Update SPM Core design - optimize for multi MCU systems

- Remove partition mutex
- Introduce per secure function queues
- asynchronous psa_close()

Author: orenc17

TESTS/spm/client_tests/client_ipc_tests.cpp

@@ -83,10 +83,10 @@ static void client_ipc_tests_call(
 
 static void client_ipc_tests_close(psa_handle_t handle)
 {
-    error_t status = PSA_SUCCESS;
-    status = psa_close(handle);
+    psa_close(handle);
 
-    TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
+    // Wait for psa_close to finish on server side
+    osDelay(50);
 }
 
 //Testing iovec 0 sent as NULL
@@ -333,85 +333,6 @@ void multi_thread_diff_handles()
 
 }
 
-static void call_same_handle(th_struct_t *thr_attr)
-{
-    client_ipc_tests_call(thr_attr->handle,
-                          thr_attr->iovec_temp,
-                          PSA_MAX_INVEC_LEN,
-                          CLIENT_RSP_BUF_SIZE,
-                          thr_attr->expected,
-                          thr_attr->expected_size);
-    osDelay(10);
-}
-
-//Testing multiple parallel calls to the same SFID with the same handle
-void multi_thread_same_handle()
-{
-    Thread T1, T2, T3;
-    th_struct_t thr_attr[] = {{0}, {0}, {0}};
-
-    psa_handle_t handle = client_ipc_tests_connect(PART1_SF1, MINOR_VER);
-
-    uint8_t meta_iovec_1[] = { 2,            //expect_size
-                               2             //off
-                             };
-    uint8_t buff1[] = {1, 2, 3};
-    uint8_t buff2[] = {4, 5, 6};
-    uint8_t expected_buff_1[] = {1, 2};
-
-    psa_invec_t iovec_temp_1[PSA_MAX_INVEC_LEN] = {{meta_iovec_1, sizeof(meta_iovec_1)},
-                                           {buff1, sizeof(buff1)},
-                                           {buff2, sizeof(buff2)}};
-
-    set_struct(&thr_attr[0], handle, iovec_temp_1, expected_buff_1, sizeof(expected_buff_1));
-    osStatus err = T1.start(callback(call_same_handle, (th_struct_t *)&thr_attr[0]));
-    if (err) {
-       TEST_FAIL_MESSAGE("creating thread failed!");
-    }
-
-    uint8_t meta_iovec_2[] = { 2,            //expect_size
-                               3             //off
-                             };
-    uint8_t expected_buff_2[] = {2, 3};
-
-    psa_invec_t iovec_temp_2[PSA_MAX_INVEC_LEN] = {{meta_iovec_2, sizeof(meta_iovec_2)},
-                                            {buff1, sizeof(buff1)},
-                                            {buff2, sizeof(buff2)}};
-    set_struct(&thr_attr[1], handle, iovec_temp_2, expected_buff_2, sizeof(expected_buff_2));
-    err = T2.start(callback(call_same_handle, (th_struct_t *)&thr_attr[1]));
-    if (err) {
-       TEST_FAIL_MESSAGE("creating thread failed!");
-    }
-
-    uint8_t meta_iovec_3[] = { 2,            //expect_size
-                               4             //off
-                             };
-    uint8_t expected_buff_3[] = {3, 4};
-
-    psa_invec_t iovec_temp_3[PSA_MAX_INVEC_LEN] = {{meta_iovec_3, sizeof(meta_iovec_3)},
-                                            {buff1, sizeof(buff1)},
-                                            {buff2, sizeof(buff2)}};
-    set_struct(&thr_attr[2], handle, iovec_temp_3, expected_buff_3, sizeof(expected_buff_3));
-    err = T3.start(callback(call_same_handle, (th_struct *)&thr_attr[2]));
-    if (err) {
-       TEST_FAIL_MESSAGE("creating thread failed!");
-    }
-
-    err = T1.join();
-    if (err) {
-       TEST_FAIL_MESSAGE("joining thread failed!");
-    }
-    err = T2.join();
-    if (err) {
-       TEST_FAIL_MESSAGE("joining thread failed!");
-    }
-    err = T3.join();
-    if (err) {
-       TEST_FAIL_MESSAGE("joining thread failed!");
-    }
-
-    client_ipc_tests_close(handle);
-}
 
