Needs Triage (15)

Fri, Jun 14

shebuk edited the content of Governing Board Meeting Minutes.
Fri, Jun 14, 5:24 PM
adeaarm added a comment to T398: Initial support for IAR Embedded Workbench for Arm tool chain.

Change associated to this is here: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1260

Fri, Jun 14, 1:55 PM · Trusted Firmware M
adeaarm added a comment to T398: Initial support for IAR Embedded Workbench for Arm tool chain.

Hi Thomas, I see you mention a failure with GNUARM 7.3.1 with some build config. Can you please provide instructions on how to reproduce the build failure? As you say the failure happens with the mainline as well, that shouldn't happen and I am not seeing the failure either. Would like to try to reproduce it here if it's a genuine issue.

Fri, Jun 14, 1:54 PM · Trusted Firmware M
TTornblom added a project to T398: Initial support for IAR Embedded Workbench for Arm tool chain: Trusted Firmware M.
Fri, Jun 14, 12:56 PM · Trusted Firmware M
TTornblom created T398: Initial support for IAR Embedded Workbench for Arm tool chain.
Fri, Jun 14, 12:44 PM · Trusted Firmware M
sandrine-bailleux-arm created Configuring email notifications for patches on review.trustedfirmware.org.
Fri, Jun 14, 7:28 AM
davidhuziji added a comment to T368: Rebase from TF-M master to feature branch.

A patch to skip MSPLIM setting in MCUBoot on Armv6-M and Armv7-M.
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1258

Fri, Jun 14, 7:22 AM · Restricted Project
davidhuziji moved T368: Rebase from TF-M master to feature branch from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Fri, Jun 14, 7:15 AM · Restricted Project

Thu, Jun 13

tamasban added a comment to T397: doc: srec command incorrect input filenames.

Related change:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1256/

Thu, Jun 13, 12:50 PM · Trusted Firmware M
tamasban triaged T397: doc: srec command incorrect input filenames as Normal priority.
Thu, Jun 13, 12:50 PM · Trusted Firmware M
jf549 closed T390: Ensure flash driver is initialised before use by NV counters as Resolved.
Thu, Jun 13, 12:45 PM · Trusted Firmware M
devran01 triaged T396: Evaluating macro TFM_PSA_API in c code as Wishlist priority.
Thu, Jun 13, 10:22 AM
derrick-huang updated subscribers of T395: support platform for rockchip px30.
Thu, Jun 13, 7:17 AM · Trusted Firmware A
derrick-huang added a comment to T395: support platform for rockchip px30.

Support platform for rockchip px30
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/1253

Thu, Jun 13, 7:13 AM · Trusted Firmware A
hansenboyi created T395: support platform for rockchip px30.
Thu, Jun 13, 2:45 AM · Trusted Firmware A

Wed, Jun 12

jf549 added a comment to T288: Clarify Musca flashing process.

Further patch for this after document migration
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1249/

Wed, Jun 12, 2:27 PM · Trusted Firmware M
jf549 added a comment to T130: TF-M: Consistently call it Musca-A.

Further patch for this after document migration
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1248

Wed, Jun 12, 2:26 PM · Trusted Firmware M
edison-ai added a comment to T39: manifest files PSA alignment.

Patches link about change the context of the manifest file to align with PSA:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1240/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1241/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1242/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1243/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1244/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1245/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1246/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1247/

Wed, Jun 12, 11:14 AM · Trusted Firmware M
sivadur added a member for Trusted Firmware A: sivadur.
Wed, Jun 12, 2:14 AM

Tue, Jun 11

KenLSoft added a comment to T394: Move configurations into dedicated directory.

Patch:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1234

Tue, Jun 11, 10:10 AM · Trusted Firmware M
KenLSoft changed the edit policy for T394: Move configurations into dedicated directory.
Tue, Jun 11, 4:26 AM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

The secure partition init function cannot cover all use cases. The requirement of pre-rtos secure call actually comes from my mbed-os/tf-m port on Nuvoton's M2351 chip. For example, on mbed-os, the CMSIS API SystemCoreClockUpdate(...) is called to update SystemCoreClock in pre-rtos stage on NS side. On Nuvoton's M2351, SystemCoreClockUpdate(...)'s implementation needs to access CLK space registers which are hardwired to secure. That's where secure call in pre-rtos stage is necessary. I've also checked SystemCoreClockUpdate(...)'s implementation on Arm's Musca A1. It has SystemCoreClock fixed in macro, and so it needn't.

Tue, Jun 11, 1:57 AM · Trusted Firmware M

Mon, Jun 10

jf549 added a comment to T376: Allow NS secure call at pre-rtos stage.

