Services do not unmap IOVECS

[brianq-ti]

If existing Crypto and Attestation services are used as connection-based services with MM_IOVECS, input vecs are not unmapped after usage which results in panic upon the next call processing.

[adeaarm]

Thanks for raising this on the mailing list. The original design for the Crypto and Attestation service was for them to be stateless services, but I appreciate that different integrations might want to interface with the service in a stateful manner, and there should be nothing in the service itself that should prevent this. So I will cherry pick the patches that fix this issue on mainline, once they have been merged.

[nicola-mazzucato-arm]

Proposed fix: https://review.trustedfirmware.org/q/topic:%22mm-invec-unmap-crypto-att%22
From the email thread within the mailing list, @brianq-ti confirmed that the set provides a fix for this issue.

Thanks

[nicola-mazzucato-arm]

There's an outstanding outcome w.r.t. to automatic unmapping that should be carried out by the framework, as stated in the FF-M-v1.1 spec, section 5.2.4:
The framework unmaps an input or output vector either in response to an unmapping call from the RoT Service, or automatically when message processing is completed.
This second part of the statement is not implemented and shall be tracked in #20

[nicola-mazzucato-arm]

Fixed with this series: https://review.trustedfirmware.org/q/topic:%22mm-invec-unmap-crypto-att%22
Thanks

[nicola-mazzucato-arm]

Added for review in release branch at: https://review.trustedfirmware.org/q/topic:%22mm-invec-unmap-crypto-att-release/2.1.x%22

[brianq-ti]

Looks good, thanks! Regards, Brian From: Nicola Mazzucato ***@***.***> Sent: Friday, January 3, 2025 5:41 AM To: TrustedFirmware-M/trusted-firmware-m ***@***.***> Cc: Quach, Brian ***@***.***>; Mention ***@***.***> Subject: [EXTERNAL] Re: [TrustedFirmware-M/trusted-firmware-m] Services do not unmap IOVECS (Issue #19) Added for review in release branch at: https: //review. trustedfirmware. org/q/topic: %22mm-invec-unmap-crypto-att-release/2. 1. x%22 — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were ZjQcmQRYFpfptBannerStart This message was sent from outside of Texas Instruments. Do not click links or open attachments unless you recognize the source of this email and know the content is safe. Report Suspicious <https://us-phishalarm-ewt.proofpoint.com/EWT/v1/G3vK!tHdmlV8nHuexpM1Md3tp9P_jFMPUDFkedOLs-Tt-tvAU8ZsrOgWZ34G3YrBhCt9yegtafGj44n4SAFRKzD8T4h2-TavhEvgJ4EFGwIaRUWdlNKf_R8T_QQI$> ‌ ZjQcmQRYFpfptBannerEnd Added for review in release branch at: https://review.trustedfirmware.org/q/topic:%22mm-invec-unmap-crypto-att-release/2.1.x%22<https://urldefense.com/v3/__https:/review.trustedfirmware.org/q/topic:*22mm-invec-unmap-crypto-att-release/2.1.x*22__;JSU!!G3vK!WNuc_K1k6nroU5pY_2dabrBBhMs9hxdc2hBIO8gOX6qk5m7mLK8MgEpkyLwkA7e9_NhqbASp_JOoYF7FAg$> — Reply to this email directly, view it on GitHub<https://urldefense.com/v3/__https:/github.com/TrustedFirmware-M/trusted-firmware-m/issues/19*issuecomment-2569094678__;Iw!!G3vK!WNuc_K1k6nroU5pY_2dabrBBhMs9hxdc2hBIO8gOX6qk5m7mLK8MgEpkyLwkA7e9_NhqbASp_JNJY2xANg$>, or unsubscribe<https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AO4DCNVBQJKOGXNNBADZJT32IZZNFAVCNFSM6AAAAABTC7MTXGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKNRZGA4TINRXHA__;!!G3vK!WNuc_K1k6nroU5pY_2dabrBBhMs9hxdc2hBIO8gOX6qk5m7mLK8MgEpkyLwkA7e9_NhqbASp_JPXfyzqxQ$>. You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>>