/test_i075/test_i075.c
@@ -38,8 +38,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -47,12 +47,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -118,7 +120,7 @@
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i075/test_i075.h b/api-tests/ff/ipc/test_i075/test_i075.h
index 5fcb624..a5a8188 100644
--- a/api-tests/ff/ipc/test_i075/test_i075.h
+++ b/api-tests/ff/ipc/test_i075/test_i075.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i075)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i075)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i075/test_supp_i075.c b/api-tests/ff/ipc/test_i075/test_supp_i075.c
index b98fffb..8c062a6 100644
--- a/api-tests/ff/ipc/test_i075/test_supp_i075.c
+++ b/api-tests/ff/ipc/test_i075/test_supp_i075.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -54,12 +54,12 @@
return VAL_STATUS_SUCCESS;
}
-static int32_t send_secure_partition_address(addr_t *stack)
+static int32_t send_secure_partition_address(addr_t *addr)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -68,18 +68,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
return status;
}
- /* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)*addr);
+
+ /* Send Application RoT mmio address */
+ psa->write(msg.handle, 0, (void *)addr, sizeof(uint32_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
return status;
@@ -97,6 +99,9 @@
if (VAL_ERROR(status))
return status;
+ /* Initialise mmio address */
+ *(uint32_t *)app_rot_addr = (uint32_t)DATA_VALUE;
+
return send_secure_partition_address(&app_rot_addr);
}
@@ -117,7 +122,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i076/test_i076.c b/api-tests/ff/ipc/test_i076/test_i076.c
index 765e502..94510de 100644
--- a/api-tests/ff/ipc/test_i076/test_i076.c
+++ b/api-tests/ff/ipc/test_i076/test_i076.c
@@ -38,8 +38,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_* */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i076/test_i076.h b/api-tests/ff/ipc/test_i076/test_i076.h
index 2114ac5..6ec51f9 100644
--- a/api-tests/ff/ipc/test_i076/test_i076.h
+++ b/api-tests/ff/ipc/test_i076/test_i076.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i076)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i076)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i076/test_supp_i076.c b/api-tests/ff/ipc/test_i076/test_supp_i076.c
index c32ec2f..eb87a0f 100644
--- a/api-tests/ff/ipc/test_i076/test_supp_i076.c
+++ b/api-tests/ff/ipc/test_i076/test_supp_i076.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i077/test_i077.c b/api-tests/ff/ipc/test_i077/test_i077.c
index 4cbad88..e714e80 100644
--- a/api-tests/ff/ipc/test_i077/test_i077.c
+++ b/api-tests/ff/ipc/test_i077/test_i077.c
@@ -38,8 +38,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i077/test_i077.h b/api-tests/ff/ipc/test_i077/test_i077.h
index 4a4133c..eb88d39 100644
--- a/api-tests/ff/ipc/test_i077/test_i077.h
+++ b/api-tests/ff/ipc/test_i077/test_i077.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i077)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i077)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i077/test_supp_i077.c b/api-tests/ff/ipc/test_i077/test_supp_i077.c
index 03a4217..112d7e4 100644
--- a/api-tests/ff/ipc/test_i077/test_supp_i077.c
+++ b/api-tests/ff/ipc/test_i077/test_supp_i077.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i078/test_i078.c b/api-tests/ff/ipc/test_i078/test_i078.c
index c600a9f..a708eeb 100644
--- a/api-tests/ff/ipc/test_i078/test_i078.c
+++ b/api-tests/ff/ipc/test_i078/test_i078.c
@@ -41,8 +41,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -51,7 +51,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -62,7 +62,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i078/test_i078.h b/api-tests/ff/ipc/test_i078/test_i078.h
index bc44b59..0613f10 100644
--- a/api-tests/ff/ipc/test_i078/test_i078.h
+++ b/api-tests/ff/ipc/test_i078/test_i078.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i078)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i078)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i078/test_supp_i078.c b/api-tests/ff/ipc/test_i078/test_supp_i078.c
index 0b5f67f..59297e3 100644
--- a/api-tests/ff/ipc/test_i078/test_supp_i078.c
+++ b/api-tests/ff/ipc/test_i078/test_supp_i078.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i079/test_i079.c b/api-tests/ff/ipc/test_i079/test_i079.c
index 323a548..9cbbd79 100644
--- a/api-tests/ff/ipc/test_i079/test_i079.c
+++ b/api-tests/ff/ipc/test_i079/test_i079.c
@@ -38,8 +38,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i079/test_i079.h b/api-tests/ff/ipc/test_i079/test_i079.h
index 507d0cb..99e2855 100644
--- a/api-tests/ff/ipc/test_i079/test_i079.h
+++ b/api-tests/ff/ipc/test_i079/test_i079.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i079)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i079)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i079/test_supp_i079.c b/api-tests/ff/ipc/test_i079/test_supp_i079.c
index 24a0f89..57e7057 100644
--- a/api-tests/ff/ipc/test_i079/test_supp_i079.c
+++ b/api-tests/ff/ipc/test_i079/test_supp_i079.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i080/test_i080.c b/api-tests/ff/ipc/test_i080/test_i080.c
index 4d4915c..ccafd64 100644
--- a/api-tests/ff/ipc/test_i080/test_i080.c
+++ b/api-tests/ff/ipc/test_i080/test_i080.c
@@ -38,8 +38,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_* */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i080/test_i080.h b/api-tests/ff/ipc/test_i080/test_i080.h
index d45c93c..a78d6cb 100644
--- a/api-tests/ff/ipc/test_i080/test_i080.h
+++ b/api-tests/ff/ipc/test_i080/test_i080.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i080)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i080)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i080/test_supp_i080.c b/api-tests/ff/ipc/test_i080/test_supp_i080.c
index cd02263..0b00be4 100644
--- a/api-tests/ff/ipc/test_i080/test_supp_i080.c
+++ b/api-tests/ff/ipc/test_i080/test_supp_i080.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i081/test_i081.c b/api-tests/ff/ipc/test_i081/test_i081.c
index 027f9ae..b1e4b9e 100644
--- a/api-tests/ff/ipc/test_i081/test_i081.c
+++ b/api-tests/ff/ipc/test_i081/test_i081.c
@@ -38,8 +38,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i081/test_i081.h b/api-tests/ff/ipc/test_i081/test_i081.h
index 6410d70..cafee8d 100644
--- a/api-tests/ff/ipc/test_i081/test_i081.h
+++ b/api-tests/ff/ipc/test_i081/test_i081.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i081)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i081)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i081/test_supp_i081.c b/api-tests/ff/ipc/test_i081/test_supp_i081.c
index 0f84416..474230a 100644
--- a/api-tests/ff/ipc/test_i081/test_supp_i081.c
+++ b/api-tests/ff/ipc/test_i081/test_supp_i081.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i082/test_i082.c b/api-tests/ff/ipc/test_i082/test_i082.c
index cb8a085..4180f94 100644
--- a/api-tests/ff/ipc/test_i082/test_i082.c
+++ b/api-tests/ff/ipc/test_i082/test_i082.c
@@ -41,8 +41,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -51,7 +51,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -62,7 +62,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i082/test_i082.h b/api-tests/ff/ipc/test_i082/test_i082.h
index 57c13ab..37d1af5 100644
--- a/api-tests/ff/ipc/test_i082/test_i082.h
+++ b/api-tests/ff/ipc/test_i082/test_i082.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i082)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i082)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i082/test_supp_i082.c b/api-tests/ff/ipc/test_i082/test_supp_i082.c
index 20a5b7a..1095b5c 100644
--- a/api-tests/ff/ipc/test_i082/test_supp_i082.c
+++ b/api-tests/ff/ipc/test_i082/test_supp_i082.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i083/test_i083.c b/api-tests/ff/ipc/test_i083/test_i083.c
index dd85cab..3e95c8e 100644
--- a/api-tests/ff/ipc/test_i083/test_i083.c
+++ b/api-tests/ff/ipc/test_i083/test_i083.c
@@ -38,8 +38,8 @@
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i083/test_i083.h b/api-tests/ff/ipc/test_i083/test_i083.h
index 8f584f7..fffd86e 100644
--- a/api-tests/ff/ipc/test_i083/test_i083.h
+++ b/api-tests/ff/ipc/test_i083/test_i083.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i083)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i083)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i083/test_supp_i083.c b/api-tests/ff/ipc/test_i083/test_supp_i083.c
index e7bf8f5..893c291 100644
--- a/api-tests/ff/ipc/test_i083/test_supp_i083.c
+++ b/api-tests/ff/ipc/test_i083/test_supp_i083.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i084/test_i084.c b/api-tests/ff/ipc/test_i084/test_i084.c
index e21acd2..639a8ab 100644
--- a/api-tests/ff/ipc/test_i084/test_i084.c
+++ b/api-tests/ff/ipc/test_i084/test_i084.c
@@ -36,8 +36,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,12 +45,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -116,7 +118,7 @@
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i084/test_i084.h b/api-tests/ff/ipc/test_i084/test_i084.h
index ed1150f..0465a4b 100644
--- a/api-tests/ff/ipc/test_i084/test_i084.h
+++ b/api-tests/ff/ipc/test_i084/test_i084.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i084)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i084)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i084/test_supp_i084.c b/api-tests/ff/ipc/test_i084/test_supp_i084.c
index 3c663d3..87aecf0 100644
--- a/api-tests/ff/ipc/test_i084/test_supp_i084.c
+++ b/api-tests/ff/ipc/test_i084/test_supp_i084.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,10 +40,11 @@
static int32_t send_secure_partition_address(void)
{
- int32_t status = VAL_STATUS_SUCCESS;
- psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ volatile uint32_t *addr = &g_test_i084;
+ psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -52,18 +53,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)&g_test_i084);
+
/* Send Application RoT data address - global variable */
- psa->write(msg.handle, 0, (void *)&g_test_i084, sizeof(g_test_i084));
+ psa->write(msg.handle, 0, (void *)&addr, sizeof(addr));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -87,7 +90,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i085/test_i085.c b/api-tests/ff/ipc/test_i085/test_i085.c
index f389f00..07eb2ec 100644
--- a/api-tests/ff/ipc/test_i085/test_i085.c
+++ b/api-tests/ff/ipc/test_i085/test_i085.c
@@ -36,8 +36,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,12 +45,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -116,7 +118,7 @@
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i085/test_i085.h b/api-tests/ff/ipc/test_i085/test_i085.h
index 2679593..03d295b 100644
--- a/api-tests/ff/ipc/test_i085/test_i085.h
+++ b/api-tests/ff/ipc/test_i085/test_i085.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i085)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i085)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i085/test_supp_i085.c b/api-tests/ff/ipc/test_i085/test_supp_i085.c
index 9922716..607a415 100644
--- a/api-tests/ff/ipc/test_i085/test_supp_i085.c
+++ b/api-tests/ff/ipc/test_i085/test_supp_i085.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,7 +40,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -49,18 +49,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)stack);
+
/* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ psa->write(msg.handle, 0, (void *)&stack, sizeof(addr_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -94,7 +96,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i086/test_i086.c b/api-tests/ff/ipc/test_i086/test_i086.c
index 605adb1..0be11be 100644
--- a/api-tests/ff/ipc/test_i086/test_i086.c
+++ b/api-tests/ff/ipc/test_i086/test_i086.c
@@ -41,8 +41,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -50,12 +50,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, BUFFER_SIZE}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -121,7 +123,7 @@
*(uint8_t *)app_rot_addr = (uint8_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i086/test_i086.h b/api-tests/ff/ipc/test_i086/test_i086.h
index 2f729e6..794d5a1 100644
--- a/api-tests/ff/ipc/test_i086/test_i086.h
+++ b/api-tests/ff/ipc/test_i086/test_i086.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i086)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i086)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i086/test_supp_i086.c b/api-tests/ff/ipc/test_i086/test_supp_i086.c
index 946273e..efff3ad 100644
--- a/api-tests/ff/ipc/test_i086/test_supp_i086.c
+++ b/api-tests/ff/ipc/test_i086/test_supp_i086.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -47,7 +47,7 @@
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -56,18 +56,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)heap);
+
/* Send Application RoT heap address */
- psa->write(msg.handle, 0, (void *)heap, sizeof(BUFFER_SIZE));
+ psa->write(msg.handle, 0, (void *)&heap, sizeof(BUFFER_SIZE));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -106,7 +108,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i087/test_i087.c b/api-tests/ff/ipc/test_i087/test_i087.c
index 6514fab..f5ce74c 100644
--- a/api-tests/ff/ipc/test_i087/test_i087.c
+++ b/api-tests/ff/ipc/test_i087/test_i087.c
@@ -38,8 +38,8 @@
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -47,12 +47,14 @@
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
@@ -118,7 +120,7 @@
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i087/test_i087.h b/api-tests/ff/ipc/test_i087/test_i087.h
index 7cf6a82..abfd6db 100644
--- a/api-tests/ff/ipc/test_i087/test_i087.h
+++ b/api-tests/ff/ipc/test_i087/test_i087.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i087)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i087)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_i087/test_supp_i087.c b/api-tests/ff/ipc/test_i087/test_supp_i087.c
index b59fb97..b1bee74 100644
--- a/api-tests/ff/ipc/test_i087/test_supp_i087.c
+++ b/api-tests/ff/ipc/test_i087/test_supp_i087.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -54,12 +54,12 @@
return VAL_STATUS_SUCCESS;
}
-static int32_t send_secure_partition_address(addr_t *stack)
+static int32_t send_secure_partition_address(addr_t *addr)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -68,18 +68,20 @@
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
return status;
}
- /* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)*addr);
+
+ /* Send Application RoT mmio address */
+ psa->write(msg.handle, 0, (void *)addr, sizeof(addr_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
return status;
@@ -117,7 +119,7 @@
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i089/test.cmake b/api-tests/ff/ipc/test_i089/test.cmake
new file mode 100644
index 0000000..ef76d06
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i089.c
