- TF-M - lists.trustedfirmware.org

Re: [TF-M] PSA Certification without PS?

by Shebu Varghese Kuriakose

Hi Andrej/Kevin, Pasting the ;Secure Storage' Security Function Requirement below from the PSA Certified Level2 Protection Profile* It doesn’t specifically mention Protected Storage and Internal Trusted Storage Service as a requirement. As long as the Target of Evaluation can prove that the confidentiality and integrity of assets in Secure Storage can be maintained, the requirement can be met. PSA defines Protected Storage (PS)** and Internal Trusted Storage (ITS)**. PS is meant to store larger data sets stored on external flash and ITS for device intimate data stored on chip flash storage. If the device doesn’t have an on chip flash storage, maybe it is still possible to just use PS implementation using external flash to ensure confidentiality and integrity of the secret assets on the platform. @Marcus Streets<mailto:Marcus.Streets@arm.com> – Could you please share your thought on this >>> 5.3 F.SECURE_STORAGE The TOE protects the confidentiality and integrity of assets in a secure storage. The secure storage is bound to the platform. Only the TOE can retrieve and modify assets from this secure storage. This security function mitigates T.STORAGE by preventing direct and unprotected access to assets. >>> Regards, Shebu * https://www.psacertified.org/app/uploads/2019/02/JSADEN002-PSA_Certified_Le… ** https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Im… -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: Thursday, November 28, 2019 7:50 AM To: Kevin Peng (Arm Technology China) <Kevin.Peng(a)arm.com> Cc: tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] PSA Certification without PS? Hi Kevin, So, platforms without internal flash memory, required by Internal Trusted Storage, may apply only for PSA L1. Right? Thank you for your clarification, Andrej Butok -----Original Message----- From: Kevin Peng (Arm Technology China) <Kevin.Peng(a)arm.com<mailto:Kevin.Peng@arm.com>> Sent: Thursday, November 28, 2019 5:14 AM To: Andrej Butok <andrey.butok(a)nxp.com<mailto:andrey.butok@nxp.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Cc: nd <nd(a)arm.com<mailto:nd@arm.com>> Subject: RE: [TF-M] PSA Certification without PS? A quick information: Internal Trusted Storage is mandatory by PSA for isolation level 2 and 3. Best Regards, Kevin -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Andrej Butok via TF-M Sent: Wednesday, November 27, 2019 7:32 PM To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Subject: [TF-M] PSA Certification without PS? Hello, Most probably, we will port TFM to a platform with TZ and external flash, BUT without internal flash. Is it possible to certify it for PSA L1 & L2 & Dev API, without Internal Trusted Storage service and its API? Do you see any issue? Thanks Andrej Butok -- TF-M mailing list TF-M(a)lists.trustedfirmware.org<mailto:TF-M@lists.trustedfirmware.org> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org<mailto:TF-M@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

4 years, 10 months

3
3
0 0

Re: [TF-M] PSA Certification without PS?

by Kevin Peng (Arm Technology China)

A quick information: Internal Trusted Storage is mandatory by PSA for isolation level 2 and 3. Best Regards, Kevin -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: Wednesday, November 27, 2019 7:32 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] PSA Certification without PS? Hello, Most probably, we will port TFM to a platform with TZ and external flash, BUT without internal flash. Is it possible to certify it for PSA L1 & L2 & Dev API, without Internal Trusted Storage service and its API? Do you see any issue? Thanks Andrej Butok -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

