- TF-M - lists.trustedfirmware.org

Re: [TF-M] multiple services within the same SP

by Ken Liu (Arm Technology China)

Hi Alan, Services are listed in SP. SPM could enumerate the services in a SP by the list. You can check the member variable ' service_list' of ' tfm_spm_ipc_partition_t' to know details. -Ken > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, > Alan via TF-M > Sent: Friday, March 8, 2019 9:52 PM > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] multiple services within the same SP > > In a multi-service SP, how does the SP know which SID has been used to connect > to it? > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

7 years

1
0
0 0

multiple services within the same SP

by DeMars, Alan

In a multi-service SP, how does the SP know which SID has been used to connect to it?

7 years

1
0
0 0

Re: [TF-M] META: TF-M Mailing list configuration

by Bill Fletcher

Hi David, Thanks for raising this. I'll contact you directly to review the Mailman configuration. Regards Bill On Thu, 28 Feb 2019, 05:04 David Brown via TF-M, < tf-m(a)lists.trustedfirmware.org> wrote: > I have noticed that this mailing list seems to be configured in a > non-ideal way. > > Primarily, the messages are sent from the list address itself, and a > reply-to header is inserted for the original sender. This at least > often will allow someone to reply to the original sender. > > There are a few problems with this. One is that this tends to break > messages that have been copied to more than one list, especially for > recipients who subscribe to both lists. Admittedly it is better than > the all-to-common practice of setting Reply-to to the list itself, > which effectively steals all replies from any other recipients or > lists that were originally included. > > Secondly, however, this kind of violates the intent of the reply-to > field, which was intended for the originator of the message to be able > to give an alternative address they wish for replies to go to. > > I don't know how this list is hosted, and usually this kind of > configuration results from an ISP that rejects messages. But, I know > a lot of mailing lists are managed with mailman without these > problems, so it should be possible to get this working in a more > homogenous way. > > Lists admins, feel free to contact me if you want any assistance in > trying to configure the list better. > > Thanks, > David > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m >

7 years

1
0
0 0

META: TF-M Mailing list configuration

by David Brown

I have noticed that this mailing list seems to be configured in a non-ideal way. Primarily, the messages are sent from the list address itself, and a reply-to header is inserted for the original sender. This at least often will allow someone to reply to the original sender. There are a few problems with this. One is that this tends to break messages that have been copied to more than one list, especially for recipients who subscribe to both lists. Admittedly it is better than the all-to-common practice of setting Reply-to to the list itself, which effectively steals all replies from any other recipients or lists that were originally included. Secondly, however, this kind of violates the intent of the reply-to field, which was intended for the originator of the message to be able to give an alternative address they wish for replies to go to. I don't know how this list is hosted, and usually this kind of configuration results from an ISP that rejects messages. But, I know a lot of mailing lists are managed with mailman without these problems, so it should be possible to get this working in a more homogenous way. Lists admins, feel free to contact me if you want any assistance in trying to configure the list better. Thanks, David

7 years

1
0
0 0

Re: [TF-M] SecureFault when starting the OS

by Antonio De Angelis

Hi Thomas, Thanks for the feedback. An additional question from me to understand better the issue: are you rebuilding RTX from source, not using the pre-built binaries distributed with CMSIS_5? Since this commit: https://github.com/ARM-software/CMSIS_5/commit/8bce76b03565359f31cd20ed86c2… CMSIS_5 has changed from using __DOMAIN_NS to DOMAIN_NS macro for better MISRA compliance. I think to officially support newer releases of CMSIS, we should update our instructions and define DOMAIN_NS in addition to __DOMAIN_NS, as this define will come into picture for integrations which actually rebuild RTX from the CMSIS_5 repo sources. Thanks, Antonio -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M Sent: 26 February 2019 09:58 To: tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] SecureFault when starting the OS Thanks Miklos and Antonio, You were both spot on. Turned out I had not define DOMAIN_NS=1, which change the last byte from FD to BC. I need to figure out why I need to add that when the documentation says __DOMAIN_NS=1 should be sufficient. Cheers, /Thomas Den 2019-02-25 kl. 17:13, skrev Antonio De Angelis via TF-M: > Hi Thomas, > > As you correctly identified, the value of the EXC_RETURN is not appropriate for the state the exception was taken from. As a quick double check, you can set it manually from a debugger to 0xFFFFFFBC before the exception return takes place and in that case the exception return will happen correctly. You can find more details on the meaning of each bit of the EXC_RETURN register at the following link: https://static.docs.arm.com/100701/0100/armv8_m_processor_exception_handlin… (section 1.10). > > In general, once TF-M has finished booting and has jumped to the NS state, the OS initialisation should take place (you can see as an example in the NS app how the RTX kernel initialisation happens). If the OS manipulates directly the Link Register, it needs to be aware that it's running from the NS state (this can imply a build time configuration step) so that it will set up correctly the default value of the EXC_RETURN when an exception happens. You can find more details in docs/user_guides/os_migration_guide_armv8m.md . > > Thanks, > Antonio > > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of > Thomas Törnblom via TF-M > Sent: 25 February 2019 15:34 > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] SecureFault when starting the OS > > In my work to port TF-M to IAR EWARM I have now gotten the MPC set up so that the startup will properly switch to the NS code. > > I'm now running into an issue where I get a SecureFault when attempting to start the OS. > > The idle and timer threads have been configured and the timer thread has been put on run.curr and SVC_Exit issues a BX LR, which results in a SecureFault. > > SFSR indicates that it is an INVER (Invalid Exception Return): > --- > Invalid exception return flag. This can be caused by EXC_RETURN.DCRS being set to 0 when returning from an exception in the Non-secure state, or by EXC_RETURN.ES being set to 1 when returning from an exception in the Non-secure state. The possible values of this bit are: > 0 Error has not occurred. > 1 Error has occurred. > -- > > LR was 0xfffffffd (DCRS=1, ES=1) and the security bit was cleared, so it appears to be the second condition that triggered the exception. > > What am I missing here? > > Is the OS supposed to be started from NS mode? > > I am still using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, > ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 packs. > > Thanks, > /Thomas > > > *Thomas Törnblom*, /Product Engineer/ > IAR Systems AB > Box 23051, Strandbodgatan 1 > SE-750 23 Uppsala, SWEDEN > Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 > E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> > Website: www.iar.com <http://www.iar.com> > Twitter: www.twitter.com/iarsystems > <http://www.twitter.com/iarsystems> > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems> -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

