Projects Trusted Firmware M

Trusted Firmware MUmbrella
ActivePublic
Watch Project

Members (10)
View All

Watchers (14)
View All

Recent Activity
View All

Fri, Jun 14

adeaarm added a comment to T398: Initial support for IAR Embedded Workbench for Arm tool chain.

Change associated to this is here: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1260

Fri, Jun 14, 1:55 PM · Trusted Firmware M
adeaarm added a comment to T398: Initial support for IAR Embedded Workbench for Arm tool chain.

Hi Thomas, I see you mention a failure with GNUARM 7.3.1 with some build config. Can you please provide instructions on how to reproduce the build failure? As you say the failure happens with the mainline as well, that shouldn't happen and I am not seeing the failure either. Would like to try to reproduce it here if it's a genuine issue.

Fri, Jun 14, 1:54 PM · Trusted Firmware M
TTornblom added a project to T398: Initial support for IAR Embedded Workbench for Arm tool chain: Trusted Firmware M.
Fri, Jun 14, 12:56 PM · Trusted Firmware M

Thu, Jun 13

tamasban added a comment to T397: doc: srec command incorrect input filenames.

Related change:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1256/

Thu, Jun 13, 12:50 PM · Trusted Firmware M
tamasban triaged T397: doc: srec command incorrect input filenames as Normal priority.
Thu, Jun 13, 12:50 PM · Trusted Firmware M
jf549 closed T390: Ensure flash driver is initialised before use by NV counters as Resolved.
Thu, Jun 13, 12:45 PM · Trusted Firmware M

Wed, Jun 12

jf549 added a comment to T288: Clarify Musca flashing process.

Further patch for this after document migration
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1249/

Wed, Jun 12, 2:27 PM · Trusted Firmware M
jf549 added a comment to T130: TF-M: Consistently call it Musca-A.

Further patch for this after document migration
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1248

Wed, Jun 12, 2:26 PM · Trusted Firmware M
edison-ai added a comment to T39: manifest files PSA alignment.

Patches link about change the context of the manifest file to align with PSA:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1240/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1241/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1242/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1243/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1244/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1245/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1246/
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1247/

Wed, Jun 12, 11:14 AM · Trusted Firmware M

Tue, Jun 11

KenLSoft added a comment to T394: Move configurations into dedicated directory.

Patch:
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1234

Tue, Jun 11, 10:10 AM · Trusted Firmware M
KenLSoft changed the edit policy for T394: Move configurations into dedicated directory.
Tue, Jun 11, 4:26 AM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

The secure partition init function cannot cover all use cases. The requirement of pre-rtos secure call actually comes from my mbed-os/tf-m port on Nuvoton's M2351 chip. For example, on mbed-os, the CMSIS API SystemCoreClockUpdate(...) is called to update SystemCoreClock in pre-rtos stage on NS side. On Nuvoton's M2351, SystemCoreClockUpdate(...)'s implementation needs to access CLK space registers which are hardwired to secure. That's where secure call in pre-rtos stage is necessary. I've also checked SystemCoreClockUpdate(...)'s implementation on Arm's Musca A1. It has SystemCoreClock fixed in macro, and so it needn't.

Tue, Jun 11, 1:57 AM · Trusted Firmware M

Mon, Jun 10

jf549 added a comment to T376: Allow NS secure call at pre-rtos stage.

I don't really know the full context of this, so maybe I am way off here, but if there is some secure code that needs to be executed before the NS RTOS is started, is it not best executed as part of secure init? The secure partition containing the secure function (the one that must be called before the RTOS is started) will have an init function, so could that be used to execute the required code?

Mon, Jun 10, 5:05 PM · Trusted Firmware M
garymorrison-arm added a comment to T393: Adding Build Support for Armclang 6.12.

Pushed the changes: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1233

Mon, Jun 10, 2:25 PM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.
In T376#4490, @ccli8 wrote:

This call involves a Thread -> Handler mode request on every service call to check if we are in pre-RTOS stage. I think this will introduce a non-negligible penalty; in most of the cases, we expect this call to happen when the RTOS has been loaded.