 //Testing exceeding num of max channels allowed by psa_connect
 void exceed_num_of_max_channels()
@@ -449,7 +370,6 @@ Case cases[] = {
     Case("Testing client rx_tx_null", rx_tx_null),
     Case("Testing client multiple_call from a single thread", multiple_call),
     Case("Testing client multiple calls on different channels to the same SFID", multi_thread_diff_handles),
-    Case("Testing client multiple calls on the same channel to the same SFID", multi_thread_same_handle),
     Case("Testing client exceed num of max channels allowed", exceed_num_of_max_channels),
     Case("Testing client close on NULL handle", client_close_null_handle),
 };

TESTS/spm/client_tests/server.c

@@ -29,9 +29,9 @@ void server_main(void *ptr)
             psa_msg_t msg = {0};
             psa_get(PART1_SF1_MSK, &msg);
             switch (msg.type) {
-                case PSA_IPC_MSG_TYPE_CONNECT: {
+                case PSA_IPC_MSG_TYPE_CONNECT:
+                case PSA_IPC_MSG_TYPE_DISCONNECT:
                     break;
-                }
                 case PSA_IPC_MSG_TYPE_CALL: {
                     memset(data, 0, sizeof(data));
                     if (msg.in_size[0] + msg.in_size[1] + msg.in_size[2] > 1) {
@@ -46,9 +46,6 @@ void server_main(void *ptr)
                     }
                     break;
                 }
-                case PSA_IPC_MSG_TYPE_DISCONNECT: {
-                    break;
-                }
                 default: {
                     SPM_PANIC("Invalid msg type");
                 }

TESTS/spm/neg_client_tests/neg_ipc_tests.cpp

@@ -78,10 +78,10 @@ static void negative_client_ipc_tests_call( psa_handle_t handle,
 
 static void negative_client_ipc_tests_close(psa_handle_t handle)
 {
-    error_t status = PSA_SUCCESS;
-    status = psa_close(handle);
+    psa_close(handle);
 
-    TEST_ASSERT_EQUAL_INT(PSA_SUCCESS, status);
+    // Wait for psa_close to finish on server side
+    osDelay(50);
 }
 
 //Testing client call with an invalid SFID

TESTS/spm/neg_client_tests/server1.c

@@ -32,9 +32,9 @@ void server_main1(void *ptr)
             psa_msg_t msg = {0};
             psa_get(NEG_CLIENT_PART1_SF1_MSK, &msg);
             switch (msg.type) {
-                case PSA_IPC_MSG_TYPE_CONNECT: {
+                case PSA_IPC_MSG_TYPE_CONNECT:
+                case PSA_IPC_MSG_TYPE_DISCONNECT:
                     break;
-                }
                 case PSA_IPC_MSG_TYPE_CALL: {
                     memset(msg_buff, 0, msg_buff_SIZE);
                     uint32_t bytes_read = 0;
@@ -47,13 +47,11 @@ void server_main1(void *ptr)
                     }
                     break;
                 }
-                case PSA_IPC_MSG_TYPE_DISCONNECT: {
-                    break;
-                }
                 default: {
                     SPM_ASSERT(false);
                 }
             }
+
             psa_end(msg.handle, PSA_SUCCESS);
         }
     }

TESTS/spm/neg_client_tests/spm_reboot.c

@@ -12,14 +12,15 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
- 
+
 #include <string.h>
 #include "spm_internal.h"
 
-extern spm_t g_spm;
+extern spm_db_t g_spm;
 extern psa_handle_item_t g_channels_handle_storage[];
 extern psa_handle_item_t g_messages_handle_storage[];
-extern ipc_channel_t g_channel_data[];
+extern spm_ipc_channel_t g_channel_data[];
+extern spm_active_msg_t g_active_messages_data[];
 
 void psa_spm_init(void);
 