Re: [TF-M] SecureFault when starting the OS

by Thomas Törnblom

Thanks Miklos and Antonio, You were both spot on. Turned out I had not define DOMAIN_NS=1, which change the last byte from FD to BC. I need to figure out why I need to add that when the documentation says __DOMAIN_NS=1 should be sufficient. Cheers, /Thomas Den 2019-02-25 kl. 17:13, skrev Antonio De Angelis via TF-M: > Hi Thomas, > > As you correctly identified, the value of the EXC_RETURN is not appropriate for the state the exception was taken from. As a quick double check, you can set it manually from a debugger to 0xFFFFFFBC before the exception return takes place and in that case the exception return will happen correctly. You can find more details on the meaning of each bit of the EXC_RETURN register at the following link: https://static.docs.arm.com/100701/0100/armv8_m_processor_exception_handlin… (section 1.10). > > In general, once TF-M has finished booting and has jumped to the NS state, the OS initialisation should take place (you can see as an example in the NS app how the RTX kernel initialisation happens). If the OS manipulates directly the Link Register, it needs to be aware that it's running from the NS state (this can imply a build time configuration step) so that it will set up correctly the default value of the EXC_RETURN when an exception happens. You can find more details in docs/user_guides/os_migration_guide_armv8m.md . > > Thanks, > Antonio > > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M > Sent: 25 February 2019 15:34 > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] SecureFault when starting the OS > > In my work to port TF-M to IAR EWARM I have now gotten the MPC set up so that the startup will properly switch to the NS code. > > I'm now running into an issue where I get a SecureFault when attempting to start the OS. > > The idle and timer threads have been configured and the timer thread has been put on run.curr and SVC_Exit issues a BX LR, which results in a SecureFault. > > SFSR indicates that it is an INVER (Invalid Exception Return): > --- > Invalid exception return flag. This can be caused by EXC_RETURN.DCRS being set to 0 when returning from an exception in the Non-secure state, or by EXC_RETURN.ES being set to 1 when returning from an exception in the Non-secure state. The possible values of this bit are: > 0 Error has not occurred. > 1 Error has occurred. > -- > > LR was 0xfffffffd (DCRS=1, ES=1) and the security bit was cleared, so it appears to be the second condition that triggered the exception. > > What am I missing here? > > Is the OS supposed to be started from NS mode? > > I am still using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, > ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 packs. > > Thanks, > /Thomas > > > *Thomas Törnblom*, /Product Engineer/ > IAR Systems AB > Box 23051, Strandbodgatan 1 > SE-750 23 Uppsala, SWEDEN > Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 > E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> > Website: www.iar.com <http://www.iar.com> > Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems> > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>

