Hi Both,
The intention of doing this is for packing parameters while handling non-secure psa_call(). This function has five parameters, which means the 5th one needs to be put in NS stack. If we extract 5th parameter in veneer function we need to enable non-secure memory accessing for veneer and implement some assembler code there to fetch PSP_NS. To make it simple at first stage we just pack 'psa_invec' and 'psa_outvec' as two inputs of tfm_psa_call_veneer(); that why the two types are invec -- because they really are inputs.
This part really causes confuse and need to be discussed if we need to implement more proper way for this. Let's track it in the ticket.
-Ken
-----Original Message----- From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Antonio De Angelis via TF-M Sent: Thursday, April 11, 2019 6:31 AM To: tf-m@lists.trustedfirmware.org Cc: nd nd@arm.com Subject: Re: [TF-M] psa_invec type mismatch in tfm_psa_call_veneer?
Hi Alan,
I think you're right, the prototypes of these functions should be fixed. Moreover, I think psa_outvec *out_vecs should drop the const qualifier to match psa_call(...) prototypes, as it's an output parameter and needs to be non-const. I have raised https://developer.trustedfirmware.org/T313 to keep track of this.
Thanks, Antonio
From: TF-M tf-m-bounces@lists.trustedfirmware.org on behalf of DeMars, Alan via TF-M tf-m@lists.trustedfirmware.org Sent: 10 April 2019 22:12 To: tf-m@lists.trustedfirmware.org Subject: [TF-M] psa_invec type mismatch in tfm_psa_call_veneer?
It seems to me that the 'psa_invec' type is incorrectly being used where the 'psa_outvec' type should be used everywhere tfm_psa_call_veneer() is used.
In tfm_api.h, I think this:
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
const psa_invec *in_vecs, const psa_invec *out_vecs);
should be this:
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
const psa_invec *in_vecs, const psa_outvec *out_vecs);
And, in the implementation of the tfm_psa_call_veneer
within tfm_psa_api_client.c, I think this:
__tfm_secure_gateway_attributes__
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
const psa_invec *in_vecs, const psa_invec *out_vecs)
should be this:
__tfm_secure_gateway_attributes__
psa_status_t tfm_psa_call_veneer(psa_handle_t handle,
const psa_invec *in_vecs, const psa_outvec *out_vecs)
And, in the NS implementation of psa_call() within tfm_psa_ns_api.c, I think this:
psa_invec in_vecs, out_vecs;
should be this:
psa_invec in_vecs; psa_outvec out_vecs;
Alan
-- TF-M mailing list TF-M@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m -- TF-M mailing list TF-M@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m