@@ -32,26 +33,26 @@ void spm_reboot(void)
         MBED_ASSERT(status == osOK);
         status = osMutexDelete(g_spm.partitions[i].mutex);
         MBED_ASSERT(status == osOK);
-        status = osSemaphoreDelete(g_spm.partitions[i].semaphore);
-        MBED_ASSERT(status == osOK);
 
-        g_spm.partitions[i].thread_id = NULL;
         for (uint32_t j = 0; j < g_spm.partitions[i].sec_funcs_count; ++j) {
             g_spm.partitions[i].sec_funcs[j].partition = NULL;
+            g_spm.partitions[i].sec_funcs[j].queue.head = NULL;
+            g_spm.partitions[i].sec_funcs[j].queue.tail = NULL;
         }
 
         g_spm.partitions[i].sec_funcs = NULL;
         g_spm.partitions[i].mutex = NULL;
-        g_spm.partitions[i].semaphore = NULL;
-        memset(&(g_spm.partitions[i].active_msg), 0, sizeof(active_msg_t));
-        g_spm.partitions[i].msg_handle = PSA_NULL_HANDLE;
+        g_spm.partitions[i].thread_id = NULL;
     }
 
     status = osMemoryPoolDelete(g_spm.channel_mem_pool);
     MBED_ASSERT(status == osOK);
+    status = osMemoryPoolDelete(g_spm.active_messages_mem_pool);
+    MBED_ASSERT(status == osOK);
     memset(g_channels_handle_storage, 0, (sizeof(psa_handle_item_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS));
-    memset(g_messages_handle_storage, 0, (sizeof(psa_handle_item_t) * g_spm.partition_count));
-    memset(g_channel_data, 0, (sizeof(ipc_channel_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS));
+    memset(g_messages_handle_storage, 0, (sizeof(psa_handle_item_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
+    memset(g_channel_data, 0, (sizeof(spm_ipc_channel_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS));
+    memset(g_active_messages_data, 0, (sizeof(spm_active_msg_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
     memset(&g_spm, 0, sizeof(g_spm));
 
     psa_spm_init();

TESTS/spm/neg_dual_partition/spm_reboot.c

@@ -12,14 +12,15 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
- 
+
 #include <string.h>
 #include "spm_internal.h"
 
-extern spm_t g_spm;
+extern spm_db_t g_spm;
 extern psa_handle_item_t g_channels_handle_storage[];
 extern psa_handle_item_t g_messages_handle_storage[];
-extern ipc_channel_t g_channel_data[];
+extern spm_ipc_channel_t g_channel_data[];
+extern spm_active_msg_t g_active_messages_data[];
 
 void psa_spm_init(void);
 
@@ -32,26 +33,26 @@ void spm_reboot(void)
         MBED_ASSERT(status == osOK);
         status = osMutexDelete(g_spm.partitions[i].mutex);
         MBED_ASSERT(status == osOK);
-        status = osSemaphoreDelete(g_spm.partitions[i].semaphore);
-        MBED_ASSERT(status == osOK);
 
-        g_spm.partitions[i].thread_id = NULL;
         for (uint32_t j = 0; j < g_spm.partitions[i].sec_funcs_count; ++j) {
             g_spm.partitions[i].sec_funcs[j].partition = NULL;
+            g_spm.partitions[i].sec_funcs[j].queue.head = NULL;
+            g_spm.partitions[i].sec_funcs[j].queue.tail = NULL;
         }
 
         g_spm.partitions[i].sec_funcs = NULL;
         g_spm.partitions[i].mutex = NULL;
-        g_spm.partitions[i].semaphore = NULL;
-        memset(&(g_spm.partitions[i].active_msg), 0, sizeof(active_msg_t));
-        g_spm.partitions[i].msg_handle = PSA_NULL_HANDLE;
+        g_spm.partitions[i].thread_id = NULL;
     }
 
