TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ps_rollback_protection_testsuite.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #include "ps_tests.h"
9 
10 #include <stdio.h>
11 
13 #include "test_ps_nv_counters.h"
14 #include "psa/protected_storage.h"
15 #include "tfm_memory_utils.h"
16 #include "s_test_helpers.h"
17 
18 /* This include is required to expose the ps_system_prepare function, via the
19  * tfm_ps_test_system_prepare API, to simulate a reboot in the system.
20  * ps_system_prepare is called when the PS service is initialized.
21  */
23 
24 #include "test_framework_helpers.h"
25 
26 /* Test UIDs */
27 #define TEST_UID 2UL /* UID 1 cannot be used as it references a write once
28  * asset, created in psa_ps_s_interface_testsuite.c
29  */
30 
31 /* Write data */
32 #define WRITE_DATA "THE_FIVE_BOXING_WIZARDS_JUMP_QUICKLY"
33 #define WRITE_DATA_SIZE (sizeof(WRITE_DATA) - 1)
34 #define READ_DATA "############################################"
35 #define RESULT_DATA ("####" WRITE_DATA "####")
36 
37 /*
38  * Summary of tests covered by the test suite.
39  *
40  * PS version | NVC1 | NVC2 | NVC3 | Result | Test Num
41  * ------------|------|------|------|----------|------------
42  * X | X | X | X | Valid | 1
43  * N | X | X | X | Invalid | 2
44  * X | X | X | N | Valid | 3
45  * N | X | N | N | Valid | 4
46  * X | X | N | N | Valid | 5
47  * X | X | M | N | Valid | 6
48  * M | X | M | N | Invalid | 7
49  * N | X | M | N | Invalid | 8
50  *
51  * Test 9 checks the PS result when the non-volatile (NV) counter 1 cannot be
52  * incremented (e.g it has reached its maximum value).
53  */
54 
55 /* List of tests */
56 static void tfm_ps_test_4001(struct test_result_t *ret);
57 static void tfm_ps_test_4002(struct test_result_t *ret);
58 static void tfm_ps_test_4003(struct test_result_t *ret);
59 static void tfm_ps_test_4004(struct test_result_t *ret);
60 static void tfm_ps_test_4005(struct test_result_t *ret);
61 static void tfm_ps_test_4006(struct test_result_t *ret);
62 static void tfm_ps_test_4007(struct test_result_t *ret);
63 static void tfm_ps_test_4008(struct test_result_t *ret);
64 static void tfm_ps_test_4009(struct test_result_t *ret);
65 
66 static struct test_t interface_tests[] = {
67  {&tfm_ps_test_4001, "TFM_PS_TEST_4001",
68  "Check PS area version when NV counters 1/2/3 have the same value", {TEST_PASSED}},
69  {&tfm_ps_test_4002, "TFM_PS_TEST_4002",
70  "Check PS area version when it is different from NV counters 1/2/3", {TEST_PASSED}},
71  {&tfm_ps_test_4003, "TFM_PS_TEST_4003",
72  "Check PS area version when NV counters 1 and 2 are equals, 3 is "
73  "different, and PS area version match NV counters 1 and 2", {TEST_PASSED}},
74  {&tfm_ps_test_4004, "TFM_PS_TEST_4004",
75  "Check PS area version when NV counters 2 and 3 are equals, 1 is "
76  "different and PS area version match NV counter 2 and 3", {TEST_PASSED}},
77  {&tfm_ps_test_4005, "TFM_PS_TEST_4005",
78  "Check PS area version when NV counters 2 and 3 are equals, 1 is "
79  "different and PS area version match NV counter 1", {TEST_PASSED}},
80  {&tfm_ps_test_4006, "TFM_PS_TEST_4006",
81  "Check PS area version when NV counters 1, 2 and 3 have different values "
