Commits · ab1dd999dbfa956936c1cc43e6e78f7ce62a60ea · Infra Solutions / Reference Design / platsw / trusted-firmware-m

Jun 17, 2021

Docs: Move build instruction and user guide into technical reference · ab1dd999

Summer Qin authored May 25, 2021



Move build instruction document and user guide document from getting
started into technical references folder. Rename 'tfm_user_guide.rst'
to 'tfm_run_instruction.rst'. This will make the document structure
more clear for readers.

Signed-off-by: Summer Qin <summer.qin@arm.com>
Change-Id: I69d46151f2cb97c828c1b82775ffd1af9032ed45

ab1dd999

Jun 16, 2021

SPM: Fix build warnings · 54d47fbd

Kevin Peng authored Jun 15, 2021



This patch fixes some build warnings

Change-Id: I749f92f7014433afede634771849242a80fc00ff
Signed-off-by: Kevin Peng <kevin.peng@arm.com>

54d47fbd

Jun 15, 2021

Tools: Update manifest parse tools for SFN · caefb8f2

Shawn Shan authored Apr 15, 2021



Change-Id: I50ea7e21cec5ab39c262827c0b3e15bc2603fce6
Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>

caefb8f2

SPM: Stateless services can be searched by sid · ef42f444

Mingyang Sun authored Jun 11, 2021



Stateless services need to be able to be found by SID. This is
required in 'psa_connect()' and 'psa_version()' API.
Error check order in 'psa_connect()' is also updated: If a
stateless service SID is detected, block the connection directly.

Change-Id: If5182d72986173eb33ff1af99dff79cb3661f0fe
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>

ef42f444

Tool: Fix default service version setting · 294ce2e5

Mingyang Sun authored Jun 11, 2021



As mentioned in FF-M, if "version" attribute is not specified,
default value is "1", if "version_policy" is not specified,
default value is "STRICT".

Change-Id: Iefc406d966a951e8e827c67abbecdf2522ba2cbb
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>

294ce2e5

Build: Remove duplicated target source in platform_s · 8dfeefe2

Xinyu Zhang authored Jun 11, 2021



According to line 49, attest_hal.c is added twice in target platform_s.
Remove this line because this file should only be added
when PLATFORM_DUMMY_ATTEST_HAL is enabled.

Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: Ie4df4763b9473a724eb4267f26b67147022e7639

8dfeefe2

Jun 11, 2021

Docs: Move tools documents to technical references folder · adc485ad

Summer Qin authored May 24, 2021



Move tools documents from getting started to technical references
folder.

Signed-off-by: Summer Qin <summer.qin@arm.com>
Change-Id: I8ed8e2fe5c3a9de4afa5ceeb04fbea38562b2f6c

adc485ad

Build: Check whether ITS partition is ON when PS partition is enabled · fb722dae

Sherry Zhang authored Jun 01, 2021



Currently, the PS partition relies on the ITS partition to access the flash
file system. So build time error will happen if ITS partition is not enabled
while PS partition is enabled. This commit adds checking the status of the
two partitions at configure time.

Change-Id: I3d7a30243209a1400524135a81bbc6037ec9d18f
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>

fb722dae

Jun 10, 2021

platform: stm: Fix stm32l562e_dk test config with ARMCLANG · 404053e0

Michel Jaouen authored Jun 07, 2021



Change-Id: I7b8946ab6aa1939b130be9ccee618a6d09e17684
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>

404053e0

platform: stm: Extend compiler path to all compiler postbuild script · 68cb2a6f

Michel Jaouen authored Jun 04, 2021



It extends and makes the path optional, to keep compatibility with
user using default compiler name

Change-Id: I848b93940ca40eba0fb19471acc472b4d7b18309
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>

68cb2a6f

Jun 09, 2021

Attest: Remove unused variables · 0c4ed5d8

Shawn Shan authored Jun 09, 2021



The variable 'attest_res' and 'psa_curve' are not used in the function
attest_calc_instance_id, remove them.

Change-Id: I0e259c29f3fc2c88915ad99c22daf4d639505293
Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>

0c4ed5d8

SPM: Remove unused function · 8ddcfd48

Shawn Shan authored Jun 09, 2021



The function tfm_spm_partition_get_flags is not used in IPC mode now,
remove it.