7 years

1
0
0 0

Re: [TF-M] SecureFault when starting the OS

by Antonio De Angelis

Hi Thomas, As you correctly identified, the value of the EXC_RETURN is not appropriate for the state the exception was taken from. As a quick double check, you can set it manually from a debugger to 0xFFFFFFBC before the exception return takes place and in that case the exception return will happen correctly. You can find more details on the meaning of each bit of the EXC_RETURN register at the following link: https://static.docs.arm.com/100701/0100/armv8_m_processor_exception_handlin… (section 1.10). In general, once TF-M has finished booting and has jumped to the NS state, the OS initialisation should take place (you can see as an example in the NS app how the RTX kernel initialisation happens). If the OS manipulates directly the Link Register, it needs to be aware that it's running from the NS state (this can imply a build time configuration step) so that it will set up correctly the default value of the EXC_RETURN when an exception happens. You can find more details in docs/user_guides/os_migration_guide_armv8m.md . Thanks, Antonio -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M Sent: 25 February 2019 15:34 To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] SecureFault when starting the OS In my work to port TF-M to IAR EWARM I have now gotten the MPC set up so that the startup will properly switch to the NS code. I'm now running into an issue where I get a SecureFault when attempting to start the OS. The idle and timer threads have been configured and the timer thread has been put on run.curr and SVC_Exit issues a BX LR, which results in a SecureFault. SFSR indicates that it is an INVER (Invalid Exception Return): --- Invalid exception return flag. This can be caused by EXC_RETURN.DCRS being set to 0 when returning from an exception in the Non-secure state, or by EXC_RETURN.ES being set to 1 when returning from an exception in the Non-secure state. The possible values of this bit are: 0 Error has not occurred. 1 Error has occurred. -- LR was 0xfffffffd (DCRS=1, ES=1) and the security bit was cleared, so it appears to be the second condition that triggered the exception. What am I missing here? Is the OS supposed to be started from NS mode? I am still using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 packs. Thanks, /Thomas *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems> -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

7 years

1
0
0 0

Re: [TF-M] SecureFault when starting the OS

by Miklos Balint

Hi Thomas, According to TF-M's design, an RTOS is meant to be started/run in NS. If a non-secure SVC handler is called from thread mode (PSP, no FP, default stacking), the value of LR should be 0xFFFF_FFBC on exception entry. In my experience some v7-M RTOS implementations don't save the EXC_RETURN value on SVC entry but have a default value hard-coded at SVC exit. In a v7-M system the default EXC_RETURN value (assuming no SVC from handlers, and PSP used for thread mode) would be 0xFFFF_FFFD as you describe below, but that's not the case for a NS RTOS in v8-M. (The two bits that are different are EXC_RETURN.S (bit [6]) to indicate NS stack, and EXC_RETURN.ES (bit [0]) to indicate that the Exception was taken to NS) A recommended and future-proof solution is for the RTOS to save the EXC_RETURN value stored in LR on SVC entry, and when returning from the SVC, to restore that and branch, or, if a switch is needed from MSP to PSP, to set EXC_RETURN.SPSEL as needed, but leave the rest of the EXC_RETURN value unchanged. Let me know if this helps, or please provide further details if I failed to catch the root cause. Regards Miklos -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M Sent: 25 February 2019 16:34 To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] SecureFault when starting the OS In my work to port TF-M to IAR EWARM I have now gotten the MPC set up so that the startup will properly switch to the NS code. I'm now running into an issue where I get a SecureFault when attempting to start the OS. The idle and timer threads have been configured and the timer thread has been put on run.curr and SVC_Exit issues a BX LR, which results in a SecureFault. SFSR indicates that it is an INVER (Invalid Exception Return): --- Invalid exception return flag. This can be caused by EXC_RETURN.DCRS being set to 0 when returning from an exception in the Non-secure state, or by EXC_RETURN.ES being set to 1 when returning from an exception in the Non-secure state. The possible values of this bit are: 0 Error has not occurred. 1 Error has occurred. -- LR was 0xfffffffd (DCRS=1, ES=1) and the security bit was cleared, so it appears to be the second condition that triggered the exception. What am I missing here? Is the OS supposed to be started from NS mode? I am still using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 packs. Thanks, /Thomas *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems> -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

7 years

1
0
0 0

SecureFault when starting the OS

by Thomas Törnblom

In my work to port TF-M to IAR EWARM I have now gotten the MPC set up so that the startup will properly switch to the NS code. I'm now running into an issue where I get a SecureFault when attempting to start the OS. The idle and timer threads have been configured and the timer thread has been put on run.curr and SVC_Exit issues a BX LR, which results in a SecureFault. SFSR indicates that it is an INVER (Invalid Exception Return): --- Invalid exception return flag. This can be caused by EXC_RETURN.DCRS being set to 0 when returning from an exception in the Non-secure state, or by EXC_RETURN.ES being set to 1 when returning from an exception in the Non-secure state. The possible values of this bit are: 0 Error has not occurred. 1 Error has occurred. -- LR was 0xfffffffd (DCRS=1, ES=1) and the security bit was cleared, so it appears to be the second condition that triggered the exception. What am I missing here? Is the OS supposed to be started from NS mode? I am still using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 packs. Thanks, /Thomas *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>

7 years

1
0
0 0

Some comments on twincpu mailbox design

by David Hu (Arm Technology China)