For the osKernelGetState() overhead in tfm_ns_lock_dispatch(...), I think it can be replaced by just checking ns_lock.init.

Mon, Jun 10, 1:17 PM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

This call involves a Thread -> Handler mode request on every service call to check if we are in pre-RTOS stage. I think this will introduce a non-negligible penalty; in most of the cases, we expect this call to happen when the RTOS has been loaded.

Mon, Jun 10, 12:38 PM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

Upstream change 1231 to support secure call in pre-rtos stage in tfm_ns_lock_dispatch(...). I think some audience would benefit from it. Without it, I need to make an extra check for pre-rtos scenario before making a secure call.

Mon, Jun 10, 9:08 AM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

Strictly speaking, the files in interface/src are a possible implementation of the interface described in interface/include. Your integration can provide a different implementation of tfm_ns_lock_dispatch(...) based on your requirements, without the need to upstream your change. But if you think that your change can be useful for a wider audience, yes, please create a change where you modify tfm_ns_lock_dispatch(...) to check for pre-rtos stage and we'll get that reviewed.

Mon, Jun 10, 8:46 AM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

After dropping 1123, create another change which adds support for pre-retos dispatch in tfm_ns_lock_dispatch by checking kernel state with osKernelGetState, right?

Mon, Jun 10, 2:44 AM · Trusted Firmware M

Fri, Jun 7

adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

Thanks for summarising the three options.

Fri, Jun 7, 2:28 PM · Trusted Firmware M
ccli8 added a comment to T376: Allow NS secure call at pre-rtos stage.

1123 is for NS secure call at pre-rtos stage and 1124 for in interrupt-disabled condition. They are different and so separate changes. For 1123, since osKernelGetState can substitute for get_init_state. I have three choices:

  1. Abandon 1123 (and also get_init_state)
  2. Re-implement get_init_state with osKernelGetState
  3. Abandon 1123 (and also get_init_state) and integrate pre-rtos NS secure call into tfm_ns_lock_dispatch
Fri, Jun 7, 2:19 AM · Trusted Firmware M

Thu, Jun 6

garymorrison-arm triaged T393: Adding Build Support for Armclang 6.12 as Low priority.
Thu, Jun 6, 6:52 PM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

Just to be clear, as there has been some confusion between get_init_state() and get_lock_state (particularly on my side :) ), I think that the get_init_state(...) doesn't need to be exported as probably the same result can be obtained by proper usage of CMSIS-RTOS2 API's (or equivalent API's, based on the NS side scenario). Regarding the get_lock_state(...), I will comment on the other thread. T378

Thu, Jun 6, 2:41 PM · Trusted Firmware M
adeaarm added a comment to T376: Allow NS secure call at pre-rtos stage.

I agree in principle with the idea, but I have a comment regarding the implementation.

Thu, Jun 6, 2:07 PM · Trusted Firmware M
wmnt updated subscribers of T376: Allow NS secure call at pre-rtos stage.

The NS lock is initialized at a point in time when the scheduler is not yet started, therefore there is a single thread of execution on the NS side.
I agree it is safe to assume that in such a scenario, the only actor on the NS side is privileged and therefore is assumed to be in full control of execution, there are no separate protection domains within NSPE.
Secure lock is already set up so there's no risk of introducing new exploits with this change.

Thu, Jun 6, 1:45 PM · Trusted Firmware M
adeaarm added a comment to T392: Drop support for older versions of Armclang.

Change for this ticket is available here: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1223

Thu, Jun 6, 10:24 AM · Trusted Firmware M
adeaarm triaged T392: Drop support for older versions of Armclang as Normal priority.
Thu, Jun 6, 10:21 AM · Trusted Firmware M
tamasban closed T391: Fix syntax errors in documentation as Resolved.
Thu, Jun 6, 9:01 AM · Trusted Firmware M
tamasban claimed T391: Fix syntax errors in documentation.
Thu, Jun 6, 9:01 AM · Trusted Firmware M
tamasban added a comment to T391: Fix syntax errors in documentation.

