Add index hint to handle in handles manager

danny4478 · Michael Schwarcz · commit 4c68b71aee7a · 2018-06-07T11:53:08.000+03:00
* Done to get better performance
* Remove handles manager init() API function - initialize statically
* Add handles manager initialization reboot flow for neg tests
* Fix some compilation warnings
diff --git a/TESTS/spm/neg_client_tests/spm_reboot.c b/TESTS/spm/neg_client_tests/spm_reboot.c
@@ -55,6 +55,13 @@ void spm_reboot(void)
     memset(g_active_messages_data, 0, (sizeof(spm_active_msg_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
     memset(&g_spm, 0, sizeof(g_spm));
 
+    g_spm.channels_handle_mgr.handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
+    g_spm.channels_handle_mgr.pool_size        = MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS;
+    g_spm.channels_handle_mgr.handles_pool     = g_channels_handle_storage;
+    g_spm.messages_handle_mgr.handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
+    g_spm.messages_handle_mgr.pool_size        = MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES;
+    g_spm.messages_handle_mgr.handles_pool     = g_messages_handle_storage;
+
     psa_spm_init();
     PSA_UNUSED(status);
 }
diff --git a/TESTS/spm/neg_dual_partition/spm_reboot.c b/TESTS/spm/neg_dual_partition/spm_reboot.c
@@ -55,6 +55,13 @@ void spm_reboot(void)
     memset(g_active_messages_data, 0, (sizeof(spm_active_msg_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
     memset(&g_spm, 0, sizeof(g_spm));
 
+    g_spm.channels_handle_mgr.handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
+    g_spm.channels_handle_mgr.pool_size        = MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS;
+    g_spm.channels_handle_mgr.handles_pool     = g_channels_handle_storage;
+    g_spm.messages_handle_mgr.handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
+    g_spm.messages_handle_mgr.pool_size        = MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES;
+    g_spm.messages_handle_mgr.handles_pool     = g_messages_handle_storage;
+
     psa_spm_init();
     PSA_UNUSED(status);
 }
diff --git a/TESTS/spm/neg_server_tests/spm_reboot.c b/TESTS/spm/neg_server_tests/spm_reboot.c
@@ -55,6 +55,13 @@ void spm_reboot(void)
     memset(g_active_messages_data, 0, (sizeof(spm_active_msg_t) * MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES));
     memset(&g_spm, 0, sizeof(g_spm));
 
+    g_spm.channels_handle_mgr.handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
+    g_spm.channels_handle_mgr.pool_size        = MBED_CONF_SPM_IPC_MAX_NUM_OF_CHANNELS;
+    g_spm.channels_handle_mgr.handles_pool     = g_channels_handle_storage;
+    g_spm.messages_handle_mgr.handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
+    g_spm.messages_handle_mgr.pool_size        = MBED_CONF_SPM_IPC_MAX_NUM_OF_MESSAGES;
+    g_spm.messages_handle_mgr.handles_pool     = g_messages_handle_storage;
+
     psa_spm_init();
     PSA_UNUSED(status);
 }
diff --git a/spm/handles_manager.c b/spm/handles_manager.c
@@ -30,6 +30,13 @@
 
 
 
+/* ------------------------------------ Definitions ---------------------------------- */
+
+#define PSA_HANDLE_MGR_HANDLE_INDEX_POS         16
+#define PSA_HANDLE_MGR_HANDLE_INDEX_MSK         0xFFFF
+
+
+
 /* -------------------------------- Handle Manager Module ---------------------------- */
 
 /* The Handle Manager Module manages handles.
@@ -40,7 +47,6 @@
  * handle memory.
  *
  * Users can:
- * - Initiate the module
  * - Ask for a unique handle identifier for a given handle memory [handle_create]
  * - Ask for a pointer to the handle memory corresponding to a
  *   handle identifier [handle_get_mem]
@@ -56,45 +62,6 @@
 
 /* ------------------------------------- Functions ----------------------------------- */
 