Hi Danny, Could you please check my comments on [Mailbox design](https://developer.trustedfirmware.org/w/tf_m/design/twin-cpu/mailbo… in below? I’d like to discuss about some high-level designs at the very first time. We can discuss about details later. 😊 1. As designed in Concepts section, secure core has a single dispatcher thread, which is the main thread on the secure core. AFAIK, there is no such main thread in current TF-M Inter-Process Communication model implementation. Do you mind taking a look at the section "Interaction in thread model" in our [TF-M presentation](https://events.linuxfoundation.org/wp-content/uploads/2017/12… On the other hand, implementing a dedicated thread in TF-M to handling the mailbox events can be a solution. But it might also bring some difficulties in implementation. I'd like to discuss in detail with Transport Layer together. 2. I like the concept of mailbox event. One of the key points is, after the information carried via mailbox arrives in TF-M, how to deliver it to TF-M core. We can have further discussions on the details. 3. PSA Firmware Framework specifies the parameters and return value for PSA Client APIs. Do you think if it is necessary to cover the mailbox message structure containing information of parameters and return value in mailbox design? Thank you. Best regards, Hu Ziji

7 years

2
4
0 0

Re: [TF-M] What is the behavior of SPM between `TZ_StoreContext_S()` and `TZ_LoadContext_S()`

by Ken Liu (Arm Technology China)

Hi Alan, From my point of view, TZ_StoreContext_S() indicates the non-secure thread accesses secure service is getting switching out, no one should access secure services before a calling of TZ_LoadContext_S(). This case could be covered in below condition in PSA FF client APIs (Picked on line from page 49 of PSA FF 1.0 beta0): "Calling psa_connect() is a fatal error and will not return if any of the following conditions are met: * ... * The caller is not authorized to access the RoT Service, see RoT Service access control on page 28. * ..." Pining the calling non-secure thread is the proper way - which means, 'Does not return' to the non-secure thread in this case. There should be no such an API to peek the status of SPM from caller out of SPM. And there should be a similar API for SPM (only) to retrieve the current MemoryID (or information could be represented as MemoryID). BR -Ken > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, > Alan via TF-M > Sent: Thursday, February 21, 2019 10:54 PM > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] What is the behavior of SPM between `TZ_StoreContext_S()` and > `TZ_LoadContext_S()` > > Are calls to psa_connect/call/close allowed after `TZ_StoreContext_S()` has > been called but before `TZ_LoadContext_S()` is called? If not, does that result in > a panic or simply error return codes? > > Is there a secure-side SPM API that can be invoked from a custom veneer > function to determine if the SPM is in the zone between `TZ_StoreContext_S()` > and `TZ_LoadContext_S()`? > > Is there an API that returns the current MemoryId? > > Alan > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

What is the behavior of SPM between `TZ_StoreContext_S()` and `TZ_LoadContext_S()`

by DeMars, Alan

Are calls to psa_connect/call/close allowed after `TZ_StoreContext_S()` has been called but before `TZ_LoadContext_S()` is called? If not, does that result in a panic or simply error return codes? Is there a secure-side SPM API that can be invoked from a custom veneer function to determine if the SPM is in the zone between `TZ_StoreContext_S()` and `TZ_LoadContext_S()`? Is there an API that returns the current MemoryId? Alan