82  "and PS area version match NV counter 1 value", {TEST_PASSED}},
83  {&tfm_ps_test_4007, "TFM_PS_TEST_4007",
84  "Check PS area version when NV counters 1, 2 and 3 have different values "
85  "and PS area version match NV counter 2 value", {TEST_PASSED}},
86  {&tfm_ps_test_4008, "TFM_PS_TEST_4008",
87  "Check PS area version when NV counters 1, 2 and 3 have different values "
88  "and PS area version match NV counter 3 value", {TEST_PASSED}},
89  {&tfm_ps_test_4009, "TFM_PS_TEST_4009",
90  "Check PS area version when NV counter 1 cannot be incremented", {TEST_PASSED}},
91 };
92 
94 {
95  uint32_t list_size = (sizeof(interface_tests) / sizeof(interface_tests[0]));
96 
97  set_testsuite("PS rollback protection tests (TFM_PS_TEST_4XXX)",
98  interface_tests, list_size, p_test_suite);
99 }
100 
106 static void tfm_ps_test_4001(struct test_result_t *ret)
107 {
108  psa_status_t status;
109  const psa_storage_uid_t uid = TEST_UID;
111  const uint32_t data_len = WRITE_DATA_SIZE;
112  const uint32_t offset = 0;
113  uint32_t old_nvc_1, nvc_1, nvc_2, nvc_3;
114  const uint8_t write_data[] = WRITE_DATA;
115  uint8_t read_data[] = READ_DATA;
116  size_t read_data_len = 0;
117 
118  /* Creates an asset in the PS area to generate a new PS area version */
119  status = psa_ps_set(uid, data_len, write_data, flags);
120  if (status != PSA_SUCCESS) {
121  TEST_FAIL("Set should not fail with valid UID");
122  return;
123  }
124 
125  /* Reads NV counter 1 to get the saved value to compare it later */
126  status = test_ps_read_nv_counter(TFM_PS_NV_COUNTER_1, &old_nvc_1);
127  if (status != PSA_SUCCESS) {
128  TEST_FAIL("Read should not fail");
129  return;
130  }
131 
132  /* Sets new data in the asset to generate a new PS area version */
133  status = psa_ps_set(uid, data_len, write_data, flags);
134  if (status != PSA_SUCCESS) {
135  TEST_FAIL("Set should not fail with valid UID");
136  return;
137  }
138 
139  /* Validates the 3 NV counters have the same value and it has been increased
140  * by 1 unit.
141  */
142 
143  /* Reads NV counter 1 to get the current value */
145  if (status != PSA_SUCCESS) {
146  TEST_FAIL("Read should not fail");
147  return;
148  }
149 
150  /* Checks if NV counter 1 value has been increased by 1 unit as result of
151  * process the write request.
152  */
153  if (nvc_1 != (old_nvc_1 + 1)) {
154  TEST_FAIL("NV counter 1 has been increased more than 1 unit");
155  return;
156  }
157 
158  /* Reads NV counter 2 to get the current value */
160  if (status != PSA_SUCCESS) {
161  TEST_FAIL("Read should not fail");
162  return;
163  }
164 
165  if (nvc_1 != nvc_2) {
166  TEST_FAIL("NV counter 1 and 2 should have the same value");
167  return;
168  }
169 
170  /* Reads NV counter 3 to get the current value */
172  if (status != PSA_SUCCESS) {
173  TEST_FAIL("Read should not fail");
174  return;
175  }
176 
177  if (nvc_2 != nvc_3) {
178  TEST_FAIL("NV counter 2 and 3 should have the same value");
179  return;
180  }
181 
182  /* Simulates a reboot in the system by calling ps_system_prepare(). This
183  * function is called when the PS service is initialized.
184  *
185  * Prepare should not fail as the NV counters has the same values and
186  * the PS area authentication is aligned with those values.