4 years, 10 months

2
1
0 0

Re: [TF-M] The svcall switch-case vs function table

by Anton Komlev

Hi Ken, all, Right, let's see the binary size of a prototype. Regarding TBB instruction, It's applied at the stage of binary generation, after source parsing and references resolution so it is irrelevant to the problem of dead references, I have mentioned. The best, Anton -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Ken Liu (Arm Technology China) via TF-M Sent: 22 November 2019 10:23 To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] The svcall switch-case vs function table Hi Anton, Thanks for the reminder. About code size, two points: - We saved code size for switch/case usage: switch(num) {case1:case2:} -> func_tbl[num].func(); - The compiler uses 'TBB' instruction, which is a function table already. So I think it should be okay; we can verify the code size after the prototype is available. BR /Ken -----Original Message----- From: Anton Komlev <Anton.Komlev(a)arm.com> Sent: Thursday, November 21, 2019 8:09 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com>; Ken Liu (Arm Technology China) <Ken.Liu(a)arm.com> Subject: RE: The svcall switch-case vs function table Hi Ken, All, Just a reminder of a side-effect of array-based function table. It creates unconditional reference to a function and blocks that function from removal during code size optimization. TF-M is quite sensitive to binary image size and we should be very careful to avoid its increase. This is a general comment on functions table, irrelevant to the patch, where I have no knowledge yet to comment. The best, Anton -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Ken Liu (Arm Technology China) via TF-M Sent: 14 November 2019 09:33 To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: [TF-M] The svcall switch-case vs function table Hi, I am trying to look at into the svcall logics and found if we keep using the switch/case would make it hard to abstract this logic for different configurations. Thinking to move this static defined svc codes into an array-based function table. The pros are, the svc code set for different configurations is configurable, we don't need any #ifdef inside the svc numbers but rely on the configuration provided svc headers, and these headers are used inside configuration logic. And the overall svcall logic does not need to know the exact number definition but just do a f[num].func() call. The cons... I think the only thing is table may be out of date and cause a potential problem? or some function has only <4 parameter but we have to define a f(a0,a1,a2,a3) type function and fill extra parameter as zeros? This won't improve the execution efficiency if the svc numbers are continuous since compiler uses 'TBB' to create a mapping table while processing switch/case, so we can skip this point while talking pros. Welcome to comment or propose patches for this. Thanks. /Ken -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

4 years, 10 months

1
0
0 0

PSA Certification without PS?

by Andrej Butok

Hello, Most probably, we will port TFM to a platform with TZ and external flash, BUT without internal flash. Is it possible to certify it for PSA L1 & L2 & Dev API, without Internal Trusted Storage service and its API? Do you see any issue? Thanks Andrej Butok

4 years, 10 months

1
0
0 0

Re: [TF-M] Coding guideline

by Anton Komlev

Hello, I do also support the move to loose the requirement of 80 columns. The real need is outdated and supported as a legacy style, making more trouble than help. The best, Anton -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Laurence Lundblade via TF-M Sent: 26 November 2019 21:12 To: Tamas Ban <Tamas.Ban(a)arm.com> Cc: nd <nd(a)arm.com>; tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] Coding guideline For line length I’m following these rules for t_cose <https://github.com/laurencelundblade/t_cose> - All comments blocks are 80 columns or less - 2% of code lines can be over 80 columns (1% is too few) - No lines over 120 columns I am much happier and think the code is much better by allowing 2% of code lines over 80 columns. I don’t have to make variable names short and obscure, break up if statements in unnatural places, break up for(;;) statements unnaturally and such. LL > On Nov 18, 2019, at 8:31 AM, Tamas Ban <Tamas.Ban(a)arm.com> wrote: > > Hi, > > I would like to open a conversation about TF-M coding guideline <https://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/coding_gui…>. I have these proposals: > Change the rule of the 80 character column width: > Max 80 characters length. > Column length is max 80 character in first place, but there are exceptions when length could be MAX 120 character: > Degrades code understandability: short, obscured variable names; > awkward line breaks Maximum 1% of the lines can exceed 80 charter length. > Might remove this rule, because in many cases we are not complaint with it. For example PSA Crypto API: > o Order function parameters so that input params are before output params. > o https://git.trustedfirmware.org/trusted-firmware-m.git/tree/interface/inclu… <https://git.trustedfirmware.org/trusted-firmware-m.git/tree/interface/inclu…> > > I’m interested in your opinions! Other rules also can be revisited! > > Tamas -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

4 years, 10 months

1
0
0 0

Re: [TF-M] Using git submodules for dependencies?

