Hi Thomas,
It is only the size of the struct that needs to be aligned to the flash program unit, so that the write size is aligned when the struct is programmed to flash. So indeed the attribute puts too strong a constraint on the compiler as it also forces it to allocate these structs at aligned addresses on the stack.
The only vaguely clean, portable way I can think of aligning up the size of the struct alone is something like:
struct its_file_meta_t_padded {
struct its_file_meta_t file_meta;
uint8_t pad[ITS_FLASH_MAX_ALIGNMENT - (sizeof(struct its_file_meta_t) % ITS_FLASH_MAX_ALIGNMENT)];
};
But that has the disadvantage of adding ITS_FLASH_MAX_ALIGNMENT to the size of the struct in the case that it is already aligned (no zero-sized arrays), as well as the extra step of accessing the nested struct each time.
Would be happy to hear any alternative solutions though.
Kind regards,
Jamie
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M
Sent: 26 June 2020 10:07
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] Alignment issues on stack with ITS
ITS defines a few structs with specific alignment requirements, like:
struct __attribute__((__aligned__(ITS_FLASH_MAX_ALIGNMENT)))
its_file_meta_t {
uint32_t lblock; /*!< Logical datablock where file is
* stored
*/
size_t data_idx; /*!< Offset in the logical data block */
size_t cur_size; /*!< Size in storage system for this #
* fragment
*/
size_t max_size; /*!< Maximum size of this file */
uint32_t flags; /*!< Flags set when the file was created */
uint8_t id[ITS_FILE_ID_SIZE]; /*!< ID of this file */
};
This causes issues with the IAR compiler when these structs are declared as autos:
static psa_status_t its_mblock_copy_remaining_block_meta(
struct its_flash_fs_ctx_t *fs_ctx,
uint32_t lblock)
{
struct its_block_meta_t block_meta;
psa_status_t err;
uint32_t meta_block;
size_t pos;
uint32_t scratch_block;
size_t size;
...
The IAR compiler gives these errors if the alignment is 0x10 (the stack is 8 byte aligned):
struct its_block_meta_t block_meta;
^
"C:\Users\thomasto\Projects\tf-m1\trusted-firmware-m\secure_fw\partitions\internal_trusted_storage\flash_fs\its_flash_fs_mblock.c",415 Error[Ta121]:
Auto variable "block_meta" cannot have a stricter alignment than the
stack
I assume this alignment is only required for the flash, so the alignment attributes should be set when declaring variables in the flash, not on the type.
Comments?
Cheers,
Thomas
--
Thomas Törnblom, Product Engineer
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com<mailto:thomas.tornblom@iar.com> Website: www.iar.com<http://www.iar.com>
Twitter: www.twitter.com/iarsystems<http://www.twitter.com/iarsystems>
Thanks Anton,
I worked around it with:
git rebase 7946bdd3 --onto 7946bdd3^
Cheers,
Thomas
Den 2020-06-26 kl. 14:30, skrev Anton Komlev via TF-M:
>
> Thanks, Thomas.
>
> Yes, it was noted right after RC1 applied. The problem affects the
> build (not code) on Windows platform only.
>
> While waiting for the fix we do continue tests using Linux build.
>
> A fix will be applied or the patch reverted before TF-M release or
> with RC2, if happen.
>
> Cheers,
>
> Anton
>
> *From:* TF-M <tf-m-bounces(a)lists.trustedfirmware.org> *On Behalf Of
> *Thomas Törnblom via TF-M
> *Sent:* 26 June 2020 09:23
> *To:* DeMars, Alan via TF-M <tf-m(a)lists.trustedfirmware.org>
> *Subject:* [TF-M] Build issues with GNUARM with 7946bdd3
>
> The merge of "Build: Add support for specifying GNUARM_PREFIX" appears
> to break GNUARM builds.
>
> [100%] Linking C static library mbedcrypto.a
> /usr/bin/sh: CMAKE_GNUARM_AR-NOTFOUND: command not found
> make[5]: *** [library/mbedcrypto.a] Fel 127
> make[4]: *** [library/CMakeFiles/mbedcrypto.dir/all] Fel 2
> make[3]: *** [all] Fel 2
> make[2]: ***
> [secure_fw/partitions/crypto/mbedcrypto_lib-prefix/src/mbedcrypto_lib-stamp/mbedcrypto_lib-build]
> Fel 2
> make[1]: ***
> [secure_fw/partitions/crypto/CMakeFiles/mbedcrypto_lib.dir/all] Fel 2
> make: *** [all] Fel 2
>
> Excluding this commit is a workaround.