187  */
188  status = tfm_ps_test_system_prepare();
189  if (status != PSA_SUCCESS) {
190  TEST_FAIL("AM prepare should not fail");
191  return;
192  }
193 
194  /* Gets data from the asset */
195  status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
196  &read_data_len);
197  if (status != PSA_SUCCESS) {
198  TEST_FAIL("Get should not fail");
199  return;
200  }
201 
202  /* Checks that the data has not changed */
203  if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
204  TEST_FAIL("The data should not have changed");
205  return;
206  }
207 
208  /* Removes the asset to clean up storage for the next test */
209  status = psa_ps_remove(uid);
210  if (status != PSA_SUCCESS) {
211  TEST_FAIL("Remove should not fail with valid UID");
212  return;
213  }
214 
215  ret->val = TEST_PASSED;
216 }
217 
222 static void tfm_ps_test_4002(struct test_result_t *ret)
223 {
224  psa_status_t status;
225  const psa_storage_uid_t uid = TEST_UID;
227  const uint32_t data_len = WRITE_DATA_SIZE;
228  const uint8_t write_data[] = WRITE_DATA;
229 
230  /* Creates an asset in the PS area to generate a new PS area version */
231  status = psa_ps_set(uid, data_len, write_data, flags);
232  if (status != PSA_SUCCESS) {
233  TEST_FAIL("Set should not fail with valid UID");
234  return;
235  }
236 
237  /* Increments all counters to make that PS area version old/invalid */
239  if (status != PSA_SUCCESS) {
240  TEST_FAIL("Increment should not fail");
241  return;
242  }
243 
245  if (status != PSA_SUCCESS) {
246  TEST_FAIL("Increment should not fail");
247  return;
248  }
249 
251  if (status != PSA_SUCCESS) {
252  TEST_FAIL("Increment should not fail");
253  return;
254  }
255 
256  /* Simulates a reboot in the system by calling ps_system_prepare(). This
257  * function is called when the PS service is initialized.
258  *
259  * Prepare should fail as the PS area version does not match the
260  * NV counters values.
261  */
262  status = tfm_ps_test_system_prepare();
263  if (status != PSA_ERROR_GENERIC_ERROR) {
264  TEST_FAIL("PS system prepare should fail as version is old");
265  return;
266  }
267 
268  /* Removes the asset to clean up storage for the next test.
269  *
270  * To be able to remove the asset, the PS area version should match
271  * with the counter values. So, it is required to:
272  *
273  * 1. align the counters with the PS area version
274  * 2. re-call ps_system_prepare to mark the PS area as a valid image
275  * 3. remove the asset.
276  */
277 
278  /* Aligns NV counters with the PS area version */
280  if (status != PSA_SUCCESS) {
281  TEST_FAIL("Decrement should not fail");
282  return;
283  }
284 
286  if (status != PSA_SUCCESS) {
287  TEST_FAIL("Decrement should not fail");
288  return;
289  }
290 
292  if (status != PSA_SUCCESS) {
293  TEST_FAIL("Decrement should not fail");
294  return;
295  }
296 
297  /* Calls ps_system_prepare to mark the PS area as a valid image */
298  status = tfm_ps_test_system_prepare();
299  if (status != PSA_SUCCESS) {
300  TEST_FAIL("PS system prepare should not fail");
301  return;
302  }
303 
304  /* Removes the asset to clean up storage for the next test */
305  status = psa_ps_remove(uid);
306  if (status != PSA_SUCCESS) {
307  TEST_FAIL("Remove should not fail with valid UID");
308  return;
309  }
310 
311  ret->val = TEST_PASSED;
312 }
313 
320 static void tfm_ps_test_4003(struct test_result_t *ret)
321 {
322  psa_status_t status;
323  const psa_storage_uid_t uid = TEST_UID;
325  const uint32_t data_len = WRITE_DATA_SIZE;
326  const uint32_t offset = 0;
327  const uint8_t write_data[] = WRITE_DATA;
328  uint8_t read_data[] = READ_DATA;
329  size_t read_data_len = 0;
330 
331  /* Creates an asset in the PS area to generate a new PS area version */
332  status = psa_ps_set(uid, data_len, write_data, flags);
333  if (status != PSA_SUCCESS) {
334  TEST_FAIL("Set should not fail with valid UID");
335  return;
336  }
337 
338  /* Decrements NV counters 3 to make it different from the other two counters
339  * and make the current PS area version match NV counter 1 and 2 values.
340  */
342  if (status != PSA_SUCCESS) {
343  TEST_FAIL("Decrement should not fail");
344  return;
345  }
346 
347  /* Simulates a reboot in the system by calling ps_system_prepare(). This
348  * function is called when the PS service is initialized.
