mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 22:20:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

psa-client-server: move psasim from framework repo to the mbedtls one

Browse Source 
This is a temporary fix that will be reverted once the framework
repository will have CI checks.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-05-03 17:28:04 +02:00
parent c16048887e
commit 4f4ade9c34
20 changed files with 2085 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tests/psa-client-server/psasim/.gitignore vendored Normal file
View File

@ -0,0 +1,12 @@
bin/*
*.o
*.so
test/psa_ff_bootstrap.c
test/psa_manifest/*
test/client
test/partition
cscope.out
*.orig
*.swp
*.DS_Store
*psa_ff_bootstrap_*

23
tests/psa-client-server/psasim/Makefile Normal file
View File

@ -0,0 +1,23 @@
CFLAGS ?= -Wall -Werror -std=c99 -D_XOPEN_SOURCE=1 -D_POSIX_C_SOURCE=200809L
ifeq ($(DEBUG),1)
CFLAGS += -DDEBUG -O0 -g
endif
.PHONY: all lib test run
all: lib test
lib:
$(MAKE) -C src CFLAGS="$(CFLAGS)"
test: lib
$(MAKE) -C test CFLAGS="$(CFLAGS)"
clean:
rm -f $(PSA_LIB) $(PSA_LIB_OBJS)
$(MAKE) -C test clean
$(MAKE) -C src clean
run: test
cd test && ./run_test.sh

61
tests/psa-client-server/psasim/README.md Normal file
View File

@ -0,0 +1,61 @@
# psasim
This tool simulates a PSA Firmware Framework implementation.
It allows you to develop secure partitions and their clients on a desktop computer.
It should be able to run on all systems that support POSIX and System V IPC:
e.g. macOS, Linux, FreeBSD, and perhaps Windows 10 WSL2.
Please note that the code in this directory is maintained by the Mbed TLS / PSA Crypto project solely for the purpose of testing the use of Mbed TLS with client/service separation. We do not recommend using this code for any other purpose. In particular:
* This simulator is not intended to pass or demonstrate compliance.
* This code is only intended for simulation and does not have any security goals. It does not isolate services from clients.
## Building
To build and run the test program make sure you have `make`, `python` and a
C compiler installed and then enter the following commands:
```sh
make run
```
Optionally the `DEBUG=1` command line option can be enabled to increase verbosity:
```sh
make DEBUG=1 run
```
Once done with the test, it is possible to clean all the generated files with:
```sh
make clean
```
## Features
The implemented API is intended to be compliant with PSA-FF 1.0.0 with the exception of a couple of things that are a work in progress:
* `psa_notify` support
* "strict" policy in manifest
The only supported "interrupts" are POSIX signals, which act
as a "virtual interrupt".
The standard PSA RoT APIs are not included (e.g. cryptography, attestation, lifecycle etc).
## Design
The code is designed to be readable rather than fast or secure.
In this implementation only one message is delivered to a
RoT service at a time.
The code is not thread-safe.
## Unsupported features
Because this is a simulator there are a few things that
can't be reasonably emulated:
* Manifest MMIO regions are unsupported
* Manifest priority field is ignored
* Partition IDs are in fact POSIX `pid_t`, which are only assigned at runtime,
making it infeasible to populate pid.h with correct values.

73
tests/psa-client-server/psasim/include/psa/client.h Normal file
View File

@ -0,0 +1,73 @@
/* PSA Firmware Framework client header for psasim. */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef __PSA_CLIENT_H__
#define __PSA_CLIENT_H__
#ifdef __cplusplus
extern "C" {
#endif
#include <stdint.h>
#include <stddef.h>
#include "psa/error.h"
/*********************** PSA Client Macros and Types *************************/
#define PSA_FRAMEWORK_VERSION (0x0100)
#define PSA_VERSION_NONE (0)
/* PSA response types */
#define PSA_CONNECTION_REFUSED PSA_ERROR_CONNECTION_REFUSED
#define PSA_CONNECTION_BUSY PSA_ERROR_CONNECTION_BUSY
#define PSA_DROP_CONNECTION PSA_ERROR_PROGRAMMER_ERROR
/* PSA message handles */
#define PSA_NULL_HANDLE ((psa_handle_t) 0)
#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t) (handle) > 0)
#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t) (handle))
/**
* A read-only input memory region provided to an RoT Service.
*/
typedef struct psa_invec {
const void *base;
size_t len;
} psa_invec;
/**
* A writable output memory region provided to an RoT Service.
*/
typedef struct psa_outvec {
void *base;
size_t len;
} psa_outvec;
/*************************** PSA Client API **********************************/
uint32_t psa_framework_version(void);
uint32_t psa_version(uint32_t sid);
psa_handle_t psa_connect(uint32_t sid, uint32_t version);
psa_status_t psa_call(psa_handle_t handle,
int32_t type,
const psa_invec *in_vec,
size_t in_len,
psa_outvec *out_vec,
size_t out_len);
void psa_close(psa_handle_t handle);
#ifdef __cplusplus
}
#endif
#endif /* __PSA_CLIENT_H__ */

53
tests/psa-client-server/psasim/include/psa/common.h Normal file
View File

@ -0,0 +1,53 @@
/* Common definitions used for clients and services */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef _COMMON_H_
#define _COMMON_H_
#include <stdint.h>
#include <stddef.h>
/* Increasing this might break on some platforms */
#define MAX_FRAGMENT_SIZE 200
#define CONNECT_REQUEST 1
#define CALL_REQUEST 2
#define CLOSE_REQUEST 3
#define VERSION_REQUEST 4
#define READ_REQUEST 5
#define READ_RESPONSE 6
#define WRITE_REQUEST 7
#define WRITE_RESPONSE 8
#define SKIP_REQUEST 9
#define PSA_REPLY 10
#define NON_SECURE (1 << 30)
typedef int32_t psa_status_t;
typedef int32_t psa_handle_t;
#define PSA_MAX_IOVEC (4u)
#define PSA_IPC_CALL (0)
struct message_text {
int qid;
int32_t psa_type;
char buf[MAX_FRAGMENT_SIZE];
};
struct message {
long message_type;
struct message_text message_text;
};
typedef struct vector_sizes {
size_t invec_sizes[PSA_MAX_IOVEC];
size_t outvec_sizes[PSA_MAX_IOVEC];
} vector_sizes_t;
#endif /* _COMMON_H_ */

38
tests/psa-client-server/psasim/include/psa/error.h Normal file
View File

@ -0,0 +1,38 @@
/* PSA status codes used by psasim. */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef PSA_ERROR_H
#define PSA_ERROR_H
#include <stdint.h>
#include "psa/common.h"
#define PSA_SUCCESS ((psa_status_t) 0)
#define PSA_ERROR_PROGRAMMER_ERROR ((psa_status_t) -129)
#define PSA_ERROR_CONNECTION_REFUSED ((psa_status_t) -130)
#define PSA_ERROR_CONNECTION_BUSY ((psa_status_t) -131)
#define PSA_ERROR_GENERIC_ERROR ((psa_status_t) -132)
#define PSA_ERROR_NOT_PERMITTED ((psa_status_t) -133)
#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t) -134)
#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t) -135)
#define PSA_ERROR_INVALID_HANDLE ((psa_status_t) -136)
#define PSA_ERROR_BAD_STATE ((psa_status_t) -137)
#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t) -138)
#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t) -139)
#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t) -140)
#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t) -141)
#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t) -142)
#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t) -143)
#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t) -144)
#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t) -145)
#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t) -146)
#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t) -147)
#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t) -149)
#endif