7 years

1
0
0 0

Re: [TF-M] Musca-A SAU setup issues

by Mate Toth-Pal

Hi Thomas, (The code snippets are from the commit with hash 5c1756fbab6097f5688583d11dea5d1271d2d774 on https://review.trustedfirmware.org . I only added some comments at certain points) This symptom is usually caused by a misconfigured MPC. The MPC initialisation is also called from platform\ext\target\musca_a\spm_hal.c: ---------- 8< ---------- void tfm_spm_hal_init_isolation_hw(void) { /* Configures non-secure memory spaces in the target */ sau_and_idau_cfg(); mpc_init_cfg(); /* <- initialise MPC */ ppc_init_cfg(); } ---------- >8 ---------- Looking at mpc_init_cfg: ---------- 8< ---------- void mpc_init_cfg(void) { /* ... */ Driver_QSPI_MPC.Initialize(); Driver_QSPI_MPC.ConfigRegion(memory_regions.non_secure_partition_base, memory_regions.non_secure_partition_limit, ARM_MPC_ATTR_NONSECURE); /* ... */ /* Lock down the MPC configuration */ Driver_QSPI_MPC.LockDown(); /* ... */ /* Add barriers to assure the MPC configuration is done before continue * the execution. */ __DSB(); __ISB(); } ---------- 8< ---------- It is possible to change the MPC behaviour, to raise a bus fault on invalid access instead of the RAZ/WI behaviour, by setting the CFG_SEC_RESP bit in the MPC's control register. You should do something like this after Driver_QSPI_MPC initialisation (see https://developer.arm.com/products/architecture/cpu-architecture/m-profile/… ): ---------- 8< ---------- uint32_t mpc_ctrl; Driver_QSPI_MPC.GetCtrlConfig(&mpc_ctrl); Driver_QSPI_MPC.SetCtrlConfig(mpc_ctrl | 0x10); ---------- 8< ---------- If you don't get the bus fault after this, further troubleshooting is needed. Regards, Mate -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M Sent: 15 February 2019 15:57 To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Musca-A SAU setup issues I am working on porting TF-M to the IAR Embedded Workbench for ARM (EWARM) toolchain and I'm having some issues getting it to start properly. I started out using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 CMSIS packs and I've had to fix things in all of the packs to make the project build with our compiler, some things just to add our tools, some things that were just gcc:isms that are non standard-C. The TF-M code is based on a snapshot of https://git.trustedfirmware.org/trusted-firmware-m.git repository of the following hash: 5c1756fbab6097f5688583d11dea5d1271d2d774 I know that some of these packs are old and I'm also working on a port of the bits on trustedfirmware.org, but I would like to bring the old version up first. The (current) issue I have is that the NS code region becomes inaccessible from the secure part after setting the SAU up and I assume I am missing something. in tfm_core_init() there are calls to: --- tfm_spm_hal_init_isolation_hw(); configure_ns_code(); --- tfm_spm_hal_init_isolation_hw() calls sau_and_idau_cfg(), which sets up: --- /* Configures SAU regions to be non-secure */ SAU->RNR = TFM_NS_REGION_CODE; SAU->RBAR = (memory_regions.non_secure_partition_base & SAU_RBAR_BADDR_Msk); SAU->RLAR = (memory_regions.non_secure_partition_limit & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk; --- After this piece is run, the NS vector table becomes all zeros when viewed from secure mode. This causes the configure_ns_code() call above to fail to pick up the ns_msp and ns_entry addresses, they become 0. If I swap the calls around so they become: --- configure_ns_code(); tfm_spm_hal_init_isolation_hw(); --- then ns_msp and ns_entry are picked up OK. How is this supposed to work? When the SAU is setup I get RAZ/WI when accessing NS memory from S mode, the other way around results is a security violation, which is properly handled by the SecureFault_Handler(). What am I missing? I run into other problems later, but that may very well a consequence of earlier issues. Thanks, /Thomas -- *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems> -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

Re: [TF-M] SYSTICK ownership

by DeMars, Alan

My concern was the value one would provide for the "line_num" field within the manifest. The SYSTICK uses vector 15 which I believe would correspond to "line_num" = -1. I'm not sure the design accommodates negative line_nums. Also, disabling the SYSTICK interrupt while servicing its interrupt can't be handled in the normal way user IRQs are disabled. Special case code would be required in the SPM to support the SYSTICK as a secure partition interrupt. Alan -----Original Message----- From: TF-M [mailto:tf-m-bounces@lists.trustedfirmware.org] On Behalf Of Ken Liu (Arm Technology China) via TF-M Sent: Monday, February 18, 2019 5:34 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd Subject: [EXTERNAL] Re: [TF-M] SYSTICK ownership Hi Alan, From your description, it looks like you want to use secure SYSTICK as an interrupt for Secure Partition, is this correct? In this case, it is similar to the secure interrupt usage. Since the interrupt handling is under developing, I will add a note in the task to remind how we could add SYSTICK as an interrupt in the manifest. BR -Ken > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, > Alan via TF-M > Sent: Saturday, February 16, 2019 7:02 AM > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] SYSTICK ownership > > If not used anywhere else, can a Secure Partition own the secure SYSTICK timer > and its interrupt? > If so, how is it specified in the SP manifest? > > Alan > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

Re: [TF-M] SYSTICK ownership

by Ken Liu (Arm Technology China)

Hi Alan, From your description, it looks like you want to use secure SYSTICK as an interrupt for Secure Partition, is this correct? In this case, it is similar to the secure interrupt usage. Since the interrupt handling is under developing, I will add a note in the task to remind how we could add SYSTICK as an interrupt in the manifest. BR -Ken > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, > Alan via TF-M > Sent: Saturday, February 16, 2019 7:02 AM > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] SYSTICK ownership > > If not used anywhere else, can a Secure Partition own the secure SYSTICK timer > and its interrupt? > If so, how is it specified in the SP manifest? > > Alan > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

Re: [TF-M] interrupts not supported on feature-ipc branch?

