- Jun 19, 2019
-
-
Updates documents to consistently refer to Musca-A, rather than using a mix of Musca-A and Musca-A1. Change-Id: I6f7a9e6afe3475b4a88200f6e56bf4c5507850e4 Signed-off-by:Jamie Fox <jamie.fox@arm.com>
-
Sherry Zhang authored
The following isolation level 2 test cases are added: 1. PSA RoT accesses APP RoT memory directly, positive test. 2. APP RoT accesses PSA RoT memory directly, negative test. This test case causes 'MemManage Fault' and is disabled as default. Enable this case by defining 'TFM_IPC_ISOLATION_2_APP_ACCESS_PSA_MEM'. 3. PSA RoT writes to APP RoT read-only memory directly, negative test. This test case causes 'MemManage Fault' and is disabled as default. Defining MACRO 'TFM_IPC_ISOLATION_2_TEST_READ_ONLY_MEM' to enable this test case. 4. APP RoT takes PSA RoT memory reference as PSA API parameters, negative test. SPM memory checking filters this case out and panic so this case is disabled as default. Enable this case by defining MACRO 'TFM_IPC_ISOLATION_2_MEM_CHECK'. Change-Id: Ib8aad380ae36f39117900d06d3c9a9233dd45c8f Signed-off-by:Sherry Zhang <sherry.zhang2@arm.com>
-
- Jun 18, 2019
-
-
Antonio De Angelis authoredThis patch removes support for Armclang versions lower than 6.10. It updates documentation as well. Change-Id: I71e2c0cba01cb1b9ec06734d89ec707319a3f78c Signed-off-by:
Antonio de Angelis <antonio.deangelis@arm.com>
-
- Jun 17, 2019
-
-
In case of NO_SWAP upgrade strategy the build artefacts get a postfix (_0 or _1) to indicate which memory slot are they intended. This patch remove the _0 postfix (but _1 still exists) to be the same name of artefacts regardless the build config. Change-Id: I3a71c1212bd2f4120930e2cf033596b02c83f193 Signed-off-by:Tamas Ban <tamas.ban@arm.com>
-
Add directives around MSPLIM setting to execute MSPLIM setting only on Armv8-M. It can enable the booting on Armv6-M and Armv7-M. Change-Id: I70c0546f3c1ec48ae80e7a5727c61a397846f43f Signed-off-by:David Hu <david.hu@arm.com>
-
- Jun 14, 2019
-
-
Ashutosh Singh authored
Change-Id: Ia39f53f657ab6ef6ebddde560ec006f8c91152c1 Signed-off-by:Ashutosh Singh <ashutosh.singh@arm.com>
-
- Jun 13, 2019
-
-
Jamie Fox authored
Adds a call to the flash driver initialisation function in the dummy NV counter implementation before any other flash driver functions are called. Previously, it relied on the flash driver being already initialised, but this is not necessarily always the case. Change-Id: I061d3ae61c62704e652e161c7619d0b882c661f7 Signed-off-by:
-
- Jun 11, 2019
-
-
Gary Morrison authored
This patch introduces support for building with Armclang 6.12. Change-Id: Id90e172d46fa369461886cb9405ed33a90089fd0 Signed-off-by:Gary Morrison <gary.morrison@arm.com>
-
This change fixes some compiler related variables in the cmake files. Change-Id: Icd1059aa6b4dc7c7a617fcd6ceb3a0216854e349 Signed-off-by:Sverteczky, Marcell <marcell.sverteczky@arm.com>
-
- Jun 06, 2019
-
-
Tamas Ban authored
At documentation generation some warning was raised. Change-Id: If277951d8d0f0b6c2a43d6cc835f733cdafaadd0 Signed-off-by:
-
- Jun 04, 2019
-
-
Miklos Balint authoredIntroduce new API function in HAL and a new generic platform service to provide the means for platforms to implement proprietary functions using a uniform framework and a single secure entry point. Change-Id: I72ddbb3342ae851fe9851ccb27a54c8f4322b01f Signed-off-by:
Miklos Balint <miklos.balint@arm.com>
-
- May 31, 2019
-
-
Explicitly cast void * to sfn_t to avoid compile error Change-Id: I1033144f6cc2edb165626cc75a59fc30fa875d9d Signed-off-by:Chun-Chieh Li <ccli8@nuvoton.com>
-
Antonio De Angelis authored
This patch adjusts the required RAM size for the SPE in a MUSCA_A target to meet the worst case scenario which is 96 KB for SPE. The remaining 32 KB are reserved for the NSPE. Change-Id: Iadc72cc40b084cffd09f4461f6d088a4fdefaf31 Signed-off-by:Antonio de Angelis <antonio.deangelis@arm.com>
-
- May 30, 2019
-
-
Adjust the already present tfm_secure_lock variable on crossing the boundary between secure services and NS code in IPC model. Change-Id: If1d533c7fee28b724a74b72a9e41ea6882dd92e1 Signed-off-by:Mate Toth-Pal <mate.toth-pal@arm.com>