17
tests/psa-client-server/psasim/include/psa/lifecycle.h Normal file
View File

@ -0,0 +1,17 @@
/* PSA lifecycle states used by psasim. */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#define PSA_LIFECYCLE_PSA_STATE_MASK (0xff00u)
#define PSA_LIFECYCLE_IMP_STATE_MASK (0x00ffu)
#define PSA_LIFECYCLE_UNKNOWN (0x0000u)
#define PSA_LIFECYCLE_ASSEMBLY_AND_TEST (0x1000u)
#define PSA_LIFECYCLE_PSA_ROT_PROVISIONING (0x2000u)
#define PSA_LIFECYCLE_SECURED (0x3000u)
#define PSA_LIFECYCLE_NON_PSA_ROT_DEBUG (0x4000u)
#define PSA_LIFECYCLE_RECOVERABLE_PSA_ROT_DEBUG (0x5000u)
#define PSA_LIFECYCLE_DECOMMISSIONED (0x6000u)
#define psa_rot_lifecycle_state(void) PSA_LIFECYCLE_UNKNOWN

251
tests/psa-client-server/psasim/include/psa/service.h Normal file
View File

@ -0,0 +1,251 @@
/* PSA Firmware Framework service header for psasim. */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef __PSA_SERVICE_H__
#define __PSA_SERVICE_H__
#ifdef __cplusplus
extern "C" {
#endif
#include <stdlib.h>
#include <stdint.h>
#include <stddef.h>
#include "psa/common.h"
/********************** PSA Secure Partition Macros and Types ****************/
/* PSA wait timeouts */
#define PSA_POLL (0x00000000u)
#define PSA_BLOCK (0x80000000u)
/* A mask value that includes all Secure Partition signals */
#define PSA_WAIT_ANY (~0u)
/* Doorbell signal */
#define PSA_DOORBELL (0x00000008u)
/* PSA message types */
#define PSA_IPC_CONNECT (-1)
#define PSA_IPC_DISCONNECT (-2)
/* Return code from psa_get() */
#define PSA_ERR_NOMSG (INT32_MIN + 3)
/* Store a set of one or more Secure Partition signals */
typedef uint32_t psa_signal_t;
/**
* Describe a message received by an RoT Service after calling \ref psa_get().
*/
typedef struct psa_msg_t {
uint32_t type; /* One of the following values:
* \ref PSA_IPC_CONNECT
* \ref PSA_IPC_CALL
* \ref PSA_IPC_DISCONNECT
*/
psa_handle_t handle; /* A reference generated by the SPM to the
* message returned by psa_get().
*/
int32_t client_id; /* Partition ID of the sender of the message */
void *rhandle; /* Be useful for binding a connection to some
* application-specific data or function
* pointer within the RoT Service
* implementation.
*/
size_t in_size[PSA_MAX_IOVEC]; /* Provide the size of each client input
* vector in bytes.
*/
size_t out_size[PSA_MAX_IOVEC];/* Provide the size of each client output
* vector in bytes.
*/
} psa_msg_t;
/************************* PSA Secure Partition API **************************/
/**
* \brief Return the Secure Partition interrupt signals that have been asserted
* from a subset of signals provided by the caller.
*
* \param[in] signal_mask A set of signals to query. Signals that are not
* in this set will be ignored.
* \param[in] timeout Specify either blocking \ref PSA_BLOCK or
* polling \ref PSA_POLL operation.
*
* \retval >0 At least one signal is asserted.
* \retval 0 No signals are asserted. This is only seen when
* a polling timeout is used.
*/
psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout);
/**
* \brief Retrieve the message which corresponds to a given RoT Service signal
* and remove the message from the RoT Service queue.
*
* \param[in] signal The signal value for an asserted RoT Service.
* \param[out] msg Pointer to \ref psa_msg_t object for receiving
* the message.
*
* \retval PSA_SUCCESS Success, *msg will contain the delivered
* message.
* \retval PSA_ERR_NOMSG Message could not be delivered.
* \retval "Does not return" The call is invalid because one or more of the
* following are true:
* \arg signal has more than a single bit set.
* \arg signal does not correspond to an RoT Service.
* \arg The RoT Service signal is not currently
* asserted.
* \arg The msg pointer provided is not a valid memory
* reference.
*/
psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg);
/**
* \brief Associate some RoT Service private data with a client connection.
*
* \param[in] msg_handle Handle for the client's message.
* \param[in] rhandle Reverse handle allocated by the RoT Service.
*
* \retval void Success, rhandle will be provided with all
* subsequent messages delivered on this
* connection.
* \retval "Does not return" msg_handle is invalid.
*/
void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
/**
* \brief Read a message parameter or part of a message parameter from a client
* input vector.
*
* \param[in] msg_handle Handle for the client's message.
* \param[in] invec_idx Index of the input vector to read from. Must be
* less than \ref PSA_MAX_IOVEC.
* \param[out] buffer Buffer in the Secure Partition to copy the
* requested data to.
* \param[in] num_bytes Maximum number of bytes to be read from the
* client input vector.
*
* \retval >0 Number of bytes copied.
* \retval 0 There was no remaining data in this input
* vector.
* \retval "Does not return" The call is invalid, one or more of the
* following are true:
* \arg msg_handle is invalid.
* \arg msg_handle does not refer to a
* \ref PSA_IPC_CALL message.
* \arg invec_idx is equal to or greater than
* \ref PSA_MAX_IOVEC.
* \arg the memory reference for buffer is invalid or
* not writable.
*/
size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx,
void *buffer, size_t num_bytes);
/**
* \brief Skip over part of a client input vector.
*
* \param[in] msg_handle Handle for the client's message.
* \param[in] invec_idx Index of input vector to skip from. Must be
* less than \ref PSA_MAX_IOVEC.
* \param[in] num_bytes Maximum number of bytes to skip in the client
* input vector.
*
* \retval >0 Number of bytes skipped.
* \retval 0 There was no remaining data in this input
* vector.
* \retval "Does not return" The call is invalid, one or more of the
* following are true:
* \arg msg_handle is invalid.
* \arg msg_handle does not refer to a
* \ref PSA_IPC_CALL message.
* \arg invec_idx is equal to or greater than
* \ref PSA_MAX_IOVEC.
*/
size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes);
/**
* \brief Write a message response to a client output vector.
*
* \param[in] msg_handle Handle for the client's message.
* \param[out] outvec_idx Index of output vector in message to write to.
* Must be less than \ref PSA_MAX_IOVEC.
* \param[in] buffer Buffer with the data to write.
* \param[in] num_bytes Number of bytes to write to the client output
* vector.
*
* \retval void Success
* \retval "Does not return" The call is invalid, one or more of the
* following are true:
* \arg msg_handle is invalid.
* \arg msg_handle does not refer to a
* \ref PSA_IPC_CALL message.
* \arg outvec_idx is equal to or greater than
* \ref PSA_MAX_IOVEC.
* \arg The memory reference for buffer is invalid.
* \arg The call attempts to write data past the end
* of the client output vector.
*/
void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
const void *buffer, size_t num_bytes);
/**
* \brief Complete handling of a specific message and unblock the client.
*
* \param[in] msg_handle Handle for the client's message.
* \param[in] status Message result value to be reported to the
* client.
*
* \retval void Success.
* \retval "Does not return" The call is invalid, one or more of the
* following are true:
* \arg msg_handle is invalid.
* \arg An invalid status code is specified for the
* type of message.
*/
void psa_reply(psa_handle_t msg_handle, psa_status_t status);
/**
* \brief Send a PSA_DOORBELL signal to a specific Secure Partition.
*
* \param[in] partition_id Secure Partition ID of the target partition.
*
* \retval void Success.
* \retval "Does not return" partition_id does not correspond to a Secure
* Partition.
*/
void psa_notify(int32_t partition_id);
/**
* \brief Clear the PSA_DOORBELL signal.
*
* \retval void Success.
* \retval "Does not return" The Secure Partition's doorbell signal is not
* currently asserted.
*/
void psa_clear(void);
/**
* \brief Inform the SPM that an interrupt has been handled (end of interrupt).
*
* \param[in] irq_signal The interrupt signal that has been processed.
*
* \retval void Success.
* \retval "Does not return" The call is invalid, one or more of the
* following are true:
* \arg irq_signal is not an interrupt signal.
* \arg irq_signal indicates more than one signal.
* \arg irq_signal is not currently asserted.
*/
void psa_eoi(psa_signal_t irq_signal);
#define psa_panic(X) abort();
#ifdef __cplusplus
}
#endif
#endif /* __PSA_SERVICE_H__ */

