Feed All Stories

Today

TTornblom added a comment to T502: Initial support for IAR Embedded Workbench for Arm toolchain for twincpu feature branch.

Yes, I just noticed.

Thu, Sep 19, 11:28 AM · Trusted Firmware M
zhayu created T506: Second cluster power on issue with asynchronous PSCI CPU_ON call on HiKey960 board.
Thu, Sep 19, 10:04 AM
davidhuziji created T505: Merge topology enhancement on feature-twincpu back to master branch.
Thu, Sep 19, 9:28 AM · Restricted Project
davidhuziji moved T301: Boot NS CPU from S CPU on PSoC6 from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Sep 19, 9:15 AM · Restricted Project
davidhuziji moved T300: Add synchronisation between secure and non-secure CPUs from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Sep 19, 9:15 AM · Restricted Project
davidhuziji added a comment to T502: Initial support for IAR Embedded Workbench for Arm toolchain for twincpu feature branch.

Hi Thomas, tfm-twin-cpu is a dedicated project tag for multi-core feature development with special schedule, task plan and target, which have been determined.
Please select other tags. Sorry for any inconvenience.

Thu, Sep 19, 9:14 AM · Trusted Firmware M
davidhuziji edited projects for T502: Initial support for IAR Embedded Workbench for Arm toolchain for twincpu feature branch, added: Trusted Firmware M; removed Restricted Project.
Thu, Sep 19, 9:11 AM · Trusted Firmware M
davidhuziji moved T467: Merge build system changes on feature-twincpu back to master branch from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Sep 19, 9:10 AM · Restricted Project
davidhuziji moved T504: Merge Arch changes back to master branch. from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Sep 19, 9:09 AM · Restricted Project
davidhuziji moved T504: Merge Arch changes back to master branch. from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Thu, Sep 19, 9:09 AM · Restricted Project
davidhuziji created T504: Merge Arch changes back to master branch..
Thu, Sep 19, 8:27 AM · Restricted Project
matetothpal closed T439: TF-M Remove legacy veneer support from TF-M library model as Resolved.

Changes for this issue had been merged.

Thu, Sep 19, 7:03 AM · Trusted Firmware M
davidhuziji created T503: Add platform-specific HW initialization.
Thu, Sep 19, 1:43 AM · Trusted Firmware M

Yesterday

hzhuang1 closed T498: Fail to configure email address in gerrit as Resolved.

Hi Sandrine,

Wed, Sep 18, 12:16 PM · TF-A Question
sandrine-bailleux-arm added a watcher for TF-A Bug: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
sandrine-bailleux-arm added a watcher for TF-A Docs: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
sandrine-bailleux-arm added a watcher for TF-A Duplicate: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
sandrine-bailleux-arm added a watcher for TF-A Enhancement: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
sandrine-bailleux-arm added a watcher for TF-A General: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
sandrine-bailleux-arm added a watcher for TF-A Info: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
sandrine-bailleux-arm added a watcher for TF-A Question: sandrine-bailleux-arm.
Wed, Sep 18, 11:39 AM
tamasban added a comment to T440: Reduce attestation service memory requirements.

Related commit:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1970/

Wed, Sep 18, 11:32 AM · Trusted Firmware M
sandrine-bailleux-arm added a comment to T498: Fail to configure email address in gerrit.

Could you please elaborate on your issue? How are you trying to configure your email address in Gerrit? Are you doing it from the user settings page? Do you have no email address registered on Gerrit at all or are you trying to add a secondary one? When is the error 422 showing?

Wed, Sep 18, 11:16 AM · TF-A Question
TTornblom added a project to T502: Initial support for IAR Embedded Workbench for Arm toolchain for twincpu feature branch: Restricted Project.
Wed, Sep 18, 7:51 AM · Trusted Firmware M
TTornblom created T502: Initial support for IAR Embedded Workbench for Arm toolchain for twincpu feature branch.
Wed, Sep 18, 6:47 AM · Trusted Firmware M
KenLSoft added a comment to T501: Disturb handle value to provide more secure..

