Merge changes from topic "jpc/rsi-replace-panic-with-error-code" into…

… integration * changes: refactor(lib/attestation): replace panic() with RSI_ERROR_UNKNOWN feat(lib/smc): add RSI_ERROR_UNKNOWN
TF-RMM · Sep 19, 2024 · b8c938c · b8c938c
2 parents 2c521ed + ad871f9
commit b8c938c
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 9 deletions.
diff --git a/lib/smc/include/smc-rsi.h b/lib/smc/include/smc-rsi.h
@@ -55,7 +55,10 @@
 /* The operation requested by the command is not complete */
 #define RSI_INCOMPLETE		UL(3)
 
-#define RSI_ERROR_COUNT		UL(4)
+/* The operation requested by the command failed for an unknown reason */
+#define RSI_ERROR_UNKNOWN	UL(4)
+
+#define RSI_ERROR_COUNT		UL(5)
 
 /* RsiHashAlgorithm */
 #define RSI_HASH_SHA_256	U(0)

diff --git a/runtime/rsi/logger.c b/runtime/rsi/logger.c
@@ -17,7 +17,7 @@
 /* Max 10 64-bit parameters separated by space */
 #define PARAMS_STR_LEN	(10UL * sizeof("0123456789ABCDEF"))
 
-#define MAX_STATUS_LEN	sizeof("{RSI_ERROR_INPUT}")
+#define MAX_STATUS_LEN	sizeof("RSI_ERROR_UNKNOWN")
 
 #define BUFFER_SIZE	(MAX_NAME_LEN + PARAMS_STR_LEN + \
 			sizeof(" > ") - 1UL + MAX_STATUS_LEN)
@@ -57,7 +57,8 @@ static const char * const rsi_status_string[] = {
 	RSI_STATUS_STRING(SUCCESS),
 	RSI_STATUS_STRING(ERROR_INPUT),
 	RSI_STATUS_STRING(ERROR_STATE),
-	RSI_STATUS_STRING(INCOMPLETE)
+	RSI_STATUS_STRING(INCOMPLETE),
+	RSI_STATUS_STRING(ERROR_UNKNOWN)
 };
 
 COMPILER_ASSERT(ARRAY_LEN(rsi_status_string) == RSI_ERROR_COUNT);

diff --git a/runtime/rsi/realm_attest.c b/runtime/rsi/realm_attest.c
@@ -155,8 +155,9 @@ void handle_rsi_attest_token_init(struct rec *rec, struct rsi_result *res)
 				rec->aux_data.attest_heap_buf,
 				REC_HEAP_SIZE);
 	if (att_ret != 0) {
-		/* There is no provision for this failure so panic */
-		panic();
+		ERROR("Failed to initialize attestation token context.\n");
+		res->smc_res.x[0] = RSI_ERROR_UNKNOWN;
+		return;
 	}
 
 	/* Initialize length fields in attestation data */
@@ -186,8 +187,9 @@ void handle_rsi_attest_token_init(struct rec *rec, struct rsi_result *res)
 	granule_unlock(rec->realm_info.g_rd);
 
 	if (att_ret != 0) {
-		ERROR("FATAL_ERROR: Realm token creation failed\n");
-		panic();
+		ERROR("Realm token creation failed.\n");
+		res->smc_res.x[0] = RSI_ERROR_UNKNOWN;
+		return;
 	}
 
 	res->smc_res.x[0] = RSI_SUCCESS;
@@ -251,8 +253,9 @@ void handle_rsi_attest_token_continue(struct rec *rec,
 		} else if ((ret != ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS) &&
 			(ret != ATTEST_TOKEN_ERR_SUCCESS)) {
 			/* Accessible only in case of failure during token signing */
-			ERROR("FATAL_ERROR: Realm token sign failed\n");
-			panic();
+			ERROR("Realm token signing failed.\n");
+			res->smc_res.x[0] = RSI_ERROR_UNKNOWN;
+			return;
 		}
 
 		res->smc_res.x[0] = RSI_INCOMPLETE;