Andrew Geissler | 9347dd4 | 2023-03-03 12:38:41 -0600 | [diff] [blame^] | 1 | From ee7e13dcc14110aa16f7c6453cfe72f088857ed2 Mon Sep 17 00:00:00 2001 |
| 2 | From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com> |
| 3 | Date: Thu, 9 Feb 2023 00:34:23 +0000 |
| 4 | Subject: [PATCH 3/3] TF-Mv1.7 alignment: PSA crypto client in/out_vec |
| 5 | |
| 6 | Few psa crypto operations have different in/out_vec expectations |
| 7 | This patch is fixing the differences between psa crypto client in TS |
| 8 | and psa crypto service in TF-M running on the secure enclave |
| 9 | |
| 10 | operations: |
| 11 | - aead_generate_nonce: TFM service doesn't expect op_handle in in_vec |
| 12 | - aead_update: TFM service doesn't expect op_handle in in_vec |
| 13 | - cipher_generate_iv: TFM service doesn't expect op_handle in in_vec |
| 14 | - cipher_update: TFM service doesn't expect op_handle in in_vec |
| 15 | - hash_clone: TFM service expects target_op_handle in the in_vec |
| 16 | rationale is target_op_handle according to the spec |
| 17 | must be initialized and not active. and since hash_clone |
| 18 | manipulates it. hence, target_op_handle should be passed |
| 19 | as input and output. |
| 20 | |
| 21 | Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com> |
| 22 | Upstream-Status: Pending [Not submitted yet] |
| 23 | --- |
| 24 | .../crypto/client/caller/psa_ipc/crypto_caller_aead.h | 6 ++---- |
| 25 | .../crypto/client/caller/psa_ipc/crypto_caller_cipher.h | 6 ++---- |
| 26 | .../crypto/client/caller/psa_ipc/crypto_caller_hash.h | 2 ++ |
| 27 | 3 files changed, 6 insertions(+), 8 deletions(-) |
| 28 | |
| 29 | diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h |
| 30 | index efdffdf7..e862c2de 100644 |
| 31 | --- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h |
| 32 | +++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h |
| 33 | @@ -222,14 +222,13 @@ static inline psa_status_t crypto_caller_aead_generate_nonce( |
| 34 | {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)}, |
| 35 | }; |
| 36 | struct psa_outvec out_vec[] = { |
| 37 | - {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)}, |
| 38 | {.base = psa_ptr_to_u32(nonce), .len = nonce_size} |
| 39 | }; |
| 40 | |
| 41 | status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, |
| 42 | IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec)); |
| 43 | |
| 44 | - *nonce_length = out_vec[1].len; |
| 45 | + *nonce_length = out_vec[0].len; |
| 46 | return status; |
| 47 | } |
| 48 | |
| 49 | @@ -353,7 +352,6 @@ static inline psa_status_t crypto_caller_aead_update( |
| 50 | {.base = psa_ptr_const_to_u32(input), .len = input_length} |
| 51 | }; |
| 52 | struct psa_outvec out_vec[] = { |
| 53 | - {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)}, |
| 54 | {.base = psa_ptr_const_to_u32(output), .len = output_size}, |
| 55 | }; |
| 56 | |
| 57 | @@ -365,7 +363,7 @@ static inline psa_status_t crypto_caller_aead_update( |
| 58 | status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, |
| 59 | in_len, out_vec, IOVEC_LEN(out_vec)); |
| 60 | |
| 61 | - *output_length = out_vec[1].len; |
| 62 | + *output_length = out_vec[0].len; |
| 63 | return status; |
| 64 | } |
| 65 | |
| 66 | diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h |
| 67 | index 20aa46a5..948865e4 100644 |
| 68 | --- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h |
| 69 | +++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h |
| 70 | @@ -98,14 +98,13 @@ static inline psa_status_t crypto_caller_cipher_generate_iv( |
| 71 | { .base = psa_ptr_to_u32(&iov), .len = iov_size }, |
| 72 | }; |
| 73 | struct psa_outvec out_vec[] = { |
| 74 | - { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) }, |
| 75 | { .base = psa_ptr_to_u32(iv), .len = iv_size }, |
| 76 | }; |
| 77 | |
| 78 | status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, |
| 79 | IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec)); |
| 80 | |
| 81 | - *iv_length = out_vec[1].len; |
| 82 | + *iv_length = out_vec[0].len; |
| 83 | |
| 84 | return status; |
| 85 | } |
| 86 | @@ -158,14 +157,13 @@ static inline psa_status_t crypto_caller_cipher_update( |
| 87 | { .base = psa_ptr_const_to_u32(input), .len = input_length }, |
| 88 | }; |
| 89 | struct psa_outvec out_vec[] = { |
| 90 | - { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) }, |
| 91 | { .base = psa_ptr_to_u32(output), .len = output_size }, |
| 92 | }; |
| 93 | |
| 94 | status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec, |
| 95 | IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec)); |
| 96 | |
| 97 | - *output_length = out_vec[1].len; |
| 98 | + *output_length = out_vec[0].len; |
| 99 | |
| 100 | return status; |
| 101 | } |
| 102 | diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h |
| 103 | index 4fb60d44..1e422130 100644 |
| 104 | --- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h |
| 105 | +++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h |
| 106 | @@ -172,6 +172,8 @@ static inline psa_status_t crypto_caller_hash_clone( |
| 107 | }; |
| 108 | struct psa_invec in_vec[] = { |
| 109 | { .base = psa_ptr_to_u32(&iov), .len = iov_size }, |
| 110 | + { .base = psa_ptr_to_u32(target_op_handle), |
| 111 | + .len = sizeof(uint32_t) }, |
| 112 | }; |
| 113 | struct psa_outvec out_vec[] = { |
| 114 | { .base = psa_ptr_to_u32(target_op_handle), |
| 115 | -- |
| 116 | 2.25.1 |
| 117 | |