Patch created:

Wed, Sep 18, 5:48 AM · Restricted Project
KenLSoft changed the edit policy for T501: Disturb handle value to provide more secure..
Wed, Sep 18, 5:48 AM · Restricted Project
KenLSoft added a comment to T34: Implement IPC as interaction layer between partitions .

Mark this task as resolved since IPC is available.

Wed, Sep 18, 5:45 AM · Trusted Firmware M
KenLSoft closed T34: Implement IPC as interaction layer between partitions as Resolved.
Wed, Sep 18, 5:44 AM · Trusted Firmware M
ChangwuShan closed T480: SCRATCH area removal as Resolved.
Wed, Sep 18, 1:47 AM · Restricted Project

Tue, Sep 17

matetothpal added a comment to T500: Platform: TF-M should use the UART Baud rate set in device_cfg.h.

Fix for this issue: https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1959/

Tue, Sep 17, 2:01 PM · Trusted Firmware M
matetothpal triaged T500: Platform: TF-M should use the UART Baud rate set in device_cfg.h as Normal priority.
Tue, Sep 17, 1:59 PM · Trusted Firmware M
jf549 added a comment to T499: SST: remove redundant code in object system.

https://review.trustedfirmware.org/c/trusted-firmware-m/+/1958

Tue, Sep 17, 1:40 PM · Restricted Project
jf549 triaged T499: SST: remove redundant code in object system as Normal priority.
Tue, Sep 17, 1:40 PM · Restricted Project
hzhuang1 added a comment to T388: Hikey960 problem reading FIP.

Hi David,

Tue, Sep 17, 8:41 AM · TF-A Question, Trusted Firmware A
DavidMCerdeira added a comment to T388: Hikey960 problem reading FIP.

Hi there!

Tue, Sep 17, 8:37 AM · TF-A Question, Trusted Firmware A
hzhuang1 created T498: Fail to configure email address in gerrit.
Tue, Sep 17, 4:46 AM · TF-A Question
hzhuang1 claimed T388: Hikey960 problem reading FIP.

Hi David,

Tue, Sep 17, 4:42 AM · TF-A Question, Trusted Firmware A

Mon, Sep 16

jainvikas8 updated subscribers of T497: Partial erase operation performed by SST on PSoC6 target.

@ainh Any thoughts, please?

Mon, Sep 16, 8:59 AM

Fri, Sep 13

gyuri-szing closed T478: Configure Cmake Build - Error : Could NOT find Plantuml (missing: PLANTUML_VERSION) as Resolved.

Fix has been merged.

Fri, Sep 13, 4:11 PM · Restricted Project, Restricted Project
jainvikas8 added a comment to T478: Configure Cmake Build - Error : Could NOT find Plantuml (missing: PLANTUML_VERSION) .

This task is sorted - https://review.trustedfirmware.org/c/trusted-firmware-m/+/1811 and can be closed.

Fri, Sep 13, 10:55 AM · Restricted Project, Restricted Project
jainvikas8 added a comment to T497: Partial erase operation performed by SST on PSoC6 target.

To fix the erase part, I'd like to propose that we have a new definition in the partition of each target

#define SST_SECTORS_PER_BLOCK 8

Then

#define SST_SECTOR_SIZE FLASH_AREA_IMAGE_SECTOR_SIZE
#define SST_BLOCK_SIZE (SST_SECTORS_PER_BLOCK * SST_SECTOR_SIZE)

and should support all the targets. Other targets would simply adhere to 4KB emulated block size where SST_SECTORS_PER_BLOCK is 1.

Fri, Sep 13, 10:06 AM
jainvikas8 created T497: Partial erase operation performed by SST on PSoC6 target.
Fri, Sep 13, 9:56 AM
gyuri-szing added a comment to T495: Docs: Distro supplied python packages may be too outdated.

I think we shall discuss the issue internally with the team first.

Fri, Sep 13, 9:09 AM · Restricted Project
matetothpal added a comment to T496: Tf-M Core: Only PSA RoT rervices should be allowed to make SPM request.

Change for this issue is: https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1952/

Fri, Sep 13, 6:21 AM · Trusted Firmware M
matetothpal added a comment to T493: TF-M Core: Make error handling more strict.