+ test_i089.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i089.c
+ test_supp_i089.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i089/test_entry_i089.c b/api-tests/ff/ipc/test_i089/test_entry_i089.c
new file mode 100644
index 0000000..c50113b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_entry_i089.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i089.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 89)
+#define TEST_DESC "Testing psa_panic API\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i089_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i089/test_i089.c b/api-tests/ff/ipc/test_i089/test_i089.c
new file mode 100644
index 0000000..28987ef
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_i089.c
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+#endif
+
+#include "test_i089.h"
+
+client_test_t test_i089_client_tests_list[] = {
+ NULL,
+ client_test_psa_panic,
+ NULL,
+};
+
+int32_t client_test_psa_panic(caller_security_t caller)
+{
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i089/test_i089.h b/api-tests/ff/ipc/test_i089/test_i089.h
new file mode 100644
index 0000000..b0bbec3
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_i089.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I089_CLIENT_TESTS_H_
+#define _TEST_I089_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i089)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i089_client_tests_list[];
+
+int32_t client_test_psa_panic(caller_security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i089/test_supp_i089.c b/api-tests/ff/ipc/test_i089/test_supp_i089.c
new file mode 100644
index 0000000..189a736
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_supp_i089.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+
+#define val CONCAT(val,_server_sp)
+#define psa CONCAT(psa,_server_sp)
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+int32_t server_test_psa_panic(void);
+
+server_test_t test_i089_server_tests_list[] = {
+ NULL,
+ server_test_psa_panic,
+ NULL,
+};
+
+int32_t server_test_psa_panic(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_panic API\n", 0);
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return status;
+ }
+
+ /* Call to psa_panic shouldn't return */
+ psa->panic();
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val->err_check_set(TEST_CHECKPOINT_NUM(203), status);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i090/test.cmake b/api-tests/ff/ipc/test_i090/test.cmake
new file mode 100644
index 0000000..7ea50b6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i090.c
+ test_i090.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i090.c
+ test_supp_i090.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i090/test_entry_i090.c b/api-tests/ff/ipc/test_i090/test_entry_i090.c
new file mode 100644
index 0000000..4d45698
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_entry_i090.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i090.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 90)
+#define TEST_DESC "Testing psa_call with negative type\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i090_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i090/test_i090.c b/api-tests/ff/ipc/test_i090/test_i090.c
new file mode 100644
index 0000000..8d70be3
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_i090.c
@@ -0,0 +1,108 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+#endif
+
+#include "test_i090.h"
+
+client_test_t test_i090_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_neg_type,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_neg_type(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with negative type\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with negative type */
+ status_of_call = psa->call(handle, -1, NULL, 0, NULL, 0);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ psa->close(handle);
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i090/test_i090.h b/api-tests/ff/ipc/test_i090/test_i090.h
new file mode 100644
index 0000000..8ba9147
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_i090.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I090_CLIENT_TESTS_H_
+#define _TEST_I090_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i090)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i090_client_tests_list[];
+
+int32_t client_test_psa_call_with_neg_type(caller_security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i090/test_supp_i090.c b/api-tests/ff/ipc/test_i090/test_supp_i090.c
new file mode 100644
index 0000000..438bfee
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_supp_i090.c
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+
+#define val CONCAT(val,_server_sp)
+#define psa CONCAT(psa,_server_sp)
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+int32_t server_test_psa_call_with_neg_type();
+
+server_test_t test_i090_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_neg_type,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_neg_type()
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
+ {
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_DISCONNECT)
+ {
+ psa->reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ psa->reply(msg.handle, PSA_SUCCESS);
+ }
+ }
+ else
+ {
+ val->print(PRINT_ERROR, "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_ERROR;
+}
diff --git a/api-tests/ff/ipc/test_l088/test_l088.h b/api-tests/ff/ipc/test_l088/test_l088.h
index 618d613..fe916aa 100644
--- a/api-tests/ff/ipc/test_l088/test_l088.h
+++ b/api-tests/ff/ipc/test_l088/test_l088.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,l088)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, l088)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
diff --git a/api-tests/ff/ipc/test_l088/test_supp_l088.c b/api-tests/ff/ipc/test_l088/test_supp_l088.c
index 1ca9fe6..7510003 100644
--- a/api-tests/ff/ipc/test_l088/test_supp_l088.c
+++ b/api-tests/ff/ipc/test_l088/test_supp_l088.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/testsuite.db b/api-tests/ff/ipc/testsuite.db
index f8a3013..72216ed 100644
--- a/api-tests/ff/ipc/testsuite.db
+++ b/api-tests/ff/ipc/testsuite.db
@@ -108,5 +108,7 @@
test_i086, panic_test
test_i087, panic_test
test_l088
+test_i089, panic_test
+test_i090, panic_test
(END)
diff --git a/api-tests/ff/partition/common/driver_partition.c b/api-tests/ff/partition/common/driver_partition.c
index 1dff45b..549b5c4 100644
--- a/api-tests/ff/partition/common/driver_partition.c
+++ b/api-tests/ff/partition/common/driver_partition.c
@@ -58,9 +58,9 @@
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
/* Service Print functionality */
- if (signals & DRIVER_UART_SIG)
+ if (signals & DRIVER_UART_SIGNAL)
{
- psa_get(DRIVER_UART_SIG, &msg);
+ psa_get(DRIVER_UART_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CONNECT:
@@ -109,9 +109,9 @@
}
/* Service Watchdog functionality */
- else if (signals & DRIVER_WATCHDOG_SIG)
+ else if (signals & DRIVER_WATCHDOG_SIGNAL)
{
- psa_get(DRIVER_WATCHDOG_SIG, &msg);
+ psa_get(DRIVER_WATCHDOG_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CALL:
@@ -162,9 +162,9 @@
}
/* Service NVMEM functionality */
- else if (signals & DRIVER_NVMEM_SIG)
+ else if (signals & DRIVER_NVMEM_SIGNAL)
{
- psa_get(DRIVER_NVMEM_SIG, &msg);
+ psa_get(DRIVER_NVMEM_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CALL:
@@ -221,9 +221,9 @@
}
}
/* SID reserved for Driver test functions */
- else if (signals & DRIVER_TEST_SIG)
+ else if (signals & DRIVER_TEST_SIGNAL)
{
- psa_get(DRIVER_TEST_SIG, &msg);
+ psa_get(DRIVER_TEST_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CALL:
@@ -381,7 +381,7 @@
}
/* psa_eoi should panic as irq_signal is provided with multiple signals */
- psa_eoi(DRIVER_UART_INTR_SIG|DRIVER_TEST_SIG);
+ psa_eoi(DRIVER_UART_INTR_SIG|DRIVER_TEST_SIGNAL);
/* Control shouldn't have reached here */
val_print_sf("\tCheck for psa_eoi(multiple_signals) failed\n", 0);
@@ -404,7 +404,7 @@
val_generate_interrupt();
/* Wait for DRIVER_UART_INTR_SIG signal */
- signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
+ signals = psa_wait(DRIVER_UART_INTR_SIG, PSA_BLOCK);
if (signals & DRIVER_UART_INTR_SIG)
{
@@ -453,9 +453,9 @@
goto wait;
}
- if ((msg->type != PSA_IPC_CALL) || (msg->handle <= 0))
+ if ((msg->type < PSA_IPC_CALL) || (msg->handle <= 0))
{
- val_print_sf("\tpsa_get failed for PSA_IPC_CALL\n", 0);
+ val_print_sf("\tpsa_get failed for request message\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -473,15 +473,19 @@
void driver_test_isolation_psa_rot_data_rd(psa_msg_t *msg)
{
+ uint32_t *addr = &g_psa_rot_data;
+
/* Send PSA RoT data address - global variable */
- psa_write(msg->handle, 0, (void *) &g_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
psa_reply(msg->handle, PSA_SUCCESS);
}
void driver_test_isolation_psa_rot_data_wr(psa_msg_t *msg)
{
+ uint32_t *addr = &g_psa_rot_data;
+
/* Send PSA RoT data address - global variable */
- psa_write(msg->handle, 0, (void *) &g_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
/* Setting boot.state before test check */
if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_S))
@@ -492,7 +496,7 @@
psa_reply(msg->handle, PSA_SUCCESS);
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
@@ -521,21 +525,23 @@
void driver_test_isolation_psa_rot_stack_rd(psa_msg_t *msg)
{
uint32_t l_psa_rot_data = DATA_VALUE;
+ uint32_t *addr = &l_psa_rot_data;
/* Send PSA RoT stack address - local variable */
- psa_write(msg->handle, 0, (void *) &l_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
psa_reply(msg->handle, PSA_SUCCESS);
/* Dummy print to avoid compiler optimisation on local variable */
- val_print_sf("\tl_psa_rot_data value 0x%x\n", l_psa_rot_data);
+ val_print_sf("\tStack data 0x%x\n", (int)l_psa_rot_data);
}
void driver_test_isolation_psa_rot_stack_wr(psa_msg_t *msg)
{
uint32_t l_psa_rot_data = DATA_VALUE;
+ uint32_t *addr = &l_psa_rot_data;
/* Send PSA RoT stack address - local variable */
- psa_write(msg->handle, 0, (void *) &l_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
/* Setting boot.state before test check */
if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_S))
@@ -546,7 +552,7 @@
psa_reply(msg->handle, PSA_SUCCESS);
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
@@ -581,7 +587,7 @@
memset((uint8_t *)buffer, (uint8_t)DATA_VALUE, BUFFER_SIZE);
/* Send PSA RoT heap address */
- psa_write(msg->handle, 0, (void *) buffer, BUFFER_SIZE);
+ psa_write(msg->handle, 0, (void *) &buffer, BUFFER_SIZE);
psa_reply(msg->handle, PSA_SUCCESS);
free(buffer);
#endif
@@ -596,7 +602,7 @@
memset((uint8_t *)buffer, (uint8_t)DATA_VALUE, BUFFER_SIZE);
/* Send PSA RoT heap address */
- psa_write(msg->handle, 0, (void *) buffer, BUFFER_SIZE);
+ psa_write(msg->handle, 0, (void *) &buffer, BUFFER_SIZE);
psa_reply(msg->handle, PSA_SUCCESS);
/* Setting boot.state before test check */
@@ -607,7 +613,7 @@
}
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
@@ -662,8 +668,8 @@
}
/* Send PSA RoT mmio address */
- memset((uint8_t *)&psa_rot_mmio_addr, (uint8_t)DATA_VALUE, sizeof(uint32_t));
- psa_write(msg->handle, 0, (void *) &psa_rot_mmio_addr, sizeof(uint32_t));
+ memset((uint8_t *)&psa_rot_mmio_addr, (uint8_t)DATA_VALUE, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &psa_rot_mmio_addr, sizeof(addr_t));
psa_reply(msg->handle, PSA_SUCCESS);
/* Setting boot.state before test check */
@@ -674,7 +680,7 @@
}
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
diff --git a/api-tests/ff/partition/ipc/client_partition.c b/api-tests/ff/partition/ipc/client_partition.c
index 7be5a6c..7ecea52 100644
--- a/api-tests/ff/partition/ipc/client_partition.c
+++ b/api-tests/ff/partition/ipc/client_partition.c
@@ -32,9 +32,9 @@
status = VAL_STATUS_SUCCESS;
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & CLIENT_TEST_DISPATCHER_SIG)
+ if (signals & CLIENT_TEST_DISPATCHER_SIGNAL)
{
- psa_get(CLIENT_TEST_DISPATCHER_SIG, &msg);
+ psa_get(CLIENT_TEST_DISPATCHER_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CONNECT:
@@ -97,7 +97,8 @@
/* Server_partition requests client to connect to SERVER_SECURE_CONNECT_ONLY_SID */
else if (signals & PSA_DOORBELL)
{
- if (psa_connect(SERVER_SECURE_CONNECT_ONLY_SID, 2) != PSA_ERROR_CONNECTION_REFUSED)
+ if (psa_connect(SERVER_SECURE_CONNECT_ONLY_SID, SERVER_SECURE_CONNECT_ONLY_VERSION)
+ != PSA_ERROR_CONNECTION_REFUSED)
{
val_print(PRINT_ERROR, "psa_connect failed \n", 0);
}
diff --git a/api-tests/ff/partition/ipc/server_partition.c b/api-tests/ff/partition/ipc/server_partition.c
index de0e7a4..94d5504 100644
--- a/api-tests/ff/partition/ipc/server_partition.c
+++ b/api-tests/ff/partition/ipc/server_partition.c
@@ -34,9 +34,9 @@
status = VAL_STATUS_SUCCESS;
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_TEST_DISPATCHER_SIG)
+ if (signals & SERVER_TEST_DISPATCHER_SIGNAL)
{
- psa_get(SERVER_TEST_DISPATCHER_SIG, &msg);
+ psa_get(SERVER_TEST_DISPATCHER_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CONNECT:
diff --git a/api-tests/platform/drivers/uart/cmsdk/pal_uart.c b/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
index 3964371..d31ffa3 100644
--- a/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
+++ b/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
@@ -68,7 +68,7 @@
void pal_cmsdk_print(char *str, int32_t data)
{
int8_t j, buffer[16];
- int8_t i = 0, is_neg = 0, k = sizeof(data);
+ int8_t i = 0, is_neg = 0, k = 2 * sizeof(data);
for (; *str != '\0'; ++str)
{
diff --git a/api-tests/platform/drivers/uart/pl011/pal_uart.c b/api-tests/platform/drivers/uart/pl011/pal_uart.c
index 20ac237..04de0cc 100644
--- a/api-tests/platform/drivers/uart/pl011/pal_uart.c
+++ b/api-tests/platform/drivers/uart/pl011/pal_uart.c
@@ -69,7 +69,7 @@
void pal_uart_pl011_print(char *str, int32_t data)
{
uint8_t j, buffer[16];
- int8_t i = 0, is_neg = 0, k = sizeof(data);
+ int8_t i = 0, is_neg = 0, k = 2 * sizeof(data);
for (; *str != '\0'; ++str)
{
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h
index 0076891..8a8f064 100644
--- a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h
@@ -37,8 +37,7 @@
#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
-typedef enum
-{
+typedef enum {
PAL_STATUS_SUCCESS = 0x0,
PAL_STATUS_ERROR = 0x80
} pal_status_t;
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h
index 2871339..8c04b50 100644
--- a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h
@@ -38,6 +38,9 @@
/* Are Dynamic memory APIs available to secure partition? */
#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
#endif /* PSA_CMAKE_BUILD */
/* Version of crypto spec used in attestation */
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c
index 204adfb..2bbaad7 100644
--- a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c
@@ -31,7 +31,7 @@
/* Using zero as NVMEM_BASE is a bit arbitrary - we don't actually need callers
* to specify a base address but the nvmem function signatures have "base" params.
