quickjs-tart

quickjs-based runtime for wallet-core logic
Log | Files | Refs | README | LICENSE

README.md (2055B)

      1 # psasim
      2 
      3 This tool simulates a PSA Firmware Framework implementation.
      4 It allows you to develop secure partitions and their clients on a desktop computer.
      5 It should be able to run on all systems that support POSIX and System V IPC:
      6 e.g. macOS, Linux, FreeBSD, and perhaps Windows 10 WSL2.
      7 
      8 Please note that the code in this directory is maintained by the Mbed TLS / PSA Crypto project solely for the purpose of testing the use of Mbed TLS with client/service separation. We do not recommend using this code for any other purpose. In particular:
      9 
     10 * This simulator is not intended to pass or demonstrate compliance.
     11 * This code is only intended for simulation and does not have any security goals. It does not isolate services from clients.
     12 
     13 ## Building
     14 
     15 To build and run the test program make sure you have `make`, `python` and a
     16 C compiler installed and then enter the following commands:
     17 
     18 ```sh
     19 make install
     20 make run
     21 ```
     22 
     23 On Linux you may need to run `ldconfig` to ensure the library is properly installed.
     24 
     25 An example pair of programs is included in the `test` directory.
     26 
     27 ## Features
     28 
     29 The implemented API is intended to be compliant with PSA-FF 1.0.0 with the exception of a couple of things that are a work in progress:
     30 
     31 * `psa_notify` support
     32 * "strict" policy in manifest
     33 
     34 The only supported "interrupts" are POSIX signals, which act
     35 as a "virtual interrupt".
     36 
     37 The standard PSA RoT APIs are not included (e.g. cryptography, attestation, lifecycle etc).
     38 
     39 ## Design
     40 
     41 The code is designed to be readable rather than fast or secure.
     42 In this implementation only one message is delivered to a
     43 RoT service at a time.
     44 The code is not thread-safe.
     45 
     46 To debug the simulator enable the debug flag:
     47 
     48 ```sh
     49 make DEBUG=1 install
     50 ```
     51 
     52 ## Unsupported features
     53 
     54 Because this is a simulator there are a few things that
     55 can't be reasonably emulated:
     56 
     57 * Manifest MMIO regions are unsupported
     58 * Manifest priority field is ignored
     59 * Partition IDs are in fact POSIX `pid_t`, which are only assigned at runtime,
     60   making it infeasible to populate pid.h with correct values.