Change for this issue is
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1951/

Fri, Sep 13, 6:21 AM · Trusted Firmware M
matetothpal triaged T496: Tf-M Core: Only PSA RoT rervices should be allowed to make SPM request as Normal priority.
Fri, Sep 13, 6:12 AM · Trusted Firmware M
matetothpal added a project to T493: TF-M Core: Make error handling more strict: Trusted Firmware M.
Fri, Sep 13, 6:08 AM · Trusted Firmware M

Thu, Sep 12

jf549 added a comment to T495: Docs: Distro supplied python packages may be too outdated.

I will investigate adding instructions for using virtualenv. My feeling is that some users will consider it too complicated to set up just to build the project though. Maybe we could provide instructions for both alternatives?

Thu, Sep 12, 5:22 PM · Restricted Project

Wed, Sep 11

gyuri-szing added a comment to T495: Docs: Distro supplied python packages may be too outdated.

What's wrong with virtualenv? How does it hurt the user experience?

Wed, Sep 11, 4:53 PM · Restricted Project
minosgalanakis added a comment to T495: Docs: Distro supplied python packages may be too outdated.

While using virtualenv with a requirements.txt with recommended hard-coded versions is definitely best solution it may come at the expense of user experience.

Wed, Sep 11, 4:17 PM · Restricted Project
gyuri-szing added a comment to T495: Docs: Distro supplied python packages may be too outdated.

Using pip instead of the Linux distributions package manager is considered bad practice because:

  • may end up having two version of a package installed which can trigger problems. (Packages installed by pip are not visible to apt and vice-versa.)
  • some pip packages have binary components. Some versions of these components may be not compatible to other binaries installed on the machine. This means only some versions of such pip packages are compatible with a specific distro.
Wed, Sep 11, 3:30 PM · Restricted Project
petretudor-arm added a comment to T463: Using ROM Lib.

I don't know what options you tried to build with, but I managed to build with the ROMLIB feature for the FVP platform. I will post everything I did here, hoping it will be of some use to you.
I used the following command to build:

MBEDTLS_DIR=<path_to_mbedtls> make ARM_ROTPK_LOCATION=devel_rsa CROSS_COMPILE=<path_to_cross_compiler(aarch64)> GENERATE_COT=1 PLAT=fvp ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem TRUSTED_BOARD_BOOT=1 USE_ROMLIB=1  DEBUG=1 fiptool all

The cross-compiler I used is GCC 8.3 for AArch64 ELF bare-metal target. You can get it from here:
https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads

Wed, Sep 11, 3:02 PM · Trusted Firmware A, TF-A Bug
jf549 added a comment to T495: Docs: Distro supplied python packages may be too outdated.

https://review.trustedfirmware.org/c/trusted-firmware-m/+/1942

Wed, Sep 11, 1:06 PM · Restricted Project
jf549 triaged T495: Docs: Distro supplied python packages may be too outdated as Normal priority.
Wed, Sep 11, 1:06 PM · Restricted Project
tamasban added a comment to T440: Reduce attestation service memory requirements.

Related commit:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1908/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1924/

Wed, Sep 11, 12:40 PM · Trusted Firmware M
jf549 moved T489: Crypto: Fix off-by-one error in tfm_crypto_key_derivation iovec handling from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Wed, Sep 11, 12:16 PM · Restricted Project
jf549 closed T489: Crypto: Fix off-by-one error in tfm_crypto_key_derivation iovec handling as Resolved.
Wed, Sep 11, 12:16 PM · Restricted Project
ronald-cron-arm added a comment to T494: Core: Fix possible integer overflow in tfm_svcall_psa_call(...).

patch link:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1915/

Wed, Sep 11, 7:03 AM · Restricted Project
ronald-cron-arm triaged T494: Core: Fix possible integer overflow in tfm_svcall_psa_call(...) as High priority.
Wed, Sep 11, 7:01 AM · Restricted Project
mingyangSun added a comment to T426: Source strcuture adjustment.

move nspm sources to ns_callable: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1921

Wed, Sep 11, 7:00 AM · Trusted Firmware M

Tue, Sep 10

matetothpal triaged T493: TF-M Core: Make error handling more strict as Normal priority.
Tue, Sep 10, 3:05 PM · Trusted Firmware M
matetothpal closed T424: TF-M Core init should check SPM HAL function return values during init as Resolved.