-
Refactors the build configuration variables so that the Core IPC tests are only built if either CORE_TEST or REGRESSION is enabled (as well as CORE_IPC). This matches the build behaviour for library model. Adds a TFM_PARTITION_TEST_CORE_IPC build variable to make it possible to compile-out the Core IPC test partition when the Core IPC tests are not built. Removes some unneeded build system behaviour that was conditional on CORE_TEST to avoid causing problems when CORE_IPC is enabled. Change-Id: Ia88bd3785817cc2dcedf88b737690fc32cc3266e Signed-off-by: -
Summer Qin authored
Below action items are performed to remove library function under IPC model: - tfm_spm_partition_init() is only used by library model, correct the inappropriate condition in it. - Condition the library function in tfm_spm_services.c, tfm_sst_req_mngr.c and spm_api.c files. - Delete unused function sst_utils_validate_secure_caller(). Change-Id: I62d956481a19d0d47bfa17a9f63c7b815011d61e Signed-off-by:Summer Qin <summer.qin@arm.com>
-
Edison Ai authored
Library model veneer source 'tfm_veneers.c' is removed under IPC model. Change-Id: I23d0789b564766ab39b08f737300a864595114ad Signed-off-by:Edison Ai <edison.ai@arm.com>
-
Edison Ai authored
'tfm_secure_client_service_veneers.h' is used for library mode, make the inclusion of it conditionally by 'TFM_PSA_API'. Change-Id: I60b88725678b4ebe377a450986d7a6d39af5eb79 Signed-off-by: -
Switch 'TFM_PARTITION_PLATFORM' is added for selecting platform service. Enabled by default and can be overridden by cmake command. Change-Id: Ic2529b101292b8f81203da4a11815778194806f9 Signed-off-by:Mingyang Sun <mingyang.sun@arm.com>
-
Changes the build system so that the secure client test partition is not built by the core tests or core IPC tests as it not required by these tests. Change-Id: I80b29d8fb846a61bea6344c6900c97afa9f4aa64 Signed-off-by:
-
- May 29, 2019
-
-
Jamie Fox authored
Details: - Require that setup functions are called with handles initialised to 0. Make 0 the invalid handle and number handles from 1. - Return PSA_ERROR_BUFFER_TOO_SMALL if the output buffer is too small in psa_asymmetric_encrypt. - Release generator operations if setup or abort operations fail. Change-Id: Ic1da83e056a00364ef8eba3ea23cbf191f8886e4 Signed-off-by: -
Jamie Fox authored
Initialises the PSA hash operation before calling psa_hash_setup, rather than copying the handle out of the hash context, in t_cose_crypto_hash_start. Change-Id: I7e8c8199c6c87f20776a83f164d9a3ee4fd8521f Signed-off-by: -
Tamas Ban authored
Option flags for test purpose can be passed in to attestation service. It is encoded in a special challenge value. In this case challenge object must be 64 bytes long and the last 60 bytes (4-63) must be 0 value then the first four byte (0-3) handled as the option flags. Detection of these flags was mishandled if challenge object is not 64 bytes long. Change-Id: I457ab8d52236c2261ca12b0ae0f341c4c15976b2 Signed-off-by: -
Tamas Ban authored
Fix ARMCLANG build error on Musca-A due to printf format specifiers. Change-Id: I21751975659b0ccc0bf98f04fad1b14d1d333b8c Signed-off-by: -
Jamie Fox authored
The heap section was missing when TF-M was built with GCC in level 2 or 3 with the secure client test partition disabled. It is required by the GCC libc implementation of printf. Change-Id: Id4cea624da783cad9a486e85d213093f20a58d70 Signed-off-by: -
Jamie Fox authored
Adds a build option that makes it possible to enable or disable the TF-M Audit Log partition. The option TFM_PARTITION_AUDIT_LOG can be provided in the CMake configure command, and is enabled by default if not supplied. Change-Id: Ib60f22aeb62652e34a1ac43a61154288e6d989b3 Signed-off-by:
-
- May 28, 2019
-
-
This patch removes the format specifier macros used in the formatted input/output functions. The 8-bit types (e.g. PRIu8) requires the C99 I/O format support to be enabled, otherwise the usage of these macros results in undefined behaviour. TF-M uses the newlib-nano standard library implementation which by default does not support these format macros. Change-Id: I36acf18aabbc675db56232671f7186f6745d4152 Signed-off-by:David Vincze <david.vincze@arm.com>