Change-Id: Ia36823367784c0ad827c1c0e228ba2a65d0268e5
Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>

8ddcfd48

FWU: Remove obsolete comment. · 409023fa

Sherry Zhang authored Jun 04, 2021



Change-Id: Ifa732eceb06a2248d562f4c68e84b0488e8089db
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>

409023fa

Jun 08, 2021

SPM: Add IRQ data in Partition Loading · 27e42274

Kevin Peng authored May 24, 2021



This patch:
 - Adds IRQ load data structure
 - Moves IRQ data into Partition load info
 - Moves Interrupt initialization from main() to load api
 - Updates get_irq_line_for_signal() accordingly
 - Moves tfm_irq_list.h to Library Model as it is not used by IPC

Change-Id: I4945e24bd977ef3d3e472bc58dfa618c3fb2d706
Signed-off-by: Kevin Peng <kevin.peng@arm.com>

27e42274

SPM: Invert tfm_spm_check_buffer_access() logic · f8564cbf

Antonio De Angelis authored Apr 28, 2021



Invert the logic for the tfm_spm_check_buffer_access() function
to conform to "0 means success" and align to other APIs. Refactor
the function itself to provide different return codes on error and
a default failure return instead of default success.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I40ef814a472375cdb2c40ac75dd5f605a9eccbfe

f8564cbf

SPM: Rename 'static_info' to 'load_info' · 8d004f77

Mingyang Sun authored Jun 01, 2021



Change the static data name to 'load_info' since they
are used for loading partition and services.

Change-Id: I061c55e570086930a852374207864d0a2fb9c06d
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>

8d004f77

HAL: Replace the 'idx' input param with 'privileged' · 61f8fbc2

Mingyang Sun authored Jun 04, 2021



In tfm_spm_hal_configure_default_isolation(), a partition index
is passed in to query the partition privilege. Change to pass
in privilege directly instead of the partition index.

Change-Id: Id046431cc8e224a94e83a71564ba2843fabf8ed7
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>

61f8fbc2

Profiles: Optimize Crypto memory footprint in Profile Small · 327bc844

David Hu authored May 13, 2021



Optimize the memory footprint required by Crypto service in Profile
Small.

- Decrease the MAX number of concurrent multi-part operations to 4.
- Decrease the heap size used in backend crypto library since asymmetric
  cryptography is disabled.

Change-Id: If1b8d4b6cef098e132bd891a140be278993bf6c2
Signed-off-by: David Hu <david.hu@arm.com>

327bc844

Crypto: Change to stateless service · aee07882

Summer Qin authored Mar 29, 2021



Crypto service does not require a client to call to psa_connect()
or psa_close(). Instead the service can use a stateless mechanism.
Related documents are also updated.

Note: Framework version of Crypto partition has been updated to 1.1,
but not all features of FF-M 1.1 are implemented now.

Change-Id: Iad628667e4b63e809c933fb263734403c6274bf9
Signed-off-by: Summer Qin <summer.qin@arm.com>

aee07882

Jun 07, 2021

platform: nordic: rearrange veneer placement on builds without BL2 · 32a74314

Ioannis Glaropoulos authored Jun 04, 2021 and

Anton Komlev committed Jun 08, 2021



For builds without BL2, or when BL2 will be booting a single
combined S and NS image, we force placing the veneers section
at the end of the image (position 3), so as not to waste space
as a result of the nRF veneer section alignment requirements.
For regular builds with BL2 we keep the veneer placement as is
(positions 1 or 2 depending on whether PSA_API_TEST_NS is
defined).

Change-Id: I292f9ec996445b9d7acedd1db24117d9345f3346
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>

32a74314

Platform: Initialize PSA test memory on power-on and pin reset · 4d1b7b38

Andreas Vibeto authored Jun 03, 2021



Initialize the memory area on both power-on and pin reset
Only initialize memory from the non-secure application to prevent
initializing twice
Clear reset register after reading

Signed-off-by: Andreas Vibeto <andreas.vibeto@nordicsemi.no>
Change-Id: If3aee8d5b31f0a48ec432e3d3f39c029cda3fd7a

4d1b7b38

Build: Update tf-m-tests version · de3cc52e

David Hu authored Jun 05, 2021



Change-Id: If1d4ba1aaa706a1a6bbe3651454bfc717b369774
Signed-off-by: David Hu <david.hu@arm.com>

de3cc52e

Attest: Support to retrieve Initial Attestation public key in runtime · eaf9fc79

David Hu authored Jun 05, 2021



Enable ATTEST_TEST_GET_PUBLIC_KEY flag in Musca-B1 and Musca-S1 with OTP
enabled.
Add Initial Attestation test service in manifest list.

