Hi,
the performance improvement presentation[0] reports a FF PSA API overhead
of 20 000 CPU cycles for the psa_call. Which is 300 us for a 64MHz CPU.
This is quite a lot of instructions and I am concerned about whether
real world embedded application's will have time to call these secure services.
I'm interested in isolation level 2.
I understand that it is not possible to have isolation level 2 with library mode. But what about SFN
mode, could that eventually support isolation level 2?
If not, what is the current status of optimizing the service call overhead for IPC.
Is it considered to be as optimized as it can be or is there still hope for optimizing further?
[0] https://www.trustedfirmware.org/docs/tf-m_forum_20211209-TF-M_Performance-I…
Hi,
The next Technical Forum is planned on Thursday, February 17, 15:00-16:00 UTC (US time zone).
Please reply on this email with your proposals for agenda topics.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi,
We got a tiny update merged in level 3 ld/sct files to support partition runtime:
https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/13925
Platforms with level 3 support please have a test and report issue here if spotted. We have internally tested MPS2 and MUSCA_B1.
Thanks.
/Ken
Hi,
it seems we could try to be more consistent with fault handling.
The current default behaviour is:
Error code returned from an SPE function? Reboot.
MemFault/HardFault/SecureFault in the SPE? Halt.
Null-pointer dereference from the NSPE? (results in a secure fault for cortex-m) Halt.
Should we perhaps consistently halt or consistently reboot for these three cases
and allow this to be configurable?
It is not clear to me why an error returned from a function results in a reboot, whereas a Hardfault does not.
They both indicate a fault in the SPE.
At the very least the behaviour should be configurable, which this PR is a step towards:
https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/13839
Commit 27f9a49508547320c50056a52a372674c27771eb seems to have missed changing ns_agent_mailbox, breaking dual core. I'd send a patch, but I's not immediately obvious what it should look like...
Seems like a good change, but inadequately reviewed?
Chris Brand
Cypress Semiconductor (Canada), Inc.
An Infineon Technologies Company
Sr Prin Software Engr
CSCA CSS ICW SW PSW 1
Office: +1 778 234 0515
Chris.Brand(a)infineon.com<mailto:Chris.Brand@infineon.com>
International Place 13700
V6V 2X8 Richmond
Canada
www.infineon.com<www.cypress.com> www.cypress.com<http://www.cypress.com> Discoveries<http://www.infineon.com/discoveries> Facebook<http://www.facebook.com/infineon> Twitter<http://www.twitter.com/Infineon> LinkedIn<http://www.linkedin.com/company/infineon-technologies>
Part of your life. Part of tomorrow.
NOTICE: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material of Infineon Technologies AG and its affiliated entities which is for the exclusive use of the individual designated above as the recipient. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact immediately the sender by returning e-mail and delete the material from any computer. If you are not the specified recipient, you are hereby notified that all disclosure, reproduction, distribution or action taken on the basis of this message is prohibited.
Hi,
Let's cancel the forum tomorrow due to the empty agenda and the holiday time in Asia.
Best regards,
Anton
From: Anton Komlev via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Thursday, January 27, 2022 4:36 PM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] Technical Forum call - Feb 3
Hi,
The next Technical Forum is planned on Thursday, Feb 3, 7:00-8:00 UTC (Asia time zone).
Please reply on this email with your proposals for agenda topics.
This slot is in Chinese New Year celebration period so we can expect fewer participants from Asia.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi everyone,
I have a few questions related to TF-M code:
1. Default implementation of tfm_hal_system_reset(void) from platform/ext/common/tfm_platform.c<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…> just calls NVIC_SystemReset(), but some ARM platform, take musca_b1 for example, reimplement it (platform/ext/target/arm/musca_b1/sse_200/tfm_hal_platform.c<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…> ).
Custom implementations tend to also disable and clean IRQ and call mpc_revert_non_secure_to_secure_cfg();
Is there any benefits of doing that??? If so then what those benefits are?
1. tfm_core_panic() (secure_fw/spm/ffm/utilities.c<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/secure_fw/…>) when TFM_FIH_PROFILE_ON is defined calls fih_delay() and tfm_hal_system_reset() twice. Is this done to ensure that tfm_hal_system_reset() will be called (even if first one was skipped there is second one)? And if so, can a comment be added there to highlight that intention?
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