-/**********************************************************************************************************************************
- * Function   : psa_hndl_mgr_init
- *
- * Description: This function initializes a new handle manager object.
- *              It should be called by users who want to use the handle manager module.
- *
- * Parameters : handle_mgr         - [OUT] A pointer to a handle manager object, to be filled in with handle manager instance data.
- *                                         Should be allocated by the caller.
- *              handle_mgr_storage - [IN]  A pointer to the the module storage [the handles pool].
- *                                         Should be allocated by the caller.
- *              storage_size       - [IN]  Number of elements in <handle_mgr_storage>.
- *
- * Return     : Void
- *********************************************************************************************************************************/
-void psa_hndl_mgr_init(psa_handle_manager_t *handle_mgr, psa_handle_item_t *handle_mgr_storage, size_t storage_size)
-{
-    /* Make sanity checks on arguments */
-
-    SPM_ASSERT(handle_mgr != NULL);
-    SPM_ASSERT(handle_mgr_storage != NULL);
-    SPM_ASSERT(storage_size != 0);
-
-    /* Reset and validate handle manager object */
-
-    memset(handle_mgr_storage, 0, sizeof(*handle_mgr_storage));
-    memset(handle_mgr, 0, sizeof(*handle_mgr));
-
-    for (uint32_t idx = 0; idx < storage_size; idx++) {
-
-        handle_mgr_storage[idx].handle_owner  = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER;
-        handle_mgr_storage[idx].handle_friend = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER;
-    }
-
-    handle_mgr->handle_generator = PSA_HANDLE_MGR_INVALID_HANDLE;
-    handle_mgr->pool_size        = storage_size;
-    handle_mgr->handles_pool     = handle_mgr_storage;
-}
-
-
 /**********************************************************************************************************************************
  * Function   : psa_hndl_mgr_handle_create
  *
@@ -103,18 +70,15 @@ void psa_hndl_mgr_init(psa_handle_manager_t *handle_mgr, psa_handle_item_t *hand
  *
  * Parameters : handle_mgr - [IN]  A pointer to the handle manager object
  *              handle_mem - [IN]  A pointer to a pre-allocated handle memory to get a handle identifier for
- *              friend_pid - [IN]  The partition id which is allowed to get_mem() in addition to the handle owner.
+ *              friend_pid - [IN]  The partition id which is allowed to get_mem() and destroy() in addition to the handle owner.
  *                                 Use PSA_HANDLE_MGR_INVALID_FRIEND_OWNER to denote there is no friend partition.
  *              handle     - [OUT] A pointer to a handle, to be set with the created handle identifier
  *
  * Return     : PSA_STATUS_SUCCESS on success. Error code on failure.
  *********************************************************************************************************************************/
 error_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_mgr, void *handle_mem, int32_t friend_pid, psa_handle_t *handle)
 {
-    uint32_t new_handle = PSA_HANDLE_MGR_INVALID_HANDLE;
-
-
-    /* Make sanity checks on arguments */
+    // Make sanity checks on arguments
     SPM_ASSERT(handle_mgr != NULL);
     SPM_ASSERT(handle_mem != NULL);
     SPM_ASSERT(handle != NULL);
@@ -123,34 +87,38 @@ error_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_mgr, void *handl
     *handle = PSA_NULL_HANDLE;
 
 
-    /* Get active partition id - Needed for requester identification */
+    // Get active partition id - Needed for requester identification
     spm_partition_t *curr_part_ptr = get_active_partition();
-    int32_t      current_pid   = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER);
-    uint32_t expected = INT32_MAX;
-    /* Avoid passing INT32_MAX. Start again from 0 if reached.
-     * The reason for that is that SPM which uses the handles manager will relate to a negative int32_t integer
-     * as an error code and not as a valid handle.
-     * */
+    int32_t          current_pid   = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER);
+    uint32_t         expected      = UINT16_MAX;
+
+    // Avoid passing UINT16_MAX. Start again from 0 if reached.
+    // The reason for this is that we use the 16 upper bits to store the handle's index in the handles pool (for performance reasons)
     core_util_atomic_cas_u32( (uint32_t *)( &(handle_mgr->handle_generator) ),
-                            &expected,
-                            PSA_HANDLE_MGR_INVALID_HANDLE
-                          );
+                              &expected,
+                              PSA_HANDLE_MGR_INVALID_HANDLE
+                            );
 