by DeMars, Alan

Thanks! I'll check back. -----Original Message----- From: TF-M [mailto:tf-m-bounces@lists.trustedfirmware.org] On Behalf Of Ken Liu (Arm Technology China) via TF-M Sent: Monday, February 18, 2019 5:16 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd Subject: [EXTERNAL] Re: [TF-M] interrupts not supported on feature-ipc branch? Hi Alan, There would be a merge to master in recent days; so master branch will support PSA IPC soon. The interrupts for IPC is under developing, you can check the roadmap to know the plan. Thanks. -Ken > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, > Alan via TF-M > Sent: Saturday, February 16, 2019 7:37 AM > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] interrupts not supported on feature-ipc branch? > > I guess interrupts are only supported on the master branch. > > When will the master branch support PSA IPC? > > Or, when will the feature-ipc branch support interrupts? > > Alan > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

Re: [TF-M] interrupts not supported on feature-ipc branch?

by Ken Liu (Arm Technology China)

Hi Alan, There would be a merge to master in recent days; so master branch will support PSA IPC soon. The interrupts for IPC is under developing, you can check the roadmap to know the plan. Thanks. -Ken > -----Original Message----- > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, > Alan via TF-M > Sent: Saturday, February 16, 2019 7:37 AM > To: tf-m(a)lists.trustedfirmware.org > Subject: [TF-M] interrupts not supported on feature-ipc branch? > > I guess interrupts are only supported on the master branch. > > When will the master branch support PSA IPC? > > Or, when will the feature-ipc branch support interrupts? > > Alan > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years

1
0
0 0

New PSA API proposal

by DeMars, Alan

I obtained the following benchmarks for the 3 PSA APIs psa_connect(), psa_call(), and psa_close() using the attached implementation of a Secure Partition (my_sp.c) and building both my NS application and the SPE image with -O3 optimizations: psa_connect() 2133 cycles psa_call() 2650 cycles psa_close() 2136 cycles The psa_call() numbers were achieved by passing 'MY_SP_MSG_TYPE_NULL' as the message type to my test SP, thus eliminating any invec and outvec processing from the benchmark. The secure partition had been regenerated using the attached tfm manifest to reduce the number of user-provided SPs to just 2: the feature-ipc branch's test PSA service and my test PSA service. With these benchmarks in mind and after reviewing the new PSA-compliant SST API implementations, I propose that a new, more efficient, PSA IPC API be provided for those user-facing SP service requests which require no state in the secure partition. Below is the psa_sst_common() function shared by all of the new PSA compliant sst APIS (snipped from interface/src/tfm_sst_api_ipc.c): static psa_status_t psa_sst_common(uint32_t sid, uint32_t minor_version, const psa_invec *in_vecs, size_t in_len, psa_outvec *out_vecs, size_t out_len) { psa_handle_t handle; psa_status_t status; handle = psa_connect(sid, minor_version); if (handle <= 0) { return PSA_SST_ERR_PARAM_ERROR; } status = psa_call(handle, in_vecs, in_len, out_vecs, out_len); if (status < 0) { status = PSA_SST_ERR_SYSTEM_ERROR; } psa_close(handle); return status; } I propose that the functionality and signature of 'psa_sst_common' be promoted to a formal PSA API. For lack of a better name, call this new API 'psa_ccc()', to convey the meaning that it combines the CONNECT, CALL, and CLOSE functions. Internally, the SPM would skip allocating and deallocating a handle, then pass message type 'PSA_IPC_CCC' to the SP. Here is a crude representation of how the PSA_IPC_CCC message type could be handled by a Secure Partition: case PSA_IPC_CCC: if (inuse) { psa_reply(msg.handle, PSA_CONNECTION_REFUSED); } else { inuse = 1; /* to handle potential SP pre-emption during my_sp_call() case */ r = my_sp_call(&msg); psa_reply(msg.handle, r); inuse = 0; } break; Please consider this proposal. The new API would save the overhead of entering and exiting the SP 3 times for SP service requests that require no state. Alan