Change-Id: I8e982ee1a7c31548b4e7c74b937e17660cb0e89e
Signed-off-by: David Hu <david.hu@arm.com>

eaf9fc79

Crypto: Fix Mbed TLS key operation return code · c8c616ef

David Hu authored Jun 03, 2021

PSA Crypto API spec requests key operation to return error code
PSA_ERROR_INVALID_HANDLE when the key doesn't exist.
However, according to [1], PSA key operation implementation in Mbed TLS
returns PSA_ERROR_DOES_NOT_EXIST instead.

TF-M currently works normally since TF-M specific key handle check will
return PSA_ERROR_INVALID_HANDLE for a non-existing key, without calling
Mbed TLS PSA key operation.

Apply the merged Mbed TLS fix to TF-M to prepare for enhancement of TF-M
key handle check.

[1]: https://github.com/ARMmbed/mbedtls/pull/4198



Change-Id: I79dda1c54dc8377afbfaefdf180bb81c7ff99f02
Signed-off-by: David Hu <david.hu@arm.com>

c8c616ef

SPM: Rename SVC numbers to make more sense · 2bedfcdd

Ken Liu authored Jun 04, 2021



- 'TFM_SVC_HANDLER_MODE' works for SPM initialization.
- 'TFM_SVC_NUMBER_DIVIDER' is actually the end number for
  thread mode supervisor call.
- Define a new name to indicate handler mode SVC number start.

Change-Id: I754b3cb62c892e42b439dc12fe2b3efb0ee72709
Signed-off-by: Ken Liu <Ken.Liu@arm.com>

2bedfcdd

SPM: Add partition runtime region in the linker (IAR) · 6a45e1cc

TTornblom authored Jun 03, 2021



Update to the IAR linker script for patch #10148

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Change-Id: I142f9305965ddbb7cc7ac45ae9ba269dce7ee587

6a45e1cc

Jun 04, 2021

Docs : adding Documentation for SQUAD dashboard · fd6abeda

hugolhst-arm authored May 05, 2021



This patch adds a documentation page for the SQUAD dashboard in tf.org.

Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: Ic47926d1a5b04615303955913b8fc7f4a3b5332f

fd6abeda

Platform: Add arm folder for arm platforms · 2de23d03

Summer Qin authored May 14, 2021



Put arm platforms into arm folder and remove some unused
cryptocell-312-runtime. It will be convenient for users and
developers.

Signed-off-by: Summer Qin <summer.qin@arm.com>
Change-Id: I1187a8f2b18903e531ce28b2d23be251ec1e2b45

2de23d03

Boot & FWU: Add support of reverting mechanism in DIRECT_XIP mode · c4d8e2c5

Sherry Zhang authored May 31, 2021



After updating the version of MCUBoot, revert mechanism in DIRECT_XIP
mode is supported in MCUBoot. This commit adds the support of it in
build system and updates the mcuboot based FWU shim layer
implementation accordingly.

Change-Id: I017d02e4161daee56f54ed3ed09f98ebb9a776e0
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>

c4d8e2c5

Boot: Add checking build address in DIRECT_XIP strategy · ae25f059

Sherry Zhang authored May 13, 2021



In DIRECT_XIP MCUboot upgrade strategy, MCUboot checks the image running
address if the IMAGE_F_ROM_FIXED flag is set in image header. This
commit sets this flag and the target running address in the image
header in DIRECT_XIP strategy.

Change-Id: I8168e176e8fe47847abca1278bf05de1c1ff6d64
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>

ae25f059

Jun 03, 2021

platform: stm: pass compiler path to STM32L552 postbuild script · 6364f613

Ioannis Glaropoulos authored May 26, 2021



The STM32 post-build script is passed the compiler full
name and path, and we remove the hard-coded call to
arm-none-eabi-gcc. The rationale for doing this is to
allow the script to work when the compiler application
is not in the (default) path, and/or to allow the script
to work with other GCC compilers (such as the Zephyr
SDK GCC compiler), not only with GMU ARM Embedded.