by Gyorgy Szing

Hi, Build environment provisioning (and dependency management) is a larger topic and sub-modules can only solve a small part of it. There is definitely room for improvement in this area, but as far as I can see sub-modules are a sub optimal answer. Some of the issues which came to my mind: 1. The user experience of sub-modules is sometimes quirky. For example it is a headache if you have to switch between branches where one of the branches does not have a specific sub-module. 2. With sub-modules you can not have complex dependencies. I.e.: when one platform needs a dependency and another not, or you need two version of a dependency, or a different version for two platforms. 3. It is easy to see on what the repo having the sub-module depends, but the other direction is not. It is hard to see what is using a module. 4. The validness of tests are limited if you use source code. Longer term it would be nice to allow using tested binaries of tf-m dependencies and sub-modules can not handle this need. 5. Flexibility. If we use sub-modules, then the version control and the dependency handling "layers" get bounded. For tf-m developers this might not be an issue but for integrators it can be. Can you please explain the problem you see a bit more? Zephyr is using cmake and you could use the External_project or the FetchContent module to get all needed dependencies. Also nothing really stops you to use sub-modules in the Zephyr repo to get tf-m and all it's dependencies. /George -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Kevin Townsend via TF-M Sent: 26 November 2019 19:23 To: Kumar Gala <kumar.gala(a)linaro.org> Cc: nd <nd(a)arm.com>; tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] Using git submodules for dependencies? Hi, I'm reviving an old thread (sorry, probably bad form), but we're running into this issue again now with Zephyr (and probably with FreeRTOS later) where we need to produce a TF-M 'module' got Zephyr that we can include in the zephyr github repo. With the current approach for TF-M, we will have to produce 5 forks of the 5 projects/dependencies, which seems superfluous versus a single 'master' TF-M repo with the four dependencies as sub-modules, and I can't see why technically this would be more of a challenge for end-users (you can even init the submodules at the same time you clone the parent TF-M repo so it's actually LESS work), and means a single repo where all of the dependency versions can change over time in sync with the various releases. I may be missing or misunderstanding an obvious technical drawback made earlier, but I haven't understand why submodules are less desirable than 1+4 independent repos both for TF-M and any projects on the RTOS side depending on it? Kevin On Wed, 10 Jul 2019 at 18:09, Kumar Gala via TF-M < tf-m(a)lists.trustedfirmware.org> wrote: > How would a git repo with some submodules preclude any of the things > you mentioned? I guess my initial thought is that there would be an “uber” > repo in which TFM, CMSIS and mbedcrypto would all be sub-modules. > > There’s also the option of using cmake ExternalProject ( > https://cmake.org/cmake/help/latest/module/ExternalProject.html?highli > ght=external > ) > > Or west > > https://pypi.org/project/west/ > > - k > > > On Jul 10, 2019, at 8:47 AM, Ashutosh Singh via TF-M < > tf-m(a)lists.trustedfirmware.org> wrote: > > > > Hi, > > > > Initial idea was to keep the external dependencies clearly visible > > (from > code auditability point of view). With submodule we can't checkout the > dependencies out of tree. Since the dependencies need to be checked > out only once it was considered acceptable nuisance, until you do a > pull and version of the dependencies have changed. > > 'repo' was considered as well, but repo tool doesn't work on > windows(last I checked). > > > > Thanks, > > Ashu > > > > -----Original Message----- > > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of > > Kumar > Gala via TF-M > > Sent: 10 July 2019 09:50 > > To: Andrej Butok <andrey.butok(a)nxp.com> > > Cc: tf-m(a)lists.trustedfirmware.org > > Subject: Re: [TF-M] Using git submodules for dependencies? > > > > There can always be a fork of the sources kept in TF-M repos to > > handle > the case of needing local modifications for some reason. > > > > - k > > > >> On Jul 10, 2019, at 3:48 AM, Andrej Butok via TF-M < > tf-m(a)lists.trustedfirmware.org> wrote: > >> > >> Hi Kevin, > >> > >> Only if 100% of the external project source code is used without > change. > >> Even if it is valid now, nobody will give you this guarantee in future. > >> > >> Regards, > >> Andrej > >> > >> -----Original Message----- > >> From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of > >> Kevin > Townsend via TF-M > >> Sent: Wednesday, July 10, 2019 10:41 AM > >> To: Thomas Törnblom via TF-M <tf-m(a)lists.trustedfirmware.org> > >> Subject: [TF-M] Using git submodules for dependencies? > >> > >> Hi, > >> > >> I'm currently working on integrating TF-M into Zephyr and getting > >> TF-M > working with QEMU. Part of that work is simplifying the setup and > build process to generate a TF-M secure library. > >> > >> Was the idea of git submodules for dependencies considered and rejected? > >> Using sub-modules would reduce the number of setup steps required, > >> and > pair external dependency versions with specific TF-M commits/releases. > >> > >> There may be a valid reason this approach was rejected, but it > >> seems > like a sensible option on the surface? > >> > >> Best regards, > >> Kevin Townsend > >> -- > >> TF-M mailing list > >> TF-M(a)lists.trustedfirmware.org > >> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flist > s.trustedfirmware.org%2Fmailman%2Flistinfo%2Ftf-m&data=02%7C01%7Ca > ndrey.butok%40nxp.com%7C04856a3b68604d01153208d705124e6a%7C686ea1d3bc2 > b4c6fa92cd99c5c301635%7C0%7C0%7C636983448498201722&sdata=IjOFM44xG > bA2Zgrj%2F2VSmHEYLuXvMzqS7HH6h7gekF4%3D&reserved=0 > >> -- > >> TF-M mailing list > >> TF-M(a)lists.trustedfirmware.org > >> https://lists.trustedfirmware.org/mailman/listinfo/tf-m > > > > -- > > TF-M mailing list > > TF-M(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > > -- > > TF-M mailing list > > TF-M(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

