From 192fa0176b7f7db9b5dbc542cbe88f7698fed97c Mon Sep 17 00:00:00 2001 From: Brett Nicholas <7547222+bigbrett@users.noreply.github.com> Date: Thu, 11 Apr 2024 14:10:16 -0600 Subject: [PATCH] renamed public structs, moved DMA function prototypes to wh_server_dma.h --- src/wh_server_dma.c | 24 ++++----- src/wh_server_nvm.c | 24 ++++----- test/wh_test_clientserver.c | 26 ++++----- wolfhsm/wh_server.h | 20 +------ wolfhsm/wh_server_dma.h | 103 ++++++++++++++++++++++++------------ 5 files changed, 107 insertions(+), 90 deletions(-) diff --git a/src/wh_server_dma.c b/src/wh_server_dma.c index 6f3576b8..f359d332 100644 --- a/src/wh_server_dma.c +++ b/src/wh_server_dma.c @@ -7,7 +7,7 @@ * building a binary tree, etc.) */ -static int _checkAddrAgainstAllowList(const whDmaAddrList allowList, void* addr, +static int _checkAddrAgainstAllowList(const whServerDmaAddrList allowList, void* addr, size_t size) { uintptr_t startAddr = (uintptr_t)addr; @@ -26,8 +26,8 @@ static int _checkAddrAgainstAllowList(const whDmaAddrList allowList, void* addr, return WH_ERROR_ACCESS; } -static int _checkMemOperAgainstAllowList(const whDmaAddrAllowList* allowList, - whDmaOper oper, void* addr, +static int _checkMemOperAgainstAllowList(const whServerDmaAddrAllowList* allowList, + whServerDmaOper oper, void* addr, size_t size) { int rc = WH_ERROR_OK; @@ -48,7 +48,7 @@ static int _checkMemOperAgainstAllowList(const whDmaAddrAllowList* allowList, return rc; } -int wh_Server_DmaRegisterCb32(whServerContext* server, whDmaClientMem32Cb cb) +int wh_Server_DmaRegisterCb32(whServerContext* server, whServerDmaClientMem32Cb cb) { if (NULL == server || NULL == cb) { return WH_ERROR_BADARGS; @@ -59,7 +59,7 @@ int wh_Server_DmaRegisterCb32(whServerContext* server, whDmaClientMem32Cb cb) return WH_ERROR_OK; } -int wh_Server_DmaRegisterCb64(whServerContext* server, whDmaClientMem64Cb cb) +int wh_Server_DmaRegisterCb64(whServerContext* server, whServerDmaClientMem64Cb cb) { if (NULL == server || NULL == cb) { return WH_ERROR_BADARGS; @@ -71,7 +71,7 @@ int wh_Server_DmaRegisterCb64(whServerContext* server, whDmaClientMem64Cb cb) } int wh_Server_DmaRegisterAllowList(whServerContext* server, - const whDmaAddrAllowList* allowlist) + const whServerDmaAddrAllowList* allowlist) { if (NULL == server || NULL == allowlist) { return WH_ERROR_BADARGS; @@ -86,7 +86,7 @@ int wh_Server_DmaRegisterAllowList(whServerContext* server, int wh_Server_DmaProcessClientAddress32(whServerContext* server, uint32_t clientAddr, void** xformedCliAddr, uint32_t len, - whDmaOper oper, whDmaFlags flags) + whServerDmaOper oper, whServerDmaFlags flags) { int rc = WH_ERROR_OK; @@ -117,7 +117,7 @@ int wh_Server_DmaProcessClientAddress32(whServerContext* server, int wh_Server_DmaProcessClientAddress64(whServerContext* server, uint64_t clientAddr, void** xformedCliAddr, uint64_t len, - whDmaOper oper, whDmaFlags flags) + whServerDmaOper oper, whServerDmaFlags flags) { int rc = WH_ERROR_OK; @@ -146,7 +146,7 @@ int wh_Server_DmaProcessClientAddress64(whServerContext* server, int whServerDma_CopyFromClient32(struct whServerContext_t* server, void* serverPtr, uint32_t clientAddr, - size_t len, whDmaFlags flags) + size_t len, whServerDmaFlags flags) { int rc = WH_ERROR_OK; @@ -187,7 +187,7 @@ int whServerDma_CopyFromClient32(struct whServerContext_t* server, int whServerDma_CopyFromClient64(struct whServerContext_t* server, void* serverPtr, uint64_t clientAddr, - size_t len, whDmaFlags flags) + size_t len, whServerDmaFlags flags) { int rc = WH_ERROR_OK; @@ -227,7 +227,7 @@ int whServerDma_CopyFromClient64(struct whServerContext_t* server, int whServerDma_CopyToClient32(struct whServerContext_t* server, uint32_t clientAddr, void* serverPtr, size_t