Hi Reinhard,
Do you mind describing more details about separating single core v8M from dual core v7M?
Do you require more documents or some improvement on code?
Best regards,
Hu Ziji
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Reinhard Keil via TF-M
Sent: Monday, March 2, 2020 6:10 PM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] Call for a feedback on TF-M adaptation experience
Hi Anton, Hi Kevin,
Thanks for starting this discussion. Let me give you my view on it.
I think the problem can be structured in these parts:
* Give documentation a better overall structure
* Clearly separate single core v8M from dual core v7M
* Describe the overall structure of the files and configuration options of TF-M
* Describe resource requirements of TF-M core
* Describe platform interfaces and provide templates
* Describe how a Service is added to TF-M
* Describe the tools/utilities that are used for TF-M
While the debugging aspect raised by Kevin is relevant, it is a generic problem for all v8-M projects, not just for TF-M. I'm supportive to provide tools like pyOCD, but we need proper resourcing for it (maybe a separate project). It should be also noted that the industry works typically with tools like EWARM, MDK, or vendor specific tools like STCube or MCUxpresso. Hence we should not directly add too much tool-specific information to TF-M itself.
Now let me give more context to each of the above topics.
----
Give documentation a better overall structure
The Trusted Firmware-M documentation starts here:
https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…
While this is already a User's Guide, it contains two more user's guides
https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…
For an outsider it is unclear where to start.
Clearly separate single core v8M from dual core v7M
This seems to be somewhat better now as it seems that below only refers to v8M single core: https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…
Describe the overall structure of the files and configuration options of TF-M
I was looking for something like this:
https://arm-software.github.io/CMSIS_5/RTOS2/html/pDirectory_Files.htmlhttps://arm-software.github.io/CMSIS_5/RTOS2/html/config_rtx5.html
Describe resource requirements of TF-M core
Take a look here to understand that request
https://arm-software.github.io/CMSIS_5/RTOS2/html/pHardwareRequirements.html
Important is also to document the interrupt behaviour (for both the secure and non-secure side). I know that this is tricky.
For RTX we have this here: https://arm-software.github.io/CMSIS_5/RTOS2/html/cre_rtx_proj.html#cre_Usi…
For TF-M this depends on a lot of other parameters.
Describe platform interfaces and provide templates
What I mean by that are the functions itself that are called by TF_M core.
This is an example of the OS_Tick interface that RTX is using. TF-M core has similar interfaces to setup MPC, PPC, SAU, etc.
https://arm-software.github.io/CMSIS_5/RTOS2/html/group__CMSIS__RTOS__TickA…
Describe how a Service is added to TF-M
Assume I have functions currently used in NS. What would be the process to move this functions into TF-M as a service.
How does the API interface change, what modifications do I need (ideally I would like to have the same API interface after it).
Are the any rules for the API interface itself.
You could also provide an example for that, i.e. functions that read a PIN number from an secure keypad or open a DOOR depending on a verification.
I know making a good product is hard and takes time. CMSIS is not perfect either. Let me know if you have any questions.
Reinhard
Hi,
So, I have submitted the mbedCrypto issue https://github.com/ARMmbed/mbed-crypto/issues/380
Several missed functions were implemented in the latest mbedCrypto. Please read the comment.
They also need clarification about the PSA failed test:
1)"psa_asymmetric_encrypt does not have support for ECC keys" - that's true, the specification currently does not define any algorithm for psa_asymmetric_encrypt that uses ECC keys. What's the problem there?
2) For the incorrect key derivation error codes, what are the problematic inputs?
3) For "psa_generate_key generates incorrect key length for RSA", what are the problematic inputs?
Could you clarify or this is the PSA-Test-Suite task?
BTW:
1) mbedCrypto does not use the PSA test suite for testing (they have own tests).
2) PSA Test Suite does not inform mbedCrypto about found PSA issues.
3) TFM updates to the latest mbedCrypto have to be more often (ideally after each mbedCrypto release).
4) Better synchronization between the PSA Projects is needed.
