Hello,
During my update to the new TFM version (after one month pause),
occurs the MPU Fault Handler in the 'Test secure irq' regression test (TFM_ENABLE_IRQ_TEST is enabled).
The reason is that the test partition is defined as APP_ROT (non-privileged), but the test accesses to the NS memory region (dined as Privileged by default):
spm_irq_test_1_prepare_test_scenario_internal(enum irq_test_scenario_t irq_test_scenario, struct irq_test_execution_data_t *execution_data)
"execution_data" points to a global structure in NS RAM area provided by the NS test.
The workaround:
Define the IRQ test partition as PSA_ROT (privileged). Is it OK?
Is this known issue?
Thanks,
Andrej Butok
Hi Thomas,
Should be review.trustedfirmware.org/c/TF-M/tf-m-tests
Just replace "trusted-firmware-m" with "tf-m-tests" in the URL you push patches for TF-M.
Best Regards,
Kevin
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M
Sent: Monday, June 22, 2020 3:36 PM
To: tf-m(a)lists.trustedfirmware.org
Subject: Re: [TF-M] new tf-m-test repository
What is the URL to push patches to this repo?
I attempted to push the IAR RTX libraries but it failed.
Cheers,
Thomas
Den 2020-06-19 kl. 12:29, skrev Anton Komlev via TF-M:
Hi,
Following TF-M project restructuring, let me bring your attention to the new repository: tf-m-tests repo<https://git.trustedfirmware.org/TF-M/tf-m-tests.git/>
The intention is to migrate testing related code/libraries/tools there and clean the main repository.
Patches have been made. Please be aware of the change.
At this moment it does not affect the project development but in the future to test TF-M you will need to use this tf-m-tests repo.
Thanks,
Anton Komlev
--
Thomas Törnblom, Product Engineer
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com<mailto:thomas.tornblom@iar.com> Website: www.iar.com<http://www.iar.com>
Twitter: www.twitter.com/iarsystems<http://www.twitter.com/iarsystems>
What is the URL to push patches to this repo?
I attempted to push the IAR RTX libraries but it failed.
Cheers,
Thomas
Den 2020-06-19 kl. 12:29, skrev Anton Komlev via TF-M:
>
> Hi,
>
> Following TF-M project restructuring, let me bring your attention to
> the new repository: *tf-m-tests* repo
> <https://git.trustedfirmware.org/TF-M/tf-m-tests.git/>
>
> The intention is to migrate testing related code/libraries/tools there
> and clean the main repository.
>
> Patches have been made. Please be aware of the change.
>
> At this moment it does not affect the project development but in the
> future to test TF-M you will need to use this tf-m-tests repo.
>
> Thanks,
>
> Anton Komlev
>
>
--
*Thomas Törnblom*, /Product Engineer/
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com>
Website: www.iar.com <http://www.iar.com>
Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>
Hi all,
Symmetric initial attestation patches are merged. Symmetric initial attestation now is enabled in TF-M Profile Small.
Thanks a lot for the review and support.
Best regards,
Hu Ziji
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of David Hu via TF-M
Sent: Monday, May 18, 2020 3:34 PM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] Ask for final review of symmetric based initial attestation design
Hi all,
May I ask for a final round of review on symmetric initial attestation design document on https://review.trustedfirmware.org/c/trusted-firmware-m/+/3898?
The document has been reviewed for a long time and received many valuable comments. Thanks a lot.
If there is no further critical comment, I'd like to merge this design this Friday.
Best regards,
Hu Ziji
Thanks Anton.
As you may have noticed, the CMSIS RTX libraries have been added to the tf-m-tests.
There are also patches<https://review.trustedfirmware.org/q/topic:%22CMSIS_5_to_tfm_tests%22+(stat…> for TF-M to reference the libraries from tf-m-tests.
The plan is to merge them before TF-M 1.1 release code freeze (around end of June).
You would need to clone the tf-m-tests repo to build TF-M when these patches were merged.
Best Regards,
Kevin
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: Friday, June 19, 2020 6:30 PM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] new tf-m-test repository
Hi,
Following TF-M project restructuring, let me bring your attention to the new repository: tf-m-tests repo<https://git.trustedfirmware.org/TF-M/tf-m-tests.git/>
The intention is to migrate testing related code/libraries/tools there and clean the main repository.
Patches have been made. Please be aware of the change.
At this moment it does not affect the project development but in the future to test TF-M you will need to use this tf-m-tests repo.
Thanks,
Anton Komlev
Hi,
Following TF-M project restructuring, let me bring your attention to the new repository: tf-m-tests repo<https://git.trustedfirmware.org/TF-M/tf-m-tests.git/>
The intention is to migrate testing related code/libraries/tools there and clean the main repository.
Patches have been made. Please be aware of the change.
At this moment it does not affect the project development but in the future to test TF-M you will need to use this tf-m-tests repo.
Thanks,
Anton Komlev
Hi Everyone
I have pushed the proposal for release cadence and process for here : https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/4635
This mainly follows the TF-A release process. The release cadence period is set to be 4 months with a code freeze of up to 3 weeks.
Best Regards
Soby Mathew
Hi Andrej,
The PSA Storage spec (available here https://developer.arm.com/architectures/security-architectures/platform-sec…) states that the Protected Storage service should be implemented inside the Application Root of Trust.
The principle is that the PSA Root of Trust should be kept as small as possible, to reduce the attack surface of the most privileged part of the system. As Protected Storage neither needs the privileges of the PSA Root of Trust nor is used by any PSA Root of Trust service, it should be implemented inside the Application Root of Trust.
Kind regards,
Jamie
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M
Sent: 18 June 2020 09:16
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] PS => AP ROT
Hello,
I have just notices that the TFM Protected Storage service partition has been changed from PSA ROT to APP ROT.
Just curious, what is a reason?
May it stay PSA ROT?
Thank you in advance,
Andrej Butok
Hello,
I have just notices that the TFM Protected Storage service partition has been changed from PSA ROT to APP ROT.
Just curious, what is a reason?
May it stay PSA ROT?
Thank you in advance,
Andrej Butok
Hello,
The next Technical Forum is planned on Thursday, June 25 at 15:00-16:00 UTC (US time zone).
This is exceptional time zone change because of a public holiday in China that day.
Please reply on this email with your proposals for agenda topics.
Best regards,
Anton Komlev