len, - whDmaFlags flags) + whServerDmaFlags flags) { int rc = WH_ERROR_OK; @@ -268,7 +268,7 @@ int whServerDma_CopyToClient32(struct whServerContext_t* server, int whServerDma_CopyToClient64(struct whServerContext_t* server, uint64_t clientAddr, void* serverPtr, size_t len, - whDmaFlags flags) + whServerDmaFlags flags) { int rc = WH_ERROR_OK; diff --git a/src/wh_server_nvm.c b/src/wh_server_nvm.c index 043552b1..cb01fbf6 100644 --- a/src/wh_server_nvm.c +++ b/src/wh_server_nvm.c @@ -265,14 +265,14 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress32( server, req.metadata_hostaddr, &metadata, sizeof(whNvmMetadata), - WH_DMA_OPER_CLIENT_READ_PRE, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespAddObjDma32; } resp.rc = wh_Server_DmaProcessClientAddress32( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_READ_PRE, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespAddObjDma32; } @@ -289,14 +289,14 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress32( server, req.metadata_hostaddr, &metadata, sizeof(whNvmMetadata), - WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespAddObjDma32; } resp.rc = wh_Server_DmaProcessClientAddress32( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0}); } else { /* Request is malformed */ resp.rc = WH_ERROR_ABORTED; @@ -322,7 +322,7 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress32( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_WRITE_PRE, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_WRITE_PRE, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespReadDma32; } @@ -337,7 +337,7 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress32( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_WRITE_POST, (whServerDmaFlags){0}); } else { /* Request is malformed */ resp.rc = WH_ERROR_ABORTED; @@ -364,14 +364,14 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress64( server, req.metadata_hostaddr, &metadata, sizeof(whNvmMetadata), - WH_DMA_OPER_CLIENT_READ_PRE, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespAddObjectDma64; } resp.rc = wh_Server_DmaProcessClientAddress64( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_READ_PRE, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespAddObjectDma64; } @@ -388,14 +388,14 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress64( server, req.metadata_hostaddr, &metadata, sizeof(whNvmMetadata), - WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespAddObjectDma64; } resp.rc = wh_Server_DmaProcessClientAddress64( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_READ_POST, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0}); } else { /* Request is malformed */ resp.rc = WH_ERROR_ABORTED; @@ -421,7 +421,7 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress64( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_WRITE_PRE, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_WRITE_PRE, (whServerDmaFlags){0}); if (resp.rc != WH_ERROR_OK) { goto transRespReadDma64; } @@ -436,7 +436,7 @@ int wh_Server_HandleNvmRequest(whServerContext* server, /* perform platform-specific host address processing */ resp.rc = wh_Server_DmaProcessClientAddress64( server, req.data_hostaddr, &data, req.data_len, - WH_DMA_OPER_CLIENT_WRITE_POST, (whDmaFlags){0}); + WH_DMA_OPER_CLIENT_WRITE_POST, (whServerDmaFlags){0}); } else { /* Request is malformed */ resp.rc = WH_ERROR_ABORTED; diff --git a/test/wh_test_clientserver.c b/test/wh_test_clientserver.c index 82fca828..66f975d5 100644 --- a/test/wh_test_clientserver.c +++ b/test/wh_test_clientserver.c @@ -154,8 +154,8 @@ static int _testCallbacks(whServerContext* server, whClientContext* client) static int _customServerDmaCb(struct whServerContext_t* server, void* clientAddr, void** serverPtr, - uint32_t