33
tests/psa-client-server/psasim/include/psa/util.h Normal file
View File

@ -0,0 +1,33 @@
/* Common definitions used for clients and services */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include "psa/service.h"
#define PRINT(fmt, ...) \
fprintf(stdout, fmt "\n", ##__VA_ARGS__)
#if defined(DEBUG)
#define INFO(fmt, ...) \
fprintf(stdout, "Info (%s - %d): " fmt "\n", __FILE__, __LINE__, ##__VA_ARGS__)
#define ERROR(fmt, ...) \
fprintf(stdout, "Error (%s - %d): " fmt "\n", __FILE__, __LINE__, ##__VA_ARGS__)
#define FATAL(fmt, ...) \
{ \
fprintf(stdout, "Fatal (%s - %d): " fmt "\n", __FILE__, __LINE__, ##__VA_ARGS__); \
abort(); \
}
#else /* DEBUG */
#define INFO(...)
#define ERROR(...)
#define FATAL(...)
#endif /* DEBUG*/
#define PROJECT_ID 'M'
#define PATHNAMESIZE 256
#define TMP_FILE_BASE_PATH "./"

15
tests/psa-client-server/psasim/include/psasim/init.h Normal file
View File

@ -0,0 +1,15 @@
/* Declarations of internal functions. */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <stdint.h>
#include <psa/service.h>
void raise_signal(psa_signal_t signal);
void __init_psasim(const char **array,
int size,
const int allow_ns_clients_array[32],
const uint32_t versions[32],
const int strict_policy_array[32]);

17
tests/psa-client-server/psasim/src/Makefile Normal file
View File

@ -0,0 +1,17 @@
INCLUDE = -I../include/
PSA_LIB = libpsaff.a
PSA_LIB_OBJS = client.o service.o
.PHONY: all lib
all: $(PSA_LIB)
%.o: %.c
$(CC) $(INCLUDE) $(CFLAGS) -c $< -o $@
$(PSA_LIB): $(PSA_LIB_OBJS)
$(AR) rcs $(PSA_LIB) client.o service.o
clean:
rm -f $(PSA_LIB) $(PSA_LIB_OBJS)

