Hi All,
When I compile with GCC and Debug config (only Debug), process stops with
these errors:
[ 97%] Building C object
bl2/CMakeFiles/bl2.dir/__/platform/ext/target/stm/common/hal/accelerator/stm
.o
[ 98%] Linking C executable ../bin/bl2.axf
C:/Program Files (x86)/Arm GNU Toolchain arm-none-eabi/13.2
Rel1/bin/../lib/gcc/arm-none-eabi/13.2.1/../../../../arm-none-eabi/bin/ld.ex
e: address 0xc030fc4 of ../bin/bl2.axf section `.text' is not within region
`FLASH'
C:/Program Files (x86)/Arm GNU Toolchain arm-none-eabi/13.2
Rel1/bin/../lib/gcc/arm-none-eabi/13.2.1/../../../../arm-none-eabi/bin/ld.ex
e: ../bin/bl2.axf section `.ARM.exidx' will not fit in region `FLASH'
C:/Program Files (x86)/Arm GNU Toolchain arm-none-eabi/13.2
Rel1/bin/../lib/gcc/arm-none-eabi/13.2.1/../../../../arm-none-eabi/bin/ld.ex
e: address 0xc030fc4 of ../bin/bl2.axf section `.text' is not within region
`FLASH'
C:/Program Files (x86)/Arm GNU Toolchain arm-none-eabi/13.2
Rel1/bin/../lib/gcc/arm-none-eabi/13.2.1/../../../../arm-none-eabi/bin/ld.ex
e: section .BL2_NoHdp_Code LMA [0c02a000,0c02a5a7] overlaps section .text
LMA [0c014000,0c030fc3]
C:/Program Files (x86)/Arm GNU Toolchain arm-none-eabi/13.2
Rel1/bin/../lib/gcc/arm-none-eabi/13.2.1/../../../../arm-none-eabi/bin/ld.ex
e: region `FLASH' overflowed by 28620 bytes
Memory region Used Size Region Size %age Used
FLASH_NVMCNT: 32 B 8 KB 0.39%
FLASH: 118732 B 88 KB 131.76%
FLASH_NOHDP: 1448 B 8 KB 17.68%
FLASH_OTP: 756 B 4 KB 18.46%
FLASH_NVM: 32 B 8 KB 0.39%
RAM: 31624 B 63 KB 49.02%
collect2.exe: error: ld returned 1 exit status
make[5]: *** [bl2/CMakeFiles/bl2.dir/build.make:490: bin/bl2.axf] Error 1
make[4]: *** [CMakeFiles/Makefile2:1982: bl2/CMakeFiles/bl2.dir/all] Error 2
make[3]: *** [Makefile:136: all] Error 2
make[2]: *** [CMakeFiles/TF-M.dir/build.make:86:
temp/src/TF-M-stamp/TF-M-build] Error 2
make[1]: *** [CMakeFiles/Makefile2:83: CMakeFiles/TF-M.dir/all] Error 2
make: *** [Makefile:124: all] Error 2
Changing config to anything than Debug solves the issue, but along the way
there are some warnings, of which these three seems to be particularly
important:
tests_reg/build_spe/build-spe/lib/ext/mbedcrypto-src/include/mbedtls/ecp.h:3
65: warning: "MBEDTLS_ECP_MAX_BYTES" redefined
tests_reg/build_spe/build-spe/lib/ext/mbedcrypto-src/include/mbedtls/ecp.h:3
66: warning: "MBEDTLS_ECP_MAX_PT_LEN" redefined
trusted-firmware-m/bl2/ext/mcuboot/config/mcuboot-mbedtls-cfg.h:132:2:
warning: #warning "Use legacy driver API for BL2" [-Wcpp]
132 | #warning "Use legacy driver API for BL2"
When I try to compile with Clang compiler latest version 6.21, I immediately
get this error:
C:\Temp\tf-m\tf-m-tests\tests_reg>cmake --build build_spe -- install
[ 12%] Creating directories for 'TF-M'
[ 25%] No download step for 'TF-M'
[ 37%] No update step for 'TF-M'
[ 50%] No patch step for 'TF-M'
[ 62%] Performing configure step for 'TF-M'
loading initial cache file
C:/Temp/tf-m/tf-m-tests/tests_reg/build_spe/temp/tmp/TF-M-cache-Debug.cmake
-- Found Git: C:/Program Files/Git/cmd/git.exe (found version
"2.43.0.windows.1")
-- The C compiler identification is unknown
-- The CXX compiler identification is unknown
-- The ASM compiler identification is ARMClang
-- Found assembler: C:/Program
Files/ArmCompilerforEmbedded6.21/bin/armasm.exe
CMake Error at toolchain_ARMCLANG.cmake:190 (message):
Please select newer Arm compiler version starting from 6.13.