- * Zero is the value used in our target.cfg file so that's what we should recieve.
+ * Zero is the value used in our target.cfg file so that's what we should receive.
*/
#define NVMEM_BASE 0
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg
index daef0db..1befaec 100644
--- a/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg
@@ -43,7 +43,7 @@
// The implementation just uses an array in memory.
nvmem.num =1;
nvmem.0.start = 0x0;
-nvmem.0.end = 0x400; // 1KiB
+nvmem.0.end = 0x0;
nvmem.0.permission = TYPE_READ_WRITE;
// Miscellaneous - Test scatter info
@@ -58,6 +58,3 @@
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-// Level of Isolation
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/common/driver_partition_psa.json
deleted file mode 100644
index e3cec92..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 37
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377b..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fb..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c
index 578b4ce..0030ef0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c
index 20ddd11..68af13d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h
index 3f5741e..89b4da6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h
index 2871339..8c04b50 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h
@@ -38,6 +38,9 @@
/* Are Dynamic memory APIs available to secure partition? */
#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
#endif /* PSA_CMAKE_BUILD */
/* Version of crypto spec used in attestation */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c
index f8f773f..139f04f 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg
index 79a845f..1ec4be2 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg
@@ -52,6 +52,3 @@
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-// Level of Isolation
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/common/driver_partition_psa.json
deleted file mode 100644
index e3cec92..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 37
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377b..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fb..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c
index 578b4ce..0030ef0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c
index 20ddd11..c29938c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c
@@ -28,35 +28,35 @@
uint32_t pal_ipc_framework_version(void)
{
- return (psa_framework_version());
+ return psa_framework_version();
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
uint32_t pal_ipc_version(uint32_t sid)
{
- return (psa_version(sid));
+ return psa_version(sid);
}
/**
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return psa_connect(sid, version);
}
/**
@@ -65,6 +65,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return psa_call(handle, type, in_vec, in_len, out_vec, out_len);
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h
index 3f5741e..89b4da6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h
index 0a63b02..a03cd8d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h
@@ -37,8 +37,7 @@
#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
-typedef enum
-{
+typedef enum {
PAL_STATUS_SUCCESS = 0x0,
PAL_STATUS_ERROR = 0x80
} pal_status_t;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h
index 2871339..8c04b50 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h
@@ -38,6 +38,9 @@
/* Are Dynamic memory APIs available to secure partition? */
#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
#endif /* PSA_CMAKE_BUILD */
/* Version of crypto spec used in attestation */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c
index f8f773f..862b948 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c
@@ -31,22 +31,22 @@
psa_invec data[3] = {{&uart_fn, sizeof(uart_fn)},
{&uart_base_addr, sizeof(uart_base_addr)},
- {NULL, 0}};
+ {NULL, 0} };
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -73,23 +72,22 @@
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
- {&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
+ {&data, sizeof(data)} };
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -109,24 +107,22 @@
wd_param.wd_base_addr = base_addr;
wd_param.wd_time_us = time_us;
wd_param.wd_timer_tick_us = timer_tick_us;
- psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -144,24 +140,22 @@
wd_param.wd_base_addr = base_addr;
wd_param.wd_time_us = 0;
wd_param.wd_timer_tick_us = 0;
- psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -179,24 +173,22 @@
wd_param.wd_base_addr = base_addr;
wd_param.wd_time_us = 0;
wd_param.wd_timer_tick_us = 0;
- psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -217,25 +209,23 @@
nvmem_param.base = base;
nvmem_param.offset = offset;
nvmem_param.size = size;
- psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
- psa_outvec outvec[1] = {{buffer, size}};
+ psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)} };
+ psa_outvec outvec[1] = {{buffer, size} };
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -256,24 +246,22 @@
nvmem_param.base = base;
nvmem_param.offset = offset;
nvmem_param.size = size;
- psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size} };
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -298,7 +286,7 @@
{
/* Add logic to terminate the simluation */
- while(1)
+ while (1)
{
asm volatile("WFI");
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c
index 2af6fcc..2f1f008 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c
@@ -53,7 +53,7 @@
**/
int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+ return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us);
}
/**
@@ -63,7 +63,7 @@
**/
int pal_wd_timer_enable_ns(addr_t base_addr)
{
- return(pal_wd_cmsdk_enable(base_addr));
+ return pal_wd_cmsdk_enable(base_addr);
}
/**
@@ -73,7 +73,7 @@
**/
int pal_wd_timer_disable_ns(addr_t base_addr)
{
- return (pal_wd_cmsdk_disable(base_addr));
+ return pal_wd_cmsdk_disable(base_addr);
}
/**
@@ -138,7 +138,7 @@
{
/* Add logic to terminate the simluation */
- while(1)
+ while (1)
{
asm volatile("WFI");
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/spe/pal_driver_intf.c
deleted file mode 100644
index fd30783..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/spe/pal_driver_intf.c
+++ /dev/null
@@ -1,132 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#include "pal_driver_intf.h"
-
-/**
- @brief - This function initializes the UART
- @param - uart base addr
- @return - void
-**/
-void pal_uart_init(uint32_t uart_base_addr)
-{
- pal_uart_cmsdk_init(uart_base_addr);
-}
-
-/**
- @brief - This function parses the input string and writes bytes into UART TX FIFO
- @param - str : Input String
- - data : Value for format specifier
-**/
-
-void pal_print(char *str, int32_t data)
-{
- pal_cmsdk_print(str,data);
-
-}
-
-
-/**
- @brief - Writes into given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_write(base, offset, buffer, size);
-}
-
-/**
- @brief - Reads from given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_read(base, offset, buffer, size);
-}
-
-
-/**
- @brief - Initializes an hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- - time_us : Time in micro seconds
- - timer_tick_us : Number of ticks per micro second
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
-{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
-
-}
-
-/**
- @brief - Enables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_enable(addr_t base_addr)
-{
- return(pal_wd_cmsdk_enable(base_addr));
-}
-
-/**
- @brief - Disables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_disable(addr_t base_addr)
-{
- return (pal_wd_cmsdk_disable(base_addr));
-}
-
-/**
- @brief - Checks whether hardware watchdog timer is enabled
- @param - base_addr : Base address of the watchdog module
- @return - Enabled : 1, Disabled : 0
-**/
-int pal_wd_timer_is_enabled(addr_t base_addr)
-{
- return (pal_wd_cmsdk_is_enabled(base_addr));
-}
-
-/**
- @brief - Trigger interrupt for irq signal assigned to driver partition
- before return to caller.
- @param - void
- @return - void
-**/
-void pal_generate_interrupt(void)
-{
- pal_uart_cmsdk_generate_irq();
-}
-
-/**
- @brief - Disable interrupt that was generated using pal_generate_interrupt API.
- @param - void
- @return - void
-**/
-void pal_disable_interrupt(void)
-{
- pal_uart_cmsdk_disable_irq();
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/spe/pal_driver_intf.h
deleted file mode 100644
index cef34ca..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/spe/pal_driver_intf.h
+++ /dev/null
@@ -1,35 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#ifndef _PAL_DRIVER_INTF_H_
-#define _PAL_DRIVER_INTF_H_
-
-#include "pal_uart.h"
-#include "pal_nvmem.h"
-#include "pal_wd_cmsdk.h"
-
-void pal_uart_init(uint32_t uart_base_addr);
-void pal_print(char *str, int32_t data);
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
-int pal_wd_timer_enable(addr_t base_addr);
-int pal_wd_timer_disable(addr_t base_addr);
-int pal_wd_timer_is_enabled(addr_t base_addr);
-void pal_generate_interrupt(void);
-void pal_disable_interrupt(void);
-#endif /* _PAL_DRIVER_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg
index a8f3700..eafa7b0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg
@@ -52,6 +52,3 @@
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-// Level of Isolation
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377b..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fb..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
index 578b4ce..0030ef0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c
index 20ddd11..68af13d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h
index 3f5741e..89b4da6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h
index 2871339..8c04b50 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h
@@ -38,6 +38,9 @@
/* Are Dynamic memory APIs available to secure partition? */
#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
#endif /* PSA_CMAKE_BUILD */
/* Version of crypto spec used in attestation */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
index f8f773f..139f04f 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
index 23d5d1f..97ac9c6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
@@ -52,5 +52,3 @@
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/common/driver_partition_psa.json
deleted file mode 100644
index 7010c9b..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 46
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377b..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fb..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
index 578b4ce..0030ef0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c
index 20ddd11..68af13d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h
index 3f5741e..89b4da6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h
index 2871339..8c04b50 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h
@@ -38,6 +38,9 @@
/* Are Dynamic memory APIs available to secure partition? */
#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
#endif /* PSA_CMAKE_BUILD */
/* Version of crypto spec used in attestation */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
index f8f773f..139f04f 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.c
deleted file mode 100644
index 4d52207..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.c
+++ /dev/null
@@ -1,131 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#include "pal_driver_intf.h"
-
-/**
- @brief - This function initializes the UART
- @param - uart base addr
- @return - void
-**/
-void pal_uart_init(uint32_t uart_base_addr)
-{
- pal_uart_pl011_init(uart_base_addr);
-}
-
-/**
- @brief - This function parses the input string and writes bytes into UART TX FIFO
- @param - str : Input String
- - data : Value for format specifier
-**/
-
-void pal_print(char *str, int32_t data)
-{
- pal_uart_pl011_print(str,data);
-}
-
-
-/**
- @brief - Writes into given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_write(base, offset, buffer, size);
-}
-
-/**
- @brief - Reads from given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_read(base, offset, buffer, size);
-}
-
-
-/**
- @brief - Initializes an hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- - time_us : Time in micro seconds
- - timer_tick_us : Number of ticks per micro second
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
-{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
-
-}
-
-/**
- @brief - Enables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_enable(addr_t base_addr)
-{
- return(pal_wd_cmsdk_enable(base_addr));
-}
-
-/**
- @brief - Disables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_disable(addr_t base_addr)
-{
- return (pal_wd_cmsdk_disable(base_addr));
-}
-
-/**
- @brief - Checks whether hardware watchdog timer is enabled
- @param - base_addr : Base address of the watchdog module
- @return - Enabled : 1, Disabled : 0
-**/
-int pal_wd_timer_is_enabled(addr_t base_addr)
-{
- return (pal_wd_cmsdk_is_enabled(base_addr));
-}
-
-/**
- @brief - Trigger interrupt for irq signal assigned to driver partition
- before return to caller.
- @param - void
- @return - void
-**/
-void pal_generate_interrupt(void)
-{
- pal_uart_pl011_generate_irq();
-}
-
-/**
- @brief - Disable interrupt that was generated using pal_generate_interrupt API.
- @param - void
- @return - void
-**/
-void pal_disable_interrupt(void)
-{
- pal_uart_pl011_disable_irq();
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.h
deleted file mode 100644
index cef34ca..0000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.h
+++ /dev/null
@@ -1,35 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#ifndef _PAL_DRIVER_INTF_H_
-#define _PAL_DRIVER_INTF_H_
-
-#include "pal_uart.h"
-#include "pal_nvmem.h"
-#include "pal_wd_cmsdk.h"
-
-void pal_uart_init(uint32_t uart_base_addr);
-void pal_print(char *str, int32_t data);
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
-int pal_wd_timer_enable(addr_t base_addr);
-int pal_wd_timer_disable(addr_t base_addr);
-int pal_wd_timer_is_enabled(addr_t base_addr);
-void pal_generate_interrupt(void);
-void pal_disable_interrupt(void);
-#endif /* _PAL_DRIVER_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg
index 629efb5..20c1ab8 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg
@@ -52,5 +52,3 @@
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/common/driver_partition_psa.json
similarity index 64%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
rename to api-tests/platform/targets/tgt_ff_tfm_an521/manifests/common/driver_partition_psa.json
index 7010c9b..7bc6649 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/common/driver_partition_psa.json
@@ -6,61 +6,58 @@
"description": "Implements device services such print, flash read/write,. etc.",
"entry_point": "driver_main",
"stack_size": "0x400",
+ "heap_size": "0x100",
"services": [{
- "name": "DRIVER_UART_SID",
+ "name": "DRIVER_UART",
"sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_WATCHDOG_SID",
+ "name": "DRIVER_WATCHDOG",
"sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_NVMEM_SID",
+ "name": "DRIVER_NVMEM",
"sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_TEST_SID",
+ "name": "DRIVER_TEST",
"sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
}
],
"mmio_regions" : [
{
"name": "UART_REGION",
- "base": "0x40004000",
+ "base": "0x50202000",
"size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "WATCHDOG_REGION",
- "base": "0x40008000",
+ "base": "0x50081000",
"size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "NVMEM_REGION",
- "base": "0x2002F000",
+ "base": "0x102FFC00",
"size": "0x400",
"permission": "READ-WRITE"
},
{
"name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
+ "base": "0x10300F20",
"size": "0x20",
"permission": "READ-WRITE"
}
@@ -69,7 +66,7 @@
{
"description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
"signal": "DRIVER_UART_INTR_SIG",
- "line_num": 46
+ "source": "UARTTX_IRQ"
}
]
}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/ipc/client_partition_psa.json
new file mode 100644
index 0000000..c0fb05b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/ipc/client_partition_psa.json
@@ -0,0 +1,28 @@
+{
+ "psa_framework_version": 1.0,
+ "name": "CLIENT_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "description": "Client partition executing client test func from SPE",
+ "entry_point": "client_main",
+ "stack_size": "0x400",
+ "services": [{
+ "name": "CLIENT_TEST_DISPATCHER",
+ "sid": "0x0000FA01",
+ "non_secure_clients": true,
+ "version": 1,
+ "version_policy": "RELAXED"
+ }
+ ],
+ "dependencies": [
+ "DRIVER_UART",
+ "DRIVER_NVMEM",
+ "DRIVER_TEST",
+ "SERVER_TEST_DISPATCHER",
+ "SERVER_UNSPECIFED_VERSION",
+ "SERVER_STRICT_VERSION",
+ "SERVER_RELAX_VERSION",
+ "SERVER_SECURE_CONNECT_ONLY",
+ "SERVER_CONNECTION_DROP"
+ ]
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/ipc/server_partition_psa.json
new file mode 100644
index 0000000..907aaa2
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/manifests/ipc/server_partition_psa.json
@@ -0,0 +1,70 @@
+{
+ "psa_framework_version": 1.0,
+ "name": "SERVER_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "description": "Server partition executing server test func",
+ "entry_point": "server_main",
+ "stack_size": "0x400",
+ "heap_size": "0x100",
+ "services": [{
+ "name": "SERVER_TEST_DISPATCHER",
+ "sid": "0x0000FB01",
+ "non_secure_clients": true,
+ "version": 1,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_SECURE_CONNECT_ONLY",
+ "sid": "0x0000FB02",
+ "non_secure_clients": false,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_STRICT_VERSION",
+ "sid": "0x0000FB03",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "STRICT"
+ },
+ {
+ "name": "SERVER_UNSPECIFED_VERSION",
+ "sid": "0x0000FB04",
+ "non_secure_clients": true
+ },
+ {
+ "name": "SERVER_RELAX_VERSION",
+ "sid": "0x0000FB05",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_UNEXTERN",
+ "sid": "0x0000FB06",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_CONNECTION_DROP",
+ "sid": "0x0000FB07",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ }
+ ],
+ "dependencies": [
+ "DRIVER_UART",
+ "DRIVER_NVMEM"
+ ],
+ "mmio_regions" : [
+ {
+ "name": "SERVER_PARTITION_MMIO",
+ "base": "0x10300F00",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ]
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_empty_intf.c
new file mode 100644
index 0000000..0030ef0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_empty_intf.c
@@ -0,0 +1,95 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return 0;
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return PSA_VERSION_NONE;
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return PSA_NULL_HANDLE;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (PSA_SUCCESS - 1);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param handle Handle for the connection.