392
tests/psa-client-server/psasim/src/client.c Normal file
View File

@ -0,0 +1,392 @@
/* PSA firmware framework client API */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <stdint.h>
#include <stdlib.h>
#include <stddef.h>
#include <assert.h>
#include <stdio.h>
#include <string.h>
#include <strings.h>
#include <inttypes.h>
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/msg.h>
#include "psa/client.h"
#include "psa/common.h"
#include "psa/error.h"
#include "psa/util.h"
typedef struct internal_handle {
int server_qid;
int client_qid;
int internal_server_qid;
int valid;
} internal_handle_t;
typedef struct vectors {
const psa_invec *in_vec;
size_t in_len;
psa_outvec *out_vec;
size_t out_len;
} vectors_t;
/* Note that this implementation is functional and not secure */
int __psa_ff_client_security_state = NON_SECURE;
/* Access to this global is not thread safe */
#define MAX_HANDLES 32
static internal_handle_t handles[MAX_HANDLES] = { { 0 } };
static int get_next_free_handle()
{
/* Never return handle 0 as it's a special null handle */
for (int i = 1; i < MAX_HANDLES; i++) {
if (handles[i].valid == 0) {
return i;
}
}
return -1;
}
static int handle_is_valid(psa_handle_t handle)
{
if (handle > 0 && handle < MAX_HANDLES) {
if (handles[handle].valid == 1) {
return 1;
}
}
ERROR("ERROR: Invalid handle");
return 0;
}
static int get_queue_info(char *path, int *cqid, int *sqid)
{
key_t server_queue_key;
int rx_qid, server_qid;
INFO("Attempting to contact a RoT service queue");
if ((rx_qid = msgget(IPC_PRIVATE, 0660)) == -1) {
ERROR("msgget: rx_qid");
return -1;
}
if ((server_queue_key = ftok(path, PROJECT_ID)) == -1) {
ERROR("ftok");
return -2;
}
if ((server_qid = msgget(server_queue_key, 0)) == -1) {
ERROR("msgget: server_qid");
return -3;
}
*cqid = rx_qid;
*sqid = server_qid;
return 0;
}
static psa_status_t process_response(int rx_qid, vectors_t *vecs, int type,
int *internal_server_qid)
{
struct message response, request;
psa_status_t ret = PSA_ERROR_CONNECTION_REFUSED;
size_t invec_seek[4] = { 0 };
size_t data_size;
psa_status_t invec, outvec; /* TODO: Should these be size_t ? */
assert(internal_server_qid > 0);
while (1) {
data_size = 0;
invec = 0;
outvec = 0;
// read response from server
if (msgrcv(rx_qid, &response, sizeof(struct message_text), 0, 0) == -1) {
ERROR(" msgrcv failed");
return ret;
}
// process return message from server
switch (response.message_type) {
case PSA_REPLY:
memcpy(&ret, response.message_text.buf, sizeof(psa_status_t));
INFO(" Message received from server: %d", ret);
if (type == PSA_IPC_CONNECT && ret > 0) {
*internal_server_qid = ret;
INFO(" ASSSIGNED q ID %d", *internal_server_qid);
ret = PSA_SUCCESS;
}
return ret;
break;
case READ_REQUEST:
/* read data request */
request.message_type = READ_RESPONSE;
assert(vecs != 0);
memcpy(&invec, response.message_text.buf, sizeof(psa_status_t));
memcpy(&data_size, response.message_text.buf+sizeof(size_t), sizeof(size_t));
INFO(" Partition asked for %lu bytes from invec %d", data_size, invec);
/* need to add more checks here */
assert(invec >= 0 && invec < PSA_MAX_IOVEC);
if (data_size > MAX_FRAGMENT_SIZE) {
data_size = MAX_FRAGMENT_SIZE;
}
/* send response */
INFO(" invec_seek[invec] is %lu", invec_seek[invec]);
INFO(" Reading from offset %p", vecs->in_vec[invec].base + invec_seek[invec]);
memcpy(request.message_text.buf,
(vecs->in_vec[invec].base + invec_seek[invec]),
data_size);
/* update invec base TODO: check me */
invec_seek[invec] = invec_seek[invec] + data_size;
INFO(" Sending message of type %li", request.message_type);
INFO(" with content %s", request.message_text.buf);
if (msgsnd(*internal_server_qid, &request,
sizeof(int) + sizeof(uint32_t) + data_size, 0) == -1) {
ERROR("Internal error: failed to respond to read request");
}
break;
case WRITE_REQUEST:
assert(vecs != 0);
request.message_type = WRITE_RESPONSE;
memcpy(&outvec, response.message_text.buf, sizeof(psa_status_t));
memcpy(&data_size, response.message_text.buf + sizeof(size_t), sizeof(size_t));
INFO(" Partition wants to write %lu bytes to outvec %d", data_size, outvec);
assert(outvec >= 0 && outvec < PSA_MAX_IOVEC);
/* copy memory into message and send back amount written */
size_t sofar = vecs->out_vec[outvec].len;
memcpy(vecs->out_vec[outvec].base + sofar,
response.message_text.buf+(sizeof(size_t)*2), data_size);
INFO(" Data size is %lu", data_size);
vecs->out_vec[outvec].len += data_size;
INFO(" Sending message of type %li", request.message_type);
/* send response */
if (msgsnd(*internal_server_qid, &request, sizeof(int) + data_size, 0) == -1) {
ERROR("Internal error: failed to respond to write request");
}
break;
case SKIP_REQUEST:
memcpy(&invec, response.message_text.buf, sizeof(psa_status_t));
memcpy(&data_size, response.message_text.buf+sizeof(size_t), sizeof(size_t));
INFO(" Partition asked to skip %lu bytes in invec %d", data_size, invec);
assert(invec >= 0 && invec < PSA_MAX_IOVEC);
/* update invec base TODO: check me */
invec_seek[invec] = invec_seek[invec] + data_size;
break;
default:
FATAL(" ERROR: unknown internal message type: %ld",
response.message_type);
return ret;
}
}
}
static psa_status_t send(int rx_qid, int server_qid, int *internal_server_qid,
int32_t type, uint32_t minor_version, vectors_t *vecs)
{
{
psa_status_t ret = PSA_ERROR_CONNECTION_REFUSED;
size_t request_msg_size = (sizeof(int) + sizeof(long)); /* msg type plus queue id */
struct message request;
request.message_type = 1; /* TODO: change this */
request.message_text.psa_type = type;
vector_sizes_t vec_sizes;
/* If the client is non-secure then set the NS bit */
if (__psa_ff_client_security_state != 0) {
request.message_type |= NON_SECURE;
}
assert(request.message_type >= 0);
INFO("SEND: Sending message of type %ld with psa_type %d", request.message_type, type);
INFO(" internal_server_qid = %i", *internal_server_qid);
request.message_text.qid = rx_qid;
if (type == PSA_IPC_CONNECT) {
memcpy(request.message_text.buf, &minor_version, sizeof(minor_version));
request_msg_size = request_msg_size + sizeof(minor_version);
INFO(" Request msg size is %lu", request_msg_size);
} else {
assert(internal_server_qid > 0);
}
if (vecs != NULL && type >= PSA_IPC_CALL) {
memset(&vec_sizes, 0, sizeof(vec_sizes));
/* Copy invec sizes */
for (size_t i = 0; i < (vecs->in_len); i++) {
vec_sizes.invec_sizes[i] = vecs->in_vec[i].len;
INFO(" Client sending vector %lu: %lu", i, vec_sizes.invec_sizes[i]);
}
/* Copy outvec sizes */
for (size_t i = 0; i < (vecs->out_len); i++) {
vec_sizes.outvec_sizes[i] = vecs->out_vec[i].len;
/* Reset to 0 since we need to eventually fill in with bytes written */
vecs->out_vec[i].len = 0;
}
memcpy(request.message_text.buf, &vec_sizes, sizeof(vec_sizes));
request_msg_size = request_msg_size + sizeof(vec_sizes);
}
INFO(" Sending and then waiting");
// send message to server
if (msgsnd(server_qid, &request, request_msg_size, 0) == -1) {
ERROR(" msgsnd failed");
return ret;
}
return process_response(rx_qid, vecs, type, internal_server_qid);
}
}
uint32_t psa_framework_version(void)
{
return PSA_FRAMEWORK_VERSION;
}
psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version)
{
int idx;
psa_status_t ret;
char pathname[PATHNAMESIZE] = { 0 };
idx = get_next_free_handle();
/* if there's a free handle available */
if (idx >= 0) {
snprintf(pathname, PATHNAMESIZE - 1, TMP_FILE_BASE_PATH "psa_service_%u", sid);
INFO("Attempting to contact RoT service at %s", pathname);
/* if communication is possible */
if (get_queue_info(pathname, &handles[idx].client_qid, &handles[idx].server_qid) >= 0) {
ret = send(handles[idx].client_qid,
handles[idx].server_qid,
&handles[idx].internal_server_qid,
PSA_IPC_CONNECT,
minor_version,
NULL);
/* if connection accepted by RoT service */
if (ret >= 0) {
handles[idx].valid = 1;
return idx;
} else {
INFO("Server didn't like you");
}
} else {
INFO("Couldn't contact RoT service. Does it exist?");
if (__psa_ff_client_security_state == 0) {
ERROR("Invalid SID");
}
}
}
INFO("Couldn't obtain a free handle");
return PSA_ERROR_CONNECTION_REFUSED;
}
uint32_t psa_version(uint32_t sid)
{
int idx;
psa_status_t ret;
char pathname[PATHNAMESIZE] = { 0 };
idx = get_next_free_handle();
if (idx >= 0) {
snprintf(pathname, PATHNAMESIZE, TMP_FILE_BASE_PATH "psa_service_%u", sid);
if (get_queue_info(pathname, &handles[idx].client_qid, &handles[idx].server_qid) >= 0) {
ret = send(handles[idx].client_qid,
handles[idx].server_qid,
&handles[idx].internal_server_qid,
VERSION_REQUEST,
0,
NULL);
INFO("psa_version: Recieved from server %d", ret);
if (ret > 0) {
return ret;
}
}
}
INFO("psa_version failed: does the service exist?");
return PSA_VERSION_NONE;
}
psa_status_t psa_call(psa_handle_t handle,
int32_t type,
const psa_invec *in_vec,
size_t in_len,
psa_outvec *out_vec,
size_t out_len)
{
handle_is_valid(handle);
if ((in_len + out_len) > PSA_MAX_IOVEC) {
ERROR("Too many iovecs: %lu + %lu", in_len, out_len);
}
vectors_t vecs = { 0 };
vecs.in_vec = in_vec;
vecs.in_len = in_len;
vecs.out_vec = out_vec;
vecs.out_len = out_len;
return send(handles[handle].client_qid,
handles[handle].server_qid,
&handles[handle].internal_server_qid,
type,
0,
&vecs);
}
void psa_close(psa_handle_t handle)
{
handle_is_valid(handle);
if (send(handles[handle].client_qid, handles[handle].server_qid,
&handles[handle].internal_server_qid, PSA_IPC_DISCONNECT, 0, NULL)) {
ERROR("ERROR: Couldn't send disconnect msg");
} else {
if (msgctl(handles[handle].client_qid, IPC_RMID, NULL) != 0) {
ERROR("ERROR: Failed to delete msg queue");
}
}
INFO("Closing handle %u", handle);
handles[handle].valid = 0;
}

8
tests/psa-client-server/psasim/src/common.c Normal file
View File

@ -0,0 +1,8 @@
/* Common code between clients and services */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include "psa/common.h"