Call Stack (most recent call first):
CMakeLists.txt:50 (tfm_toolchain_reload_compiler)
-- Configuring incomplete, errors occurred!
make[2]: *** [CMakeFiles/TF-M.dir/build.make:92:
temp/src/TF-M-stamp/TF-M-configure] Error 1
make[1]: *** [CMakeFiles/Makefile2:83: CMakeFiles/TF-M.dir/all] Error 2
make: *** [Makefile:124: all] Error 2
Please advise,
Tomasz Jastrzębski
Hi Jamie,
thank you for the quick response! The culprit was indeed an MPU configuration that didn't comply with TF-M Isolation Level 2 requirements.
Regards,
Robert
Hello,
I am currently having an issue during TF-M initialization where a MemManage fault is being triggered during secure FW initialization (most likely when the SPM is initialized). It appears to be an error during unstacking/returning from an exception as the MUNSTKERR bit of the MMFSR register is set.
I receive the following exception context and exception frame when the error occurs:
__________________________________________________________
FATAL ERROR: MemManage fault
Here is some context for the exception:
EXC_RETURN (LR): 0xFFFFFFFD
Exception came from secure FW in thread mode.
xPSR: 0x20000004
MSP: 0x20000BF8
PSP: 0x20002518
MSP_NS: 0x20042DF8
PSP_NS: 0xFFFFFFFC
Exception frame at: 0x20002518
(Note that the exception frame may be corrupted for this type of error.)
R0: 0x00000000
R1: 0x00000000
R2: 0x00000000
R3: 0x00000000
R12: 0x00000000
LR: 0xFFFFFFFE
PC: 0x000358D1
xPSR: 0x01000000
CFSR: 0x00000008
BFSR: 0x00000000
BFAR: Not Valid
MMFSR: 0x00000008
MMFAR: Not Valid
UFSR: 0x00000000
HFSR: 0x00000000
SFSR: 0x00000000
SFAR: Not Valid
__________________________________________________________
Other Information:
- I am running Nordic Semiconductor's "tfm_psa_template" sample: https://developer.nordicsemi.com/nRF_Connect_SDK/doc/2.2.0/nrf/samples/tfm/…
- The Secure MPU is enabled (only the background region) before TF-M initialization begins
- Board: nRF5340dk
- TF-M Version: v1.8.0
- TF-M Isolation Level: 2
My questions are:
- What part of the TF-M FW could be the cause of this MemManage fault?
- Is there any way to solve this issue (such as a different TF-M configuration) so that TF-M will initialize properly?
Regards,
Robert Sari
Hi,
With every TFM release, I see that there is a memory footprint table<https://trustedfirmware-m.readthedocs.io/en/latest/releases/2.0.0.html#refe…> which is made available for the AN521 platform.
Are there any scripts available to run on the map file/other binaries to generate this table ? I would like to use the same for our platform and do some analysis.
Further question-
Why is there a tie up between the large profile with TFM isolation level 3 ? Is it a certification requirement ?
Regards,
Ruchika
Hi Antonio,
Thank you for your information, it is very helpful.
Best regards
Tao Li (William Lee)
Software Engineer @ Garmin
Mobile: +8618628138760
From: Antonio De Angelis via TF-M <tf-m(a)lists.trustedfirmware.org>
Reply-To: Antonio De Angelis <Antonio.DeAngelis(a)arm.com>
Date: Monday, January 1, 2024 at 06:58
To: "tf-m(a)lists.trustedfirmware.org" <tf-m(a)lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com>
Subject: [TF-M] Re: Are MCUs without internal flash not supported by TF-M?
CAUTION - EXTERNAL EMAIL: Do not click any links or open any attachments unless you trust the sender and know the content is safe.
Hi Torsten,
you can have a look at the design document for ITS which describes encryption in ITS for a generic introduction:
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/tfm/design_docs…<https://urldefense.com/v3/__https:/developer.nordicsemi.com/nRF_Connect_SDK…>
A platform supports ITS_ENCRYPTION=ON if it provides an implementation of the HAL functions as follows:
tfm_hal_its_aead_*
For the exact list of Nordic platforms that support this option I suggest to have a look directly in the Nordic Connect SDK. Probably any platform based on the 5340 would be able to support this option, but there might be other platforms as well which you would be able to use through the SDK itself.
Hope this helps.
Thanks, Antonio
________________________________
From: Labs, Torsten via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Saturday, December 30, 2023 14:51
To: Antonio De Angelis <Antonio.DeAngelis(a)arm.com>; Lee, William <William.Lee(a)garmin.com>; tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Subject: [TF-M] Re: Are MCUs without internal flash not supported by TF-M?
Hi antonio,
Thanks for those interesting news. Do you know on which Nordic platform supports encrypted ITS with TFM?
Regards
Torsten
________________________________
Von: Antonio De Angelis via TF-M <tf-m(a)lists.trustedfirmware.org>
Gesendet: Saturday, December 30, 2023 9:31:10 AM
An: Lee, William <William.Lee(a)garmin.com>; tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Betreff: [TF-M] Re: Are MCUs without internal flash not supported by TF-M?