len, whDmaOper oper, - whDmaFlags flags) + uint32_t len, whServerDmaOper oper, + whServerDmaFlags flags) { /* remapped "client" address, a.k.a. arbitary "server" buffer */ void *srvTmpBuf = (void*)((uintptr_t)clientAddr + @@ -196,7 +196,7 @@ static int _customServerDmaCb(struct whServerContext_t* server, static int _customServerDma32Cb(struct whServerContext_t* server, uint32_t clientAddr, void** serverPtr, - uint32_t len, whDmaOper oper, whDmaFlags flags) + uint32_t len, whServerDmaOper oper, whServerDmaFlags flags) { return _customServerDmaCb(server, (void*)((uintptr_t)clientAddr), serverPtr, len, oper, flags); @@ -204,7 +204,7 @@ static int _customServerDma32Cb(struct whServerContext_t* server, static int _customServerDma64Cb(struct whServerContext_t* server, uint64_t clientAddr, void** serverPtr, - uint64_t len, whDmaOper oper, whDmaFlags flags) + uint64_t len, whServerDmaOper oper, whServerDmaFlags flags) { return _customServerDmaCb(server, (void*)((uintptr_t)clientAddr), serverPtr, len, oper, flags); @@ -215,7 +215,7 @@ static int _testDma(whServerContext* server, whClientContext* client) int rc = 0; TestMemory testMem = {0}; - const whDmaAddrAllowList allowList = { + const whServerDmaAddrAllowList allowList = { .readList = { {&testMem.srvBufAllow, sizeof(testMem.srvBufAllow)}, @@ -243,13 +243,13 @@ static int _testDma(whServerContext* server, whClientContext* client) /* 64-bit host system */ WH_TEST_RETURN_ON_FAIL(whServerDma_CopyFromClient64( server, testMem.srvBufAllow, (uint64_t)((uintptr_t)testMem.cliBuf), - sizeof(testMem.cliBuf), (whDmaFlags){0})); + sizeof(testMem.cliBuf), (whServerDmaFlags){0})); } else if (sizeof(void*) == sizeof(uint32_t)) { /* 32-bit host system */ WH_TEST_RETURN_ON_FAIL(whServerDma_CopyFromClient32( server, testMem.srvBufAllow, (uint32_t)((uintptr_t)testMem.cliBuf), - sizeof(testMem.cliBuf), (whDmaFlags){0})); + sizeof(testMem.cliBuf), (whServerDmaFlags){0})); } /* Ensure data was copied */ @@ -273,13 +273,13 @@ static int _testDma(whServerContext* server, whClientContext* client) /* 64-bit host system */ WH_TEST_RETURN_ON_FAIL(whServerDma_CopyToClient64( server, (uint64_t)((uintptr_t)testMem.cliBuf), testMem.srvBufAllow, - sizeof(testMem.srvBufAllow), (whDmaFlags){0})); + sizeof(testMem.srvBufAllow), (whServerDmaFlags){0})); } else if (sizeof(void*) == sizeof(uint32_t)) { /* 32-bit host system */ WH_TEST_RETURN_ON_FAIL(whServerDma_CopyToClient32( server, (uint32_t)((uintptr_t)testMem.cliBuf), testMem.srvBufAllow, - sizeof(testMem.srvBufAllow), (whDmaFlags){0})); + sizeof(testMem.srvBufAllow), (whServerDmaFlags){0})); } /* Ensure data was copied */ @@ -293,12 +293,12 @@ static int _testDma(whServerContext* server, whClientContext* client) whServerDma_CopyFromClient64( server, testMem.srvBufDeny, (uint64_t)((uintptr_t)testMem.cliBuf), - sizeof(testMem.cliBuf), (whDmaFlags){0})); + sizeof(testMem.cliBuf), (whServerDmaFlags){0})); WH_TEST_ASSERT_RETURN(WH_ERROR_ACCESS == whServerDma_CopyToClient64( server, (uint64_t)((uintptr_t)testMem.cliBuf), testMem.srvBufDeny, - sizeof(testMem.srvBufDeny), (whDmaFlags){0})); + sizeof(testMem.srvBufDeny), (whServerDmaFlags){0})); } else if (sizeof(void*) == sizeof(uint32_t)) { /* 32-bit host system */ @@ -306,12 +306,12 @@ static int _testDma(whServerContext* server, whClientContext* client) whServerDma_CopyFromClient32( server, testMem.srvBufDeny, (uint32_t)((uintptr_t)testMem.cliBuf), - sizeof(testMem.cliBuf), (whDmaFlags){0})); + sizeof(testMem.cliBuf), (whServerDmaFlags){0})); WH_TEST_ASSERT_RETURN(WH_ERROR_ACCESS == whServerDma_CopyToClient32( server, (uint32_t)((uintptr_t)testMem.cliBuf), testMem.srvBufDeny, - sizeof(testMem.srvBufDeny), (whDmaFlags){0})); + sizeof(testMem.srvBufDeny), (whServerDmaFlags){0})); } return