668
tests/psa-client-server/psasim/src/service.c Normal file
View File

@ -0,0 +1,668 @@
/* PSA Firmware Framework service API */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <sys/types.h>
#include <sys/ipc.h>
#include <sys/msg.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <strings.h>
#include <unistd.h>
#include <time.h>
#include <assert.h>
#include "psa/service.h"
#include "psasim/init.h"
#include "psa/error.h"
#include "psa/common.h"
#include "psa/util.h"
#define MAX_CLIENTS 128
#define MAX_MESSAGES 32
#define SLEEP_MS 50
struct connection {
uint32_t client;
void *rhandle;
int client_to_server_q;
};
/* Note that this implementation is functional and not secure. */
extern int __psa_ff_client_security_state;
static psa_msg_t messages[MAX_MESSAGES]; /* Message slots */
static uint8_t pending_message[MAX_MESSAGES] = { 0 }; /* Booleans indicating active message slots */
static uint32_t message_client[MAX_MESSAGES] = { 0 }; /* Each client's response queue */
static int nsacl[32];
static int strict_policy[32] = { 0 };
static uint32_t rot_svc_versions[32];
static int rot_svc_incoming_queue[32] = { -1 };
static struct connection connections[MAX_CLIENTS] = { { 0 } };
static uint32_t exposed_signals = 0;
void print_vectors(vector_sizes_t *sizes)
{
INFO("Printing iovec sizes");
for (int j = 0; j < PSA_MAX_IOVEC; j++) {
INFO("Invec %d: %lu", j, sizes->invec_sizes[j]);
}
for (int j = 0; j < PSA_MAX_IOVEC; j++) {
INFO("Outvec %d: %lu", j, sizes->outvec_sizes[j]);
}
}
int find_connection(uint32_t client)
{
for (int i = 1; i < MAX_CLIENTS; i++) {
if (client == connections[i].client) {
return i;
}
}
return -1;
}
void destroy_connection(uint32_t client)
{
int idx = find_connection(client);
if (idx >= 0) {
connections[idx].client = 0;
connections[idx].rhandle = 0;
INFO("Destroying connection");
} else {
ERROR("Couldn't destroy connection for %u", client);
}
}
int find_free_connection()
{
INFO("Allocating connection");
return find_connection(0);
}
static void reply(psa_handle_t msg_handle, psa_status_t status)
{
pending_message[msg_handle] = 1;
psa_reply(msg_handle, status);
pending_message[msg_handle] = 0;
}
psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout)
{
psa_signal_t mask;
struct message msg;
vector_sizes_t sizes;
struct msqid_ds qinfo;
uint32_t requested_version;
ssize_t len;
int idx;
#if !defined(PSASIM_USE_USLEEP)
const struct timespec ts_delay = { .tv_sec = 0, .tv_nsec = SLEEP_MS * 1000000 };
#endif
if (timeout == PSA_POLL) {
INFO("psa_wait: Called in polling mode");
}
do {
mask = signal_mask;
/* Check the status of each queue */
for (int i = 0; i < 32; i++) {
if (mask & 0x1) {
if (i < 3) {
// do nothing (reserved)
} else if (i == 3) {
// this must be psa doorbell
} else {
/* Check if this signal corresponds to a queue */
if (rot_svc_incoming_queue[i] >= 0 && (pending_message[i] == 0)) {
/* AFAIK there is no "peek" method in SysV, so try to get a message */
len = msgrcv(rot_svc_incoming_queue[i],
&msg,
sizeof(struct message_text),
0,
IPC_NOWAIT);
if (len > 0) {
INFO("Storing that QID in message_client[%d]", i);
INFO("The message handle will be %d", i);
msgctl(rot_svc_incoming_queue[i], IPC_STAT, &qinfo);
messages[i].client_id = qinfo.msg_lspid; /* PID of last msgsnd(2) call */
message_client[i] = msg.message_text.qid;
idx = find_connection(msg.message_text.qid);
if (msg.message_type & NON_SECURE) {
/* This is a non-secure message */
/* Check if NS client is allowed for this RoT service */
if (nsacl[i] <= 0) {
#if 0
INFO(
"Rejecting non-secure client due to manifest security policy");
reply(i, PSA_ERROR_CONNECTION_REFUSED);
continue; /* Skip to next signal */
#endif
}
msg.message_type &= ~(NON_SECURE); /* clear */
messages[i].client_id = messages[i].client_id * -1;
}
INFO("Got a message from client ID %d", messages[i].client_id);
INFO("Message type is %lu", msg.message_type);
INFO("PSA message type is %d", msg.message_text.psa_type);
messages[i].handle = i;
switch (msg.message_text.psa_type) {
case PSA_IPC_CONNECT:
if (len >= 16) {
memcpy(&requested_version, msg.message_text.buf,
sizeof(requested_version));
INFO("Requesting version %u", requested_version);
INFO("Implemented version %u", rot_svc_versions[i]);
/* TODO: need to check whether the policy is strict,
* and if so, then reject the client if the number doesn't match */
if (requested_version > rot_svc_versions[i]) {
INFO(
"Rejecting client because requested version that was too high");
reply(i, PSA_ERROR_CONNECTION_REFUSED);
continue; /* Skip to next signal */
}
if (strict_policy[i] == 1 &&
(requested_version != rot_svc_versions[i])) {
INFO(
"Rejecting client because enforcing a STRICT version policy");
reply(i, PSA_ERROR_CONNECTION_REFUSED);
continue; /* Skip to next signal */
} else {
INFO("Not rejecting client");
}
}
messages[i].type = PSA_IPC_CONNECT;
if (idx < 0) {
idx = find_free_connection();
}
if (idx >= 0) {
connections[idx].client = msg.message_text.qid;
} else {
/* We've run out of system wide connections */
reply(i, PSA_ERROR_CONNECTION_BUSY);
ERROR("Ran out of free connections");
continue;
}
break;
case PSA_IPC_DISCONNECT:
messages[i].type = PSA_IPC_DISCONNECT;
break;
case VERSION_REQUEST:
INFO("Got a version request");
reply(i, rot_svc_versions[i]);
continue; /* Skip to next signal */
break;
default:
/* PSA CALL */
if (msg.message_text.psa_type >= 0) {
messages[i].type = msg.message_text.psa_type;
memcpy(&sizes, msg.message_text.buf, sizeof(sizes));
print_vectors(&sizes);
memcpy(&messages[i].in_size, &sizes.invec_sizes,
(sizeof(size_t) * PSA_MAX_IOVEC));
memcpy(&messages[i].out_size, &sizes.outvec_sizes,
(sizeof(size_t) * PSA_MAX_IOVEC));
} else {
FATAL("UNKNOWN MESSAGE TYPE RECEIVED %li",
msg.message_type);
}
break;
}
messages[i].handle = i;
/* Check if the client has a connection */
if (idx >= 0) {
messages[i].rhandle = connections[idx].rhandle;
} else {
/* Client is begging for a programmer error */
reply(i, PSA_ERROR_PROGRAMMER_ERROR);
continue;
}
/* House keeping */
pending_message[i] = 1; /* set message as pending */
exposed_signals |= (0x1 << i); /* assert the signal */
}
}
}
mask = mask >> 1;
}
}
if ((timeout == PSA_BLOCK) && (exposed_signals > 0)) {
break;
} else {
/* There is no 'select' function in SysV to block on multiple queues, so busy-wait :( */
#if defined(PSASIM_USE_USLEEP)
usleep(SLEEP_MS * 1000);
#else /* PSASIM_USE_USLEEP */
nanosleep(&ts_delay, NULL);
#endif /* PSASIM_USE_USLEEP */
}
} while (timeout == PSA_BLOCK);
/* Assert signals */
return signal_mask & exposed_signals;
}
static int signal_to_index(psa_signal_t signal)
{
int i;
int count = 0;
int ret = -1;
for (i = 0; i < 32; i++) {
if (signal & 0x1) {
ret = i;
count++;
}
signal = signal >> 1;
}
if (count > 1) {
ERROR("ERROR: Too many signals");
return -1; /* Too many signals */
}
return ret;
}
static void clear_signal(psa_signal_t signal)
{
exposed_signals = exposed_signals & ~signal;
}
void raise_signal(psa_signal_t signal)
{
exposed_signals |= signal;
}
psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg)
{
int index = signal_to_index(signal);
if (index < 0) {
ERROR("Bad signal");
}
clear_signal(signal);
assert(messages[index].handle != 0);
if (pending_message[index] == 1) {
INFO("There is a pending message!");
memcpy(msg, &messages[index], sizeof(struct psa_msg_t));
assert(msg->handle != 0);
return PSA_SUCCESS;
} else {
INFO("no pending message");
}
return PSA_ERROR_DOES_NOT_EXIST;
}
static inline int is_valid_msg_handle(psa_handle_t h)
{
if (h > 0 && h < MAX_MESSAGES) {
return 1;
}
ERROR("Not a valid message handle");
return 0;
}
static inline int is_call_msg(psa_handle_t h)
{
assert(messages[h].type >= PSA_IPC_CALL);
return 1;
}
void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle)
{
is_valid_msg_handle(msg_handle);
int idx = find_connection(message_client[msg_handle]);
INFO("Setting rhandle to %p", rhandle);
assert(idx >= 0);
connections[idx].rhandle = rhandle;
}