349  *
350  * Prepare should not fail as the PS area version match NV counters 1 and
351  * 2 values.
352  */
353  status = tfm_ps_test_system_prepare();
354  if (status != PSA_SUCCESS) {
355  TEST_FAIL("PS system prepare should not fail");
356  return;
357  }
358 
359  /* Gets the data from the asset */
360  status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
361  &read_data_len);
362  if (status != PSA_SUCCESS) {
363  TEST_FAIL("Get should not fail");
364  return;
365  }
366 
367  /* Checks that the data has not changed */
368  if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
369  TEST_FAIL("The data should not have changed");
370  return;
371  }
372 
373  /* Removes the asset to clean up storage for the next test */
374  status = psa_ps_remove(uid);
375  if (status != PSA_SUCCESS) {
376  TEST_FAIL("Remove should not fail with valid UID");
377  return;
378  }
379 
380  ret->val = TEST_PASSED;
381 }
382 
390 static void tfm_ps_test_4004(struct test_result_t *ret)
391 {
392  psa_status_t status;
393  const psa_storage_uid_t uid = TEST_UID;
395  const uint32_t data_len = WRITE_DATA_SIZE;
396  const uint32_t offset = 0;
397  const uint8_t write_data[] = WRITE_DATA;
398  uint8_t read_data[] = READ_DATA;
399  size_t read_data_len = 0;
400 
401  /* Creates an asset in the PS area to generate a new PS area version */
402  status = psa_ps_set(uid, data_len, write_data, flags);
403  if (status != PSA_SUCCESS) {
404  TEST_FAIL("Set should not fail with valid UID");
405  return;
406  }
407 
408  /* Increments NV counters 1 to make it different from the other two counters
409  * and make the current PS area version match NV counter 2 and 3 values.
410  */
412  if (status != PSA_SUCCESS) {
413  TEST_FAIL("Increment should not fail");
414  return;
415  }
416 
417  /* Simulates a reboot in the system by calling ps_system_prepare(). This
418  * function is called when the PS service is initialized.
419  *
420  * Prepare should not fail as the PS area version match the NV counter 2
421  * and 3 values.
422  */
423  status = tfm_ps_test_system_prepare();
424  if (status != PSA_SUCCESS) {
425  TEST_FAIL("PS system prepare should not fail");
426  return;
427  }
428 
429  /* Gets the data from the asset */
430  status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
431  &read_data_len);
432  if (status != PSA_SUCCESS) {
433  TEST_FAIL("Get should not fail");
434  return;
435  }
436 
437  /* Checks that the data has not changed */
438  if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
439  TEST_FAIL("The data should not have changed");
440  return;
441  }
442 
443  /* Removes the asset to clean up storage for the next test */
444  status = psa_ps_remove(uid);
445  if (status != PSA_SUCCESS) {
446  TEST_FAIL("Remove should not fail with valid UID");
447  return;
448  }
449 
450  ret->val = TEST_PASSED;
451 }
452 
460 static void tfm_ps_test_4005(struct test_result_t *ret)
461 {
462  psa_status_t status;
463  const psa_storage_uid_t uid = TEST_UID;
465  const uint32_t data_len = WRITE_DATA_SIZE;
466  const uint32_t offset = 0;
467  const uint8_t write_data[] = WRITE_DATA;
468  uint8_t read_data[] = READ_DATA;
469  size_t read_data_len = 0;
470 
471  /* Creates an asset in the PS area to generate a new PS area version */
472  status = psa_ps_set(uid, data_len, write_data, flags);
473  if (status != PSA_SUCCESS) {
474  TEST_FAIL("Set should not fail with valid UID");
475  return;
476  }
477 
478  /* Decrements NV counter 2 and 3 to make the PS area version match NV
479  * counter 1 only.
480  */
482  if (status != PSA_SUCCESS) {
483  TEST_FAIL("Decrement should not fail");
484  return;
485  }
486 
488  if (status != PSA_SUCCESS) {
489  TEST_FAIL("Decrement should not fail");
490  return;
491  }
492 
493  /* Simulates a reboot in the system by calling ps_system_prepare(). This
494  * function is called when the PS service is initialized.