Fixes for the issue had been merged

Tue, Sep 10, 3:02 PM · Trusted Firmware M
matetothpal closed T432: Eliminate SPM DB initialising code by directly generating SPM DB as Resolved.

Change for this issue had been merged.

Tue, Sep 10, 3:01 PM · Trusted Firmware M
sandrine-bailleux-arm added a comment to T464: TF-A artifacts.

So, just to be clear: Imagine a scenario with two devices - one I made (I know the keys and code on BL1) and another one that some malicious user cloned (he signed with his own keys). My device will have a Root of Trust in BL1 based on my hardware and the keys I own. The second device also has a BL1 but that image was signed by someone I don't trust. In the end, both devices will boot up successfully because they are based on each individual Chain of Trust but there's no way a third party (i.e. remote attestation server) can know the difference between the malicious device and my device solely relying on Verified Boot, right?

Tue, Sep 10, 7:31 AM · TF-A Question, Trusted Firmware A

Mon, Sep 9

vivinamartins16 added a comment to T464: TF-A artifacts.

Verified boot in itself already proves the boot integrity of all firmware images from BL1 up to BL33.

BL1 is the root of trust and cannot be tampered with, as it is hardware-protected. All other BL image are signed and their signature is verified before they get executed: BL1 verifies the signature of BL2, and BL2 does the same for all subsequent BL3x images. If one of the signatures is invalid then TF-A refuses to execute the corresponding image. This is treated as a fatal error that the firmware cannot recover from and the platform will typically panic in this case.

Mon, Sep 9, 4:42 PM · TF-A Question, Trusted Firmware A
jf549 added a comment to T492: Reduce stack usage of dummy NV counters implementation.

https://review.trustedfirmware.org/c/trusted-firmware-m/+/1918

Mon, Sep 9, 4:10 PM · Trusted Firmware M
jf549 triaged T492: Reduce stack usage of dummy NV counters implementation as Normal priority.
Mon, Sep 9, 4:10 PM · Trusted Firmware M
sandrine-bailleux-arm added a comment to T464: TF-A artifacts.

Sorry, I completely missed your point at first!

Mon, Sep 9, 3:08 PM · TF-A Question, Trusted Firmware A
wmnt closed T141: Provide different build options for TF-M Core NSPM on NS client support as Wontfix.

Various aspects of this task are to be addressed in different broader conceptual changes in the code base.

Mon, Sep 9, 2:17 PM · Trusted Firmware M
RobertRostohar updated the task description for T491: Core: fix preprocessor directive.
Mon, Sep 9, 1:12 PM · Restricted Project
tamasban added a comment to T485: Improve iat-verifier script.

Related change:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1916/

Mon, Sep 9, 1:02 PM · Trusted Firmware M
RobertRostohar added a comment to T491: Core: fix preprocessor directive.

https://review.trustedfirmware.org/c/trusted-firmware-m/+/1917

Mon, Sep 9, 12:29 PM · Restricted Project
RobertRostohar created T491: Core: fix preprocessor directive.
Mon, Sep 9, 12:28 PM · Restricted Project

Fri, Sep 6

vivinamartins16 added a comment to T464: TF-A artifacts.

Hi vivina,

Hi @soby-mathew !

Fri, Sep 6, 5:46 PM · TF-A Question, Trusted Firmware A
akshaynkulkarni added a member for Trusted Firmware A: akshaynkulkarni.
Fri, Sep 6, 1:07 PM
jf549 moved T489: Crypto: Fix off-by-one error in tfm_crypto_key_derivation iovec handling from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Patch for this task https://review.trustedfirmware.org/c/trusted-firmware-m/+/1907

Fri, Sep 6, 10:43 AM · Restricted Project
jf549 triaged T489: Crypto: Fix off-by-one error in tfm_crypto_key_derivation iovec handling as High priority.
Fri, Sep 6, 10:11 AM · Restricted Project
davidhuziji moved T427: Define multi-core specific memory check in Isolation Level 2 policy and APIs from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Fri, Sep 6, 5:14 AM · Restricted Project
davidhuziji moved T473: Identify conflicts to prepare for merging feature-twincpu back to master branch from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Fri, Sep 6, 5:14 AM · Restricted Project

Thu, Sep 5

adrianlshaw created T488: Constant time variant of memcmp().
Thu, Sep 5, 4:10 PM
soby-mathew added a comment to T464: TF-A artifacts.