+ * @return void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ return;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.c
new file mode 100644
index 0000000..68af13d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.c
@@ -0,0 +1,99 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return (psa_framework_version());
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return (psa_version(sid));
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ * Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return (psa_connect(sid, version));
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ * Note - Return -1 if PSA IPC is not implemented.
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param - handle Handle for the connection.
+ * @return - void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ psa_close(handle);
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.h
new file mode 100644
index 0000000..89b4da6
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_common.h
new file mode 100644
index 0000000..0a63b02
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_common.h
@@ -0,0 +1,116 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+#include "pal_config.h"
+#include "pal_crypto_config.h"
+
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef enum
+{
+ PAL_STATUS_SUCCESS = 0x0,
+ PAL_STATUS_ERROR = 0x80
+} pal_status_t;
+
+typedef enum {
+ NVMEM_READ = 0x1,
+ NVMEM_WRITE = 0x2,
+} nvmem_fn_type_t;
+
+typedef struct {
+ nvmem_fn_type_t nvmem_fn_type;
+ addr_t base;
+ uint32_t offset;
+ int size;
+} nvmem_param_t;
+
+typedef enum {
+ WD_INIT_SEQ = 0x1,
+ WD_ENABLE_SEQ = 0x2,
+ WD_DISABLE_SEQ = 0x3,
+ WD_STATUS_SEQ = 0x4,
+} wd_fn_type_t;
+
+typedef enum {
+ WD_LOW_TIMEOUT = 0x1,
+ WD_MEDIUM_TIMEOUT = 0x2,
+ WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
+} wd_timeout_type_t;
+
+typedef struct {
+ wd_fn_type_t wd_fn_type;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
+} wd_param_t;
+
+typedef enum {
+ UART_INIT = 0x1,
+ UART_PRINT = 0x2,
+} uart_fn_type_t;
+
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#ifndef IPC
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* IPC */
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h
new file mode 100644
index 0000000..640f56f
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h
@@ -0,0 +1,94 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
+
+/* Print verbosity = TEST */
+#define VERBOSE 3
+
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
+
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
+
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
+
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
+
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
+
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA2
+
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
+
+/*
+ * Include of PSA defined Header files
+ */
+#ifdef IPC
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+
+/*
+ * psa_manifest/pid.h: Secure Partition IDs
+ * Macro definitions that map from Secure Partition names to Secure Partition IDs.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_manifest/pid.h"
+#endif
+
+#ifdef CRYPTO
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#ifdef INTERNAL_TRUSTED_STORAGE
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#ifdef PROTECTED_STORAGE
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#ifdef INITIAL_ATTESTATION
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ipc_intf.c
new file mode 100644
index 0000000..139f04f
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ipc_intf.c
@@ -0,0 +1,293 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_INIT;
+
+ psa_invec data[3] = {{&uart_fn, sizeof(uart_fn)},
+ {&uart_base_addr, sizeof(uart_base_addr)},
+ {NULL, 0}};
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ int string_len = 0;
+ char *p = str;
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_PRINT;
+
+ while (*p != '\0')
+ {
+ string_len++;
+ p++;
+ }
+
+ psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
+ {str, string_len+1},
+ {&data, sizeof(data)}};
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_INIT_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = time_us;
+ wd_param.wd_timer_tick_us = timer_tick_us;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_ENABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_DISABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_READ;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
+ psa_outvec outvec[1] = {{buffer, size}};
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_WRITE;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while(1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ns_intf.c
new file mode 100644
index 0000000..2af6fcc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ns_intf.c
@@ -0,0 +1,145 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_uart.h"
+#include "pal_nvmem.h"
+#include "pal_wd_cmsdk.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ pal_uart_cmsdk_init(uart_base_addr);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ pal_cmsdk_print(str, data);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ return(pal_wd_cmsdk_enable(base_addr));
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ return (pal_wd_cmsdk_disable(base_addr));
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_read(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_write(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while(1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config.h
new file mode 100644
index 0000000..ab11fd1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config.h
@@ -0,0 +1,323 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/*
+ * \file pal_crypto_config.h
+ *
+ * \brief Configuration options for crypto tests (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively for crypto test suite
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_H_
+#define _PAL_CRYPTO_CONFIG_H_
+/**
+ * \def ARCH_TEST_RSA
+ *
+ * Enable the RSA public-key cryptosystem.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_RSA
+#define ARCH_TEST_RSA_1024
+#define ARCH_TEST_RSA_2048
+#define ARCH_TEST_RSA_3072
+
+/**
+ * \def ARCH_TEST_ECC
+ * \def ARCH_TEST_ECC_CURVE_SECPXXXR1
+ *
+ * Enable the elliptic curve
+ * Enable specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Requires: ARCH_TEST_ECC
+ * Comment macros to disable the curve
+ */
+#define ARCH_TEST_ECC
+#define ARCH_TEST_ECC_CURVE_SECP192R1
+#define ARCH_TEST_ECC_CURVE_SECP224R1
+#define ARCH_TEST_ECC_CURVE_SECP256R1
+#define ARCH_TEST_ECC_CURVE_SECP384R1
+
+/**
+ * \def ARCH_TEST_AES
+ *
+ * Enable the AES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_AES
+#define ARCH_TEST_AES_128
+#define ARCH_TEST_AES_192
+#define ARCH_TEST_AES_256
+#define ARCH_TEST_AES_512
+
+/**
+ * \def ARCH_TEST_DES
+ *
+ * Enable the DES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_DES
+//#define ARCH_TEST_DES_1KEY
+//#define ARCH_TEST_DES_2KEY
+//#define ARCH_TEST_DES_3KEY
+
+/**
+ * \def ARCH_TEST_RAW
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore.
+ */
+#define ARCH_TEST_RAW
+
+/**
+ * \def ARCH_TEST_CIPER
+ *
+ * Enable the generic cipher layer.
+ */
+
+#define ARCH_TEST_CIPER
+
+/**
+ * \def ARCH_TEST_ARC4
+ *
+ * Enable the ARC4 key type.
+ */
+//#define ARCH_TEST_ARC4
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CTR
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CFB
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CBC
+
+/**
+ * \def ARCH_TEST_CTR_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CTR
+ */
+#define ARCH_TEST_CTR_AES
+
+/**
+ * \def ARCH_TEST_CBC_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_AES
+#define ARCH_TEST_CBC_AES_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CBC_NO_PADDING
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CFB_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CFB
+ */
+#define ARCH_TEST_CFB_AES
+
+/**
+ * \def ARCH_TEST_PKCS1V15_*
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ * Enable support for PKCS#1 v1.5 operations.
+ * Enable support for RSA-OAEP
+ *
+ * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_PKCS1V15
+#define ARCH_TEST_RSA_PKCS1V15_SIGN
+#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#define ARCH_TEST_RSA_PKCS1V15_CRYPT
+#define ARCH_TEST_RSA_OAEP
+
+/**
+ * \def ARCH_TEST_CBC_PKCS7
+ *
+ * Requires: ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_PKCS7
+
+/**
+ * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION
+ *
+ * Enable support for Asymmetric encryption algorithms
+ */
+#define ARCH_TEST_ASYMMETRIC_ENCRYPTION
+
+/**
+ * \def ARCH_TEST_HASH
+ *
+ * Enable the hash algorithm.
+ */
+#define ARCH_TEST_HASH
+
+/**
+ * \def ARCH_TEST_HMAC
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * Requires: ARCH_TEST_HASH
+ */
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_MDX
+ * \def ARCH_TEST_SHAXXX
+ *
+ * Enable the MDX algorithm.
+ * Enable the SHAXXX algorithm.
+ *
+ * Requires: ARCH_TEST_HASH
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_MD2
+//#define ARCH_TEST_MD4
+//#define ARCH_TEST_MD5
+//#define ARCH_TEST_RIPEMD160
+#define ARCH_TEST_SHA1
+#define ARCH_TEST_SHA224
+#define ARCH_TEST_SHA256
+#define ARCH_TEST_SHA384
+#define ARCH_TEST_SHA512
+//#define ARCH_TEST_SHA512_224
+//#define ARCH_TEST_SHA512_256
+//#define ARCH_TEST_SHA3_224
+//#define ARCH_TEST_SHA3_256
+//#define ARCH_TEST_SHA3_384
+//#define ARCH_TEST_SHA3_512
+
+/**
+ * \def ARCH_TEST_HKDF
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Requires: ARCH_TEST_HASH
+*/
+#define ARCH_TEST_HKDF
+
+/**
+ * \def ARCH_TEST_xMAC
+ *
+ * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block
+ * ciphers.
+ * Requires: ARCH_TEST_AES or ARCH_TEST_DES
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CMAC
+#define ARCH_TEST_GMAC
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_CCM
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Requires: ARCH_TEST_AES
+ */
+#define ARCH_TEST_CCM
+
+/**
+ * \def ARCH_TEST_GCM
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Requires: ARCH_TEST_AES
+ *
+ */
+#define ARCH_TEST_GCM
+
+/**
+ * \def ARCH_TEST_TRUNCATED_MAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define ARCH_TEST_TRUNCATED_MAC
+
+
+/**
+ * \def ARCH_TEST_ECDH
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDH
+
+/**
+ * \def ARCH_TEST_ECDSA
+ *
+ * Enable the elliptic curve DSA library.
