psa_set_rhandle() during PSA_IPC_CONNECT
Closed, ResolvedPublic

Description

PSA Crypto contains multi-part APIs.
These APIs require the context to be preserved between repetitive psa_call() invocations.
Typically the context is allocated on PSA_IPC_CONNECT and destroyed during PSA_IPC_DISCONNECT events.
The context is saved in r_handle.

Current TF-M implementation does not allow calling psa_set_rhandle during PSA_IPC_CONNECT before psa_reply() is called.

This issue is a blocker issue for mbed-os team.

alzix created this task.Jan 30 2019, 10:31 AM

Thanks for submitting. We will investigate it and try to find out a plan.

alzix added a comment.Jan 31 2019, 9:25 AM

I think we found temporary workaround on our side.
It is no longer a blocker for us, but still HP.
tnx

We will verify it on our Musca_a1 mbed-os porting work and update the results.

alzix added a comment.Feb 12 2019, 9:03 AM

the changes will solve current issue, but it is only a partial solution. Full solution depends on https://developer.trustedfirmware.org/T244
It seems the way connection handle is allocated needs to be reworked, thus the changes proposed in https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/627/ will no longer be relevant.

I can verify that https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/627/ works on our code.

But @alzix is right regarding allocation of connection handles.

Thanks Alex.
That's a quick fix for removing the blocker. After T244 is solved this patch maybe not relevant, the purpose is no affecting API user behaviour (no workarounds) even the connection handle allocation mechanism is changed. Since mechanism changing may not happen soon, let's apply this one first.

edison-ai closed this task as Resolved.Feb 28 2019, 1:47 AM
edison-ai claimed this task.