Page MenuHomePhabricator
Create Task
Maniphest T264

psa_wait may return 0 on PSA_BLOCK
Closed, ResolvedPublic
Actions

Description

in tfm_svcall_psa_wait()

if ((timeout == PSA_BLOCK) && ((partition->signals & signal_mask) == 0)) {
     tfm_event_wait(&partition->signal_event);
}

the thread could be awaken by a signal without changing the partition signals causing the function to return 0 on PSA_BLOCK

Event Timeline

orenc17 created this task.Feb 21 2019, 10:04 AM
orenc17 added a project: Trusted Firmware M.
orenc17 added subscribers: mikisch81, alzix.
KenLSoft added a subscriber: KenLSoft.EditedFeb 21 2019, 2:22 PM

Hi Oren,
I read the test code and got some questions:

  1. There are two partitions involved, can you tell which psa_wait returned wrong signal code and show me the debug message (I noticed SP2 would print out something if psa_wait returned error message)? It would be nice if you can tell the line number in the source you shared.
  2. It looks like the case is: client -> SP1 -> SP2, three roles get involved in testing, is that true? Or there are more roles?
  3. I can not find TF-M adapter layer in cloned source of mbed-os, is the code showed as same as the working version on your local?

Thanks.

-Ken

orenc17 added a comment.Feb 24 2019, 6:43 PM

@KenLSoft

  1. from my latest debug session i found that psa_wait returns the correct signals, but by the time psa_get tries to handle them the signals shut down and then psa_get will go into panic
  2. client sends a string to SP1, SP1 doubles the string and calls SP2, SP2 should reverse the string and return it to SP1 which will return it to client.
  3. i dont know

my workspace includes this fork of mbed-os https://github.com/kfnta/mbed-os/
using branch miki-dev
to compile run the following commands:

mbed test --compile -t ARMC6 -m ARM_MUSCA_A1_S --app-config tools/psa/tfm/mbed_app.json -n tests-psa-spm_server -DUSE_PSA_TEST_PARTITIONS -DUSE_SERVER_TESTS_PART1 -DUSE_SERVER_TESTS_PART2 --profile debug
mv targets/TARGET_ARM_SSG/TARGET_MUSCA_A1/TARGET_MUSCA_A1_NS/device/spm_server.bin targets/TARGET_ARM_SSG/TARGET_MUSCA_A1/TARGET_MUSCA_A1_NS/device/tfm.bin
mbed test --compile -t ARMC6 -m ARM_MUSCA_A1_NS -n tests-psa-spm_server -DNO_GREENTEA --profile debug

then copy the binary from BUILD/tests/ARM_MUSCA_A1_NS/ARMC6-DEBUG/TESTS/psa/spm_server/spm_server.bin to your board

BR
Oren

mikisch81 added a comment.Feb 25 2019, 7:39 AM
This comment was removed by mikisch81.
orenc17 added a comment.Feb 28 2019, 1:59 PM

We checked both patches, and they do not seem to fix the issue

edison-ai added a comment.EditedMar 1 2019, 9:05 AM

So there are two issues:

  1. The first issue should have been fixed in the above two patches.
  2. The second issue had been fixed in this patch: https://review.trustedfirmware.org/c/trusted-firmware-m/+/612. This patch had been merged into "feature-ipc" branch on Feb 12. So, please update your to align with the newest code version.
mikisch81 added a comment.Mar 3 2019, 2:21 PM

Hi all,

Thanks for the update.

  1. cross_partition_call test now passes.
  2. doorbell_test still panics:

In one of the psa_get() it gets to this panic in tfm_svcall_psa_get():

/*
 * It is a fatal error if the caller call psa_get() when no message has
 * been set. The caller must call this function after a RoT Service signal
 * is returned by psa_wait().
 */
if (partition->signals == 0) {
    tfm_panic();
}
edison-ai added a comment.Mar 4 2019, 1:40 AM

Hi @mikisch81,

Could you create a new Task issue for it?

Thanks.

edison-ai closed this task as Resolved.Mar 5 2019, 2:04 AM
edison-ai claimed this task.