>
> This is on Win 10.
>
> Cheers,
> Thomas
>
> --
>
> *Thomas Törnblom*, /Product Engineer/
> IAR Systems AB
> Box 23051, Strandbodgatan 1
> SE-750 23 Uppsala, SWEDEN
> Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
> E-mail: thomas.tornblom(a)iar.com
> <mailto:thomas.tornblom@iar.com>Website: www.iar.com <http://www.iar.com>
> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>
>
>
--
*Thomas Törnblom*, /Product Engineer/
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com>
Website: www.iar.com <http://www.iar.com>
Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>
Thanks, Thomas.
Yes, it was noted right after RC1 applied. The problem affects the build (not code) on Windows platform only.
While waiting for the fix we do continue tests using Linux build.
A fix will be applied or the patch reverted before TF-M release or with RC2, if happen.
Cheers,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M
Sent: 26 June 2020 09:23
To: DeMars, Alan via TF-M <tf-m(a)lists.trustedfirmware.org>
Subject: [TF-M] Build issues with GNUARM with 7946bdd3
The merge of "Build: Add support for specifying GNUARM_PREFIX" appears to break GNUARM builds.
[100%] Linking C static library mbedcrypto.a
/usr/bin/sh: CMAKE_GNUARM_AR-NOTFOUND: command not found
make[5]: *** [library/mbedcrypto.a] Fel 127
make[4]: *** [library/CMakeFiles/mbedcrypto.dir/all] Fel 2
make[3]: *** [all] Fel 2
make[2]: *** [secure_fw/partitions/crypto/mbedcrypto_lib-prefix/src/mbedcrypto_lib-stamp/mbedcrypto_lib-build] Fel 2
make[1]: *** [secure_fw/partitions/crypto/CMakeFiles/mbedcrypto_lib.dir/all] Fel 2
make: *** [all] Fel 2
Excluding this commit is a workaround.
This is on Win 10.
Cheers,
Thomas
--
Thomas Törnblom, Product Engineer
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com<mailto:thomas.tornblom@iar.com> Website: www.iar.com<http://www.iar.com>
Twitter: www.twitter.com/iarsystems<http://www.twitter.com/iarsystems>
> On Jun 26, 2020, at 3:23 AM, Thomas Törnblom via TF-M <tf-m(a)lists.trustedfirmware.org> wrote:
>
> The merge of "Build: Add support for specifying GNUARM_PREFIX" appears to break GNUARM builds.
>
> [100%] Linking C static library mbedcrypto.a
> /usr/bin/sh: CMAKE_GNUARM_AR-NOTFOUND: command not found
> make[5]: *** [library/mbedcrypto.a] Fel 127
> make[4]: *** [library/CMakeFiles/mbedcrypto.dir/all] Fel 2
> make[3]: *** [all] Fel 2
> make[2]: *** [secure_fw/partitions/crypto/mbedcrypto_lib-prefix/src/mbedcrypto_lib-stamp/mbedcrypto_lib-build] Fel 2
> make[1]: *** [secure_fw/partitions/crypto/CMakeFiles/mbedcrypto_lib.dir/all] Fel 2
> make: *** [all] Fel 2
>
> Excluding this commit is a workaround.
>
> This is on Win 10.
>
> Cheers,
> Thomas
Is this issue seen on any other host OS? Linux, Mac OS X? Which specific toolchain are you using?
- k
ITS defines a few structs with specific alignment requirements, like:
struct __attribute__((__aligned__(ITS_FLASH_MAX_ALIGNMENT)))
its_file_meta_t {
uint32_t lblock; /*!< Logical datablock where file is
* stored
*/
size_t data_idx; /*!< Offset in the logical data block */
size_t cur_size; /*!< Size in storage system for this #
* fragment
*/
size_t max_size; /*!< Maximum size of this file */
uint32_t flags; /*!< Flags set when the file was
created */
uint8_t id[ITS_FILE_ID_SIZE]; /*!< ID of this file */
};
This causes issues with the IAR compiler when these structs are declared
as autos:
static psa_status_t its_mblock_copy_remaining_block_meta(
struct its_flash_fs_ctx_t
*fs_ctx,
uint32_t lblock)
{
struct its_block_meta_t block_meta;
psa_status_t err;
uint32_t meta_block;
size_t pos;
uint32_t scratch_block;
size_t size;
...