I don't really know the full context of this, so maybe I am way off here, but if there is some secure code that needs to be executed before the NS RTOS is started, is it not best executed as part of secure init? The secure partition containing the secure function (the one that must be called before the RTOS is started) will have an init function, so could that be used to execute the required code?

Mon, Jun 10, 5:05 PM · Trusted Firmware M
soby-mathew added a member for Trusted Firmware-A Tests: soby-mathew.
Mon, Jun 10, 3:37 PM
soby-mathew added a watcher for Trusted Firmware-A Tests: soby-mathew.
Mon, Jun 10, 3:36 PM
garymorrison-arm added a comment to T393: Adding Build Support for Armclang 6.12.

Pushed the changes: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1233

Mon, Jun 10, 2:25 PM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.
In T376#4490, @ccli8 wrote:

This call involves a Thread -> Handler mode request on every service call to check if we are in pre-RTOS stage. I think this will introduce a non-negligible penalty; in most of the cases, we expect this call to happen when the RTOS has been loaded.

For the osKernelGetState() overhead in tfm_ns_lock_dispatch(...), I think it can be replaced by just checking ns_lock.init.

Mon, Jun 10, 1:17 PM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

This call involves a Thread -> Handler mode request on every service call to check if we are in pre-RTOS stage. I think this will introduce a non-negligible penalty; in most of the cases, we expect this call to happen when the RTOS has been loaded.

Mon, Jun 10, 12:38 PM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

Upstream change 1231 to support secure call in pre-rtos stage in tfm_ns_lock_dispatch(...). I think some audience would benefit from it. Without it, I need to make an extra check for pre-rtos scenario before making a secure call.

Mon, Jun 10, 9:08 AM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

Strictly speaking, the files in interface/src are a possible implementation of the interface described in interface/include. Your integration can provide a different implementation of tfm_ns_lock_dispatch(...) based on your requirements, without the need to upstream your change. But if you think that your change can be useful for a wider audience, yes, please create a change where you modify tfm_ns_lock_dispatch(...) to check for pre-rtos stage and we'll get that reviewed.

Mon, Jun 10, 8:46 AM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

After dropping 1123, create another change which adds support for pre-retos dispatch in tfm_ns_lock_dispatch by checking kernel state with osKernelGetState, right?

Mon, Jun 10, 2:44 AM · Trusted Firmware M

Fri, Jun 7

adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

Thanks for summarising the three options.

Fri, Jun 7, 2:28 PM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

1123 is for NS secure call at pre-rtos stage and 1124 for in interrupt-disabled condition. They are different and so separate changes. For 1123, since osKernelGetState can substitute for get_init_state. I have three choices:

  1. Abandon 1123 (and also get_init_state)
  2. Re-implement get_init_state with osKernelGetState
  3. Abandon 1123 (and also get_init_state) and integrate pre-rtos NS secure call into tfm_ns_lock_dispatch
Fri, Jun 7, 2:19 AM · Trusted Firmware M

Thu, Jun 6

garymorrison-arm triaged T393: Adding Build Support for Armclang 6.12 as Low priority.
Thu, Jun 6, 6:52 PM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

Just to be clear, as there has been some confusion between get_init_state() and get_lock_state (particularly on my side :) ), I think that the get_init_state(...) doesn't need to be exported as probably the same result can be obtained by proper usage of CMSIS-RTOS2 API's (or equivalent API's, based on the NS side scenario). Regarding the get_lock_state(...), I will comment on the other thread. T378

Thu, Jun 6, 2:41 PM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

I agree in principle with the idea, but I have a comment regarding the implementation.

Thu, Jun 6, 2:07 PM · Trusted Firmware M
wmnt updated subscribers of T376: Allow NS secure call at pre-rtos stage.

The NS lock is initialized at a point in time when the scheduler is not yet started, therefore there is a single thread of execution on the NS side.
I agree it is safe to assume that in such a scenario, the only actor on the NS side is privileged and therefore is assumed to be in full control of execution, there are no separate protection domains within NSPE.
Secure lock is already set up so there's no risk of introducing new exploits with this change.

Thu, Jun 6, 1:45 PM · Trusted Firmware M
adeaarm added a comment to T392: Drop support for older versions of Armclang.

Change for this ticket is available here: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1223

Thu, Jun 6, 10:24 AM · Trusted Firmware M
adeaarm triaged T392: Drop support for older versions of Armclang as Normal priority.
Thu, Jun 6, 10:21 AM · Trusted Firmware M
tamasban closed T391: Fix syntax errors in documentation as Resolved.
Thu, Jun 6, 9:01 AM · Trusted Firmware M