Related change:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1220/

Thu, Jun 6, 8:46 AM · Trusted Firmware M
tamasban triaged T391: Fix syntax errors in documentation as Low priority.
Thu, Jun 6, 8:45 AM · Trusted Firmware M
tamasban closed T346: Attest: Crypto service binding as Resolved.
Thu, Jun 6, 8:44 AM · Trusted Firmware M
tamasban added a comment to T346: Attest: Crypto service binding.

Update integration guide:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1155/

Thu, Jun 6, 8:44 AM · Trusted Firmware M

Wed, Jun 5

wmnt closed T329: Platform: create design pattern for platform-specific services as Resolved.

https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/951/ reviewed, approved, upstreamed

Wed, Jun 5, 4:10 PM · Trusted Firmware M
tamasban added a comment to T389: Add independent updates for security and non-security in MCUBoot.

Could you open a review on https://review.trustedfirmware.org and push the code there for review?

Wed, Jun 5, 8:19 AM · Trusted Firmware M
cuipingzhang added a comment to T389: Add independent updates for security and non-security in MCUBoot.

trusted-firmware-m-20190603.rar8 MBDownload

Wed, Jun 5, 8:16 AM · Trusted Firmware M
cuipingzhang updated the task description for T389: Add independent updates for security and non-security in MCUBoot.
Wed, Jun 5, 7:49 AM · Trusted Firmware M

Tue, Jun 4

jf549 added a comment to T390: Ensure flash driver is initialised before use by NV counters.

Patch for this task https://review.trustedfirmware.org/c/trusted-firmware-m/+/1212

Tue, Jun 4, 1:27 PM · Trusted Firmware M
jf549 triaged T390: Ensure flash driver is initialised before use by NV counters as Normal priority.
Tue, Jun 4, 10:35 AM · Trusted Firmware M
cuipingzhang changed the edit policy for T389: Add independent updates for security and non-security in MCUBoot.
Tue, Jun 4, 9:03 AM · Trusted Firmware M

Mon, Jun 3

wmnt added a comment to T329: Platform: create design pattern for platform-specific services.

Due to increased interest in this feature and no objections to the implementation concept, I'm raising the priority and will rebase my proposal change and do some polishing to make it a good candidate for upstreaming.
The suggested change of naming convention was discussed offline but was deemed unnecessary as there's limited risk of the feature being misunderstood and that is planned to be mitigated by improved documentation, while the design pattern evoked by the current name is hopefully a reasonable point of reference.

Mon, Jun 3, 9:11 AM · Trusted Firmware M
wmnt raised the priority of T329: Platform: create design pattern for platform-specific services from Normal to High.
Mon, Jun 3, 9:00 AM · Trusted Firmware M
KenLSoft closed T150: Memory region miss-configuration as Resolved.
Mon, Jun 3, 3:32 AM · Trusted Firmware M

Fri, May 31

wmnt added a comment to T383: Core: Fix compile error on casting pointer type.

Fix for second issue:
https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1197/

Fri, May 31, 3:14 PM · Trusted Firmware M
jf549 closed T386: Support building IPC model without tests as Resolved.
Fri, May 31, 12:34 PM · Trusted Firmware M

Thu, May 30

adeaarm added a comment to T386: Support building IPC model without tests.

Additional patch is required for Musca A to make sure that the quantity of RAM assigned to the SPE in the region_defs.h header is increased for IPC mode build even if the tests are not build, as RAM requirements for IPC are higher than the current default limit of 64 KB. Patch for this is available here: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1184

Thu, May 30, 8:59 PM · Trusted Firmware M
wmnt closed T367: Platform: create common linker script and scatter file as Resolved.

Upstreamed

Thu, May 30, 2:31 PM · Trusted Firmware M
jf549 added a comment to T386: Support building IPC model without tests.

Follow-on task to remove deprecated test case: https://developer.trustedfirmware.org/T387

Thu, May 30, 1:17 PM · Trusted Firmware M
jf549 triaged T387: Remove deprecated test case from CoreIPC as Normal priority.
Thu, May 30, 1:16 PM · Trusted Firmware M
jf549 added a comment to T386: Support building IPC model without tests.

Patch for this task
https://review.trustedfirmware.org/c/trusted-firmware-m/+/1181

Thu, May 30, 1:05 PM · Trusted Firmware M