Hi,
it seems we could try to be more consistent with fault handling.
The current default behaviour is:
Error code returned from an SPE function? Reboot.
MemFault/HardFault/SecureFault in the SPE? Halt.
Null-pointer dereference from the NSPE? (results in a secure fault for cortex-m) Halt.
Should we perhaps consistently halt or consistently reboot for these three cases
and allow this to be configurable?
It is not clear to me why an error returned from a function results in a reboot, whereas a Hardfault does not.
They both indicate a fault in the SPE.
At the very least the behaviour should be configurable, which this PR is a step towards:
https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/13839
Commit 27f9a49508547320c50056a52a372674c27771eb seems to have missed changing ns_agent_mailbox, breaking dual core. I'd send a patch, but I's not immediately obvious what it should look like...
Seems like a good change, but inadequately reviewed?
Chris Brand
Cypress Semiconductor (Canada), Inc.
An Infineon Technologies Company
Sr Prin Software Engr
CSCA CSS ICW SW PSW 1
Office: +1 778 234 0515
Chris.Brand(a)infineon.com<mailto:Chris.Brand@infineon.com>
International Place 13700
V6V 2X8 Richmond
Canada
www.infineon.com<www.cypress.com> www.cypress.com<http://www.cypress.com> Discoveries<http://www.infineon.com/discoveries> Facebook<http://www.facebook.com/infineon> Twitter<http://www.twitter.com/Infineon> LinkedIn<http://www.linkedin.com/company/infineon-technologies>
Part of your life. Part of tomorrow.
NOTICE: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material of Infineon Technologies AG and its affiliated entities which is for the exclusive use of the individual designated above as the recipient. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact immediately the sender by returning e-mail and delete the material from any computer. If you are not the specified recipient, you are hereby notified that all disclosure, reproduction, distribution or action taken on the basis of this message is prohibited.
Hi,
Let's cancel the forum tomorrow due to the empty agenda and the holiday time in Asia.
Best regards,
Anton
From: Anton Komlev via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Thursday, January 27, 2022 4:36 PM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: [TF-M] Technical Forum call - Feb 3
Hi,
The next Technical Forum is planned on Thursday, Feb 3, 7:00-8:00 UTC (Asia time zone).
Please reply on this email with your proposals for agenda topics.
This slot is in Chinese New Year celebration period so we can expect fewer participants from Asia.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi everyone,
I have a few questions related to TF-M code:
1. Default implementation of tfm_hal_system_reset(void) from platform/ext/common/tfm_platform.c<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…> just calls NVIC_SystemReset(), but some ARM platform, take musca_b1 for example, reimplement it (platform/ext/target/arm/musca_b1/sse_200/tfm_hal_platform.c<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…> ).
Custom implementations tend to also disable and clean IRQ and call mpc_revert_non_secure_to_secure_cfg();
Is there any benefits of doing that??? If so then what those benefits are?
1. tfm_core_panic() (secure_fw/spm/ffm/utilities.c<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/secure_fw/…>) when TFM_FIH_PROFILE_ON is defined calls fih_delay() and tfm_hal_system_reset() twice. Is this done to ensure that tfm_hal_system_reset() will be called (even if first one was skipped there is second one)? And if so, can a comment be added there to highlight that intention?
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
Hi,
The next Technical Forum is planned on Thursday, Feb 3, 7:00-8:00 UTC (Asia time zone).
Please reply on this email with your proposals for agenda topics.
This slot is in Chinese New Year celebration period so we can expect fewer participants from Asia.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi All,
Please do use the tf-m-tests version specified in TF-M CMake configs (TFM_TEST_REPO_VERSION in trusted-firmware-m/lib/ext/tf-m-tests/repo_config_default.cmake), otherwise there might be some unexpected build errors.
Please let us know if there is any problem.
Thanks,
Xinyu
Hi All,
TF-M Open CI is back to normal. Please feel free to use.
Thanks,
Xinyu
From: Xinyu Zhang
Sent: Monday, January 17, 2022 4:05 PM
To: TF-M mailing list <tf-m(a)lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com>
Subject: TF-M Open CI Not Stable Right Now
Hi All,
Sorry to inform you that TF-M Open CI is not stable right now. Jobs are likely to come into unexpected failure.
I'll keep following up with the latest information.
Sorry for any inconvenience!
Thanks,
Xinyu