Hi vivina,
Are you thinking something similar to measured boot ?
The TF-A implements what is called verified boot. Found a good description for difference between verified and measured boot here:
https://forums.juniper.net/t5/Security/What-s-the-Difference-between-Secure-Boot-and-Measured-Boot/ba-p/281251

Thu, Sep 5, 2:20 PM · TF-A Question, Trusted Firmware A
tamasban added a comment to T440: Reduce attestation service memory requirements.

Related commits:

Thu, Sep 5, 8:30 AM · Trusted Firmware M

Wed, Sep 4

gyuri-szing closed T483: Docuent build fails if PDF generation tools are present as Resolved.

Fix merged.

Wed, Sep 4, 1:42 PM · Trusted Firmware M
jf549 added a comment to T487: Explicitly set fault priority on AN524.

Patch for this task https://review.trustedfirmware.org/c/trusted-firmware-m/+/1893

Wed, Sep 4, 12:15 PM · Trusted Firmware M
jf549 triaged T487: Explicitly set fault priority on AN524 as Normal priority.
Wed, Sep 4, 12:15 PM · Trusted Firmware M

Tue, Sep 3

mingyangSun closed T468: Increase IPC test service secure partition stack size as Resolved.
Tue, Sep 3, 1:47 PM · Trusted Firmware M
mingyangSun added a comment to T468: Increase IPC test service secure partition stack size.

After detailed debugging, also increase IPC test client secure partition stack size to 0x220.
patch link: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1785

Tue, Sep 3, 1:47 PM · Trusted Firmware M
tamasban added a comment to T485: Improve iat-verifier script.

Related changes:

Tue, Sep 3, 9:30 AM · Trusted Firmware M
tamasban triaged T485: Improve iat-verifier script as Normal priority.
Tue, Sep 3, 9:29 AM · Trusted Firmware M
sandrine-bailleux-arm edited the content of Getting started: Contributing TF-A patches on www.trustedfirmware.org.
Tue, Sep 3, 6:31 AM · Trusted Firmware A
KenLSoft changed the edit policy for T484: SPRTL design documents update.
Tue, Sep 3, 6:10 AM · Trusted Firmware M
KenLSoft added a comment to T195: Message allocation enhancement.

I think the mechanism is changed during this patch:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1744

Tue, Sep 3, 6:09 AM · Trusted Firmware M
KenLSoft added a comment to T356: Update memory pointer type to const void * in tfm_memory_check().

Done by David Hu's patch:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1734

Tue, Sep 3, 6:07 AM · Trusted Firmware M
KenLSoft closed T356: Update memory pointer type to const void * in tfm_memory_check() as Resolved.
Tue, Sep 3, 6:05 AM · Trusted Firmware M
KenLSoft reassigned T475: Investigate "-pedantic-errors" for building from KenLSoft to ChangwuShan.
Tue, Sep 3, 6:04 AM · Trusted Firmware M

Mon, Sep 2

gyuri-szing added a comment to T483: Docuent build fails if PDF generation tools are present.

Patch-set with the fix: https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1884/

Mon, Sep 2, 5:07 PM · Trusted Firmware M
gyuri-szing triaged T483: Docuent build fails if PDF generation tools are present as Low priority.
Mon, Sep 2, 4:06 PM · Trusted Firmware M

Fri, Aug 30

jf549 triaged T477: TF-M Secure Storage allows writing (SST_NUM_ASSETS + 1)th asset as High priority.
Fri, Aug 30, 5:55 PM · Restricted Project
davidvincze closed T421: Add multi-image support to MCUBoot as Resolved.
Fri, Aug 30, 10:56 AM · Trusted Firmware M