4 years, 10 months

1
0
0 0

Coding guideline

by Tamas Ban

Hi, I would like to open a conversation about TF-M coding guideline<https://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/coding_gui…>. I have these proposals: * Change the rule of the 80 character column width: * Max 80 characters length. * Column length is max 80 character in first place, but there are exceptions when length could be MAX 120 character: * Degrades code understandability: short, obscured variable names; awkward line breaks * Maximum 1% of the lines can exceed 80 charter length. * Might remove this rule, because in many cases we are not complaint with it. For example PSA Crypto API: o Order function parameters so that input params are before output params. o https://git.trustedfirmware.org/trusted-firmware-m.git/tree/interface/inclu… I'm interested in your opinions! Other rules also can be revisited! Tamas

4 years, 10 months

2
1
0 0

Re: [TF-M] Using git submodules for dependencies?

by Kevin Townsend

Hi, I'm reviving an old thread (sorry, probably bad form), but we're running into this issue again now with Zephyr (and probably with FreeRTOS later) where we need to produce a TF-M 'module' got Zephyr that we can include in the zephyr github repo. With the current approach for TF-M, we will have to produce 5 forks of the 5 projects/dependencies, which seems superfluous versus a single 'master' TF-M repo with the four dependencies as sub-modules, and I can't see why technically this would be more of a challenge for end-users (you can even init the submodules at the same time you clone the parent TF-M repo so it's actually LESS work), and means a single repo where all of the dependency versions can change over time in sync with the various releases. I may be missing or misunderstanding an obvious technical drawback made earlier, but I haven't understand why submodules are less desirable than 1+4 independent repos both for TF-M and any projects on the RTOS side depending on it? Kevin On Wed, 10 Jul 2019 at 18:09, Kumar Gala via TF-M < tf-m(a)lists.trustedfirmware.org> wrote: > How would a git repo with some submodules preclude any of the things you > mentioned? I guess my initial thought is that there would be an “uber” > repo in which TFM, CMSIS and mbedcrypto would all be sub-modules. > > There’s also the option of using cmake ExternalProject ( > https://cmake.org/cmake/help/latest/module/ExternalProject.html?highlight=e… > ) > > Or west > > https://pypi.org/project/west/ > > - k > > > On Jul 10, 2019, at 8:47 AM, Ashutosh Singh via TF-M < > tf-m(a)lists.trustedfirmware.org> wrote: > > > > Hi, > > > > Initial idea was to keep the external dependencies clearly visible (from > code auditability point of view). With submodule we can't checkout the > dependencies out of tree. Since the dependencies need to be checked out > only once it was considered acceptable nuisance, until you do a pull and > version of the dependencies have changed. > > 'repo' was considered as well, but repo tool doesn't work on > windows(last I checked). > > > > Thanks, > > Ashu > > > > -----Original Message----- > > From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Kumar > Gala via TF-M > > Sent: 10 July 2019 09:50 > > To: Andrej Butok <andrey.butok(a)nxp.com> > > Cc: tf-m(a)lists.trustedfirmware.org > > Subject: Re: [TF-M] Using git submodules for dependencies? > > > > There can always be a fork of the sources kept in TF-M repos to handle > the case of needing local modifications for some reason. > > > > - k > > > >> On Jul 10, 2019, at 3:48 AM, Andrej Butok via TF-M < > tf-m(a)lists.trustedfirmware.org> wrote: > >> > >> Hi Kevin, > >> > >> Only if 100% of the external project source code is used without > change. > >> Even if it is valid now, nobody will give you this guarantee in future. > >> > >> Regards, > >> Andrej > >> > >> -----Original Message----- > >> From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Kevin > Townsend via TF-M > >> Sent: Wednesday, July 10, 2019 10:41 AM > >> To: Thomas Törnblom via TF-M <tf-m(a)lists.trustedfirmware.org> > >> Subject: [TF-M] Using git submodules for dependencies? > >> > >> Hi, > >> > >> I'm currently working on integrating TF-M into Zephyr and getting TF-M > working with QEMU. Part of that work is simplifying the setup and build > process to generate a TF-M secure library. > >> > >> Was the idea of git submodules for dependencies considered and rejected? > >> Using sub-modules would reduce the number of setup steps required, and > pair external dependency versions with specific TF-M commits/releases. > >> > >> There may be a valid reason this approach was rejected, but it seems > like a sensible option on the surface? > >> > >> Best regards, > >> Kevin Townsend > >> -- > >> TF-M mailing list > >> TF-M(a)lists.trustedfirmware.org > >> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… > >> -- > >> TF-M mailing list > >> TF-M(a)lists.trustedfirmware.org > >> https://lists.trustedfirmware.org/mailman/listinfo/tf-m > > > > -- > > TF-M mailing list > > TF-M(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > > -- > > TF-M mailing list > > TF-M(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-m > > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m >