-
Miklos Balint authored
Improve separation of IPC and veneer function-based code in the source tree for memory optimization and better readability of source: - Do not compile unused SVC handler functions if using IPC messaging - Avoid activation of MPU regions not needed in selected build configuration - Flag error if a service veneer function is called when running IPC messaging - Do not include memory bounds for partitions in SPM database if level 1 isolation and veneer functions are used to save memory Signed-off-by:Miklos Balint <miklos.balint@arm.com>
Change-Id: Iaef91e69061b639a71ec8cb638b6393762d10761 -
Miklos Balint authored
Create a common linker script and scatter file for secure binary. This can be used by any platform that has no special requirements or limitations. All platforms can specify in their respective cmake files if they use the common file or want to use a different one. Signed-off-by:Miklos Balint <miklos.balint@arm.com>
Change-Id: I47b317daca1194878fbf4d48096588c85fadcb23 -
Tamas Ban authored
The limitation of proper ECDSA token signing is resolved with the integration of Crypto service. Change-Id: I7325038467fed44c549b5785741bd6d199526183 Signed-off-by: -
Tamas Ban authored
Musca-B1 requires the NO_SWAP upgrade strategy, which causes a build failure with ConfigCoreIPC due to the faulty configuration of compile time switches for the linker. Change-Id: I56a1fd38aa30268993438efd2d6d33e8ee1b3e1f Signed-off-by: -
- Disable Regression in ConfigCoreIPC.cmake and ConfigCoreIPCTfmLevel2.cmake. - Add new build configuration to run regresstion with IPC model and IPC model isolation level 2. - Add explicit setting for basic project build variables in all build configurations Change-Id: I9a627ca08209a5b8e295c3cac9538d6e80f2e669 Signed-off-by:
-
- May 24, 2019
-
-
Tamas Ban authored
Generate a new key pair with openssl to has it a standard PEM encoding to be compliant with other tools. Change-Id: I404cb942d0c22459310c4cfcfe62f435e7e73514 Signed-off-by: -
Tamas Ban authored
Refactor initial attestation key handling and replace crypto stub functions with calls to Crypto service to sign properly the initial attestation token. Change-Id: I1cdd331769b0e631d08e96f8d15a2f5a59a51a1e Signed-off-by: -
Tamas Ban authored
Increase the size of static buffer to 8KB which is used by Mbed Crypto to dynamically allocate memory. It is required due to the ECDSA (NIST P-256) signing of initial attestation token. Change-Id: I22d916140b0b65fc590de545cf7a086de0acb5cb Signed-off-by: -
1. Add IPC implementation for both secure and non-secure Initial Attestation APIs. 2. Update Initial Attestation Service manifest to support IPC model. 3. Add thread like behaviour to receive and handle requests according to IPC model. Change-Id: Ia27a9e9661ed716bc7eb84d6f077252e0319a586 Signed-off-by:
Kevin Peng <kevin.peng@arm.com> Co-authored-by:
Moran Peker <moran.peker@arm.com>
-
This patch adds the token size define for attestation tests. The size will be checked in the attestion service against the platform dependent maximum size defined in region_defs.h to see if the size is enough to hold the token. Change-Id: Ic889b43b395518903734d755ead7037438001623 Signed-off-by: -
This define can be used to statically allocate a proper size memory buffer for initial attestation token. Change-Id: I0a8701a93b3e2613d4137ab2c59dedfa6092eec4 Signed-off-by: -
Tamas Ban authored
Increases the stack size of initial attestation partition to be able to execute the regression tests suite in isolation level 2. Change-Id: I9b4b52d3f983d7c5b5987cd8017c4ca8a6474cef Signed-off-by: -
Tamas Ban authored
PSA TBSA-M recommends to use RSA signature for firmware authentication with at least 3072 bits length key size. This patch introduces: - add an example RSA-3072 key - add configurable RSA-3072 support (RSA-2048 still available) - set RSA-3072 to default This change is based on: https://github.com/JuulLabs-OSS/mcuboot/pull/476 authored by Fabio Utzig <utzig@apache.org> Change-Id: Ic8d188f64d0dbe54aebf28c2778fb932e1afeeb9 Signed-off-by:
-
