18 #include "mbedtls/memory_buffer_alloc.h"
24 #ifdef CRYPTO_HW_ACCELERATOR
25 #include "crypto_hw.h"
38 #define X(api_name) api_name,
46 #define ALIGN(x, a) (((x) + ((a) - 1)) & ~((a) - 1))
52 #define TFM_CRYPTO_IOVEC_ALIGNMENT (4u)
58 #ifndef TFM_CRYPTO_IOVEC_BUFFER_SIZE
59 #error TFM_CRYPTO_IOVEC_BUFFER_SIZE is not defined
66 static struct tfm_crypto_scratch {
67 __attribute__((__aligned__(TFM_CRYPTO_IOVEC_ALIGNMENT)))
68 uint8_t buf[TFM_CRYPTO_IOVEC_BUFFER_SIZE];
71 } scratch = {.buf = {0}, .alloc_index = 0};
73 static psa_status_t tfm_crypto_set_scratch_owner(int32_t
id)
79 static psa_status_t tfm_crypto_get_scratch_owner(int32_t *
id)
85 static psa_status_t tfm_crypto_alloc_scratch(
size_t requested_size,
void **buf)
88 requested_size = ALIGN(requested_size, TFM_CRYPTO_IOVEC_ALIGNMENT);
90 if (requested_size > (
sizeof(scratch.buf) - scratch.alloc_index)) {
95 *buf = (
void *)&scratch.buf[scratch.alloc_index];
98 scratch.alloc_index += requested_size;
105 scratch.alloc_index = 0;
107 (void)
tfm_memset(scratch.buf, 0,
sizeof(scratch.buf));
114 const uint32_t sfn_id)
120 void *alloc_buf_ptr = NULL;
123 while ((in_len > 0) && (msg->
in_size[in_len - 1] == 0)) {
132 in_vec[0].
base = iov;
136 for (i = 1; i < in_len; i++) {
138 status = tfm_crypto_alloc_scratch(msg->
in_size[i], &alloc_buf_ptr);
140 (void)tfm_crypto_clear_scratch();
146 in_vec[i].
base = alloc_buf_ptr;
151 while ((out_len > 0) && (msg->
out_size[out_len - 1] == 0)) {
155 for (i = 0; i < out_len; i++) {
157 status = tfm_crypto_alloc_scratch(msg->
out_size[i], &alloc_buf_ptr);
159 (void)tfm_crypto_clear_scratch();
163 out_vec[i].
base = alloc_buf_ptr;
168 (void)tfm_crypto_set_scratch_owner(msg->
client_id);
171 status = sfid_func_table[
sfn_id](in_vec, in_len, out_vec, out_len);
174 for (i = 0; i < out_len; i++) {
212 static void tfm_crypto_ipc_handler(
void)
239 status = tfm_crypto_parse_msg(&msg, &iov, &sfn_id);
242 status = tfm_crypto_call_sfn(&msg, &iov, sfn_id);
271 #ifndef TFM_CRYPTO_ENGINE_BUF_SIZE
272 #error TFM_CRYPTO_ENGINE_BUF_SIZE is not defined
279 static uint8_t mbedtls_mem_buf[TFM_CRYPTO_ENGINE_BUF_SIZE] = {0};
284 #if defined (MBEDTLS_TEST_NULL_ENTROPY)
285 LOG_MSG(
"\033[1;34m[Crypto] MBEDTLS_TEST_NULL_ENTROPY is not suitable for production!\033[0m\r\n");
292 mbedtls_memory_buffer_alloc_init(mbedtls_mem_buf,
293 TFM_CRYPTO_ENGINE_BUF_SIZE);
296 #ifdef CRYPTO_HW_ACCELERATOR
297 if (crypto_hw_accelerator_init() != 0) {
317 return tfm_crypto_get_scratch_owner(
id);
335 status = tfm_crypto_module_init();
341 status = tfm_crypto_engine_init();
348 tfm_crypto_ipc_handler();
psa_status_t tfm_crypto_init(void)
Initialise the service.
Structure used to pack non-pointer types in a call.
__STATIC_INLINE void * tfm_memset(void *ptr, int value, size_t num)
#define TFM_CRYPTO_SID_INVALID
Define an invalid value for an SID.
#define LIST_TFM_CRYPTO_UNIFORM_SIGNATURE_API
#define PSA_ERROR_INSUFFICIENT_MEMORY
psa_status_t tfm_crypto_get_caller_id(int32_t *id)
Returns the ID of the caller.
size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx, void *buffer, size_t num_bytes)
Read a message parameter or part of a message parameter from a client input vector.
#define PSA_ERROR_GENERIC_ERROR
#define PSA_IPC_DISCONNECT
#define PSA_ERROR_NOT_PERMITTED
size_t in_size[PSA_MAX_IOVEC]
#define PSA_ERROR_HARDWARE_FAILURE
int32_t tfm_core_get_caller_client_id(int32_t *caller_client_id)
void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx, const void *buffer, size_t num_bytes)
Write a message response to a client output vector.
void psa_reply(psa_handle_t msg_handle, psa_status_t status)
Complete handling of a specific message and unblock the client.
psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout)
Return the Secure Partition interrupt signals that have been asserted from a subset of signals provid...
psa_status_t tfm_crypto_init_alloc(void)
Initialise the Alloc module.
size_t out_size[PSA_MAX_IOVEC]
#define TFM_CRYPTO_SIGNAL
psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg)
Retrieve the message which corresponds to a given RoT Service signal and remove the message from the ...
int32_t psa_status_t
Function return status.