-    /* Generate a new handle identifier */
-    new_handle = core_util_atomic_incr_u32(&(handle_mgr->handle_generator), 1);
+    // Generate a new handle identifier
+    uint32_t tmp_handle = core_util_atomic_incr_u32(&(handle_mgr->handle_generator), 1);
 
-    /* Look for a vacant space in handles pool for the generated handle */
+    // Look for a vacant space in handles pool for the generated handle
     for(uint32_t pool_ix = 0; pool_ix < handle_mgr->pool_size; pool_ix++) {
+
         expected = PSA_HANDLE_MGR_INVALID_HANDLE;
-        /* Store the generated handle in the handles pool */
+
+        // Write the handles pool index in the upper 16 bits of the handle
+        uint32_t new_handle = ((pool_ix << PSA_HANDLE_MGR_HANDLE_INDEX_POS) | tmp_handle);
+
+        // Store the generated handle in the handles pool
         if(core_util_atomic_cas_u32( (uint32_t *)( &(handle_mgr->handles_pool[pool_ix].handle) ),
-                                    &expected,
-                                    new_handle
-                                 )) {
+                                     &expected,
+                                     new_handle
+                                   )) {
 
-            /* Handle is successfully stored in handles pool */
+            // Handle is successfully stored in handles pool
 
-            /* Store the handle memory in the handles pool, "coupled" with the stored handle  */
+            // Store the handle memory in the handles pool, "coupled" with the stored handle
             handle_mgr->handles_pool[pool_ix].handle_mem    = handle_mem;
             handle_mgr->handles_pool[pool_ix].handle_owner  = current_pid;
             handle_mgr->handles_pool[pool_ix].handle_friend = friend_pid;
@@ -160,11 +128,11 @@ error_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_mgr, void *handl
             return PSA_SUCCESS;
         }
 
-        /* Occupied index in handles pool - continue looping */
+        // Occupied index in handles pool - continue looping
     }
 
 
-    /* No vacant space for new handle. No worries about the generated handle - it will not be used */
+    // No vacant space for new handle. No worries about the generated handle - it will not be used
 
     return PSA_GENERIC_ERROR;
 }
@@ -182,50 +150,45 @@ error_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_mgr, void *handl
  *********************************************************************************************************************************/
 void psa_hndl_mgr_handle_destroy(psa_handle_manager_t *handle_mgr, psa_handle_t handle)
 {
-    /* Make sanity checks on arguments */
+    // Make sanity checks on arguments
     SPM_ASSERT(handle_mgr != NULL);
     SPM_ASSERT(handle != PSA_NULL_HANDLE);
 
 
-    /* Get active partition id - Needed for requester identification */
-    spm_partition_t *curr_part_ptr = get_active_partition();
-    int32_t      current_pid   = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER);
-
-
-    /* Look for <handle> in handles pool */
-    for(uint32_t pool_ix = 0; pool_ix < handle_mgr->pool_size; pool_ix++) {
-
-        if(handle_mgr->handles_pool[pool_ix].handle == handle) {
-
-            if((handle_mgr->handles_pool[pool_ix].handle_owner != current_pid) &&
-                (handle_mgr->handles_pool[pool_ix].handle_friend != current_pid)) {
+    // Get the handle's index in the handles pool
+    uint32_t pool_ix = ((handle >> PSA_HANDLE_MGR_HANDLE_INDEX_POS) & PSA_HANDLE_MGR_HANDLE_INDEX_MSK);
+    if(pool_ix >= handle_mgr->pool_size)
+    {
+        SPM_PANIC("[ERROR] Handle's index [%d] is bigger than handles pool size [%d]! \n", (int)pool_ix, (int)(handle_mgr->pool_size));
+    }
 