Thanks,
Andrej Butok
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M
Sent: Friday, February 28, 2020 1:20 PM
To: Anton Komlev <Anton.Komlev(a)arm.com>
Cc: tf-m(a)lists.trustedfirmware.org
Subject: Re: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hi Anton,
OK. So this is the known issue. Is there any plan when it should be implemented?
As the test-log is used for a PSA certification, may we disable the failed tests?
BTW: As this is known issue, I did not notice it here https://github.com/ARMmbed/mbed-crypto/issues?page=1&q=is%3Aissue+is%3Aopen…<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.co…>
Thanks,
Andrej
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: Friday, February 28, 2020 12:14 PM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: Re: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello Andrej,
As you noted, the main reason of test failures is unimplemented PSA functions. Those functions are directly dependent on Embed-Crypto library where they are missed or API is not adjusted.
Recently TF-M was upgraded Embed-Crypto library from v1.0.0 to v3.0.1 and will continue so, increasing test suite coverage.
Best regards,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Andrej Butok via TF-M
Sent: 28 February 2020 09:46
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Subject: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello,
After update to the latest TFM and to the latest PSA-Test Suite, 23 Crypto Tests are failed:
************ Crypto Suite Report **********
TOTAL TESTS : 61
TOTAL PASSED : 37
TOTAL SIM ERROR : 0
TOTAL FAILED : 23
TOTAL SKIPPED : 1
******************************************
The main reason is that many of PSA Crypto functions are not implemented by TFM.
Is there a plan to fix it?
Thanks,
Andrej
Hi Anton, Hi Kevin,
Thanks for starting this discussion. Let me give you my view on it.
I think the problem can be structured in these parts:
* Give documentation a better overall structure
* Clearly separate single core v8M from dual core v7M
* Describe the overall structure of the files and configuration options of TF-M
* Describe resource requirements of TF-M core
* Describe platform interfaces and provide templates
* Describe how a Service is added to TF-M
* Describe the tools/utilities that are used for TF-M
While the debugging aspect raised by Kevin is relevant, it is a generic problem for all v8-M projects, not just for TF-M. I'm supportive to provide tools like pyOCD, but we need proper resourcing for it (maybe a separate project). It should be also noted that the industry works typically with tools like EWARM, MDK, or vendor specific tools like STCube or MCUxpresso. Hence we should not directly add too much tool-specific information to TF-M itself.
Now let me give more context to each of the above topics.
----
Give documentation a better overall structure
The Trusted Firmware-M documentation starts here:
https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…
While this is already a User's Guide, it contains two more user's guides
https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…
For an outsider it is unclear where to start.
Clearly separate single core v8M from dual core v7M
This seems to be somewhat better now as it seems that below only refers to v8M single core: https://ci.trustedfirmware.org/job/tf-m-build-test-nightly/lastSuccessfulBu…
Describe the overall structure of the files and configuration options of TF-M
I was looking for something like this:
https://arm-software.github.io/CMSIS_5/RTOS2/html/pDirectory_Files.htmlhttps://arm-software.github.io/CMSIS_5/RTOS2/html/config_rtx5.html
Describe resource requirements of TF-M core
Take a look here to understand that request
https://arm-software.github.io/CMSIS_5/RTOS2/html/pHardwareRequirements.html
Important is also to document the interrupt behaviour (for both the secure and non-secure side). I know that this is tricky.
For RTX we have this here: https://arm-software.github.io/CMSIS_5/RTOS2/html/cre_rtx_proj.html#cre_Usi…
For TF-M this depends on a lot of other parameters.
Describe platform interfaces and provide templates
What I mean by that are the functions itself that are called by TF_M core.
This is an example of the OS_Tick interface that RTX is using. TF-M core has similar interfaces to setup MPC, PPC, SAU, etc.
https://arm-software.github.io/CMSIS_5/RTOS2/html/group__CMSIS__RTOS__TickA…
Describe how a Service is added to TF-M
Assume I have functions currently used in NS. What would be the process to move this functions into TF-M as a service.
How does the API interface change, what modifications do I need (ideally I would like to have the same API interface after it).