4 years, 10 months

1
0
0 0

Design proposal for enabling byte-aligned flash devices.

by Minos Galanakis

Hi all, I have recently submitted the following design proposal, currently under review, which is aimed at enabling byte-aligned flash devices on TF-M https://review.trustedfirmware.org/c/trusted-firmware-m/+/2392 Any feedback, suggestions would be greatly appreciated. Regards, Minos Galanakis

4 years, 10 months

1
0
0 0

Re: [TF-M] [RFC] Re-organize the TF-M platform folder structure

by David Hu (Arm Technology China)

Hi Qixiang, It is a very reasonable suggestion. I will write it down as a further improvement. Thanks a lot. Best regards, Hu Ziji -----Original Message----- From: Qixiang Xu (Arm Technology China) Sent: Tuesday, November 26, 2019 2:18 PM To: David Hu (Arm Technology China) <David.Hu(a)arm.com>; Edison Ai (Arm Technology China) <Edison.Ai(a)arm.com>; Andrei Narkevitch <Andrei.Narkevitch(a)cypress.com>; tf-m(a)lists.trustedfirmware.org. Cc: nd <nd(a)arm.com> Subject: RE: [RFC] Re-organize the TF-M platform folder structure Hi David, When we add a platform into the TF-M, we need modify the top makefile to add it into build the system build, maybe we can consider to fix this issue at the same time. My proposal has changed a little from your proposal: ├── ext │ ├── arm │ │ ├── common │ │ │ └── arm_common.c │ │ ├── mps2 │ │ │ ├── an519 │ │ │ │ ├── an519.c │ │ │ │ └── plat.cmake │ │ │ ├── an521 │ │ │ │ ├── an521.c │ │ │ │ └── plat.cmake │ │ │ ├── an539 │ │ │ │ ├── an539.c │ │ │ │ └── plat.cmake │ │ │ ├── mps2.cmake │ │ │ └── mps2_common.c │ │ ├── mps3 │ │ │ ├── an524 │ │ │ │ ├── an524.c │ │ │ │ └── plat.cmake │ │ │ ├── mps3.cmake │ │ │ └── mps3_common.c │ │ └── musca │ │ ├── a │ │ │ ├── a.c │ │ │ └── plat.cmake │ │ ├── b1 │ │ │ ├── b1.c │ │ │ └── plat.cmake │ │ ├── musca.cmake │ │ ├── musca_common.c │ │ └── s1 │ │ ├── plat.cmake │ │ └── s1.c │ └── vendor1 │ ├── board1 │ │ ├── board1.cmake │ │ ├── board1_common.c │ │ ├── var1 │ │ │ ├── plat.cmake │ │ │ └── var1.c │ │ └── var2 │ │ ├── plat.cmake │ │ └── var2.c │ ├── board2 │ │ ├── board1.cmake │ │ ├── board1_common.c │ │ ├── var1 │ │ │ ├── plat.cmake │ │ │ └── var1.c │ │ └── var2 │ │ ├── plat.cmake │ │ └── var2.c │ └── common │ └── vendor1_common.c In the different vendor, we have different boards and the board have different variants, so the plat.cmake can include the boardx.cmake and the boardx.cmake can include the vendorx.cmake. To build the TF-M, we change the command line from PLAT=xxxx to PLAT=vendorX/boardY/varZ. The top makefile finds the plat.cmake from the platform directory with PLAT variable which passed by command line. So we don't need touch the top makefile when we add a new platform. Thanks. Best Regards, Qixiang Xu -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of David Hu (Arm Technology China) via TF-M Sent: Tuesday, November 26, 2019 11:05 AM To: Edison Ai (Arm Technology China) <Edison.Ai(a)arm.com>; Andrei Narkevitch <Andrei.Narkevitch(a)cypress.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] [RFC] Re-organize the TF-M platform folder structure Hi Edison, IMO, `target` folder is still required to separate the platforms from common files and drivers. Best regards, Hu Ziji -----Original Message----- From: Edison Ai (Arm Technology China) <Edison.Ai(a)arm.com> Sent: Monday, November 25, 2019 11:48 AM To: David Hu (Arm Technology China) <David.Hu(a)arm.com>; Andrei Narkevitch <Andrei.Narkevitch(a)cypress.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: RE: [RFC] Re-organize the TF-M platform folder structure Hi David, Support the idea to support more different platforms and common drivers. One suggestion for your proposal, is it necessary to add the "target" folders? It looks like we can short the folder depth. What about this? Platform |-- ext | |--Partner ABC | | |-- *common drivers and files* | | |-- target_abc_1 | | | |-- target_abc_1.cmake | | |-- target_abc_2 | | | |-- Partner XYZ | | |-- *common drivers and files* | | |-- target_xyz_1 | | | |-- target_xyz_1.cmake | | |-- target_xyz_2 | |-- ... |--include Thanks, Edison -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of David Hu (Arm Technology China) via TF-M Sent: Monday, November 25, 2019 10:33 AM To: Andrei Narkevitch <Andrei.Narkevitch(a)cypress.