-                // The SPM_PANIC() macro will exit the program
-                SPM_PANIC("[ERROR] Request for destroy by non-owner or friend!\n");
-            }
+    if(handle_mgr->handles_pool[pool_ix].handle != handle) {
+        SPM_PANIC("[ERROR] Handle %d is not found in expected index! \n", (int)handle);
+    }
 
-            /* Handle found in handles pool */
+    // Get active partition id - Needed for requester identification
+    spm_partition_t *curr_part_ptr = get_active_partition();
+    int32_t          current_pid   = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER);
 
-            handle_mgr->handles_pool[pool_ix].handle = PSA_NULL_HANDLE;
-            handle_mgr->handles_pool[pool_ix].handle_owner  = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER;
-            handle_mgr->handles_pool[pool_ix].handle_friend = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER;
+    if( (handle_mgr->handles_pool[pool_ix].handle_owner != current_pid) &&
+        (handle_mgr->handles_pool[pool_ix].handle_friend != current_pid)
+      ) {
 
-            return;
-        }
+        // The SPM_PANIC() macro will exit the program
+        SPM_PANIC("[ERROR] Request for destroy by non-owner or friend!\n");
     }
 
-
-    // Handle not found in handles pool - the SPM_PANIC() macro will exit the program
-
-    SPM_PANIC("[ERROR] Handle not found %d! \n", (int)handle);
+    handle_mgr->handles_pool[pool_ix].handle        = PSA_NULL_HANDLE;
+    handle_mgr->handles_pool[pool_ix].handle_owner  = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER;
+    handle_mgr->handles_pool[pool_ix].handle_friend = PSA_HANDLE_MGR_INVALID_FRIEND_OWNER;
 }
 
 
 /**********************************************************************************************************************************
  * Function   : psa_hndl_mgr_handle_get_mem
  *
  * Description: This function looks for the handle memory corresponding to <handle>.
- *              If it is not found in the handles pool, the function fails.
+ *              If it is not found in the expected index in the handles pool, the function fails.
  *
  * Parameters : handle_mgr - [IN]  A pointer to the handle manager object
  *              handle     - [IN]  The handle for which we request the corresponding memory handle
@@ -235,7 +198,7 @@ void psa_hndl_mgr_handle_destroy(psa_handle_manager_t *handle_mgr, psa_handle_t
  *********************************************************************************************************************************/
 void psa_hndl_mgr_handle_get_mem(psa_handle_manager_t *handle_mgr, psa_handle_t handle, void **handle_mem)
 {
-    /* Make sanity checks on arguments */
+    // Make sanity checks on arguments
 
     SPM_ASSERT(handle_mgr != NULL);
     SPM_ASSERT(handle_mem != NULL);
@@ -247,42 +210,34 @@ void psa_hndl_mgr_handle_get_mem(psa_handle_manager_t *handle_mgr, psa_handle_t
     }
 
 
-    /* Get active partition id - Needed for requester identification */
-    spm_partition_t *curr_part_ptr = get_active_partition();
-    int32_t      current_pid   = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER);
-
-
-    *handle_mem = NULL;
-
-
-    /* Look for <handle> in handles pool */
-    for(uint32_t pool_ix = 0; pool_ix < handle_mgr->pool_size; pool_ix++) {
-
-        if(handle_mgr->handles_pool[pool_ix].handle == handle) {
-
-            /* Handle found in handles pool */
-
-            if( (current_pid != handle_mgr->handles_pool[pool_ix].handle_owner) &&
-                (current_pid != handle_mgr->handles_pool[pool_ix].handle_friend)
-              ) {
+    // Get the handle's index in the handles pool
+    uint32_t pool_ix = ((handle >> PSA_HANDLE_MGR_HANDLE_INDEX_POS) & PSA_HANDLE_MGR_HANDLE_INDEX_MSK);
+    if(pool_ix >= handle_mgr->pool_size)
+    {
+        SPM_PANIC("[ERROR] Handle's index [%d] is bigger than handles pool size [%d]! \n", (int)pool_ix, (int)(handle_mgr->pool_size));
+    }
 