Are the any rules for the API interface itself.
You could also provide an example for that, i.e. functions that read a PIN number from an secure keypad or open a DOOR depending on a verification.
I know making a good product is hard and takes time. CMSIS is not perfect either. Let me know if you have any questions.
Reinhard
Hi Anton,
OK. So this is the known issue. Is there any plan when it should be implemented?
As the test-log is used for a PSA certification, may we disable the failed tests?
BTW: As this is known issue, I did not notice it here https://github.com/ARMmbed/mbed-crypto/issues?page=1&q=is%3Aissue+is%3Aopen…
Thanks,
Andrej
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: Friday, February 28, 2020 12:14 PM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: Re: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello Andrej,
As you noted, the main reason of test failures is unimplemented PSA functions. Those functions are directly dependent on Embed-Crypto library where they are missed or API is not adjusted.
Recently TF-M was upgraded Embed-Crypto library from v1.0.0 to v3.0.1 and will continue so, increasing test suite coverage.
Best regards,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Andrej Butok via TF-M
Sent: 28 February 2020 09:46
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Subject: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello,
After update to the latest TFM and to the latest PSA-Test Suite, 23 Crypto Tests are failed:
************ Crypto Suite Report **********
TOTAL TESTS : 61
TOTAL PASSED : 37
TOTAL SIM ERROR : 0
TOTAL FAILED : 23
TOTAL SKIPPED : 1
******************************************
The main reason is that many of PSA Crypto functions are not implemented by TFM.
Is there a plan to fix it?
Thanks,
Andrej
Hello Andrej,
As you noted, the main reason of test failures is unimplemented PSA functions. Those functions are directly dependent on Embed-Crypto library where they are missed or API is not adjusted.
Recently TF-M was upgraded Embed-Crypto library from v1.0.0 to v3.0.1 and will continue so, increasing test suite coverage.
Best regards,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M
Sent: 28 February 2020 09:46
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello,
After update to the latest TFM and to the latest PSA-Test Suite, 23 Crypto Tests are failed:
************ Crypto Suite Report **********
TOTAL TESTS : 61
TOTAL PASSED : 37
TOTAL SIM ERROR : 0
TOTAL FAILED : 23
TOTAL SKIPPED : 1
******************************************
The main reason is that many of PSA Crypto functions are not implemented by TFM.
Is there a plan to fix it?
Thanks,
Andrej
Hi Anton,
One particular difficulty I've encountered working with TF-M for the Zephyr
certification demo app, and with the LPC55S69 port to upstream TF-M is the
debugging experience with GDB and the dual execution environments. GDB can
be quite powerful if you are familiar with it, but there is a definite
learning curve, and the S and NS separation and the dual binary images
(three with BL2) adds an additional degree of complexity.
I think having a dedicated debugging tutorial around GDB would be very
useful to people adopting TF-M and perhaps new to GDB, just to show how
some basic debugging might happen, how to debug across the NS/S boundary,
etc.
For example, the '--tui' option for GDB may not be very well known, and it
may be useful to highlight (see screenshots at the bottom of this issue:
https://github.com/microbuilder/trusted-firmware-m/issues/1)
Practical, step-by-step debugging documentation just seems like a good
investment to help flatten this inevitable learning curve developing
real-world solutions with TF-M?
Best regards,
Kevin
On Thu, 27 Feb 2020 at 13:13, Anton Komlev via TF-M <
tf-m(a)lists.trustedfirmware.org> wrote:
> A kind reminder.
> Your feedback is valuable all the time with no deadline defined.
>
>
>
> *From:* TF-M <tf-m-bounces(a)lists.trustedfirmware.org> * On Behalf Of *Anton
> Komlev via TF-M
> *Sent:* 07 February 2020 13:13
> *To:* tf-m(a)lists.trustedfirmware.org
> *Cc:* nd <nd(a)arm.com>
> *Subject:* [TF-M] Call for a feedback on TF-M adaptation experience
>
>
>
> Dear All,
>
>
>
> As I mentioned on yesterday’s call, there is a concern on user experience
> related to TF-M use.