495  *
496  * Prepare should not fail as the PS area version match the NV counter 1.
497  */
498  status = tfm_ps_test_system_prepare();
499  if (status != PSA_SUCCESS) {
500  TEST_FAIL("PS system prepare should not fail");
501  return;
502  }
503 
504  /* Gets the data from the asset */
505  status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
506  &read_data_len);
507  if (status != PSA_SUCCESS) {
508  TEST_FAIL("Get should not fail");
509  return;
510  }
511 
512  /* Checks that the data has not changed */
513  if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
514  TEST_FAIL("The data should not have changed");
515  return;
516  }
517 
518  /* Removes the asset to clean up storage for the next test */
519  status = psa_ps_remove(uid);
520  if (status != PSA_SUCCESS) {
521  TEST_FAIL("Remove should not fail with valid UID");
522  return;
523  }
524 
525  ret->val = TEST_PASSED;
526 }
527 
532 static void tfm_ps_test_4006(struct test_result_t *ret)
533 {
534  psa_status_t status;
535  const psa_storage_uid_t uid = TEST_UID;
537  const uint32_t data_len = WRITE_DATA_SIZE;
538  const uint32_t offset = 0;
539  const uint8_t write_data[] = WRITE_DATA;
540  uint8_t read_data[] = READ_DATA;
541  size_t read_data_len = 0;
542 
543  /* Creates an asset in the PS area to generate a new PS area version */
544  status = psa_ps_set(uid, data_len, write_data, flags);
545  if (status != PSA_SUCCESS) {
546  TEST_FAIL("Set should not fail with valid UID");
547  return;
548  }
549 
550  /* Decrements NV counter 2 (1 time) and 3 (2 times) to make the PS area
551  * version match NV counter 1 only.
552  */
554  if (status != PSA_SUCCESS) {
555  TEST_FAIL("Decrement should not fail");
556  return;
557  }
558 
560  if (status != PSA_SUCCESS) {
561  TEST_FAIL("Decrement should not fail");
562  return;
563  }
564 
566  if (status != PSA_SUCCESS) {
567  TEST_FAIL("Decrement should not fail");
568  return;
569  }
570 
571  /* Simulates a reboot in the system by calling ps_system_prepare(). This
572  * function is called when the PS service is initialized.
573  *
574  * Prepare should not fail as the PS area version match the NV counter 1.
575  */
576  status = tfm_ps_test_system_prepare();
577  if (status != PSA_SUCCESS) {
578  TEST_FAIL("PS system prepare should not fail");
579  return;
580  }
581 
582  /* Gets data from the asset */
583  status = psa_ps_get(uid, offset, data_len, (read_data + HALF_PADDING_SIZE),
584  &read_data_len);
585  if (status != PSA_SUCCESS) {
586  TEST_FAIL("Get should not fail");
587  return;
588  }
589 
590  /* Checks that the data has not changed */
591  if (tfm_memcmp(read_data, RESULT_DATA, sizeof(read_data)) != 0) {
592  TEST_FAIL("The data should not have changed");
593  return;
594  }
595 
596  /* Removes the asset to clean up storage for the next test */
597  status = psa_ps_remove(uid);
598  if (status != PSA_SUCCESS) {
599  TEST_FAIL("Remove should not fail with valid UID");
600  return;
601  }
602 
603  ret->val = TEST_PASSED;
604 }
605 
610 static void tfm_ps_test_4007(struct test_result_t *ret)
611 {
612  psa_status_t status;
613  const psa_storage_uid_t uid = TEST_UID;
615  const uint32_t data_len = WRITE_DATA_SIZE;
616  const uint8_t write_data[] = WRITE_DATA;
617 
618  /* Creates an asset in the PS area to generate a new PS area version */
619  status = psa_ps_set(uid, data_len, write_data, flags);
620  if (status != PSA_SUCCESS) {
621  TEST_FAIL("Set should not fail with valid UID");
622  return;
623  }
624 
625  /* Increments NV counter 1 and decrements 3 to make the PS area
626  * version match NV counter 2 only.