Change-Id: Ie45288002328bc03d0be0f4bbddd384f83741e36
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>

6364f613

Build: Minor fix for syntax errors in IAR linker script · ad921507

TTornblom authored Jun 03, 2021



Commit f6a78572 introduced a minor fix that contained a couple
of syntax errors that prevented linking of the secure image.

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Change-Id: Id0f5adae0f3721b758b2adbbf26d2cce1b2199c8

ad921507

Build: Add a patch to fix PSA API attestation test suite build · 39bb990c

David Hu authored Jun 03, 2021



Add a patch to fix the build issue of PSA API attestation test suite
after Initial Attestation get public key API is removed.

Change-Id: I692fe1772fbc5e46924deb412508ceb4590bcaa8
Signed-off-by: David Hu <david.hu@arm.com>

39bb990c

SPM: Fix load info manifest template · a03ad02c

Mingyang Sun authored Jun 01, 2021



Numbers should be represented correctly. Hex number does not
have "0x" prefix in template.

Change-Id: I334abc0e6ffdd1a7ceb03875f4424298d366c1aa
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>

a03ad02c

Jun 02, 2021

SPM: Fix warning of discarded qualifiers · a38e9b50

Xinyu Zhang authored Jun 02, 2021



Fix warning of assignment discards 'const' qualifier from pointer target type

Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: I71f57d9dd71dc987c6983dc0ef37259927bd6fe8

a38e9b50

SPM: Modify codes to pass CI CheckPatch · 3a453243

Xinyu Zhang authored Apr 16, 2021



Following errors/warnings are resolved:
  C99_COMMENTS: do not use C99 // comments
  CONSTANT_COMPARISON: Comparisons should place the constant on the right side
  FUNCTION_WITHOUT_ARGS: Bad function definition
  LINE_CONTINUATIONS: Avoid unnecessary line continuations
  LINE_SPACING: Missing a blank line after declarations
  LONG_LINE: line length exceeds 100 columns
  PREFER_ALIGNED: __aligned(x) is preferred over __attribute__((aligned(x)))
  PREFER_SECTION: __section(x) is preferred over __attribute__((section(x)))
  SPACING: space prohibited between function name and open parenthesis '('
  SPACING: spaces required around that '='
  TYPO_SPELLING: words misspelled

Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: I0ceefff582c7b70ea86b7080f763c931b758849e

3a453243

Build: Update tf-m-tests commit · 16ad2afb

David Hu authored Jun 01, 2021



Change-Id: Id9859a00f5b7be0c0fb24724b2dd0c5738682c67
Signed-off-by: David Hu <david.hu@arm.com>

16ad2afb

Attest: Remove initial attestation get public key API function · 611610c1

David Hu authored May 14, 2021



It is overkill to implement a dedicated secure function for NS to fetch
initial attestation public key just for test purpose.
Besides, this function to get public key can be confusing as it is not
defined in PSA Initial Attestation API spec.

Remove get public key secure function from NS and S sides to simplify
TF-M initial attestation implementation and interface.

Change-Id: I8d0967698e3d2f2c684194caa9a6234585026a71
Signed-off-by: David Hu <david.hu@arm.com>

611610c1

Move tf_fuzz to tf-m-tools repo · 51546c2e

Karl Zhang authored May 31, 2021



Delete all tf_fuzz files from tf-m repo.

Change-Id: I7d8ad69c783b6ede6792c83903ba4c7789b9563f
Signed-off-by: Karl Zhang <karl.zhang@arm.com>

51546c2e

May 31, 2021

SPM: Optimize stateless service logic · b3b2cb6a

Ken Liu authored May 22, 2021



- Rename the variables to make more sense.
- Do not chain stateless services as they are never looked up.
- Fine-tune the bit definition of service flags.

Change-Id: Ie242ceefa0a9b43581d12963a92e59c6da3fa3af
Signed-off-by: Ken Liu <Ken.Liu@arm.com>

b3b2cb6a