7 years, 1 month

1
0
0 0

Re: [TF-M] IRQ handling by Secure Partitions proposal

by DeMars, Alan

Miklos, Thank you for those clarifications. Sorry it's taken so long to reply. I think I now have a basic grasp of how interrupts owned by SPs are managed. Regarding item 4) below, what is the proposal for informing a calling NS thread that a service request can't complete until some future asynchronous event (ie a peripheral interrupt) occurs? Will this be in the form of special psa_call() return codes or is the SP expected to use outvecs to convey that information? How will the calling thread know when the service request can be completed? The idea of a dedicated non-secure interrupt that the SP/SPM triggers has been mentioned several times. Some kind of asynchronous callback dispatcher as hinted at in the "Concurrent secure service requests" paragraph here: https://developer.trustedfirmware.org/w/tf_m/design/ns_client_management/ Is this mechanism being designed by TFM or is this functionality going to be left to the various users of the reference PSA implementation? Should I begin designing this myself? I guess the overarching question is, does the PSA proposal support secure peripheral drivers, and if so, how? Alan -----Original Message----- From: TF-M [mailto:tf-m-bounces@lists.trustedfirmware.org] On Behalf Of Miklos Balint via TF-M Sent: Tuesday, February 05, 2019 8:02 AM To: tf-m(a)lists.trustedfirmware.org Cc: nd Subject: [EXTERNAL] Re: [TF-M] IRQ handling by Secure Partitions proposal Hi Alan, 0, One thing to point out is that my proposal only covers the "Library" or function-call-based model that was the only one implemented on TF-M master branch at the time of writing. PSA Firmware Framework v1.0 with its IPC mechanism has its own design of how interrupts are supposed to be handled by secure threads - my proposal intends to complement that with the same functionality for the other operating model. This clarification addresses point 5 as well, I believe. 1, SPM "Acknowledges the interrupt": this is not the best wording. Actually this is very bad wording. What I meant to say is that SPM's own interrupt handler is started - which is a hardware action, not one by SPM - and SPM ISR in turn masks the interrupt line in NVIC. As you rightly point out, the peripheral itself is of no concern to SPM, that's the business for partition code, either in its own Partition ISR, or a service function. 2. This means that secure PSP is saved for the pre-empted context, set to the stack of the partition that's the owner of the interrupt line, and any additional housekeeping associated with a context switch (PSPLIM setup, isolation re-configuration, privilege setting - all according to the properties of the partition that is to be activated). Lastly, a mock context is created on the partition stack so that the Partition ISR can be activated with an exception return from the SPM ISR. 3a. The Partition ISR is activated by SPM ISR by doing an exception return to the start address of e.g. UART1_ISR() function. In order for this TF-M first needs to create the mock context mentioned in my point 2. The discussion of the stack frame in the text is meant to clarify that there are two possibilities that need to be considered: if the partition is idle, i.e. there are no ongoing service requests in its context, its stack pointer is either at a default value or - potentially - there's no stack associated with the partition. In that case a stack frame needs to be initialized and the mock context set up there. If the partition is handling a request, its original stack pointer needs to be used as the start address for the mock context used for exception return. 3b. After execution of the Partition ISR, execution is returned to the SPM ISR. At this point, SPM can decide to either re-activate the original context that had been pre-empted by the interrupt, or, can take a scheduling decision to activate a different context, e.g. the partition that had called psa_wait(). 4. The current implementation does not allow for the pre-emption of a secure context by non-secure scheduling events, but that is a limitation that could likely be lifted depending on some basic policies that have to be set up by the system integrator. In such a case the NS thread would be blocked waiting on the completion of the secure service, but a pre-emptive NS OS could schedule a different thread if the time slice of the caller thread runs out. Other options are subject to investigation at this point. ... Please let me know if any of the points I've addressed provide clarity instead of making the design more obscure, in which case I would update the design proposal with the extra information. :) And of course let me know if you have further questions. Regards Miklos -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, Alan via TF-M Sent: 02 February 2019 04:29 To: tf-m(a)lists.trustedfirmware.org Subject: [Tf-m] IRQ handling by Secure Partitions proposal Regarding the "SPM behavior" discussion in the "Secure Partition Interrupt Handling" proposal: 1) What is meant by the SPM "Acknowledges the interrupt"? I understand "masks the hardware interrupt line" but I don't see how the SPM can know how to acknowledge a particular peripheral's interrupt. I think acknowledging the interrupt should be done by the "Partition ISR" dedicated to the interrupt, or within the corresponding SP's main loop upon return from psa_wait(). 2) What does "Sets up execution environment for the secure partition" mean, precisely? 3) Can you expand on the "Execute Partition ISR" paragraph a little? I assume you mean that, for instance, the registered UART1_isr() function is called. The discussion of the ISR stack frame I don't really follow. And from the description, I'm not sure when the SP is scheduled to run again to deal with the ISR it was waiting for. 4) A secure partition that depends on an interrupt begs the question of what happens to the NS thread that has called into the SP requesting some service that depends on a subsequent asynchronous event (ISR) to complete the request. The psa_call() function as currently implemented doesn't "block" in the traditional OS sense (ie the thread's context and state are not saved in a manner that allows another task thread to run while the psa_call() is stalled in the SPM waiting for an ISR. 5) The details of SP thread pre-emption and re-entrancy need to be described. Alan -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years, 1 month

1
0
0 0

interrupts not supported on feature-ipc branch?

by DeMars, Alan

I guess interrupts are only supported on the master branch. When will the master branch support PSA IPC? Or, when will the feature-ipc branch support interrupts? Alan

7 years, 1 month

1
0
0 0

SYSTICK ownership

by DeMars, Alan

If not used anywhere else, can a Secure Partition own the secure SYSTICK timer and its interrupt? If so, how is it specified in the SP manifest? Alan