627  */
629  if (status != PSA_SUCCESS) {
630  TEST_FAIL("Increment should not fail");
631  return;
632  }
633 
635  if (status != PSA_SUCCESS) {
636  TEST_FAIL("Decrement should not fail");
637  return;
638  }
639 
640  /* Simulates a reboot in the system by calling ps_system_prepare(). This
641  * function is called when the PS service is initialized.
642  *
643  * Prepare should fail as the PS area version match the NV counter 2 and
644  * the other counters are different.
645  */
646  status = tfm_ps_test_system_prepare();
647  if (status != PSA_ERROR_GENERIC_ERROR) {
648  TEST_FAIL("PS system prepare should fail");
649  return;
650  }
651 
652  /* Removes the asset to clean up storage for the next test.
653  *
654  * To be able to remove the asset, the PS area version should match
655  * with the counter values. So, it is required to:
656  *
657  * 1. align the counters with the PS area version
658  * 2. re-call ps_system_prepare to mark the PS area as a valid image
659  * 3. remove the asset.
660  */
661 
662  /* Aligns NV counters with the PS area version */
664  if (status != PSA_SUCCESS) {
665  TEST_FAIL("Decrement should not fail");
666  return;
667  }
668 
670  if (status != PSA_SUCCESS) {
671  TEST_FAIL("Increment should not fail");
672  return;
673  }
674 
675  /* Calls ps_system_prepare to mark the PS area as a valid image */
676  status = tfm_ps_test_system_prepare();
677  if (status != PSA_SUCCESS) {
678  TEST_FAIL("PS system prepare should not fail");
679  return;
680  }
681 
682  /* Removes the asset to clean up storage for the next test */
683  status = psa_ps_remove(uid);
684  if (status != PSA_SUCCESS) {
685  TEST_FAIL("Remove should not fail with valid UID");
686  return;
687  }
688 
689  ret->val = TEST_PASSED;
690 }
691 
696 static void tfm_ps_test_4008(struct test_result_t *ret)
697 {
698  psa_status_t status;
699  const psa_storage_uid_t uid = TEST_UID;
701  const uint32_t data_len = WRITE_DATA_SIZE;
702  const uint8_t write_data[] = WRITE_DATA;
703 
704  /* Creates an asset in the PS area to generate a new PS area version */
705  status = psa_ps_set(uid, data_len, write_data, flags);
706  if (status != PSA_SUCCESS) {
707  TEST_FAIL("Set should not fail with valid UID");
708  return;
709  }
710 
711  /* Increments NV counter 1 (2 times) and 2 (1 time) to make the PS area
712  * version match NV counter 3 only.
713  */
715  if (status != PSA_SUCCESS) {
716  TEST_FAIL("Increment should not fail");
717  return;
718  }
719 
721  if (status != PSA_SUCCESS) {
722  TEST_FAIL("Increment should not fail");
723  return;
724  }
725 
727  if (status != PSA_SUCCESS) {
728  TEST_FAIL("Increment should not fail");
729  return;
730  }
731 
732  /* Simulates a reboot in the system by calling ps_system_prepare(). This
733  * function is called when the PS service is initialized.
734  *
735  * Prepare should fail as the PS area version match the NV counter 2 and
736  * the other counters are different.
737  */
738  status = tfm_ps_test_system_prepare();
739  if (status != PSA_ERROR_GENERIC_ERROR) {
740  TEST_FAIL("AM prepare should fail");
741  return;
742  }
743 
744  /* Removes the asset to clean up storage for the next test.
745  *
746  * To be able to remove the asset, the PS area version should match
747  * with the counter values. So, it is required to:
748  *
749  * 1. align the counters with the PS area version
750  * 2. re-call ps_system_prepare to mark the PS area as a valid image
751  * 3. remove the asset.
