Hi Poppy,
For IPC Model, the initializations of Secure Partitions (entry_point) are also subject to scheduling.
In your example, when ps_init() calls crypto services it will be blocked and SPM emit a signal to Crypto and triggers scheduler (This is the same behavior as when a SP calls any service after initialization.)
Let's assume the Crypto Partition has not been initialized.
Then when the Crypto Partition is scheduled to run (it is not guaranteed this happens right after ps_init() calls Crypto services), it will initialize first and then start to handle signals (see the entry_point function).
The request from ps_init() then will be handled.
For Library Model, I think initialization happens when the first time any service is called.
Best Regards,
Kevin
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Edward Yang via TF-M
Sent: Friday, July 30, 2021 11:43 AM
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] question about the init sequence of tf-m secure partitions
Hi experts,
I want to know how to define the init sequence of secure partitions in tf-m. For example, PS partition may have dependency on crypto service, if PS_ENCRYPTION defined ,ps_init() needs calling crypto services, so I think crypto_init()should be done before ps_init().
Best Regards,
Poppy Wu
Macronix Microelectronics (Suzhou) Co.,Ltd
http://www.mxic.com.cn<http://www.mxic.com.cn/>
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi Jan,
This behavior is not encouraged in TF-M, as Firmware Framework does not allow such an scenario.
But if you are working on a simple secure library with Trustzone-M you can try to use CMSE API to do that.
Please tell us more details if you are using TF-M, sounds like you are trying to avoid blocking in the SPE.
Thanks.
/Ken
-----Original Message-----
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Jan Hoogerbrugge via TF-M
Sent: Thursday, July 29, 2021 2:07 PM
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] Calling an NSPE function from a secure partition
Hi,
Is it possible/allowed to call a function in NSPE from a secure partition using the GCC Cortex M Security Extensions (CMSE)? If NSPE and SPE are on different cores then it is definitely not working but in my case they are on the same M33 core.
If it is possible then I would like to call a semaphore P operation in the RTOS that might block. Will that work?
Regards,
Jan.
--
TF-M mailing list
TF-M(a)lists.trustedfirmware.org
https://lists.trustedfirmware.org/mailman/listinfo/tf-m
Hi
I want to introduce my recently work to you about TF-M test configuration refinement in the tech forum on August 5th. It may take 15-20 minutes.
Best Regards
Jianliang Shen
发件人: Summer Qin <Summer.Qin(a)arm.com>
发送时间: 02 August 2021 10:57
收件人: Anton Komlev <Anton.Komlev(a)arm.com>
抄送: Jianliang Shen <Jianliang.Shen(a)arm.com>
主题: Re: Technical Forum call - August 5
________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> on behalf of Anton Komlev via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>
Sent: Wednesday, July 28, 2021 7:23 PM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: [TF-M] Technical Forum call - August 5
Hi,
The next Technical Forum is planned on Thursday, August 5, 15:00-16:00 UTC (US time zone).
Please reply on this email with your proposals for agenda topics.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi experts,
I want to know how to define the init sequence of secure partitions in
tf-m. For example, PS partition may have dependency on crypto service, if
PS_ENCRYPTION defined ,ps_init() needs calling crypto services, so I think
crypto_init()should be done before ps_init().
Best Regards,
Poppy Wu
Macronix Microelectronics (Suzhou) Co.,Ltd
http://www.mxic.com.cn
============================================================================
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi Chris,
Yes, the following crypto tests are failed as known issue.
Tests related with psa_mac_xxx are failed because of a mbedtls issue:https://github.com/ARMmbed/mbedtls/issues/4755
psa_hash_suspend() and psa_hash_resume() have not supported in TF-M and Mbed TLS currently, so test 262 and 263 will fail.
We will publish PSA Arch Crypto Test Failure Analysis In TF-M V1.4 Release note.
It's welcome to feedback any special or strange failure test case to us if you met.
Best Regards,
Summer
________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> on behalf of chris.brand--- via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Tuesday, July 27, 2021 11:18 PM
To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Subject: Re: [TF-M] TF-M v1.4.0 release started
We ran the regression test suite on PSoC64.
We did see some failures in the PSA Arch crypto tests:
TEST: 226 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_sign_setup
TEST: 227 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_update
TEST: 228 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_sign_finish
TEST: 229 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_verify_setup
TEST: 230 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_verify_finish
TEST: 262 | DESCRIPTION: Testing crypto hash functions APIs | UT: psa_hash_suspend
TEST: 263 | DESCRIPTION: Testing crypto hash functions APIs | UT: psa_hash_resume
This is consistent between Debug/Release and gcc/armclang.
Do we know whether the PSA Arch Crypto tests are passing on other platforms?
Chris
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: Monday, July 26, 2021 1:50 AM
To: tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: Re: [TF-M] TF-M v1.4.0 release started
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informati…>.