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] [RFC] Re-organize the TF-M platform folder structure Hi Andrei, Thanks a lot for the positive feedback. Adding another common layer for all the partners sounds similar to Andrej's proposal. In my very own opinion, currently CMSIS can cover the general arch features. The general multi-core mailbox code is kept in TF-M Core. But I won't be surprised if additional common features should be extracted and kept under platform folder. Apparently, we need more partners/platforms on TF-M to specify the requirements. I'd suggest that we can discuss the additional common part as another topic in a separated email thread. Best regards, Hu Ziji -----Original Message----- From: Andrei Narkevitch <Andrei.Narkevitch(a)cypress.com> Sent: Saturday, November 23, 2019 3:49 AM To: David Hu (Arm Technology China) <David.Hu(a)arm.com> Cc: nd <nd(a)arm.com> Subject: RE: [RFC] Re-organize the TF-M platform folder structure Hi David, I support this idea as it is a quick and easy solution for the growing list of supported platforms. Perhaps, I would also add another common layer in platform/ext/target to keep platform code that can be reused by other partners in their platforms - for the multicore mailbox code, for example. Thanks, Andrei -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of David Hu (Arm Technology China) via TF-M Sent: Tuesday, November 19, 2019 7:20 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: [TF-M] [RFC] Re-organize the TF-M platform folder structure Hi all, I'd like to propose to adjust the platform folder structure. Would you please check the details below and share your opinions? Any suggestion or feedback will be very helpful. In current platform folder structure, all the targets are listed together at the same level under `target` folder. Platform |-- ext |-- . |-- target_xxx.cmake |-- . |-- target_zzz.cmake |-- target |-- mps2 |-- musca_a |-- . A drawback is that, there are many duplicated files in those targets folders. It may become difficult to maintain the target support when targets, platforms, drivers and features continue growing. - A platform may have a series of variants. If each variant target folder has to contain a copy of platform drivers or library, it is difficult to align and maintain the duplicated drivers. - All targets belonging to the same platform contain the duplicated common operation files or configurations, such as HUK, NV counter and platform configurations. A small change has to be applied to multiple identical files. To solve the duplicated files management issue, I'd propose to insert partner folders under `target` and move the targets under the partner folder. The proposed structure looks like the following: Z` The ideas behind the proposal: - It is more close to the platform support structure in popular RTOSs. It can be more convenient for partners to port platform support to TF-M from existing projects. - Common drivers and operations implementations can be gathered into partner/platform specific folder. Thus each partner/platform folder doesn't have to hold a duplicated copy. - It is easier for partners to fully organize and maintain their platform folders with full permission. More layers can be added under a specific partner folder, such as diverse platforms. - Put the target specific cmake config file back into the target folder. It can make the `platform` folder much more clear. Best regards, Hu Ziji -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m This message and any attachments may contain confidential information from Cypress or its subsidiaries. If it has been received in error, please advise the sender and immediately delete this message. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

4 years, 10 months

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

TF-M