The IAR compiler gives these errors if the alignment is 0x10 (the stack
is 8 byte aligned):
struct its_block_meta_t block_meta;
^
"C:\Users\thomasto\Projects\tf-m1\trusted-firmware-m\secure_fw\partitions\internal_trusted_storage\flash_fs\its_flash_fs_mblock.c",415
Error[Ta121]:
Auto variable "block_meta" cannot have a stricter alignment
than the
stack
I assume this alignment is only required for the flash, so the alignment
attributes should be set when declaring variables in the flash, not on
the type.
Comments?
Cheers,
Thomas
--
*Thomas Törnblom*, /Product Engineer/
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com>
Website: www.iar.com <http://www.iar.com>
Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>
The merge of "Build: Add support for specifying GNUARM_PREFIX" appears
to break GNUARM builds.
[100%] Linking C static library mbedcrypto.a
/usr/bin/sh: CMAKE_GNUARM_AR-NOTFOUND: command not found
make[5]: *** [library/mbedcrypto.a] Fel 127
make[4]: *** [library/CMakeFiles/mbedcrypto.dir/all] Fel 2
make[3]: *** [all] Fel 2
make[2]: ***
[secure_fw/partitions/crypto/mbedcrypto_lib-prefix/src/mbedcrypto_lib-stamp/mbedcrypto_lib-build]
Fel 2
make[1]: ***
[secure_fw/partitions/crypto/CMakeFiles/mbedcrypto_lib.dir/all] Fel 2
make: *** [all] Fel 2
Excluding this commit is a workaround.
This is on Win 10.
Cheers,
Thomas
--
*Thomas Törnblom*, /Product Engineer/
IAR Systems AB
Box 23051, Strandbodgatan 1
SE-750 23 Uppsala, SWEDEN
Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01
E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com>
Website: www.iar.com <http://www.iar.com>
Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>
Hi,
Please find the presentation materials attached for Secure functions topic.
Reminder, the PSA L3 isolation design is here: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/4730
The best,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: 25 June 2020 13:38
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: Re: [TF-M] TF-M Technical Forum Agenda - June 25
Hello,
The agenda for today's forum:
* PSA Isolation (level 3) design review
* Secure Function model
* Any other business, if time permitted.
See you soon,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: 17 June 2020 12:55
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: [TF-M] TF-M Technical Forum call - June 25
Hello,
The next Technical Forum is planned on Thursday, June 25 at 15:00-16:00 UTC (US time zone).
This is exceptional time zone change because of a public holiday in China that day.
Please reply on this email with your proposals for agenda topics.
Best regards,
Anton Komlev
Hello,
The agenda for today's forum:
* PSA Isolation (level 3) design review
* Secure Function model
* Any other business, if time permitted.
See you soon,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: 17 June 2020 12:55
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] TF-M Technical Forum call - June 25
Hello,
The next Technical Forum is planned on Thursday, June 25 at 15:00-16:00 UTC (US time zone).
This is exceptional time zone change because of a public holiday in China that day.
Please reply on this email with your proposals for agenda topics.
Best regards,
Anton Komlev
Curious if the intent is that the tf-m-tests repo would eventually be optional?
- k
> On Jun 19, 2020, at 5:29 AM, Anton Komlev via TF-M <tf-m(a)lists.trustedfirmware.org> wrote:
>
> Hi,
>
> Following TF-M project restructuring, let me bring your attention to the new repository: tf-m-tests repo
> The intention is to migrate testing related code/libraries/tools there and clean the main repository.
> Patches have been made. Please be aware of the change.
> At this moment it does not affect the project development but in the future to test TF-M you will need to use this tf-m-tests repo.
>
> Thanks,
> Anton Komlev
> --
> TF-M mailing list
> TF-M(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tf-m
Hi All,
Both trusted-firmware-m and tf-m-tests repositories are tagged with TF-Mv1.1-RC1 tag marking the code freeze and beginning of the release candidate testing.
Best regards,
Anton Komlev
Tech Lead of TF-M in Arm Ltd.
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Shebu Varghese Kuriakose via TF-M
Sent: 10 June 2020 18:28
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] TF-M v1.1 - Heads up
Hi All,
Just a heads up that TF-Mv1.1 tag is planned for middle to end of July. Code freeze of TF-M master is aimed around end of June to allow enough time for testing.
Similar to TF-Mv1.0 and previous tags, v1.1 will include all TF-M changes in TF-M master available till code freeze in end of June.
Availability of the tag will be notified via. this mailing list.
Thanks,
Shebu
Technology Manager-TF-M, Arm Ltd.