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDSA
+
+/**
+ * \def ARCH_TEST_DETERMINISTIC_ECDSA
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+*/
+#define ARCH_TEST_DETERMINISTIC_ECDSA
+
+#include "pal_crypto_config_check.h"
+
+#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config_check.h
new file mode 100644
index 0000000..443e0bc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config_check.h
@@ -0,0 +1,223 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/**
+ * \file pal_crypto_config_check.h
+ *
+ * \brief Consistency checks for configuration options
+ *
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_CHECK_H_
+#define _PAL_CRYPTO_CONFIG_CHECK_H_
+
+#if defined(ARCH_TEST_RSA_1024) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_1024 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_2048) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_2048 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_3072) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_3072 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP192R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP192R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP224R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP224R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP256R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP256R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP384R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP384R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_128) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_128 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_256) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_512) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_1KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_1KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_2KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_2KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_3KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_3KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CTR) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CTR defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CFB) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CFB defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CBC) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CBC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CTR_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CTR))
+#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CFB_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CFB))
+#error "ARCH_TEST_CFB_AES defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN_RAW) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN_RAW defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_CRYPT) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CBC_PKCS7) && !defined(ARCH_TEST_CIPER_MODE_CBC)
+#error "ARCH_TEST_CBC_PKCS7 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD2) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD2 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD4) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD4 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD5) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD5 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RIPEMD160) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_RIPEMD160 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA1) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_384) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HKDF) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HKDF defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDH) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDH defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDSA) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDSA defined, but not all prerequisites"
+#endif
+
+#endif /* _PAL_CRYPTO_CONFIG_CHECK_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_empty_intf.c
new file mode 100644
index 0000000..2a28f39
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 0000000..1e61e8c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,516 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 0000000..671dfa0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
new file mode 100644
index 0000000..488c96b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
@@ -0,0 +1,343 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_attestation_crypto.h"
+
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
+
+static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
+ size_t amount)
+{
+ return UsefulBuf_Head(buf, amount);
+}
+
+static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t status;
+
+ switch (cose_hash_alg_id)
+ {
+ case COSE_ALG_SHA256_PROPRIETARY:
+ status = PSA_ALG_SHA_256;
+ break;
+ default:
+ status = PSA_ALG_MD4;
+ break;
+ }
+
+ return status;
+}
+
+static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
+{
+ switch (cose_sig_alg_id)
+ {
+ case COSE_ALGORITHM_ES256:
+ return COSE_ALG_SHA256_PROPRIETARY;
+ default:
+ return INT32_MAX;
+ }
+}
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
+
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
+
+ return status;
+
+}
+
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash)
+{
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
+ return;
+ }
+
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
+}
+
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
+
+ return status;
+
+}
+
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
+
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
+ return status;
+}
+
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload)
+{
+ uint32_t status;
+ QCBOREncodeContext cbor_encode_ctx;
+ struct q_useful_buf_c tbs_first_part;
+ QCBORError qcbor_result;
+ int32_t hash_alg_id;
+ UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ /* This builds the CBOR-format to-be-signed bytes */
+ QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
+ QCBOREncode_OpenArray(&cbor_encode_ctx);
+
+ /* context */
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
+ /* body_protected */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
+ /* external_aad */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
+ QCBOREncode_CloseArray(&cbor_encode_ctx);
+
+ /* Get the result and convert it to struct q_useful_buf_c representation */
+ qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
+ if (qcbor_result)
+ {
+ /* Mainly means that the protected_headers were too big
+ * (which should never happen)
+ */
+ status = PAL_ATTEST_ERR_SIGN_STRUCT;
+ goto Done;
+ }
+
+ /* Start the hashing */
+ hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
+
+ /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
+ * will handle it properly
+ */
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
+ if (status)
+ goto Done;
+
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
+ */
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
+
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
+
+ /* Finish the hash and set up to return it */
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+
+Done:
+ return status;
+}
+
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
+ psa_key_type_t attest_key_type;
+ size_t public_key_size;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
+ psa_key_policy_t policy;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
+
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
+ attest_key_type,
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
+
+ return status;
+}
+
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
+
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
+ struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
+
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
+
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ return PAL_ATTEST_SUCCESS;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
new file mode 100644
index 0000000..559a24c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
@@ -0,0 +1,88 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
+#include "pal_attestation_eat.h"
+
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
+
+typedef struct {
+ uint8_t *pubx_key;
+ size_t pubx_key_size;
+ uint8_t *puby_key;
+ size_t puby_key_size;
+} ecc_key_t;
+
+struct ecc_public_key_t {
+ const uint8_t a;
+ uint8_t public_key[]; /* X-coordinate || Y-coordinate */
+};
+
+static const struct ecc_public_key_t attest_public_key = {
+ /* Constant byte */
+ 0x04,
+ /* X-coordinate */
+ {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F,
+ /* Y-coordinate */
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
+};
+
+static const uint8_t initial_attestation_public_x_key[] = {
+ 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
+};
+
+static const uint8_t initial_attestation_public_y_key[] = {
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64
+};
+
+/* Initialize the structure with given public key */
+static const ecc_key_t attest_key = {
+ (uint8_t *)initial_attestation_public_x_key,
+ sizeof(initial_attestation_public_x_key),
+ (uint8_t *)initial_attestation_public_y_key,
+ sizeof(initial_attestation_public_y_key)
+};
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash);
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result);
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash);
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload);
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature);
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
new file mode 100644
index 0000000..56d624e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
+#include "qcbor.h"
+#include "pal_common.h"
+
+#define PAL_ATTEST_MIN_ERROR 30
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * ( /* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+enum attestation_error_code {
+ PAL_ATTEST_SUCCESS = 0,
+ PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
+ PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
+ PAL_ATTEST_TOKEN_NOT_SUPPORTED,
+ PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
+ PAL_ATTEST_HASH_LENGTH_MISMATCH,
+ PAL_ATTEST_HASH_MISMATCH,
+ PAL_ATTEST_HASH_FAIL,
+ PAL_ATTEST_HASH_UNSUPPORTED,
+ PAL_ATTEST_HASH_BUFFER_SIZE,
+ PAL_ATTEST_ERR_PROTECTED_HEADERS,
+ PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
+ PAL_ATTEST_ERROR,
+};
+
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_empty_intf.c
new file mode 100644
index 0000000..faf3f49
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
new file mode 100644
index 0000000..83c1ebd
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
@@ -0,0 +1,56 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, verify_token_size, token_buffer_size;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
+ case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token_size(challenge_size, token_size);
+ case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ verify_token_size = va_arg(valist, size_t);
+ return pal_initial_attest_verify_token(challenge, challenge_size,
+ token, verify_token_size);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
new file mode 100644
index 0000000..3ab7ebb
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
+
+#include "pal_attestation_crypto.h"
+
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+ PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
+ PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
new file mode 100644
index 0000000..133cfa9
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
new file mode 100644
index 0000000..abfdc5d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
new file mode 100644
index 0000000..6db6aac
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_empty_intf.c
new file mode 100644
index 0000000..ee9b13d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
new file mode 100644
index 0000000..0dd07c5
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
+ case PAL_PS_GET_SUPPORT:
+ return psa_ps_get_support();
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.h
new file mode 100644
index 0000000..a338cdf
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+ PAL_PS_GET_SUPPORT = 0x7,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.h
rename to api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.h
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg
new file mode 100644
index 0000000..9e50489
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg
@@ -0,0 +1,78 @@
+///** @file
+// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x50202000; // UART2_S
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x50081000; // APB_WATCHDOG_BASE_S
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x102FFC00; // (FLASH0_BASE_S + FLASH0_SIZE - 0x400)
+nvmem.0.end = 0x102FFFFF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 12KB NS memory for test ELF
+dut.0.ns_test_addr = 0x281E0000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file
+dut.0.ns_start_addr_of_combine_test_binary = 0x281F0000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+
+// ###################################################################
+// Following Target configuration parameters are required for IPC tests
+// only. Avoid updating them if you are running dev_apis tests.
+// ###################################################################
+
+// Assign free memory range for isolation testing. Choose the addresses
+// for these memory regions such that it follows below condition:
+// nspe_mmio.0.start < server_partition_mmio.0.start < driver_partition_mmio.0.start.
+nspe_mmio.num=1;
+nspe_mmio.0.start = 0x00300F00;
+nspe_mmio.0.end = 0x00300F1F;
+nspe_mmio.0.permission = TYPE_READ_WRITE;
+
+server_partition_mmio.num=1;
+server_partition_mmio.0.start = 0x10300F00;
+server_partition_mmio.0.end = 0x10300F1F;
+server_partition_mmio.0.permission = TYPE_READ_WRITE;
+
+driver_partition_mmio.num=1;
+driver_partition_mmio.0.start = 0x10300F20;
+driver_partition_mmio.0.end = 0x10300F3F;
+driver_partition_mmio.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake
new file mode 100644
index 0000000..db9a4fa
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake
@@ -0,0 +1,105 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/common/driver_partition_psa.json
similarity index 64%
copy from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
copy to api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/common/driver_partition_psa.json
index 7010c9b..6a8adf9 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/common/driver_partition_psa.json
@@ -6,61 +6,58 @@
"description": "Implements device services such print, flash read/write,. etc.",
"entry_point": "driver_main",
"stack_size": "0x400",
+ "heap_size": "0x100",
"services": [{
- "name": "DRIVER_UART_SID",
+ "name": "DRIVER_UART",
"sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_WATCHDOG_SID",
+ "name": "DRIVER_WATCHDOG",
"sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_NVMEM_SID",
+ "name": "DRIVER_NVMEM",
"sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_TEST_SID",
+ "name": "DRIVER_TEST",
"sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
}
],
"mmio_regions" : [
{
"name": "UART_REGION",
- "base": "0x40004000",
+ "base": "0x40102000",
"size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "WATCHDOG_REGION",
- "base": "0x40008000",
+ "base": "0x50081000",
"size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "NVMEM_REGION",
- "base": "0x2002F000",
+ "base": "0x30017C00",
"size": "0x400",
"permission": "READ-WRITE"
},
{
"name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
+ "base": "0x10200F20",
"size": "0x20",
"permission": "READ-WRITE"
}
@@ -69,7 +66,7 @@
{
"description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
"signal": "DRIVER_UART_INTR_SIG",
- "line_num": 46
+ "source": "UARTTX_IRQ"
}
]
}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/ipc/client_partition_psa.json
new file mode 100644
index 0000000..c0fb05b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/ipc/client_partition_psa.json
@@ -0,0 +1,28 @@
+{
+ "psa_framework_version": 1.0,
+ "name": "CLIENT_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "description": "Client partition executing client test func from SPE",
+ "entry_point": "client_main",
+ "stack_size": "0x400",
+ "services": [{
+ "name": "CLIENT_TEST_DISPATCHER",
+ "sid": "0x0000FA01",
+ "non_secure_clients": true,
+ "version": 1,
+ "version_policy": "RELAXED"
+ }
+ ],
+ "dependencies": [
+ "DRIVER_UART",
+ "DRIVER_NVMEM",
+ "DRIVER_TEST",
+ "SERVER_TEST_DISPATCHER",
+ "SERVER_UNSPECIFED_VERSION",
+ "SERVER_STRICT_VERSION",
+ "SERVER_RELAX_VERSION",
+ "SERVER_SECURE_CONNECT_ONLY",
+ "SERVER_CONNECTION_DROP"
+ ]
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/ipc/server_partition_psa.json
new file mode 100644
index 0000000..5a1955b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/manifests/ipc/server_partition_psa.json
@@ -0,0 +1,70 @@
+{
+ "psa_framework_version": 1.0,
+ "name": "SERVER_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "description": "Server partition executing server test func",
+ "entry_point": "server_main",
+ "stack_size": "0x400",
+ "heap_size": "0x100",
+ "services": [{
+ "name": "SERVER_TEST_DISPATCHER",
+ "sid": "0x0000FB01",
+ "non_secure_clients": true,
+ "version": 1,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_SECURE_CONNECT_ONLY",
+ "sid": "0x0000FB02",
+ "non_secure_clients": false,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_STRICT_VERSION",
+ "sid": "0x0000FB03",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "STRICT"
+ },
+ {
+ "name": "SERVER_UNSPECIFED_VERSION",
+ "sid": "0x0000FB04",
+ "non_secure_clients": true
+ },
+ {
+ "name": "SERVER_RELAX_VERSION",
+ "sid": "0x0000FB05",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_UNEXTERN",
+ "sid": "0x0000FB06",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_CONNECTION_DROP",
+ "sid": "0x0000FB07",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ }
+ ],
+ "mmio_regions" : [
+ {
+ "name": "SERVER_PARTITION_MMIO",
+ "base": "0x10200F00",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
+ "dependencies": [
+ "DRIVER_UART",
+ "DRIVER_NVMEM"
+ ]
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
new file mode 100644
index 0000000..0030ef0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
@@ -0,0 +1,95 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return 0;
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return PSA_VERSION_NONE;
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return PSA_NULL_HANDLE;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (PSA_SUCCESS - 1);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param handle Handle for the connection.
+ * @return void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ return;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.c
new file mode 100644
index 0000000..68af13d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.c
@@ -0,0 +1,99 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return (psa_framework_version());
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return (psa_version(sid));
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ * Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return (psa_connect(sid, version));
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ * Note - Return -1 if PSA IPC is not implemented.
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param - handle Handle for the connection.
+ * @return - void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ psa_close(handle);
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.h
new file mode 100644
index 0000000..89b4da6
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_common.h
new file mode 100644
index 0000000..0a63b02
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_common.h
@@ -0,0 +1,116 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+#include "pal_config.h"
+#include "pal_crypto_config.h"
+
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef enum
+{
+ PAL_STATUS_SUCCESS = 0x0,
+ PAL_STATUS_ERROR = 0x80
+} pal_status_t;
+
+typedef enum {
+ NVMEM_READ = 0x1,
+ NVMEM_WRITE = 0x2,
+} nvmem_fn_type_t;
+
+typedef struct {
+ nvmem_fn_type_t nvmem_fn_type;
+ addr_t base;
+ uint32_t offset;
+ int size;
+} nvmem_param_t;
+
+typedef enum {
+ WD_INIT_SEQ = 0x1,
+ WD_ENABLE_SEQ = 0x2,
+ WD_DISABLE_SEQ = 0x3,
+ WD_STATUS_SEQ = 0x4,
+} wd_fn_type_t;
+
+typedef enum {
+ WD_LOW_TIMEOUT = 0x1,
+ WD_MEDIUM_TIMEOUT = 0x2,
+ WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
+} wd_timeout_type_t;
+
+typedef struct {
+ wd_fn_type_t wd_fn_type;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
+} wd_param_t;
+
+typedef enum {
+ UART_INIT = 0x1,
+ UART_PRINT = 0x2,
+} uart_fn_type_t;
+
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#ifndef IPC
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* IPC */
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h
new file mode 100644
index 0000000..640f56f
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h
@@ -0,0 +1,94 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
+
+/* Print verbosity = TEST */
+#define VERBOSE 3
+
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
+
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
+
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
+
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
+
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
+
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA2
+
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
+
+/*
+ * Include of PSA defined Header files
+ */
+#ifdef IPC
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+
+/*
+ * psa_manifest/pid.h: Secure Partition IDs
+ * Macro definitions that map from Secure Partition names to Secure Partition IDs.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_manifest/pid.h"
+#endif
+
+#ifdef CRYPTO
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#ifdef INTERNAL_TRUSTED_STORAGE
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#ifdef PROTECTED_STORAGE
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#ifdef INITIAL_ATTESTATION
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
new file mode 100644
index 0000000..139f04f
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
@@ -0,0 +1,293 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_INIT;
+
+ psa_invec data[3] = {{&uart_fn, sizeof(uart_fn)},
+ {&uart_base_addr, sizeof(uart_base_addr)},
+ {NULL, 0}};
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ int string_len = 0;
+ char *p = str;
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_PRINT;
+
+ while (*p != '\0')
+ {
+ string_len++;
+ p++;
+ }
+
+ psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
+ {str, string_len+1},
+ {&data, sizeof(data)}};
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_INIT_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = time_us;
+ wd_param.wd_timer_tick_us = timer_tick_us;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_ENABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_DISABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_READ;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
+ psa_outvec outvec[1] = {{buffer, size}};
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_WRITE;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while(1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ns_intf.c
new file mode 100644
index 0000000..338df6c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ns_intf.c
@@ -0,0 +1,145 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_uart.h"
+#include "pal_nvmem.h"
+#include "pal_wd_cmsdk.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ pal_uart_pl011_init(uart_base_addr);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ pal_uart_pl011_print(str, data);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ return(pal_wd_cmsdk_enable(base_addr));
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ return (pal_wd_cmsdk_disable(base_addr));
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_read(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_write(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while(1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h
new file mode 100644
index 0000000..ab11fd1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h
@@ -0,0 +1,323 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/*
+ * \file pal_crypto_config.h
+ *
+ * \brief Configuration options for crypto tests (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively for crypto test suite
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_H_
+#define _PAL_CRYPTO_CONFIG_H_
+/**
+ * \def ARCH_TEST_RSA
+ *
+ * Enable the RSA public-key cryptosystem.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_RSA
+#define ARCH_TEST_RSA_1024
+#define ARCH_TEST_RSA_2048
+#define ARCH_TEST_RSA_3072
+
+/**
+ * \def ARCH_TEST_ECC
+ * \def ARCH_TEST_ECC_CURVE_SECPXXXR1
+ *
+ * Enable the elliptic curve
+ * Enable specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Requires: ARCH_TEST_ECC
+ * Comment macros to disable the curve
+ */
+#define ARCH_TEST_ECC
+#define ARCH_TEST_ECC_CURVE_SECP192R1
+#define ARCH_TEST_ECC_CURVE_SECP224R1
+#define ARCH_TEST_ECC_CURVE_SECP256R1
+#define ARCH_TEST_ECC_CURVE_SECP384R1
+
+/**
+ * \def ARCH_TEST_AES
+ *
+ * Enable the AES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_AES
+#define ARCH_TEST_AES_128
+#define ARCH_TEST_AES_192
+#define ARCH_TEST_AES_256
+#define ARCH_TEST_AES_512
+
+/**
+ * \def ARCH_TEST_DES
+ *
+ * Enable the DES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_DES
+//#define ARCH_TEST_DES_1KEY
+//#define ARCH_TEST_DES_2KEY
+//#define ARCH_TEST_DES_3KEY
+
+/**
+ * \def ARCH_TEST_RAW
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore.
