Hi Nick,

 

I’m using v2.0 mainline, but in a non-standard way.  I’ve implemented a custom connection-based crypto service which reuses the out-of-box tfm_crypto_call_srv() function which I have exposed by removing the ‘static’ keyword.   If that function was only designed to work with state-less connections, then there is no issue because spm_init_connection() handles clearing of iovec_status for every PSA call and outvecs are unmapped before calling psa_write().

 

It sounds like connection-based services supporting MM_IOVECS require that invecs + outvecs are unmapped by the service before returning.  Otherwise, the connection must be closed and re-opened for every PSA call to that service.  PSA FF v1.1 extensions say “If psa_unmap_invec() is not called for an input vector that has been mapped, the framework will remove the mapping automatically when the message is completed.”  But it’s not clear to me whether “framework” means the SPM or the service itself. 

 

Could you confirm how MM_IOVEC input vector unmapping should be handled for connection-based services in the TFM?

 

Regards,
Brian

 

From: Nicola Mazzucato <Nicola.Mazzucato@arm.com>
Sent: Wednesday, November 27, 2024 9:36 AM
To: Quach, Brian <brian@ti.com>; tf-m@lists.trustedfirmware.org; nd <nd@arm.com>
Subject: [EXTERNAL] Re: connection-based MMIOVEC

 

Hi Brian, many thanks for your reply. I managed to do a quick test and what you noticed makes sense to me. It looks however that the current crypto service does not support connection-based operations, so my tests were limited to stateless calls

ZjQcmQRYFpfptBannerStart

This message was sent from outside of Texas Instruments.

Do not click links or open attachments unless you recognize the source of this email and know the content is safe.

    Report Suspicious    ¯

ZjQcmQRYFpfptBannerEnd

Hi Brian,

 

many thanks for your reply.

I managed to do a quick test and what you noticed makes sense to me.

 

It looks however that the current crypto service does not support connection-based operations, so my tests were limited to stateless calls so far.

Are you based on a different branch from mainline? Do you use a different crypto interface from the one available upstream?

 

Best regards,

Thanks

 

Nick

 

From: Quach, Brian <brian@ti.com>
Sent: 21 November 2024 19:50
To: Nicola Mazzucato <Nicola.Mazzucato@arm.com>; tf-m@lists.trustedfirmware.org <tf-m@lists.trustedfirmware.org>; nd <nd@arm.com>
Subject: RE: connection-based MMIOVEC

 

Hi Nick,

 

I’m using medium profile but with PSA_FRAMEWORK_HAS_MM_IOVEC enabled.

 

In the partition yaml file:

 

"model": "IPC",

 

"services" : [

"connection_based": true,

"mm_iovec": "enable"

]

 

After psa_connect, the second psa_call using MM IOVECS to the partition should fail.

 

It’s fairly easy to look at the code snippets I sent and see the input vectors are not being unmapped.  Was this done on purpose or was it overlooked?   I would think if the outputs are being unmapped, that inputs should be as well.

 

Regards,
Brian