Hi,
All TF-M repositories are updated with TF-Mv1.4.0-RC2 tag.
The changes are minimal and shall not invalidate the tests, already done.
Please use this tag for new tests and report any issues found by the end of July 30.
Thanks and good luck,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: Wednesday, July 21, 2021 11:25 AM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: [TF-M] TF-M v1.4.0 release started
Hi,
All TF-M repositories are tagged with TF-Mv1.4.0-RC1 tag.
Code is frozen now for the release candidate testing. Note that changes to other repositories are still possible during that time.
Please use this tag for your tests and report any issues found by the end of July 30.
Thanks and good luck,
Anton
Hi Kevin,
Thank you for your reply. It turned out to be the configuration problems
of this peripheral.
Best Regards,
Poppy Wu
Kevin Peng via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent by: "TF-M" <tf-m-bounces(a)lists.trustedfirmware.org>
2021/07/28 13:58
Please respond to
Kevin Peng <Kevin.Peng(a)arm.com>
To
Edward Yang <EdwardYang(a)mxic.com.cn>
cc
"tf-m(a)lists.trustedfirmware.org" <tf-m(a)lists.trustedfirmware.org>
Subject
Re: [TF-M] spi peripheral doesn't work in secure world
Hi Poppy,
Mmio_regions is required for Secure Partitions to access peripherals, even
though in some cases it would work without mmio_regions declaration.
Could you please provide more information such as what’s your build
configuration and what’s the type of your Secure Partition?
Have you put the driver codes into the Secure Partition’s library in the
TF-M build system? Are you seeing any exceptions or errors?
Best Regards,
Kevin
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Edward
Yang via TF-M
Sent: Wednesday, July 28, 2021 11:23 AM
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] spi peripheral doesn't work in secure world
Hi experts,
We are running Arm TF-M on stm32l562e_dk board, and we add a new secure
partition based on TF-M architecture according to our specific
application.In this new secure partition ,spi peripheral is used to
communicate with a external spi nor flash.
If we just test the spi driver in non-secure world(without tf-m),it works
well.
Then we put this driver in secure world,it's a plarform driver used by
this new secure partition,and we have configured the spi peripheral as
secure peripheral in gtzc_init_cfg() inside tfm_core_init().
We used a logic analyzer to debug, and found there was no spi
communication waveform, it seems that this peripheral doesn't work in
secure world,. We didn't declare this new partition's dependency on spi
peripheral in its manifest files with mmio_regions. And I am not sure
whether this is why the spi peripheral doesn't work. Is there anything
else that we should pay attention to?
Best Regards,
Poppy Wu
Macronix Microelectronics (Suzhou) Co.,Ltd
http://www.mxic.com.cn
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information
and/or personal data, which is protected by applicable laws. Please be
reminded that duplication, disclosure, distribution, or use of this e-mail
(and/or its attachments) or any part thereof is prohibited. If you receive
this e-mail in error, please notify us immediately and delete this mail as
well as its attachment(s) from your system. In addition, please be
informed that collection, processing, and/or use of personal data is
prohibited unless expressly permitted by personal data protection laws.
Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================--
TF-M mailing list
TF-M(a)lists.trustedfirmware.org
https://lists.trustedfirmware.org/mailman/listinfo/tf-m
============================================================================
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi Chris,
Please check the PSA Arch Crypto test failure analysis<https://developer.trustedfirmware.org/w/tf_m/release/psa_arch_crypto_test_f…> for TF-M 1.4 release. The data comes from an521 and musca_b1/sse_200 platforms.
Please feel free to contact us if you have any questions : )
Best Regards,
Summer
________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> on behalf of Anton Komlev via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Wednesday, July 28, 2021 4:34 PM
To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com>
Subject: Re: [TF-M] TF-M v1.4.0 release started
Hi,
All TF-M repositories are updated with TF-Mv1.4.0-RC3 tag.
There were no code change so assume all completed tests are still valid.
Please use this tag for new tests and report any issues found by the end of July 30.
Thanks,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Summer Qin via TF-M
Sent: Wednesday, July 28, 2021 8:22 AM
To: tf-m(a)lists.trustedfirmware.org; Chris.Brand(a)infineon.com
Cc: nd <nd(a)arm.com>
Subject: Re: [TF-M] TF-M v1.4.0 release started
Hi Chris,
Yes, the following crypto tests are failed as known issue.
Tests related with psa_mac_xxx are failed because of a mbedtls issue:https://github.com/ARMmbed/mbedtls/issues/4755
psa_hash_suspend() and psa_hash_resume() have not supported in TF-M and Mbed TLS currently, so test 262 and 263 will fail.
We will publish PSA Arch Crypto Test Failure Analysis In TF-M V1.4 Release note.
It's welcome to feedback any special or strange failure test case to us if you met.