>
> To In order to understand and potentially improve it I am looking for a
> voice of partners who adopted TF-M project.
>
> Please share your experience and thoughts on parts which are good or might
> be done better to simplify TF-M integration with your project.
>
>
>
> You feedback will be very appreciated in any form – as a response to this
> mail or as a direct mail to me (anton.komlev(a)arm.com) if it’s more
> comfortable for you.
>
>
>
> Thank you in advance,
>
> Anton
> --
> TF-M mailing list
> TF-M(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tf-m
>
Hello,
After update to the latest TFM and to the latest PSA-Test Suite, 23 Crypto Tests are failed:
************ Crypto Suite Report **********
TOTAL TESTS : 61
TOTAL PASSED : 37
TOTAL SIM ERROR : 0
TOTAL FAILED : 23
TOTAL SKIPPED : 1
******************************************
The main reason is that many of PSA Crypto functions are not implemented by TFM.
Is there a plan to fix it?
Thanks,
Andrej
Hi Anton,
I'd like to share about the current design and draft implementation of TF-M Profile 1.
Best regards,
Hu Ziji
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: Tuesday, February 25, 2020 1:11 AM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] TF-M Technical Forum call - March 5
Dear All,
The next Technical Forum is planned on Thursday, March 5 at 7:00-8:00 UTC.
Please reply on this email with your proposals for agenda topics.
Best regards,
Anton Komlev
A kind reminder.
Your feedback is valuable all the time with no deadline defined.
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: 07 February 2020 13:13
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] Call for a feedback on TF-M adaptation experience
Dear All,
As I mentioned on yesterday's call, there is a concern on user experience related to TF-M use.
To In order to understand and potentially improve it I am looking for a voice of partners who adopted TF-M project.
Please share your experience and thoughts on parts which are good or might be done better to simplify TF-M integration with your project.
You feedback will be very appreciated in any form - as a response to this mail or as a direct mail to me (anton.komlev(a)arm.com<mailto:anton.komlev@arm.com>) if it's more comfortable for you.
Thank you in advance,
Anton
Hi Everyone
The below mentioned patches have been merged to TF-M master. The Open CI is also updated to pull in the right version of mbed-crypto (3.0.1) and it should now show results as expected. You may to have rebase your existing patches currently in review if you need to run CI tests.
Best Regards
Soby Mathew
> -----Original Message-----
> From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Soby
> Mathew via TF-M
> Sent: 18 February 2020 11:38
> To: 'tf-m(a)lists.trustedfirmware.org' <tf-m(a)lists.trustedfirmware.org>
> Cc: nd <nd(a)arm.com>
> Subject: [TF-M] Update Crypto, SST and Attestation services to the latest
> versions
>
> Hi Everyone,
> This is a heads up that there are patches in review which update the Crypto,
> SST and Attestation services to latest versions of their respective specifications :
>
> 1. Crypto-service migration to Mbed Crypto 3.0.1
>
> The patches is available here :
> https://review.trustedfirmware.org/q/topic:%22crypto_update%22+(status:ope
> n%20OR%20status:merged)
>
> This migrates the crypto service to the latest implementation of PSA
> specification as implemented by mbed-crypto.
>
> 2. SST: Implement PSA Protected Storage 1.0
>
> https://review.trustedfirmware.org/q/topic:%22sst-1.0-
> update%22+(status:open%20OR%20status:merged)
>
> 3. Initial Attestation: Align interface to PSA API 1.0
>
> https://git.trustedfirmware.org/trusted-firmware-m.git/commit/?h=feature-
> psa-dev-api-update&id=b8d88ce6fb7c8e7301f32ab7f6b36dd796692f98
>
> and
>
> https://git.trustedfirmware.org/trusted-firmware-m.git/commit/?h=feature-
> psa-dev-api-update&id=12c02d16958c9dbd57a6bebe6f29b7a207355831
>
> These patches are expected to be reviewed and merged back to the master in
> the next couple of weeks.
>
> Best Regards
> Soby Mathew
> --
> TF-M mailing list
> TF-M(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tf-m