/* Sends a message from the server to the client. Does not wait for a response */
static void send_msg(psa_handle_t msg_handle,
int ctrl_msg,
psa_status_t status,
size_t amount,
const void *data,
size_t data_amount)
{
struct message response;
int flags = 0;
assert(ctrl_msg > 0); /* According to System V, it must be greater than 0 */
response.message_type = ctrl_msg;
if (ctrl_msg == PSA_REPLY) {
memcpy(response.message_text.buf, &status, sizeof(psa_status_t));
} else if (ctrl_msg == READ_REQUEST || ctrl_msg == WRITE_REQUEST || ctrl_msg == SKIP_REQUEST) {
memcpy(response.message_text.buf, &status, sizeof(psa_status_t));
memcpy(response.message_text.buf+sizeof(size_t), &amount, sizeof(size_t));
if (ctrl_msg == WRITE_REQUEST) {
/* TODO: Check if too big */
memcpy(response.message_text.buf + (sizeof(size_t) * 2), data, data_amount);
}
}
/* TODO: sizeof doesn't need to be so big here for small responses */
if (msgsnd(message_client[msg_handle], &response, sizeof(response.message_text), flags) == -1) {
ERROR("Failed to reply");
}
}
static size_t skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes)
{
if (num_bytes < (messages[msg_handle].in_size[invec_idx] - num_bytes)) {
messages[msg_handle].in_size[invec_idx] = messages[msg_handle].in_size[invec_idx] -
num_bytes;
return num_bytes;
} else {
if (num_bytes >= messages[msg_handle].in_size[invec_idx]) {
size_t ret = messages[msg_handle].in_size[invec_idx];
messages[msg_handle].in_size[invec_idx] = 0;
return ret;
} else {
return num_bytes;
}
}
}
size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx,
void *buffer, size_t num_bytes)
{
size_t sofar = 0;
struct message msg = { 0 };
int idx;
ssize_t len;
is_valid_msg_handle(msg_handle);
is_call_msg(msg_handle);
if (invec_idx >= PSA_MAX_IOVEC) {
ERROR("Invalid iovec number");
}
/* If user wants more data than what's available, truncate their request */
if (num_bytes > messages[msg_handle].in_size[invec_idx]) {
num_bytes = messages[msg_handle].in_size[invec_idx];
}
while (sofar < num_bytes) {
INFO("Server: requesting %lu bytes from client", (num_bytes - sofar));
send_msg(msg_handle, READ_REQUEST, invec_idx, (num_bytes - sofar), NULL, 0);
idx = find_connection(message_client[msg_handle]);
assert(idx >= 0);
len = msgrcv(connections[idx].client_to_server_q, &msg, sizeof(struct message_text), 0, 0);
len = (len - sizeof(msg.message_text.qid));
if (len < 0) {
FATAL("Internal error: failed to dispatch read request to the client");
}
if (len > (num_bytes - sofar)) {
if ((num_bytes - sofar) > 0) {
memcpy(buffer+sofar, msg.message_text.buf, (num_bytes - sofar));
}
} else {
memcpy(buffer + sofar, msg.message_text.buf, len);
}
INFO("Printing what i got so far: %s", msg.message_text.buf);
sofar = sofar + len;
}
/* Update the seek count */
skip(msg_handle, invec_idx, num_bytes);
INFO("Finished psa_read");
return sofar;
}
void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
const void *buffer, size_t num_bytes)
{
size_t sofar = 0;
struct message msg = { 0 };
int idx;
ssize_t len;
is_valid_msg_handle(msg_handle);
is_call_msg(msg_handle);
if (outvec_idx >= PSA_MAX_IOVEC) {
ERROR("Invalid iovec number");
}
if (num_bytes > messages[msg_handle].out_size[outvec_idx]) {
ERROR("Program tried to write too much data %lu/%lu", num_bytes,
messages[msg_handle].out_size[outvec_idx]);
}
while (sofar < num_bytes) {
size_t sending = (num_bytes - sofar);
if (sending >= MAX_FRAGMENT_SIZE) {
sending = MAX_FRAGMENT_SIZE - (sizeof(size_t) * 2);
}
INFO("Server: sending %lu bytes to client", sending);
send_msg(msg_handle, WRITE_REQUEST, outvec_idx, sending, buffer, sending);
idx = find_connection(message_client[msg_handle]);
assert(idx >= 0);
len = msgrcv(connections[idx].client_to_server_q, &msg, sizeof(struct message_text), 0, 0);
if (len < 1) {
FATAL("Client didn't give me a full response");
}
sofar = sofar + len;
}
/* Update the seek count */
messages[msg_handle].out_size[outvec_idx] -= num_bytes;
}
size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes)
{
is_valid_msg_handle(msg_handle);
is_call_msg(msg_handle);
size_t ret = skip(msg_handle, invec_idx, num_bytes);
/* notify client to skip */
send_msg(msg_handle, SKIP_REQUEST, invec_idx, num_bytes, NULL, 0);
return ret;
}
static void destroy_temporary_queue(int myqid)
{
if (msgctl(myqid, IPC_RMID, NULL) != 0) {
INFO("ERROR: Failed to delete msg queue %d", myqid);
}
}
static int make_temporary_queue()
{
int myqid;
if ((myqid = msgget(IPC_PRIVATE, 0660)) == -1) {
INFO("msgget: myqid");
return -1;
}
return myqid;
}
/**
* Assumes msg_handle is the index into the message array
*/
void psa_reply(psa_handle_t msg_handle, psa_status_t status)
{
int idx, q;
is_valid_msg_handle(msg_handle);
if (pending_message[msg_handle] != 1) {
ERROR("Not a valid message handle");
}
if (messages[msg_handle].type == PSA_IPC_CONNECT) {
switch (status) {
case PSA_SUCCESS:
idx = find_connection(message_client[msg_handle]);
q = make_temporary_queue();
if (q > 0 && idx >= 0) {
connections[idx].client_to_server_q = q;
status = q;
} else {
FATAL("What happened?");
}
break;
case PSA_ERROR_CONNECTION_REFUSED:
destroy_connection(message_client[msg_handle]);
break;
case PSA_ERROR_CONNECTION_BUSY:
destroy_connection(message_client[msg_handle]);
break;
case PSA_ERROR_PROGRAMMER_ERROR:
destroy_connection(message_client[msg_handle]);
break;
default:
ERROR("Not a valid reply %d", status);
}
} else if (messages[msg_handle].type == PSA_IPC_DISCONNECT) {
idx = find_connection(message_client[msg_handle]);
if (idx >= 0) {
destroy_temporary_queue(connections[idx].client_to_server_q);
}
destroy_connection(message_client[msg_handle]);
}
send_msg(msg_handle, PSA_REPLY, status, 0, NULL, 0);
pending_message[msg_handle] = 0;
message_client[msg_handle] = 0;
}
/* TODO: make sure you only clear interrupt signals, and not others */
void psa_eoi(psa_signal_t signal)
{
int index = signal_to_index(signal);
if (index >= 0 && (rot_svc_incoming_queue[index] >= 0)) {
clear_signal(signal);
} else {
ERROR("Tried to EOI a signal that isn't an interrupt");
}
}
void psa_notify(int32_t partition_id)
{
char pathname[PATHNAMESIZE] = { 0 };
if (partition_id < 0) {
ERROR("Not a valid secure partition");
}
snprintf(pathname, PATHNAMESIZE, "/tmp/psa_notify_%u", partition_id);
INFO("psa_notify: notifying partition %u using %s",
partition_id, pathname);
INFO("psa_notify is unimplemented");
}
void psa_clear(void)
{
clear_signal(PSA_DOORBELL);
}
void __init_psasim(const char **array,
int size,
const int allow_ns_clients_array[32],
const uint32_t versions[32],
const int strict_policy_array[32])
{
static uint8_t library_initialised = 0;
key_t key;
int qid;
FILE *fp;
char doorbell_path[PATHNAMESIZE] = { 0 };
char queue_path[PATHNAMESIZE];
snprintf(doorbell_path, PATHNAMESIZE, TMP_FILE_BASE_PATH "psa_notify_%u", getpid());
if (library_initialised > 0) {
return;
} else {
library_initialised = 1;
}
if (size != 32) {
FATAL("Unsupported value. Aborting.");
}
array[3] = doorbell_path;
for (int i = 0; i < 32; i++) {
if (strncmp(array[i], "", 1) != 0) {
INFO("Setting up %s", array[i]);
memset(queue_path, 0, sizeof(queue_path));
sprintf(queue_path, "%s%s", TMP_FILE_BASE_PATH, array[i]);
/* Create file if doesn't exist */
fp = fopen(queue_path, "ab+");
if (fp) {
fclose(fp);
}
if ((key = ftok(queue_path, PROJECT_ID)) == -1) {
FATAL("Error finding message queue during initialisation");
}
/* TODO: Investigate. Permissions are likely to be too relaxed */
if ((qid = msgget(key, IPC_CREAT | 0660)) == -1) {
FATAL("Error opening message queue during initialisation");
} else {
rot_svc_incoming_queue[i] = qid;
}
}
}
memcpy(nsacl, allow_ns_clients_array, sizeof(int) * 32);
memcpy(strict_policy, strict_policy_array, sizeof(int) * 32);
memcpy(rot_svc_versions, versions, sizeof(uint32_t) * 32);
memset(&connections, 0, sizeof(struct connection) * MAX_CLIENTS);
__psa_ff_client_security_state = 0; /* Set the client status to SECURE */
}