Best Regards,
Summer
________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> on behalf of chris.brand--- via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>
Sent: Tuesday, July 27, 2021 11:18 PM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>
Subject: Re: [TF-M] TF-M v1.4.0 release started
We ran the regression test suite on PSoC64.
We did see some failures in the PSA Arch crypto tests:
TEST: 226 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_sign_setup
TEST: 227 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_update
TEST: 228 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_sign_finish
TEST: 229 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_verify_setup
TEST: 230 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_verify_finish
TEST: 262 | DESCRIPTION: Testing crypto hash functions APIs | UT: psa_hash_suspend
TEST: 263 | DESCRIPTION: Testing crypto hash functions APIs | UT: psa_hash_resume
This is consistent between Debug/Release and gcc/armclang.
Do we know whether the PSA Arch Crypto tests are passing on other platforms?
Chris
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: Monday, July 26, 2021 1:50 AM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: Re: [TF-M] TF-M v1.4.0 release started
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informati…>.
Hi,
All TF-M repositories are updated with TF-Mv1.4.0-RC2 tag.
The changes are minimal and shall not invalidate the tests, already done.
Please use this tag for new tests and report any issues found by the end of July 30.
Thanks and good luck,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: Wednesday, July 21, 2021 11:25 AM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: [TF-M] TF-M v1.4.0 release started
Hi,
All TF-M repositories are tagged with TF-Mv1.4.0-RC1 tag.
Code is frozen now for the release candidate testing. Note that changes to other repositories are still possible during that time.
Please use this tag for your tests and report any issues found by the end of July 30.
Thanks and good luck,
Anton
Hi,
Is it possible/allowed to call a function in NSPE from a secure
partition using the GCC Cortex M Security Extensions (CMSE)? If NSPE
and SPE are on different cores then it is definitely not working but
in my case they are on the same M33 core.
If it is possible then I would like to call a semaphore P operation in
the RTOS that might block. Will that work?
Regards,
Jan.
Hi,
The next Technical Forum is planned on Thursday, August 5, 15:00-16:00 UTC (US time zone).
Please reply on this email with your proposals for agenda topics.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi,
All TF-M repositories are updated with TF-Mv1.4.0-RC3 tag.
There were no code change so assume all completed tests are still valid.
Please use this tag for new tests and report any issues found by the end of July 30.
Thanks,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Summer Qin via TF-M
Sent: Wednesday, July 28, 2021 8:22 AM
To: tf-m(a)lists.trustedfirmware.org; Chris.Brand(a)infineon.com
Cc: nd <nd(a)arm.com>
Subject: Re: [TF-M] TF-M v1.4.0 release started
Hi Chris,
Yes, the following crypto tests are failed as known issue.
Tests related with psa_mac_xxx are failed because of a mbedtls issue:https://github.com/ARMmbed/mbedtls/issues/4755
psa_hash_suspend() and psa_hash_resume() have not supported in TF-M and Mbed TLS currently, so test 262 and 263 will fail.
We will publish PSA Arch Crypto Test Failure Analysis In TF-M V1.4 Release note.
It's welcome to feedback any special or strange failure test case to us if you met.
Best Regards,
Summer
________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> on behalf of chris.brand--- via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>
Sent: Tuesday, July 27, 2021 11:18 PM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>
Subject: Re: [TF-M] TF-M v1.4.0 release started
We ran the regression test suite on PSoC64.
We did see some failures in the PSA Arch crypto tests:
TEST: 226 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_sign_setup
TEST: 227 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_update
TEST: 228 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_sign_finish
TEST: 229 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_verify_setup
TEST: 230 | DESCRIPTION: Testing crypto MAC APIs | UT: psa_mac_verify_finish
TEST: 262 | DESCRIPTION: Testing crypto hash functions APIs | UT: psa_hash_suspend
TEST: 263 | DESCRIPTION: Testing crypto hash functions APIs | UT: psa_hash_resume
This is consistent between Debug/Release and gcc/armclang.
Do we know whether the PSA Arch Crypto tests are passing on other platforms?
Chris
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: Monday, July 26, 2021 1:50 AM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: Re: [TF-M] TF-M v1.4.0 release started
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informati…>.
Hi,
All TF-M repositories are updated with TF-Mv1.4.0-RC2 tag.
The changes are minimal and shall not invalidate the tests, already done.
Please use this tag for new tests and report any issues found by the end of July 30.
Thanks and good luck,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M
Sent: Wednesday, July 21, 2021 11:25 AM
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: [TF-M] TF-M v1.4.0 release started
Hi,
All TF-M repositories are tagged with TF-Mv1.4.0-RC1 tag.
Code is frozen now for the release candidate testing. Note that changes to other repositories are still possible during that time.
Please use this tag for your tests and report any issues found by the end of July 30.
Thanks and good luck,
Anton