752  */
753 
754  /* Align NV counters with the PS area version */
756  if (status != PSA_SUCCESS) {
757  TEST_FAIL("Decrement should not fail");
758  return;
759  }
760 
762  if (status != PSA_SUCCESS) {
763  TEST_FAIL("Decrement should not fail");
764  return;
765  }
766 
768  if (status != PSA_SUCCESS) {
769  TEST_FAIL("Decrement should not fail");
770  return;
771  }
772 
773  /* Calls ps_system_prepare to mark the PS area as a valid image */
774  status = tfm_ps_test_system_prepare();
775  if (status != PSA_SUCCESS) {
776  TEST_FAIL("PS system prepare should not fail");
777  return;
778  }
779 
780  /* Removes the asset to clean up storage for the next test */
781  status = psa_ps_remove(uid);
782  if (status != PSA_SUCCESS) {
783  TEST_FAIL("Remove should not fail with valid UID");
784  return;
785  }
786 
787  ret->val = TEST_PASSED;
788 }
789 
794 static void tfm_ps_test_4009(struct test_result_t *ret)
795 {
796  psa_status_t status;
797  const psa_storage_uid_t uid = TEST_UID;
799  const uint32_t data_len = WRITE_DATA_SIZE;
800  const uint8_t write_data[] = WRITE_DATA;
801 
802  /* Disables increment function to simulate that NV counter 1 has
803  * reached its maximum value.
804  */
806 
807  /* Creates an asset in the PS area to generate a new PS area version */
808  status = psa_ps_set(uid, data_len, write_data, flags);
809  if (status != PSA_ERROR_GENERIC_ERROR) {
810  TEST_FAIL("Set should fail as the non-volatile counters can not be"
811  " increased");
812  return;
813  }
814 
815  /* Enables counter again to not affect the next tests, if any */
817 
818  ret->val = TEST_PASSED;
819 }
#define WRITE_DATA_SIZE
psa_status_t psa_ps_get(psa_storage_uid_t uid, size_t data_offset, size_t data_size, void *p_data, size_t *p_data_length)
Retrieve data associated with a provided uid.
#define PSA_SUCCESS
Definition: crypto_values.h:35
#define TEST_FAIL(info_msg)
enum test_suite_err_t set_testsuite(const char *name, struct test_t *test_list, uint32_t size, struct test_suite_t *p_ts)
Sets test suite parameters.
psa_status_t psa_ps_set(psa_storage_uid_t uid, size_t data_length, const void *p_data, psa_storage_create_flags_t create_flags)
Create a new, or modify an existing, uid/value pair.
#define TFM_PS_NV_COUNTER_1
#define PSA_ERROR_GENERIC_ERROR
Definition: crypto_values.h:43
#define TFM_PS_NV_COUNTER_3
psa_status_t test_ps_decrement_nv_counter(enum tfm_nv_counter_t counter_id)
Decrements the given non-volatile (NV) counter.
psa_status_t test_ps_read_nv_counter(enum tfm_nv_counter_t counter_id, uint32_t *val)
Reads the given non-volatile (NV) counter.
struct test_result_t ret
psa_status_t tfm_ps_test_system_prepare(void)
Requests the PS Test Service to call ps_system_prepare().
psa_status_t test_ps_increment_nv_counter(enum tfm_nv_counter_t counter_id)
Increments the given non-volatile (NV) counter.
psa_status_t psa_ps_remove(psa_storage_uid_t uid)
Remove the provided uid and its associated data from the storage.
#define HALF_PADDING_SIZE
void test_ps_enable_increment_nv_counter(void)
Enables PS increment nv counter function to work normally.
void test_ps_disable_increment_nv_counter(void)
Disables PS increment nv counter function to force PSA_ERROR_GENERIC_ERROR return value as an indicat...
uint64_t psa_storage_uid_t
enum test_status_t val
__STATIC_INLINE int tfm_memcmp(const void *ptr1, const void *ptr2, size_t num)
void register_testsuite_s_rollback_protection(struct test_suite_t *p_test_suite)
Register testsuite for the ps rollback protection tests.
#define TFM_PS_NV_COUNTER_2
#define PSA_STORAGE_FLAG_NONE
uint32_t psa_storage_create_flags_t
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43