rc; diff --git a/wolfhsm/wh_server.h b/wolfhsm/wh_server.h index eccd7683..064bcc85 100644 --- a/wolfhsm/wh_server.h +++ b/wolfhsm/wh_server.h @@ -53,7 +53,7 @@ typedef struct whServerContext_t { crypto_context* crypto; CacheSlot cache[WOLFHSM_NUM_RAMKEYS]; whServerCustomCb customHandlerTable[WH_CUSTOM_CB_NUM_CALLBACKS]; - whDmaContext dma; + whServerDmaContext dma; } whServerContext; typedef struct whServerConfig_t { @@ -63,7 +63,7 @@ typedef struct whServerConfig_t { #if defined WOLF_CRYPTO_CB /* TODO: should we be relying on wolfSSL defines? */ int devId; #endif - whDmaConfig* dmaConfig; + whServerDmaConfig* dmaConfig; } whServerConfig; /* Initialize the comms and crypto cache components. @@ -90,20 +90,4 @@ int wh_Server_HandleCustomCbRequest(whServerContext* server, uint16_t magic, uint16_t req_size, const void* req_packet, uint16_t* out_resp_size, void* resp_packet); -/* Registers custom client DMA callbacs to handle platform specific restrictions - * on accessing the client address space such as caching and address translation */ -int wh_Server_DmaRegisterCb32(whServerContext* server, whDmaClientMem32Cb cb); -int wh_Server_DmaRegisterCb64(whServerContext* server, whDmaClientMem64Cb cb); -int wh_Server_DmaRegisterAllowList(whServerContext* server, const whDmaAddrAllowList* allowlist); - -/* Helper functions to invoke user supplied client address DMA callbacks */ -int wh_Server_DmaProcessClientAddress32(whServerContext* server, - uint32_t clientAddr, void** serverPtr, - uint32_t len, whDmaOper oper, - whDmaFlags flags); -int wh_Server_DmaProcessClientAddress64(whServerContext* server, - uint64_t clientAddr, void** serverPtr, - uint64_t len, whDmaOper oper, - whDmaFlags flags); - #endif /* WOLFHSM_WH_SERVER_H_ */ diff --git a/wolfhsm/wh_server_dma.h b/wolfhsm/wh_server_dma.h index a3751b88..b20d8cac 100644 --- a/wolfhsm/wh_server_dma.h +++ b/wolfhsm/wh_server_dma.h @@ -6,69 +6,102 @@ #include "wolfhsm/wh_server.h" +#define WH_DMA_ADDR_ALLOWLIST_SIZE (10) + struct whServerContext_t; -/* Indicates to the callback the type of operation the callback should handle */ +/* Indicates to a DMA callback the type of memory operation the callback must + * act on. Common use cases are remapping client addresses into server address + * space (map in READ_PRE/WRITE_PRE, unmap in READ_POST/WRITE_POST), or + * invalidating a cache block before reading from or after writing to client + * memory */ typedef enum { - WH_DMA_OPER_CLIENT_READ_PRE = 0, /* Descriptive comment: address validation/Map/unmap/prefetch/cache/etc*/ + /* Indicates server is about to read from client memory */ + WH_DMA_OPER_CLIENT_READ_PRE = 0, + /* Indicates server has just read from client memory */ WH_DMA_OPER_CLIENT_READ_POST = 1, + /* Indicates server is about to write to client memory */ WH_DMA_OPER_CLIENT_WRITE_PRE = 2, + /* Indicates server has just written from client memory */ WH_DMA_OPER_CLIENT_WRITE_POST = 3, -} whDmaOper; +} whServerDmaOper; /* Flags embedded in request/response structs provided by client */ typedef struct { uint8_t cacheForceInvalidate : 1; -} whDmaFlags; - -typedef int (*whDmaClientMem32Cb)(struct whServerContext_t* server, - uint32_t clientAddr, void** serverPtr, - uint32_t len, whDmaOper oper, - whDmaFlags flags); -typedef int (*whDmaClientMem64Cb)(struct whServerContext_t* server, - uint64_t clientAddr, void** serverPtr, - uint64_t len, whDmaOper oper, - whDmaFlags flags); +} whServerDmaFlags; + +/* DMA callbacks invoked internally by wolfHSM before and after every client + * memory operation. There are separate callbacks for processing 32-bit and + * 64-bit client addresses */ +typedef int (*whServerDmaClientMem32Cb)(struct