Hi William,
The requirement on the storage is for it to be isolated, either physically or cryptographically, as you can read from the PSA security model [1].
TF-M initially supported only the isolated model in ITS (i.e. for internal flashes) but more recently it was added support for encrypted ITS, which I believe it can be used on one of the Nordic platforms already.
Hope this helps.
Thanks, Antonio
[1] Platform Security Model - PSA Certified https://www.psacertified.org/app/uploads/2021/12/JSADEN014_PSA_Certified_SM…<https://urldefense.com/v3/__https:/www.psacertified.org/app/uploads/2021/12…>
Sent from Outlook for Android<https://urldefense.com/v3/__https:/aka.ms/AAb9ysg__;!!EJc4YC3iFmQ!X1Zeo-qnf…>
________________________________
From: Lee, William via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Friday, December 29, 2023 5:53:50 AM
To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Subject: [TF-M] Are MCUs without internal flash not supported by TF-M?
Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M?
From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash.
Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontr…<https://urldefense.com/v3/__https:/www.nxp.com/products/processors-and-micr…>
Thank you!
Best regards
William Lee
Hi Torsten,
you can have a look at the design document for ITS which describes encryption in ITS for a generic introduction:
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/tfm/design_docs…
A platform supports ITS_ENCRYPTION=ON if it provides an implementation of the HAL functions as follows:
tfm_hal_its_aead_*
For the exact list of Nordic platforms that support this option I suggest to have a look directly in the Nordic Connect SDK. Probably any platform based on the 5340 would be able to support this option, but there might be other platforms as well which you would be able to use through the SDK itself.
Hope this helps.
Thanks, Antonio
________________________________
From: Labs, Torsten via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Saturday, December 30, 2023 14:51
To: Antonio De Angelis <Antonio.DeAngelis(a)arm.com>; Lee, William <William.Lee(a)garmin.com>; tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Subject: [TF-M] Re: Are MCUs without internal flash not supported by TF-M?
Hi antonio,
Thanks for those interesting news. Do you know on which Nordic platform supports encrypted ITS with TFM?
Regards
Torsten
________________________________
Von: Antonio De Angelis via TF-M <tf-m(a)lists.trustedfirmware.org>
Gesendet: Saturday, December 30, 2023 9:31:10 AM
An: Lee, William <William.Lee(a)garmin.com>; tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Betreff: [TF-M] Re: Are MCUs without internal flash not supported by TF-M?
Hi William,
The requirement on the storage is for it to be isolated, either physically or cryptographically, as you can read from the PSA security model [1].
TF-M initially supported only the isolated model in ITS (i.e. for internal flashes) but more recently it was added support for encrypted ITS, which I believe it can be used on one of the Nordic platforms already.
Hope this helps.
Thanks, Antonio
[1] Platform Security Model - PSA Certified https://www.psacertified.org/app/uploads/2021/12/JSADEN014_PSA_Certified_SM…
Sent from Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Lee, William via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Friday, December 29, 2023 5:53:50 AM
To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Subject: [TF-M] Are MCUs without internal flash not supported by TF-M?
Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M?
From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash.
Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontr…
Thank you!
Best regards
William Lee
Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M?
From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash.
Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontr…
Thank you!
Best regards
William Lee
Hello TF-A and TF-M communities,
I've done 2 minor updates to the generic tf.org project maintenance
process, which TF-A and TF-M both use. Please see the pull request here:
https://github.com/TrustedFirmware/tf_docs/pull/1
Please provide your feedback on the pull request, if any.
Happy end-of-year celebrations to all!
Best regards,
Sandrine
Hi all,
I have been working with FPU lately and I have a few questions regarding this topic:
Looks like there are 4 use cases of FPU usage:
FPU is used in
Use case number
SPE
NSPE
1
-
-
2
-
+
3
+
-
4
+
+
From https://tf-m-user-guide.trustedfirmware.org/integration_guide/tfm_fpu_suppo… my understanding is following:
1. If SPE and NSPE both does not use SPU (use case 1) then they both must be compiler with fp=soft?
2. consistent FP ABI types between SPE and NSPE must be used. So even if only one of SPE or NSPE (use cases 2 and 3) does not use FPU they both still must be compiler with fp=hard
Also if both SPE and NSPE use PFU then they both must be compiler with fp=hard
3. Even if FPU is not used by NSPE, NSPE still MUST enable CP10 an CP11? - Is this correct? Is it possible to enable FPU for SPE but don't enable CP10 and CP11 in NSPE?
So basically if either SPE or NSPE or both of them need to use FPU then both of them need to enable CP10 and CP11 and be compiled with fp=hard
Is my understanding correct? Inline comments are welcome.
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
Hi all,
From what I have seen, looks like __disable_irq() only disables non-secure interrupts when called from NSPE on ARM v8 arch.
Am I correct?
If so then how can I disable all interrupts (including secure interrupts) from NSPE? - We need this for critical section and other critical code.
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>