     status = osMemoryPoolDelete(g_spm.channel_mem_pool);
     MBED_ASSERT(status == osOK);
+    status = osMemoryPoolDelete(g_spm.active_messages_mem_pool);
+    MBED_ASSERT(status == osOK);
     memset(g_channels_handle_storage, 0, (sizeof(psa_handle_item_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS));
-    memset(g_messages_handle_storage, 0, (sizeof(psa_handle_item_t) * g_spm.partition_count));
-    memset(g_channel_data, 0, (sizeof(ipc_channel_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS));
+    memset(g_messages_handle_storage, 0, (sizeof(psa_handle_item_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
+    memset(g_channel_data, 0, (sizeof(spm_ipc_channel_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS));
+    memset(g_active_messages_data, 0, (sizeof(spm_active_msg_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
     memset(&g_spm, 0, sizeof(g_spm));
 
     psa_spm_init();

TESTS/spm/neg_server_tests/neg_ipc_tests.cpp

@@ -234,24 +234,17 @@ void server_end_invalid_handle()
     TEST_FAIL_MESSAGE("server_end_invalid_handle negative test failed at client side");
 }
 
-//Testing server end handle is null (PSA_NULL_HANDLE)
-void server_end_null_handle()
-{
-    psa_connect(PART2_END_NULL_HANDLE, MINOR_VER);
-
-    TEST_FAIL_MESSAGE("server_end_null_handle negative test failed at client side");
-}
-
 //Testing server end rhandle is not NULL and msg type is disconnect
-void server_set_rhandle_invalid()
+void server_set_rhandle_during_disconnect()
 {
     psa_handle_t handle = 0;
 
-    handle = negative_server_ipc_tests_connect(PART2_SET_RHANDLE_INVALID, MINOR_VER);
+    handle = negative_server_ipc_tests_connect(PART2_SET_RHANDLE_DURING_DISCONNECT, MINOR_VER);
 
     psa_close(handle);
-
-    TEST_FAIL_MESSAGE("server_set_rhandle_invalid negative test failed at client side");
+    // Wait for psa_close to finish on server side
+    osDelay(50);
+    TEST_FAIL_MESSAGE("server_set_rhandle_during_disconnect negative test failed at client side");
 }
 
 //Testing server notify partition id doesnt exist
@@ -339,8 +332,7 @@ PSA_NEG_TEST(server_write_rx_buff_null)
 PSA_NEG_TEST(server_write_invalid_handle)
 PSA_NEG_TEST(server_write_null_handle)
 PSA_NEG_TEST(server_end_invalid_handle)
-PSA_NEG_TEST(server_end_null_handle)
-PSA_NEG_TEST(server_set_rhandle_invalid)
+PSA_NEG_TEST(server_set_rhandle_during_disconnect)
 PSA_NEG_TEST(server_notify_part_id_invalid)
 PSA_NEG_TEST(server_psa_identity_invalid_handle)
 PSA_NEG_TEST(server_psa_identity_null_handle)
@@ -381,8 +373,7 @@ Case cases[] = {
     SPM_UTEST_CASE("Testing server write handle does not exist on the platform", server_write_invalid_handle),
     SPM_UTEST_CASE("Testing server write handle is PSA_NULL_HANDLE", server_write_null_handle),
     SPM_UTEST_CASE("Testing server end handle does not exist on the platform", server_end_invalid_handle),
-    SPM_UTEST_CASE("Testing server end handle is PSA_NULL_HANDLE", server_end_null_handle),
-    SPM_UTEST_CASE("Testing server set rhandle is not NULL while msg type is disconnect", server_set_rhandle_invalid),
+    SPM_UTEST_CASE("Testing server set rhandle during disconnect", server_set_rhandle_during_disconnect),
     SPM_UTEST_CASE("Testing server notify partition id doesnt exist", server_notify_part_id_invalid),
     SPM_UTEST_CASE("Testing server identify handle does not exist on the platform", server_psa_identity_invalid_handle),
     SPM_UTEST_CASE("Testing server identify handle is PSA_NULL_HANDLE", server_psa_identity_null_handle),