-                // The SPM_PANIC() macro will exit the program
-                SPM_PANIC("[ERROR] Request for handle memory is not allowed for this partition! \n");
-            }
+    if(handle_mgr->handles_pool[pool_ix].handle != handle) {
+        SPM_PANIC("[ERROR] Handle %d is not found in expected index! \n", (int)handle);
+    }
 
-            *handle_mem = handle_mgr->handles_pool[pool_ix].handle_mem;
+    // Get active partition id - Needed for requester identification
+    spm_partition_t *curr_part_ptr = get_active_partition();
+    int32_t          current_pid   = ((curr_part_ptr != NULL) ? curr_part_ptr->partition_id : PSA_NSPE_IDENTIFIER);
 
-            /* If a valid handle is "coupled" with a NULL handle memory then
-             * it is an internal module error or memory was overwritten --> Assert */
-            SPM_ASSERT(*handle_mem != NULL);
+    if( (current_pid != handle_mgr->handles_pool[pool_ix].handle_owner) &&
+        (current_pid != handle_mgr->handles_pool[pool_ix].handle_friend)
+      ) {
 
-            return;
-        }
+        // The SPM_PANIC() macro will exit the program
+        SPM_PANIC("[ERROR] Request for handle memory is not allowed for this partition! \n");
     }
 
 
-    // Handle not found in handles pool - the SPM_PANIC() macro will exit the program
+    *handle_mem = handle_mgr->handles_pool[pool_ix].handle_mem;
 
-    SPM_PANIC("[ERROR] Handle %d not found! \n", (int)handle);
+    /* If a valid handle is "coupled" with a NULL handle memory then
+     * it is an internal module error or memory was overwritten --> Assert */
+    SPM_ASSERT(*handle_mem != NULL);
 }
 
diff --git a/spm/handles_manager.h b/spm/handles_manager.h
@@ -37,7 +37,12 @@ extern "C" {
 /* ------------------------------------ Definitions ---------------------------------- */
 
 #define PSA_HANDLE_MGR_INVALID_HANDLE           ((uint32_t)PSA_NULL_HANDLE)
-#define PSA_HANDLE_MGR_INVALID_FRIEND_OWNER     (-2)    // Denoting invalid friend or invalid owner
+
+#define PSA_HANDLE_MGR_INVALID_FRIEND_OWNER     0       // Denoting invalid friend or invalid owner
+
+#define PSA_HANDLE_MGR_MAX_HANDLES_NUM          0x8000  // Handles manager pool indexes must be in range 0 - 0x7FFF.
+                                                        // The reason for this limitation is that the index is stored in the upper 16 bits of a handle,
+                                                        // and the most significant bit must be zero to keep handles non negative.
 
 
 
@@ -82,7 +87,6 @@ handles_pool
 
 /* ------------------------------------- Functions ----------------------------------- */
 
-void psa_hndl_mgr_init(psa_handle_manager_t *handle_manager, psa_handle_item_t *handle_mgr_storage, size_t storage_size);
 error_t psa_hndl_mgr_handle_create(psa_handle_manager_t *handle_manager, void *handle_mem, int32_t friend_pid, psa_handle_t *handle);
 void psa_hndl_mgr_handle_destroy(psa_handle_manager_t *handle_manager, psa_handle_t handle);
 void psa_hndl_mgr_handle_get_mem(psa_handle_manager_t *handle_manager, psa_handle_t handle, void **handle_mem);
diff --git a/spm/spm_init.c b/spm/spm_init.c
diff --git a/spm/spm_server.c b/spm/spm_server.c