+ */
+#define ARCH_TEST_RAW
+
+/**
+ * \def ARCH_TEST_CIPER
+ *
+ * Enable the generic cipher layer.
+ */
+
+#define ARCH_TEST_CIPER
+
+/**
+ * \def ARCH_TEST_ARC4
+ *
+ * Enable the ARC4 key type.
+ */
+//#define ARCH_TEST_ARC4
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CTR
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CFB
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CBC
+
+/**
+ * \def ARCH_TEST_CTR_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CTR
+ */
+#define ARCH_TEST_CTR_AES
+
+/**
+ * \def ARCH_TEST_CBC_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_AES
+#define ARCH_TEST_CBC_AES_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CBC_NO_PADDING
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CFB_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CFB
+ */
+#define ARCH_TEST_CFB_AES
+
+/**
+ * \def ARCH_TEST_PKCS1V15_*
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ * Enable support for PKCS#1 v1.5 operations.
+ * Enable support for RSA-OAEP
+ *
+ * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_PKCS1V15
+#define ARCH_TEST_RSA_PKCS1V15_SIGN
+#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#define ARCH_TEST_RSA_PKCS1V15_CRYPT
+#define ARCH_TEST_RSA_OAEP
+
+/**
+ * \def ARCH_TEST_CBC_PKCS7
+ *
+ * Requires: ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_PKCS7
+
+/**
+ * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION
+ *
+ * Enable support for Asymmetric encryption algorithms
+ */
+#define ARCH_TEST_ASYMMETRIC_ENCRYPTION
+
+/**
+ * \def ARCH_TEST_HASH
+ *
+ * Enable the hash algorithm.
+ */
+#define ARCH_TEST_HASH
+
+/**
+ * \def ARCH_TEST_HMAC
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * Requires: ARCH_TEST_HASH
+ */
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_MDX
+ * \def ARCH_TEST_SHAXXX
+ *
+ * Enable the MDX algorithm.
+ * Enable the SHAXXX algorithm.
+ *
+ * Requires: ARCH_TEST_HASH
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_MD2
+//#define ARCH_TEST_MD4
+//#define ARCH_TEST_MD5
+//#define ARCH_TEST_RIPEMD160
+#define ARCH_TEST_SHA1
+#define ARCH_TEST_SHA224
+#define ARCH_TEST_SHA256
+#define ARCH_TEST_SHA384
+#define ARCH_TEST_SHA512
+//#define ARCH_TEST_SHA512_224
+//#define ARCH_TEST_SHA512_256
+//#define ARCH_TEST_SHA3_224
+//#define ARCH_TEST_SHA3_256
+//#define ARCH_TEST_SHA3_384
+//#define ARCH_TEST_SHA3_512
+
+/**
+ * \def ARCH_TEST_HKDF
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Requires: ARCH_TEST_HASH
+*/
+#define ARCH_TEST_HKDF
+
+/**
+ * \def ARCH_TEST_xMAC
+ *
+ * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block
+ * ciphers.
+ * Requires: ARCH_TEST_AES or ARCH_TEST_DES
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CMAC
+#define ARCH_TEST_GMAC
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_CCM
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Requires: ARCH_TEST_AES
+ */
+#define ARCH_TEST_CCM
+
+/**
+ * \def ARCH_TEST_GCM
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Requires: ARCH_TEST_AES
+ *
+ */
+#define ARCH_TEST_GCM
+
+/**
+ * \def ARCH_TEST_TRUNCATED_MAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define ARCH_TEST_TRUNCATED_MAC
+
+
+/**
+ * \def ARCH_TEST_ECDH
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDH
+
+/**
+ * \def ARCH_TEST_ECDSA
+ *
+ * Enable the elliptic curve DSA library.
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDSA
+
+/**
+ * \def ARCH_TEST_DETERMINISTIC_ECDSA
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+*/
+#define ARCH_TEST_DETERMINISTIC_ECDSA
+
+#include "pal_crypto_config_check.h"
+
+#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
new file mode 100644
index 0000000..443e0bc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
@@ -0,0 +1,223 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/**
+ * \file pal_crypto_config_check.h
+ *
+ * \brief Consistency checks for configuration options
+ *
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_CHECK_H_
+#define _PAL_CRYPTO_CONFIG_CHECK_H_
+
+#if defined(ARCH_TEST_RSA_1024) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_1024 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_2048) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_2048 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_3072) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_3072 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP192R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP192R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP224R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP224R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP256R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP256R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP384R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP384R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_128) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_128 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_256) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_512) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_1KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_1KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_2KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_2KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_3KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_3KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CTR) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CTR defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CFB) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CFB defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CBC) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CBC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CTR_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CTR))
+#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CFB_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CFB))
+#error "ARCH_TEST_CFB_AES defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN_RAW) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN_RAW defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_CRYPT) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CBC_PKCS7) && !defined(ARCH_TEST_CIPER_MODE_CBC)
+#error "ARCH_TEST_CBC_PKCS7 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD2) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD2 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD4) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD4 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD5) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD5 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RIPEMD160) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_RIPEMD160 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA1) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_384) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HKDF) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HKDF defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDH) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDH defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDSA) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDSA defined, but not all prerequisites"
+#endif
+
+#endif /* _PAL_CRYPTO_CONFIG_CHECK_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_empty_intf.c
new file mode 100644
index 0000000..2a28f39
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 0000000..1e61e8c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,516 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 0000000..671dfa0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
new file mode 100644
index 0000000..488c96b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
@@ -0,0 +1,343 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_attestation_crypto.h"
+
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
+
+static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
+ size_t amount)
+{
+ return UsefulBuf_Head(buf, amount);
+}
+
+static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t status;
+
+ switch (cose_hash_alg_id)
+ {
+ case COSE_ALG_SHA256_PROPRIETARY:
+ status = PSA_ALG_SHA_256;
+ break;
+ default:
+ status = PSA_ALG_MD4;
+ break;
+ }
+
+ return status;
+}
+
+static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
+{
+ switch (cose_sig_alg_id)
+ {
+ case COSE_ALGORITHM_ES256:
+ return COSE_ALG_SHA256_PROPRIETARY;
+ default:
+ return INT32_MAX;
+ }
+}
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
+
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
+
+ return status;
+
+}
+
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash)
+{
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
+ return;
+ }
+
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
+}
+
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
+
+ return status;
+
+}
+
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
+
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
+ return status;
+}
+
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload)
+{
+ uint32_t status;
+ QCBOREncodeContext cbor_encode_ctx;
+ struct q_useful_buf_c tbs_first_part;
+ QCBORError qcbor_result;
+ int32_t hash_alg_id;
+ UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ /* This builds the CBOR-format to-be-signed bytes */
+ QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
+ QCBOREncode_OpenArray(&cbor_encode_ctx);
+
+ /* context */
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
+ /* body_protected */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
+ /* external_aad */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
+ QCBOREncode_CloseArray(&cbor_encode_ctx);
+
+ /* Get the result and convert it to struct q_useful_buf_c representation */
+ qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
+ if (qcbor_result)
+ {
+ /* Mainly means that the protected_headers were too big
+ * (which should never happen)
+ */
+ status = PAL_ATTEST_ERR_SIGN_STRUCT;
+ goto Done;
+ }
+
+ /* Start the hashing */
+ hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
+
+ /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
+ * will handle it properly
+ */
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
+ if (status)
+ goto Done;
+
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
+ */
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
+
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
+
+ /* Finish the hash and set up to return it */
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+
+Done:
+ return status;
+}
+
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
+ psa_key_type_t attest_key_type;
+ size_t public_key_size;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
+ psa_key_policy_t policy;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
+
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
+ attest_key_type,
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
+
+ return status;
+}
+
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
+
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
+ struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
+
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
+
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ return PAL_ATTEST_SUCCESS;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
new file mode 100644
index 0000000..559a24c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
@@ -0,0 +1,88 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
+#include "pal_attestation_eat.h"
+
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
+
+typedef struct {
+ uint8_t *pubx_key;
+ size_t pubx_key_size;
+ uint8_t *puby_key;
+ size_t puby_key_size;
+} ecc_key_t;
+
+struct ecc_public_key_t {
+ const uint8_t a;
+ uint8_t public_key[]; /* X-coordinate || Y-coordinate */
+};
+
+static const struct ecc_public_key_t attest_public_key = {
+ /* Constant byte */
+ 0x04,
+ /* X-coordinate */
+ {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F,
+ /* Y-coordinate */
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
+};
+
+static const uint8_t initial_attestation_public_x_key[] = {
+ 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
+};
+
+static const uint8_t initial_attestation_public_y_key[] = {
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64
+};
+
+/* Initialize the structure with given public key */
+static const ecc_key_t attest_key = {
+ (uint8_t *)initial_attestation_public_x_key,
+ sizeof(initial_attestation_public_x_key),
+ (uint8_t *)initial_attestation_public_y_key,
+ sizeof(initial_attestation_public_y_key)
+};
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash);
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result);
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash);
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload);
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature);
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
new file mode 100644
index 0000000..56d624e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
+#include "qcbor.h"
+#include "pal_common.h"
+
+#define PAL_ATTEST_MIN_ERROR 30
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * ( /* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+enum attestation_error_code {
+ PAL_ATTEST_SUCCESS = 0,
+ PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
+ PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
+ PAL_ATTEST_TOKEN_NOT_SUPPORTED,
+ PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
+ PAL_ATTEST_HASH_LENGTH_MISMATCH,
+ PAL_ATTEST_HASH_MISMATCH,
+ PAL_ATTEST_HASH_FAIL,
+ PAL_ATTEST_HASH_UNSUPPORTED,
+ PAL_ATTEST_HASH_BUFFER_SIZE,
+ PAL_ATTEST_ERR_PROTECTED_HEADERS,
+ PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
+ PAL_ATTEST_ERROR,
+};
+
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_empty_intf.c
new file mode 100644
index 0000000..faf3f49
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
new file mode 100644
index 0000000..83c1ebd
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
@@ -0,0 +1,56 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, verify_token_size, token_buffer_size;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
+ case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token_size(challenge_size, token_size);
+ case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ verify_token_size = va_arg(valist, size_t);
+ return pal_initial_attest_verify_token(challenge, challenge_size,
+ token, verify_token_size);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
new file mode 100644
index 0000000..3ab7ebb
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
+
+#include "pal_attestation_crypto.h"
+
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+ PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
+ PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
new file mode 100644
index 0000000..133cfa9
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
new file mode 100644
index 0000000..abfdc5d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
new file mode 100644
index 0000000..6db6aac
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_empty_intf.c
new file mode 100644
index 0000000..ee9b13d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdarg.h>
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
new file mode 100644
index 0000000..0dd07c5
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
+ case PAL_PS_GET_SUPPORT:
+ return psa_ps_get_support();
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.h
new file mode 100644
index 0000000..a338cdf
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+ PAL_PS_GET_SUPPORT = 0x7,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.c
similarity index 93%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.c
index 4d52207..1dfd963 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.c
@@ -35,7 +35,7 @@
void pal_print(char *str, int32_t data)
{
- pal_uart_pl011_print(str,data);
+ pal_uart_pl011_print(str, data);
}
@@ -75,7 +75,7 @@
**/
int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+ return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us);
}
@@ -86,7 +86,7 @@
**/
int pal_wd_timer_enable(addr_t base_addr)
{
- return(pal_wd_cmsdk_enable(base_addr));
+ return pal_wd_cmsdk_enable(base_addr);
}
/**
@@ -96,7 +96,7 @@
**/
int pal_wd_timer_disable(addr_t base_addr)
{
- return (pal_wd_cmsdk_disable(base_addr));
+ return pal_wd_cmsdk_disable(base_addr);
}
/**
@@ -106,7 +106,7 @@
**/
int pal_wd_timer_is_enabled(addr_t base_addr)
{
- return (pal_wd_cmsdk_is_enabled(base_addr));
+ return pal_wd_cmsdk_is_enabled(base_addr);
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.h
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg
new file mode 100644
index 0000000..3535eee
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg
@@ -0,0 +1,78 @@
+///** @file
+// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x40102000; // MUSCA_UART1_NS_BASE
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x50081000; // MUSCA_CMSDK_WATCHDOG_S_BASE
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x30017C00; // END_OF_MUSCA_SRAM_S
+nvmem.0.end = 0x30017FFF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 12KB NS memory for test ELF
+dut.0.ns_test_addr = 0x281E0000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file
+dut.0.ns_start_addr_of_combine_test_binary = 0x281F0000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+
+// ###################################################################
+// Following Target configuration parameters are required for IPC tests
+// only. Avoid updating them if you are running dev_apis tests.
+// ###################################################################
+
+// Assign free memory range for isolation testing. Choose the addresses
+// for these memory regions such that it follows below condition:
+// nspe_mmio.0.start < server_partition_mmio.0.start < driver_partition_mmio.0.start.