29
tests/psa-client-server/psasim/test/Makefile Normal file
View File

@ -0,0 +1,29 @@
INCLUDE := -I../include/ -I./psa_manifest
LIB := -L../src -lpsaff
TEST_BIN = psa_client \
psa_partition
GENERATED_H_FILES = psa_manifest/manifest.h \
psa_manifest/pid.h \
psa_manifest/sid.h
PARTITION_SERVER_BOOTSTRAP = psa_ff_bootstrap_TEST_PARTITION.c
.PHONY: all clean
all: $(TEST_BIN)
psa_client: client.c $(GENERATED_H_FILES)
$(CC) $(INCLUDE) $(CFLAGS) $< $(LIB) -o $@
psa_partition: $(PARTITION_SERVER_BOOTSTRAP) $(GENERATED_H_FILES)
$(CC) $(INCLUDE) $(CFLAGS) $< $(LIB) -o $@
$(PARTITION_SERVER_BOOTSTRAP) $(GENERATED_H_FILES): manifest.json server.c
../tools/psa_autogen.py $<
clean:
rm -f $(TEST_BIN) psa_ff_bootstrap_*.c
rm -f psa_notify_* psa_service_*
rm -f psa_manifest/*

48
tests/psa-client-server/psasim/test/client.c Normal file
View File

@ -0,0 +1,48 @@
/* psasim test client */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <psa/client.h>
#include <psa/util.h>
#include "psa_manifest/sid.h"
#include <stdio.h>
#include <unistd.h>
#define CLIENT_PRINT(fmt, ...) \
PRINT("Client: " fmt, ##__VA_ARGS__)
int main()
{
const char *text = "FOOBARCOOL!!";
char output[100] = { 0 };
CLIENT_PRINT("My PID: %d", getpid());
CLIENT_PRINT("PSA version: %u", psa_version(PSA_SID_SHA256_SID));
psa_handle_t h = psa_connect(PSA_SID_SHA256_SID, 1);
if (h < 0) {
CLIENT_PRINT("Couldn't connect %d", h);
return 1;
} else {
int type = 2;
CLIENT_PRINT("psa_call() w/o invec returned: %d", psa_call(h, type, NULL, 0, NULL, 0));
psa_invec invecs[1];
psa_outvec outvecs[1];
invecs[0].base = text;
invecs[0].len = sizeof(text);
outvecs[0].base = output;
outvecs[0].len = sizeof(output);
CLIENT_PRINT("invec len: %lu", invecs[0].len);
CLIENT_PRINT("psa_call() w/ invec returned: %d", psa_call(h, type, invecs, 1, outvecs, 1));
CLIENT_PRINT("Received payload len: %ld", outvecs[0].len);
CLIENT_PRINT("Received payload content: %s", output);
CLIENT_PRINT("Closing handle");
psa_close(h);
}
return 0;
}

29
tests/psa-client-server/psasim/test/manifest.json Normal file
View File

@ -0,0 +1,29 @@
{
"psa_framework_version":1.0,
"name":"TEST_PARTITION",
"type":"PSA-ROT",
"priority":"LOW",
"entry_point":"psa_sha256_main",
"stack_size":"0x400",
"heap_size":"0x100",
"services":[
{
"name":"PSA_SID_SHA256",
"sid":"0x0000F000",
"signal":"PSA_SHA256",
"non_secure_clients": "true",
"minor_version":1,
"minor_policy":"STRICT"
}
],
"irqs": [
{
"source": "SIGINT",
"signal": "SIGINT_SIG"
},
{
"source": "SIGTSTP",
"signal": "SIGSTP_SIG"
}
]
}

34
tests/psa-client-server/psasim/test/run_test.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
# This is a simple bash script that tests psa_client/psa_server interaction.
# This script is automatically executed when "make run" is launched by the
# "psasim" root folder. The script can also be launched manually once
# binary files are built (i.e. after "make test" is executed from the "psasim"
# root folder).
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
set -e
function clean_run() {
pkill psa_partition || true
pkill psa_client || true
ipcs | grep q | awk '{ printf " -q " $$2 }' | xargs ipcrm > /dev/null 2>&1 || true
}
# The server creates some local files when it starts up so we can wait for this
# event as signal that the server is ready so that we can start client(s).
function wait_for_server_startup() {
while [ ! -f ./psa_notify_* ]; do
sleep 0.1
done
}
clean_run
./psa_partition -k &
SERV_PID=$!
wait_for_server_startup
./psa_client
wait $SERV_PID