whServerContext_t* server, + uint32_t clientAddr, void** serverPtr, + uint32_t len, whServerDmaOper oper, + whServerDmaFlags flags); +typedef int (*whServerDmaClientMem64Cb)(struct whServerContext_t* server, + uint64_t clientAddr, void** serverPtr, + uint64_t len, whServerDmaOper oper, + whServerDmaFlags flags); typedef struct { void* addr; size_t size; -} whDmaAddr; - -#define WH_DMA_ADDR_ALLOWLIST_SIZE (10) +} whServerDmaAddr; -typedef whDmaAddr whDmaAddrList[WH_DMA_ADDR_ALLOWLIST_SIZE]; +typedef whServerDmaAddr whServerDmaAddrList[WH_DMA_ADDR_ALLOWLIST_SIZE]; +/* Holds allowable client read/write addresses */ typedef struct { - whDmaAddrList readList; - whDmaAddrList writeList; -} whDmaAddrAllowList; + whServerDmaAddrList readList; /* Allowed client read addresses */ + whServerDmaAddrList writeList; /* Allowed client write addresses */ +} whServerDmaAddrAllowList; +/* Configuration struct for initializing a server */ typedef struct { - whDmaClientMem32Cb cb32; /* DMA callback for 32-bit system */ - whDmaClientMem64Cb cb64; /* DMA callback for 64-bit system */ - const whDmaAddrAllowList* dmaAddrAllowList; /* list of allowed addresses */ -} whDmaConfig; + whServerDmaClientMem32Cb cb32; /* DMA callback for 32-bit system */ + whServerDmaClientMem64Cb cb64; /* DMA callback for 64-bit system */ + const whServerDmaAddrAllowList* dmaAddrAllowList; /* allowed addresses */ +} whServerDmaConfig; typedef struct { - whDmaClientMem32Cb cb32; /* DMA callback for 32-bit system */ - whDmaClientMem64Cb cb64; /* DMA callback for 64-bit system */ - const whDmaAddrAllowList* dmaAddrAllowList; /* list of allowed addresses */ -} whDmaContext; + whServerDmaClientMem32Cb cb32; /* DMA callback for 32-bit system */ + whServerDmaClientMem64Cb cb64; /* DMA callback for 64-bit system */ + const whServerDmaAddrAllowList* dmaAddrAllowList; /* allowed addresses */ +} whServerDmaContext; + +/* Registers custom client DMA callbacks to handle platform specific + * restrictions on accessing the client address space such as caching and + * address translation */ +int wh_Server_DmaRegisterCb32(struct whServerContext_t* server, + whServerDmaClientMem32Cb cb); +int wh_Server_DmaRegisterCb64(struct whServerContext_t* server, + whServerDmaClientMem64Cb cb); +int wh_Server_DmaRegisterAllowList(struct whServerContext_t* server, + const whServerDmaAddrAllowList* allowlist); + +/* Helper functions to invoke user supplied client address DMA callbacks */ +int wh_Server_DmaProcessClientAddress32(struct whServerContext_t* server, + uint32_t clientAddr, void** serverPtr, + uint32_t len, whServerDmaOper oper, + whServerDmaFlags flags); +int wh_Server_DmaProcessClientAddress64(struct whServerContext_t* server, + uint64_t clientAddr, void** serverPtr, + uint64_t len, whServerDmaOper oper, + whServerDmaFlags flags); int whServerDma_CopyFromClient32(struct whServerContext_t* server, void* serverPtr, uint32_t clientAddr, - size_t len, whDmaFlags flags); + size_t len, whServerDmaFlags flags); int whServerDma_CopyFromClient64(struct whServerContext_t* server, void* serverPtr, uint64_t clientAddr, - size_t len, whDmaFlags flags); + size_t len, whServerDmaFlags flags); int whServerDma_CopyToClient32(struct whServerContext_t* server, - uint32_t clientAddr, void* serverPtr, - size_t len, whDmaFlags flags); -int whServerDma_CopyToClient64(struct whServerContext_t* server, - uint64_t clientAddr, void* serverPtr, - size_t len, whDmaFlags flags); + uint32_t clientAddr, void* serverPtr, size_t len, + whServerDmaFlags flags); +int whServerDma_CopyToClient64(struct whServerContext_t* server, + uint64_t clientAddr, void* serverPtr, size_t len, + whServerDmaFlags flags); #endif /* WH_SERVER_DMA_H_ */ \ No newline at end of file