+nspe_mmio.num=1;
+nspe_mmio.0.start = 0x00200F00;
+nspe_mmio.0.end = 0x00200F1F;
+nspe_mmio.0.permission = TYPE_READ_WRITE;
+
+server_partition_mmio.num=1;
+server_partition_mmio.0.start = 0x10200F00;
+server_partition_mmio.0.end = 0x10200F1F;
+server_partition_mmio.0.permission = TYPE_READ_WRITE;
+
+driver_partition_mmio.num=1;
+driver_partition_mmio.0.start = 0x10200F20;
+driver_partition_mmio.0.end = 0x10200F3F;
+driver_partition_mmio.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake
new file mode 100644
index 0000000..756a0b4
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake
@@ -0,0 +1,105 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/tools/scripts/manifest_update.py b/api-tests/tools/scripts/manifest_update.py
new file mode 100644
index 0000000..65c693e
--- /dev/null
+++ b/api-tests/tools/scripts/manifest_update.py
@@ -0,0 +1,111 @@
+#!/usr/bin/python
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+import sys
+import re
+import shutil
+from argparse import ArgumentParser
+
+driver_linker_pattern = \
+' ],\n'\
+' "linker_pattern": {\n'\
+' "library_list": [\n'\
+' "*driver_partition.a"\n'\
+' ]\n'\
+' }\n'
+client_linker_pattern = \
+' ],\n'\
+' "linker_pattern": {\n'\
+' "library_list": [\n'\
+' "*client_partition.a"\n'\
+' ]\n'\
+' }\n'
+server_linker_pattern = \
+' ],\n'\
+' "linker_pattern": {\n'\
+' "library_list": [\n'\
+' "*server_partition.a"\n'\
+' ]\n'\
+' }\n'
+
+def update_manifest_file(manifest_dir_path, sp_heap_mem_supp, add_linker_pattern):
+ """
+ - Remove heap_size field from manifest if dynamic memory function is not supported.
+ - TFM needs special linker pattern field(other than PSA FF defined field)
+ in manifest to place partition code/data at appropriate places in the memory.
+ This routine appends these linker pattern to the available manifest files.
+ """
+ linker_pattern_present = 0
+ driver_partition_manifest = manifest_dir_path+"/common/driver_partition_psa.json"
+ client_partition_manifest = manifest_dir_path+"/ipc/client_partition_psa.json"
+ server_partition_manifest = manifest_dir_path+"/ipc/server_partition_psa.json"
+ file_pattern_dict = {driver_partition_manifest:driver_linker_pattern,
+ client_partition_manifest:client_linker_pattern,
+ server_partition_manifest:server_linker_pattern}
+
+ for file,pattern in file_pattern_dict.items():
+ print("Updating "+file+" manifest file")
+ f_i = open(file, 'r')
+ f_o = open(file+".update", 'w')
+ f1 = f_i.readlines()
+ for line in f1:
+ if (add_linker_pattern == "1"):
+ if (linker_pattern_present == 1):
+ f_o.write(line)
+ continue
+ if (re.findall('linker_pattern', line)):
+ linker_pattern_present = 1
+ f_o.write(line)
+ continue
+ if (re.findall(']$', line)):
+ f_o.write(pattern)
+ continue
+
+ if (sp_heap_mem_supp == "0"):
+ if (re.findall('heap_size', line)):
+ continue
+ f_o.write(line)
+ shutil.move(file+".update", file)
+
+def argparse():
+ """
+ Parse the command line argument
+ """
+ parser = ArgumentParser(description='Utility to update manifest files')
+ parser.add_argument('--manifest_dir_path', help="Absolute path for manifest directory",
+ type=str, action="store", dest='manifest_dir_path')
+ parser.add_argument('--sp_heap_mem_supp',
+ help="Pass 1 if platform supports dynamic memory functions \
+ for secure partition otherwise 0. Default is 1. Passing 0 \
+ will remove the heap_size field from the manifest",
+ type=str, action="store", dest='sp_heap_mem_supp')
+ parser.add_argument('--add_linker_pattern', help="Pass 1 if platform is Trusted Firmware-M otherwise 0.\
+ This updates the manifest files with TFM required linker pattern",
+ type=str, action="store", dest='add_linker_pattern')
+ options = parser.parse_args()
+
+ if (len(sys.argv) != 4):
+ print("\n Invaild number of arguments. Refer help message.")
+ sys.exit(1)
+
+ return options
+
+#main code starts here
+if __name__ == "__main__":
+ options = argparse()
+ update_manifest_file(options.manifest_dir_path, options.sp_heap_mem_supp, options.add_linker_pattern)
diff --git a/api-tests/val/common/val.h b/api-tests/val/common/val.h
index 243c584..c9bcc33 100644
--- a/api-tests/val/common/val.h
+++ b/api-tests/val/common/val.h
@@ -178,6 +178,12 @@
} test_isolation_level_t;
typedef enum {
+ LEVEL1 = 0x1,
+ LEVEL2,
+ LEVEL3,
+} isolation_level_t;
+
+typedef enum {
/* VAL uses this boot flag to mark first time boot of the system */
BOOT_UNKNOWN = 0x1,
/* VAL/Test uses this boot flag to catch any unwanted system reboot - SIM ERROR Cases*/
diff --git a/api-tests/val/common/val_target.h b/api-tests/val/common/val_target.h
index 415c8f6..b450a33 100644
--- a/api-tests/val/common/val_target.h
+++ b/api-tests/val/common/val_target.h
@@ -103,12 +103,6 @@
}target_cfg_hdr_t;
typedef enum {
- LEVEL1 = 0x1,
- LEVEL2,
- LEVEL3,
-} firmware_level_t;
-
-typedef enum {
NOT_AVAILABLE = 0x0,
AVAILABLE = 0x1,
} is_available_t;
@@ -191,11 +185,9 @@
typedef struct _MISCELLANEOUS_INFO_DESC_ {
cfg_type_t cfg_type;
- firmware_level_t implemented_psa_firmware_isolation_level;
addr_t ns_start_addr_of_combine_test_binary;
is_available_t combine_test_binary_in_ram;
addr_t ns_test_addr;
- is_available_t sp_heap_mem_supp;
} miscellaneous_desc_t;
/*val target config read apis */
diff --git a/api-tests/val/nspe/pal_interfaces_ns.h b/api-tests/val/nspe/pal_interfaces_ns.h
index 0b50612..e017d19 100644
--- a/api-tests/val/nspe/pal_interfaces_ns.h
+++ b/api-tests/val/nspe/pal_interfaces_ns.h
@@ -40,10 +40,10 @@
uint32_t pal_ipc_framework_version(void);
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust Service
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust Service
* not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -53,17 +53,18 @@
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * - minor_version : minor_version of RoT service
+ * - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
/**
* @brief - Call a connected Root of Trust Service.
* This is a wrapper API for the psa_call API. The caller must provide an array of
* psa_invec_t structures as the input payload.
* @param - handle: Handle for the connection.
+ * - type: Request type
* - in_vec: Array of psa_invec structures.
* - in_len: Number of psa_invec structures in in_vec.
* - out_vec: Array of psa_outvec structures for optional Root of Trust Service response.
@@ -72,10 +73,11 @@
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
/**
* @brief - Close a connection to a Root of Trust Service.
diff --git a/api-tests/val/nspe/val_dispatcher.c b/api-tests/val/nspe/val_dispatcher.c
index 5d6da4e..d6a2f1a 100644
--- a/api-tests/val/nspe/val_dispatcher.c
+++ b/api-tests/val/nspe/val_dispatcher.c
@@ -484,7 +484,7 @@
val_print(PRINT_ALWAYS, "TOTAL SKIPPED : %d\n", test_count.skip_cnt);
val_print(PRINT_ALWAYS, "******************************************\n", 0);
- return (test_count.fail_cnt > 0) ? VAL_STATUS_TEST_FAILED : VAL_STATUS_SUCCESS ;
+ return (test_count.fail_cnt > 0) ? VAL_STATUS_TEST_FAILED : VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/val/nspe/val_dispatcher.h b/api-tests/val/nspe/val_dispatcher.h
index 173e8c6..9763dd9 100644
--- a/api-tests/val/nspe/val_dispatcher.h
+++ b/api-tests/val/nspe/val_dispatcher.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -66,5 +66,5 @@
uint32_t elf_size;
} test_header_t;
-int32_t val_dispatcher(test_id_t);
+int32_t val_dispatcher(test_id_t test_id_prev);
#endif
diff --git a/api-tests/val/nspe/val_entry.c b/api-tests/val/nspe/val_entry.c
index f0a44dd..15aefb9 100644
--- a/api-tests/val/nspe/val_entry.c
+++ b/api-tests/val/nspe/val_entry.c
@@ -23,7 +23,7 @@
/**
@brief - PSA C main function, does VAL init and calls test dispatcher
@param - None
- @return - status - error code
+ @return - status - error code
**/
int32_t val_entry(void)
{
diff --git a/api-tests/val/nspe/val_framework.c b/api-tests/val/nspe/val_framework.c
index 57cb0b6..322f166 100644
--- a/api-tests/val/nspe/val_framework.c
+++ b/api-tests/val/nspe/val_framework.c
@@ -31,20 +31,18 @@
/**
* @brief Connect to given sid
@param -sid : RoT service id
- @param -minor_version : minor_version of RoT service
+ @param -version : version of RoT service
@param -handle - return connection handle
* @return val_status_t
*/
-val_status_t val_ipc_connect(uint32_t sid, uint32_t minor_version, psa_handle_t *handle )
+val_status_t val_ipc_connect(uint32_t sid, uint32_t version, psa_handle_t *handle )
{
- *handle = pal_ipc_connect(sid, minor_version);
+ *handle = pal_ipc_connect(sid, version);
- if (*handle < 0)
- {
- return VAL_STATUS_CONNECTION_FAILED;
- }
+ if (*handle > 0)
+ return VAL_STATUS_SUCCESS;
- return VAL_STATUS_SUCCESS;
+ return VAL_STATUS_CONNECTION_FAILED;
}
/**
@@ -52,18 +50,23 @@
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param handle Handle for the connection.
+ * @param type Request type
* @param in_vec Array of psa_invec structures.
* @param in_len Number of psa_invec structures in in_vec.
* @param out_vec Array of psa_outvec structures for optional Root of Trust Service response.
* @param out_len Number of psa_outvec structures in out_vec.