119
tests/psa-client-server/psasim/test/server.c Normal file
View File

@ -0,0 +1,119 @@
/* psasim test server */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <unistd.h>
#include <stdio.h>
#include "psa/service.h"
#include "psa/error.h"
#include "psa/util.h"
#include "psa_manifest/manifest.h"
#define SERVER_PRINT(fmt, ...) \
PRINT("Server: " fmt, ##__VA_ARGS__)
#define BUF_SIZE 25
static int kill_on_disconnect = 0; /* Kill the server on client disconnection. */
void parse_input_args(int argc, char *argv[])
{
int opt;
while ((opt = getopt(argc, argv, "k")) != -1) {
switch (opt) {
case 'k':
kill_on_disconnect = 1;
break;
default:
fprintf(stderr, "Usage: %s [-k]\n", argv[0]);
exit(EXIT_FAILURE);
}
}
}
int psa_sha256_main(int argc, char *argv[])
{
psa_status_t ret = PSA_ERROR_PROGRAMMER_ERROR;
psa_msg_t msg = { -1 };
char foo[BUF_SIZE] = { 0 };
const int magic_num = 66;
int client_disconnected = 0;
parse_input_args(argc, argv);
SERVER_PRINT("Starting");
while (!(kill_on_disconnect && client_disconnected)) {
psa_signal_t signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
if (signals > 0) {
SERVER_PRINT("Signals: 0x%08x", signals);
}
if (signals & PSA_SHA256_SIGNAL) {
if (PSA_SUCCESS == psa_get(PSA_SHA256_SIGNAL, &msg)) {
SERVER_PRINT("My handle is %d", msg.handle);
SERVER_PRINT("My rhandle is %p", (int *) msg.rhandle);
switch (msg.type) {
case PSA_IPC_CONNECT:
SERVER_PRINT("Got a connection message");
psa_set_rhandle(msg.handle, (void *) &magic_num);
ret = PSA_SUCCESS;
break;
case PSA_IPC_DISCONNECT:
SERVER_PRINT("Got a disconnection message");
ret = PSA_SUCCESS;
client_disconnected = 1;
break;
default:
SERVER_PRINT("Got an IPC call of type %d", msg.type);
ret = 42;
size_t size = msg.in_size[0];
if ((size > 0) && (size <= sizeof(foo))) {
psa_read(msg.handle, 0, foo, 6);
foo[(BUF_SIZE-1)] = '\0';
SERVER_PRINT("Reading payload: %s", foo);
psa_read(msg.handle, 0, foo+6, 6);
foo[(BUF_SIZE-1)] = '\0';
SERVER_PRINT("Reading payload: %s", foo);
}
size = msg.out_size[0];
if ((size > 0)) {
SERVER_PRINT("Writing response");
psa_write(msg.handle, 0, "RESP", 4);
psa_write(msg.handle, 0, "ONSE", 4);
}
if (msg.client_id > 0) {
psa_notify(msg.client_id);
} else {
SERVER_PRINT("Client is non-secure, so won't notify");
}
}
psa_reply(msg.handle, ret);
} else {
SERVER_PRINT("Failed to retrieve message");
}
} else if (SIGSTP_SIG & signals) {
SERVER_PRINT("Recieved SIGSTP signal. Gonna EOI it.");
psa_eoi(SIGSTP_SIG);
} else if (SIGINT_SIG & signals) {
SERVER_PRINT("Handling interrupt!");
SERVER_PRINT("Gracefully quitting");
psa_panic();
} else {
SERVER_PRINT("No signal asserted");
}
}
return 0;
}

165
tests/psa-client-server/psasim/tools/psa_autogen.py Executable file
View File

@ -0,0 +1,165 @@
#!/usr/bin/env python3
"""This hacky script generates a partition from a manifest file"""
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
import json
import os
import sys
from os import listdir
if len(sys.argv) != 2:
print("Usage: psa_autogen <manifest_file>")
sys.exit(1)
FILENAME = str(sys.argv[1])
with open(str(FILENAME), "r") as read_file:
data = json.load(read_file)
FILENAME = os.path.basename(FILENAME)
FILENAME = FILENAME.split('.')[0]
print("Base filename is " + str(FILENAME))
if str(data['psa_framework_version'] == "1.0"):
entry_point = str(data['entry_point'])
partition_name = str(data['name'])
services = data['services']
try:
irqs = data['irqs']
except KeyError:
irqs = []
try:
os.mkdir("psa_manifest")
print("Generating psa_manifest directory")
except OSError:
print ("PSA manifest directory already exists")
man = open(str("psa_manifest/" + FILENAME + ".h"), "w")
pids = open("psa_manifest/pid.h", "a")
sids = open("psa_manifest/sid.h", "a")
if len(services) > 28:
print ("Unsupported number of services")
count = 4 # For creating SID array
nsacl = "const int ns_allowed[32] = { "
policy = "const int strict_policy[32] = { "
qcode = "const char *psa_queues[] = { "
versions = "const uint32_t versions[32] = { "
queue_path = "psa_service_"
start = False
for x in range(0, count):
qcode = qcode + "\"\", "
nsacl = nsacl + "0, "
policy = policy + "0, "
versions = versions + "0, "
# Go through all the services to make sid.h and pid.h
for svc in services:
man.write("#define {}_SIGNAL 0x{:08x}\n".format(svc['signal'], 2**count))
sids.write("#define {}_SID {}\n".format(svc['name'], svc['sid']))
qcode = qcode + "\"" + queue_path + str(int(svc['sid'], 16)) + "\","
ns_clients = svc['non_secure_clients']
print(str(svc))
if ns_clients == "true":
nsacl = nsacl + "1, "
else:
nsacl = nsacl + "0, "
try:
versions = versions + str(svc['minor_version']) + ", "
except KeyError:
versions = versions + "1, "
strict = 0
try:
if str(svc['minor_policy']).lower() == "strict":
strict = 1
policy = policy + "1, "
else:
policy = policy + "0, "
except KeyError:
strict = 0
policy = policy + "0, "
count = count+1
sigcode = ""
handlercode = "void __sig_handler(int signo) {\n"
irqcount = count
for irq in irqs:
man.write("#define {} 0x{:08x}\n".format(irq['signal'], 2**irqcount))
sigcode = sigcode + " signal({}, __sig_handler);\n".format(irq['source'])
handlercode = handlercode + \
" if (signo == {}) {{ raise_signal(0x{:08x}); }};\n".format(irq['source'], 2**irqcount)
irqcount = irqcount+1
handlercode = handlercode + "}\n"
while (count < 32):
qcode = qcode + "\"\", "
nsacl = nsacl + "0, "
versions = versions + "0, "
policy = policy + "0, "
count = count + 1
qcode = qcode + "};\n"
nsacl = nsacl + "};\n"
versions = versions + "};\n"
policy = policy + "};\n"
pids.close()
sids.close()
man.close()
symbols = []
# Go through all the files in the current directory and look for the entrypoint
for root, directories, filenames in os.walk('.'):
for filename in filenames:
if "psa_ff_bootstrap" in filename or filename == "psa_manifest":
continue
try:
fullpath = os.path.join(root,filename)
with open(fullpath, encoding='utf-8') as currentFile:
text = currentFile.read()
if str(entry_point + "(") in text:
symbols.append(fullpath)
except IOError:
print("Couldn't open " + filename)
except UnicodeDecodeError:
pass
print(str("Number of entrypoints detected: " + str(len(symbols))))
if len(symbols) < 1:
print("Couldn't find function " + entry_point)
sys.exit(1)
elif len(symbols) > 1:
print("Duplicate entrypoint symbol detected: " + str(symbols))
sys.exit(2)
else:
bs = open(str("psa_ff_bootstrap_" + str(partition_name) + ".c"), "w")
bs.write("#include <psasim/init.h>\n")
bs.write("#include \"" + symbols[0] + "\"\n")
bs.write("#include <signal.h>\n\n")
bs.write(qcode)
bs.write(nsacl)
bs.write(policy)
bs.write(versions)
bs.write("\n")
bs.write(handlercode)
bs.write("\n")
bs.write("int main(int argc, char *argv[]) {\n")
bs.write(" (void) argc;\n")
bs.write(sigcode)
bs.write(" __init_psasim(psa_queues, 32, ns_allowed, versions, strict_policy);\n")
bs.write(" " + entry_point + "(argc, argv);\n}\n")
bs.close()
print("Success")