This tool simulates a PSA Firmware Framework implementation. It allows you to develop secure partitions and their clients on a desktop computer. It should be able to run on all systems that support POSIX and System V IPC: e.g. macOS, Linux, FreeBSD, and perhaps Windows 10 WSL2.
Please note that the code in this directory is maintained by the Mbed TLS / PSA Crypto project solely for the purpose of testing the use of Mbed TLS with client/service separation. We do not recommend using this code for any other purpose. In particular:
To build and run the test program make sure you have make, python and a
C compiler installed and then enter the following commands:
make install
make run
On Linux you may need to run ldconfig to ensure the library is properly installed.
An example pair of programs is included in the test directory.
The implemented API is intended to be compliant with PSA-FF 1.0.0 with the exception of a couple of things that are a work in progress:
psa_notify supportThe only supported "interrupts" are POSIX signals, which act as a "virtual interrupt".
The standard PSA RoT APIs are not included (e.g. cryptography, attestation, lifecycle etc).
The code is designed to be readable rather than fast or secure. In this implementation only one message is delivered to a RoT service at a time. The code is not thread-safe.
To debug the simulator enable the debug flag:
make DEBUG=1 install
Because this is a simulator there are a few things that can't be reasonably emulated:
pid_t, which are only assigned at runtime,
making it infeasible to populate pid.h with correct values.