* @return val_status_t
*/
-val_status_t val_ipc_call(psa_handle_t handle, psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+val_status_t val_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
psa_status_t call_status = PSA_SUCCESS;
- call_status = pal_ipc_call(handle, in_vec, in_len, out_vec, out_len);
+ call_status = pal_ipc_call(handle, type, in_vec, in_len, out_vec, out_len);
if (call_status != PSA_SUCCESS)
{
@@ -123,7 +126,7 @@
*/
if ((boot.state == BOOT_EXPECTED_REENTER_TEST) && (i == 1))
{
- val_print(PRINT_DEBUG, "[Check1] PASSED\n", 0);
+ val_print(PRINT_DEBUG, "[Check 1] PASSED\n", 0);
i++;
continue;
}
@@ -149,12 +152,12 @@
if (VAL_ERROR(status))
{
val_set_status(RESULT_FAIL(status));
- val_print(PRINT_DEBUG,"[Check%d] START\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] START\n", i);
return status;
}
else
{
- val_print(PRINT_DEBUG,"[Check%d] START\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] START\n", i);
}
}
@@ -172,21 +175,21 @@
{
val_set_status(status);
if (server_hs == TRUE)
- val_print(PRINT_DEBUG, "[Check%d] SKIPPED\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] SKIPPED\n", i);
return status;
}
else if (VAL_ERROR(status))
{
val_set_status(RESULT_FAIL(status));
if (server_hs == TRUE)
- val_print(PRINT_DEBUG, "[Check%d] FAILED\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] FAILED\n", i);
return status;
}
else
{
if (server_hs == TRUE)
- val_print(PRINT_DEBUG, "[Check%d] PASSED\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] PASSED\n", i);
}
i++;
@@ -198,7 +201,7 @@
status = VAL_STATUS_SUCCESS;
if (boot.state != BOOT_EXPECTED_S)
{
- val_print(PRINT_DEBUG, "[Check1] PASSED\n", 0);
+ val_print(PRINT_DEBUG, "[Check 1] PASSED\n", 0);
}
}
return status;
@@ -236,7 +239,7 @@
if (boot.state == BOOT_EXPECTED_REENTER_TEST)
{
test_info.block_num++;
- val_print(PRINT_DEBUG, "[Check1] PASSED\n", 0);
+ val_print(PRINT_DEBUG, "[Check 1] PASSED\n", 0);
}
status = val_set_boot_flag(BOOT_NOT_EXPECTED);
@@ -268,7 +271,7 @@
else
{
/* If we are here means, we are in third run of this test */
- val_print(PRINT_DEBUG, "[Check1] PASSED\n", 0);
+ val_print(PRINT_DEBUG, "[Check 1] PASSED\n", 0);
return VAL_STATUS_SUCCESS;
}
@@ -293,23 +296,25 @@
val_status_t status = VAL_STATUS_SUCCESS;
psa_status_t status_of_call = PSA_SUCCESS;
- *handle = pal_ipc_connect(sid, 0);
- if (*handle < 0)
+ *handle = pal_ipc_connect(sid, 1);
+ if (*handle > 0)
+ {
+ test_data = ((uint32_t)(test_info.test_num) |((uint32_t)(test_info.block_num) << BLOCK_NUM_POS)
+ | ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
+ psa_invec data[1] = {{&test_data, sizeof(test_data)}};
+
+ status_of_call = pal_ipc_call(*handle, 0, data, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ pal_ipc_close(*handle);
+ }
+ }
+ else
{
val_print(PRINT_ERROR, "Could not connect SID. Handle=%x\n", *handle);
- return VAL_STATUS_CONNECTION_FAILED;
- }
-
- test_data = ((uint32_t)(test_info.test_num) |((uint32_t)(test_info.block_num) << BLOCK_NUM_POS)
- | ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
- psa_invec data[1] = {{&test_data, sizeof(test_data)}};
-
- status_of_call = pal_ipc_call(*handle, data, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = VAL_STATUS_CALL_FAILED;
- val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
- pal_ipc_close(*handle);
+ status = VAL_STATUS_CONNECTION_FAILED;
}
return status;
@@ -332,7 +337,7 @@
psa_outvec resp = {&status, sizeof(status)};
psa_invec data[1] = {{&test_data, sizeof(test_data)}};
- status_of_call = pal_ipc_call(*handle, data, 1, &resp, 1);
+ status_of_call = pal_ipc_call(*handle, 0, data, 1, &resp, 1);
if (status_of_call != PSA_SUCCESS)
{
status = VAL_STATUS_CALL_FAILED;
@@ -462,7 +467,6 @@
void val_test_init(uint32_t test_num, char8_t *desc, uint32_t test_bitfield)
{
val_status_t status = VAL_STATUS_SUCCESS;
- miscellaneous_desc_t *misc_desc;
/*global init*/
g_status_buffer.state = TEST_FAIL;
@@ -472,18 +476,7 @@
val_print(PRINT_ALWAYS, desc, 0);
/* common skip logic */
- status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (VAL_ERROR(status))
- {
- val_print(PRINT_ERROR, "val_target_get_config failed Error=0x%x\n", status);
- return;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level <
- GET_TEST_ISOLATION_LEVEL(test_bitfield))
+ if (PLATFORM_PSA_ISOLATION_LEVEL < GET_TEST_ISOLATION_LEVEL(test_bitfield))
{
val_set_status(RESULT_SKIP(VAL_STATUS_ISOLATION_LEVEL_NOT_SUPP));
val_print(PRINT_ALWAYS, "\tSkipping test. Required isolation level is not supported\n", 0);
@@ -508,7 +501,7 @@
}
#endif
- val_set_status(RESULT_START(VAL_STATUS_SUCCESS));
+ val_set_status(RESULT_START(status));
return;
}
diff --git a/api-tests/val/nspe/val_framework.h b/api-tests/val/nspe/val_framework.h
index 84e2bd0..7e13fb6 100644
--- a/api-tests/val/nspe/val_framework.h
+++ b/api-tests/val/nspe/val_framework.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,15 +31,21 @@
void val_test_init(uint32_t test_num, char8_t *desc, uint32_t test_bitfield);
void val_test_exit(void);
val_status_t val_get_last_run_test_id(test_id_t *test_id);
-val_status_t val_execute_non_secure_tests(uint32_t test_num, client_test_t *tests_list,
- bool_t server_hs);
+val_status_t val_execute_non_secure_tests(uint32_t test_num,
+ client_test_t *tests_list,
+ bool_t server_hs);
val_status_t val_switch_to_secure_client(uint32_t test_num);
-val_status_t val_execute_secure_test_func(psa_handle_t *handle, test_info_t test_info,
+val_status_t val_execute_secure_test_func(psa_handle_t *handle,
+ test_info_t test_info,
uint32_t sid);
val_status_t val_get_secure_test_result(psa_handle_t *handle);
-val_status_t val_ipc_connect(uint32_t sid, uint32_t minor_version, psa_handle_t *handle);
-val_status_t val_ipc_call(psa_handle_t handle, psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+val_status_t val_ipc_connect(uint32_t sid, uint32_t version, psa_handle_t *handle);
+val_status_t val_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void val_ipc_close(psa_handle_t handle);
val_status_t val_set_boot_flag(boot_state_t state);
val_status_t val_get_boot_flag(boot_state_t *state);
diff --git a/api-tests/val/nspe/val_interfaces.h b/api-tests/val/nspe/val_interfaces.h
index 8e9c56b..944d4b1 100644
--- a/api-tests/val/nspe/val_interfaces.h
+++ b/api-tests/val/nspe/val_interfaces.h
@@ -38,10 +38,13 @@
val_status_t (*switch_to_secure_client) (uint32_t test_num);
val_status_t (*execute_secure_test_func) (psa_handle_t *handle, test_info_t test_info,
uint32_t sid);
- val_status_t (*ipc_connect) (uint32_t sid, uint32_t minor_version,
+ val_status_t (*ipc_connect) (uint32_t sid, uint32_t version,
psa_handle_t *handle );
- val_status_t (*ipc_call) (psa_handle_t handle, psa_invec *in_vec,
- size_t in_len, psa_outvec *out_vec,
+ val_status_t (*ipc_call) (psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
size_t out_len);
void (*ipc_close) (psa_handle_t handle);
val_status_t (*get_secure_test_result) (psa_handle_t *handle);
@@ -62,13 +65,13 @@
typedef struct {
uint32_t (*framework_version) (void);
uint32_t (*version) (uint32_t sid);
- psa_handle_t (*connect) (uint32_t sid, uint32_t minor_version);
+ psa_handle_t (*connect) (uint32_t sid, uint32_t version);
psa_status_t (*call) (psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len
- );
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void (*close) (psa_handle_t handle);
} psa_api_t;
diff --git a/api-tests/val/spe/val_partition_common.h b/api-tests/val/spe/val_partition_common.h
index fe32baa..0b1d6be 100644
--- a/api-tests/val/spe/val_partition_common.h
+++ b/api-tests/val/spe/val_partition_common.h
@@ -33,10 +33,13 @@
__UNUSED STATIC_DECLARE val_status_t val_print
(print_verbosity_t verbosity, char *string, int32_t data);
__UNUSED STATIC_DECLARE val_status_t val_ipc_connect
- (uint32_t sid, uint32_t minor_version, psa_handle_t *handle );
-__UNUSED STATIC_DECLARE val_status_t val_ipc_call
- (psa_handle_t handle, psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len);
+ (uint32_t sid, uint32_t version, psa_handle_t *handle );
+__UNUSED STATIC_DECLARE val_status_t val_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
__UNUSED STATIC_DECLARE void val_ipc_close
(psa_handle_t handle);
__UNUSED STATIC_DECLARE val_status_t val_process_connect_request(psa_signal_t sig, psa_msg_t *msg);
@@ -84,6 +87,7 @@
.clear = psa_clear,
.eoi = psa_eoi,
.rot_lifecycle_state = psa_rot_lifecycle_state,
+ .panic = psa_panic,
};
/**
@@ -115,20 +119,20 @@
}
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)}, {string, string_len+1}, {&data, sizeof(data)}};
- print_handle = psa_connect(DRIVER_UART_SID, 0);
+ print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
- if (print_handle < 0)
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return VAL_STATUS_CONNECTION_FAILED;
- }
- else
- {
- status_of_call = psa_call(print_handle, data1, 3, NULL, 0);
+ status_of_call = psa_call(print_handle, 0, data1, 3, NULL, 0);
if (status_of_call != PSA_SUCCESS)
{
status = VAL_STATUS_CALL_FAILED;
}
}
+ else
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
psa_close(print_handle);
return status;
}
@@ -136,39 +140,42 @@
/**
* @brief Connect to given sid
@param -sid : RoT service id
- @param -minor_version : minor_version of RoT service
+ @param -version : version of RoT service
@param -handle - return connection handle
* @return val_status_t
*/
-STATIC_DECLARE val_status_t val_ipc_connect(uint32_t sid, uint32_t minor_version,
+STATIC_DECLARE val_status_t val_ipc_connect(uint32_t sid, uint32_t version,
psa_handle_t *handle )
{
- *handle = psa_connect(sid, minor_version);
+ *handle = psa_connect(sid, version);
- if (*handle < 0)
- {
- return(VAL_STATUS_CONNECTION_FAILED);
- }
+ if (PSA_HANDLE_IS_VALID(*handle))
+ return VAL_STATUS_SUCCESS;
- return VAL_STATUS_SUCCESS;
+ return VAL_STATUS_CONNECTION_FAILED;
}
/**
* @brief Call a connected Root of Trust Service.@n
* The caller must provide an array of ::psa_invec_t structures as the input payload.
* @param handle: Handle for the connection.
+ * @param type: Request type.
* @param in_vec: Array of psa_invec structures.
* @param in_len: Number of psa_invec structures in in_vec.
* @param out_vec: Array of psa_outvec structures for optional Root of Trust Service response.
* @param out_len: Number of psa_outvec structures in out_vec.
* @return val_status_t
*/
-STATIC_DECLARE val_status_t val_ipc_call(psa_handle_t handle, psa_invec *in_vec, size_t in_len,
- psa_outvec *out_vec, size_t out_len)
+STATIC_DECLARE val_status_t val_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
psa_status_t call_status = PSA_SUCCESS;
- call_status = psa_call(handle, in_vec, in_len, out_vec, out_len);
+ call_status = psa_call(handle, type, in_vec, in_len, out_vec, out_len);
if (call_status != PSA_SUCCESS)
{
@@ -212,7 +219,7 @@
if ((msg->type != PSA_IPC_CONNECT) || (msg->handle <= 0))
{
- val_print(PRINT_ERROR, "\tpsa_get failed for PSA_IPC_CONNECT\n", 0);
+ val_print(PRINT_ERROR, "\tpsa_get failed for connect message\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -248,9 +255,9 @@
goto wait2;
}
- if ((msg->type != PSA_IPC_CALL) || (msg->handle <= 0))
+ if ((msg->type < PSA_IPC_CALL) || (msg->handle <= 0))
{
- val_print(PRINT_ERROR, "\tpsa_get failed for PSA_IPC_CALL\n", 0);
+ val_print(PRINT_ERROR, "\tpsa_get failed for request message\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -288,7 +295,7 @@
if ((msg->type != PSA_IPC_DISCONNECT) || (msg->handle <= 0))
{
- val_print(PRINT_ERROR, "\tpsa_get failed for PSA_IPC_DISCONNECT\n", 0);
+ val_print(PRINT_ERROR, "\tpsa_get failed for disconnect massage\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -328,12 +335,12 @@
status = val_execute_secure_test_func(&handle, test_info, SERVER_TEST_DISPATCHER_SID);
if (VAL_ERROR(status))
{
- val_print(PRINT_ERROR,"[Check%d] START\n", i);
+ val_print(PRINT_ERROR, "[Check %d] START\n", i);
return status;
}
else
{
- val_print(PRINT_DEBUG,"[Check%d] START\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] START\n", i);
}
/* Execute client tests */
@@ -345,17 +352,17 @@
status = test_status ? test_status:status;
if (IS_TEST_SKIP(status))
{
- val_print(PRINT_DEBUG, "[Check%d] SKIPPED\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] SKIPPED\n", i);
return status;
}
if (VAL_ERROR(status))
{
- val_print(PRINT_DEBUG,"[Check%d] FAILED\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] FAILED\n", i);
return status;
}
else
{
- val_print(PRINT_DEBUG,"[Check%d] PASSED\n", i);
+ val_print(PRINT_DEBUG, "[Check %d] PASSED\n", i);
}
i++;
}
@@ -380,7 +387,7 @@
val_status_t status = VAL_STATUS_SUCCESS;
psa_status_t status_of_call = PSA_SUCCESS;
- *handle = psa_connect(sid, 0);
+ *handle = psa_connect(sid, 1);
if (*handle < 0)
{
@@ -392,7 +399,7 @@
| ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
psa_invec data[1] = {{&test_data, sizeof(test_data)}};
- status_of_call = psa_call(*handle, data, 1, NULL, 0);
+ status_of_call = psa_call(*handle, 0, data, 1, NULL, 0);
if (status_of_call != PSA_SUCCESS)
{
@@ -420,7 +427,7 @@
psa_outvec resp = {&status, sizeof(status)};
psa_invec data[1] = {{&test_data, sizeof(test_data)}};
- status_of_call = psa_call(*handle, data, 1, &resp, 1);
+ status_of_call = psa_call(*handle, 0, data, 1, &resp, 1);
if (status_of_call != PSA_SUCCESS)
{
status = VAL_STATUS_CALL_FAILED;
@@ -484,20 +491,20 @@
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = psa_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return VAL_STATUS_CONNECTION_FAILED;
- }
- else
- {
- status_of_call = psa_call(handle, invec, 2, NULL, 0);
+ status_of_call = psa_call(handle, 0, invec, 2, NULL, 0);
if (status_of_call != PSA_SUCCESS)
{
psa_close(handle);
return VAL_STATUS_CALL_FAILED;
}
}
+ else
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
psa_close(handle);
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/val/spe/val_service_defs.h b/api-tests/val/spe/val_service_defs.h
index b499b5d..4b10804 100644
--- a/api-tests/val/spe/val_service_defs.h
+++ b/api-tests/val/spe/val_service_defs.h
@@ -43,13 +43,13 @@
typedef struct {
uint32_t (*framework_version) (void);
uint32_t (*version) (uint32_t sid);
- psa_handle_t (*connect) (uint32_t sid, uint32_t minor_version);
+ psa_handle_t (*connect) (uint32_t sid, uint32_t version);
psa_status_t (*call) (psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len
- );
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void (*close) (psa_handle_t handle);
psa_signal_t (*wait) (psa_signal_t signal_mask, uint32_t timeout);
void (*set_rhandle) (psa_handle_t msg_handle, void *rhandle);
@@ -65,6 +65,7 @@
void (*clear) (void);
void (*eoi) (psa_signal_t irq_signal);
uint32_t (*rot_lifecycle_state) (void);
+ void (*panic) (void);
} psa_api_t;
typedef struct {
@@ -74,10 +75,14 @@
val_status_t (*execute_secure_test_func) (psa_handle_t *handle, test_info_t test_info,
uint32_t sid);
val_status_t (*get_secure_test_result) (psa_handle_t *handle);
- val_status_t (*ipc_connect) (uint32_t sid, uint32_t minor_version,
+ val_status_t (*ipc_connect) (uint32_t sid, uint32_t version,
psa_handle_t *handle );
- val_status_t (*ipc_call) (psa_handle_t handle, psa_invec *in_vec,
- size_t in_len, psa_outvec *out_vec, size_t out_len);
+ val_status_t (*ipc_call) (psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void (*ipc_close) (psa_handle_t handle);
val_status_t (*set_boot_flag) (boot_state_t state);
val_status_t (*target_get_config) (cfg_id_t cfg_id, uint8_t **data, uint32_t *size);