7 years, 1 month

1
0
0 0

Musca-A SAU setup issues

by Thomas Törnblom

I am working on porting TF-M to the IAR Embedded Workbench for ARM (EWARM) toolchain and I'm having some issues getting it to start properly. I started out using the ARM.TFM.1.1.0, ARM.Musca_A1_BSP.2.0.0, ARM.mbedTLS.1.3.1 and ARM.CMSIS.5.5.0-dev2 CMSIS packs and I've had to fix things in all of the packs to make the project build with our compiler, some things just to add our tools, some things that were just gcc:isms that are non standard-C. The TF-M code is based on a snapshot of https://git.trustedfirmware.org/trusted-firmware-m.git repository of the following hash: 5c1756fbab6097f5688583d11dea5d1271d2d774 I know that some of these packs are old and I'm also working on a port of the bits on trustedfirmware.org, but I would like to bring the old version up first. The (current) issue I have is that the NS code region becomes inaccessible from the secure part after setting the SAU up and I assume I am missing something. in tfm_core_init() there are calls to: --- tfm_spm_hal_init_isolation_hw(); configure_ns_code(); --- tfm_spm_hal_init_isolation_hw() calls sau_and_idau_cfg(), which sets up: --- /* Configures SAU regions to be non-secure */ SAU->RNR = TFM_NS_REGION_CODE; SAU->RBAR = (memory_regions.non_secure_partition_base & SAU_RBAR_BADDR_Msk); SAU->RLAR = (memory_regions.non_secure_partition_limit & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk; --- After this piece is run, the NS vector table becomes all zeros when viewed from secure mode. This causes the configure_ns_code() call above to fail to pick up the ns_msp and ns_entry addresses, they become 0. If I swap the calls around so they become: --- configure_ns_code(); tfm_spm_hal_init_isolation_hw(); --- then ns_msp and ns_entry are picked up OK. How is this supposed to work? When the SAU is setup I get RAZ/WI when accessing NS memory from S mode, the other way around results is a security violation, which is properly handled by the SecureFault_Handler(). What am I missing? I run into other problems later, but that may very well a consequence of earlier issues. Thanks, /Thomas -- *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>

7 years, 1 month

1
0
0 0

Re: [TF-M] SPM crashes when built with any non zero optimization level

by Gyorgy Szing

Hi Alan, Please check this ticket https://developer.trustedfirmware.org/T234 Is it possible you are affected by the same issue? /George -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, Alan via TF-M Sent: 14 February 2019 06:59 To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] SPM crashes when built with any non zero optimization level Is anyone else having the problem that enabling optimizations when building the secure image causes the secure partition manager to crash when entered through any of the psa_xxx() IPC veneers? Using GCC -O1, -O2, or -O3 compile options, something seems to go wrong with the SVC context. Everything behaves correctly when built with no optimizations. Alan -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

7 years, 1 month

1
0
0 0

SPM crashes when built with any non zero optimization level

by DeMars, Alan

Is anyone else having the problem that enabling optimizations when building the secure image causes the secure partition manager to crash when entered through any of the psa_xxx() IPC veneers? Using GCC -O1, -O2, or -O3 compile options, something seems to go wrong with the SVC context. Everything behaves correctly when built with no optimizations. Alan

7 years, 1 month

1
0
0 0

Re: [TF-M] [EXTERNAL] Re: Clarification of pre-existing TFM secure service alignment with PSA APIs

by DeMars, Alan

Ken, Thank you confirming my understanding. The new NS interface code in those commits clearly demonstrate the underlying calls to psa_connect(), psa_call(), and psa_close(). Alan > On Feb 11, 2019, at 6:38 PM, Ken Liu (Arm Technology China) via TF-M <tf-m(a)lists.trustedfirmware.org> wrote: > > Hi Alan, > After PSA IPC model takes place, existing services need to be modified to support it. > The action is not a re-implement actually. The basic idea is creating an IPC SP body > and calls existing secure service functions. There are also some commits for reference: > https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/473/ > https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/474/ > > There are IPC compatible items in roadmap reflects the plan: > https://developer.trustedfirmware.org/w/tf_m/planning/ > > Thanks > > -Ken > >> -----Original Message----- >> From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of DeMars, >> Alan via TF-M >> Sent: Tuesday, February 12, 2019 9:39 AM >> To: tf-m(a)lists.trustedfirmware.org >> Subject: [TF-M] Clarification of pre-existing TFM secure service alignment with >> PSA APIs >> >> Is my understanding correct that the existing set of secure services (audit, crypto, >> sst, etc) that use the "Library" or function-call-based-model to enter the SPE are >> being redesigned to conform to the PSA IPC model, meaning that each service >> will be re-implemented as a SP with a forever loop? >> >> If so, does this mean that the existing set of NS-facing APIs associated with each >> secure service will be re-implemented as libraries that funnel all of their calls >> into the SPE through the 3 PSA IPC calls (psa_connect(), psa_call(), and >> psa_close())? >> >> Alan >> -- >> TF-M mailing list >> TF-M(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-m > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m

7 years, 1 month

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-M