Hello,
I am currently developing TF-M on the RDV3R1 S/W platform, and I would like
to report a potential issue observed during runtime with the
integrity_checker_compute_value() function in BL2.
Problem Description:
Inside the integrity_checker_compute_value() function, the iccva register
is set to the address of either the value or temp_val variable, as shown in
the example below.
enum integrity_checker_error_t integrity_checker_compute_value(struct
integrity_checker_dev_t *dev,
enum
integrity_checker_mode_t mode,
const
uint32_t *data, size_t size,
uint32_t
*value, size_t value_size,
size_t
*value_len)
{
volatile uint32_t __ALIGNED(INTEGRITY_CHECKER_REQUIRED_ALIGNMENT)
temp_val[INTEGRITY_CHECKER_OUTPUT_SIZE_SHA256 / sizeof(uint32_t)] =
{0};
volatile uint32_t *value_ptr = value;
struct _integrity_checker_reg_map_t* p_integrity_checker =
(struct _integrity_checker_reg_map_t*)dev->cfg->base;
enum integrity_checker_error_t err;
uint32_t iccval = 0;
err = check_mode_is_supported(dev, mode, true);
if (err != INTEGRITY_CHECKER_ERROR_NONE) {
return err;
}
if (value_size < mode_sizes[mode]) {
FATAL_ERR(INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_BUFFER_TOO_SMALL);
return INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_BUFFER_TOO_SMALL;
}
if (((uintptr_t)data % INTEGRITY_CHECKER_REQUIRED_ALIGNMENT) != 0) {
FATAL_ERR(INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_INVALID_ALIGNMENT);
return INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_INVALID_ALIGNMENT;
}
if ((size % INTEGRITY_CHECKER_REQUIRED_ALIGNMENT) != 0) {
FATAL_ERR(INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_INVALID_LENGTH);
return INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_INVALID_LENGTH;
}
if (((uintptr_t)value % INTEGRITY_CHECKER_REQUIRED_ALIGNMENT) != 0) {
value_ptr = temp_val;
}
init_integrity_checker(dev, &iccval);
/* Set algorithm */
iccval |= (mode & 0b111) << 1;
/* Set to compute mode */
iccval |= 1 << 4;
/* Configure input data. Size is in words */
p_integrity_checker->icda = remap_addr(dev, (uintptr_t)data);
p_integrity_checker->icdl = size / INTEGRITY_CHECKER_REQUIRED_ALIGNMENT;
/* Set output address */
p_integrity_checker->iccva = remap_addr(dev, (uintptr_t)value_ptr);
/* Start integrity checker */
iccval |= 1;
p_integrity_checker->icc = iccval;
/* Poll for any interrupts */
while(!p_integrity_checker->icis) {}
/* Check for any unusual error interrupts */
if (p_integrity_checker->icis & (~0b11)) {
FATAL_ERR(INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_OPERATION_FAILED);
return INTEGRITY_CHECKER_ERROR_COMPUTE_VALUE_OPERATION_FAILED;
}
if (value_ptr != value) {
for (int idx = 0; idx < mode_sizes[mode] / sizeof(uint32_t); idx++)
{
value[idx] = value_ptr[idx];
}
}
if (value_len != NULL) {
*value_len = mode_sizes[mode];
}
return INTEGRITY_CHECKER_ERROR_NONE;
}
static void init_integrity_checker(struct integrity_checker_dev_t *dev,
uint32_t *iccval)
{
struct _integrity_checker_reg_map_t* p_integrity_checker =
(struct _integrity_checker_reg_map_t*)dev->cfg->base;
/* Set MatchTriggerDisable, as it is mandatory. */
*iccval |= 1 << 5;
/* Set EncompvalOut so the integrity checker writes the value pointer in
* compute mode.
*/
*iccval |= 1 << 6;
*iccval |= (IC_APROT_SECURE_PRIVILEGED & 0b11) << 7;
*iccval |= (IC_APROT_SECURE_PRIVILEGED & 0b11) << 9;
/* Disable all alarms */
p_integrity_checker->icae = 0;
/* Enable and clear all interrupts */
p_integrity_checker->icie = 0xFF;
p_integrity_checker->icic = 0xFF;
}
The issue arises because the memory areas pointed to by value and temp_val
are cacheable (e.g., located in the vm0 memory region, which is configured
as cacheable).
As a result, even though the integrity checker writes the output data to
the physical address of value or temp_val, the CPU cache is not updated,
and this leads to stale data being read later in software, resulting in
runtime errors.
Expected Behavior:
Ideally, the memory region used for integrity checker output should either
be:
Non-cacheable, or
Explicitly synchronized (e.g., cache invalidated or cleaned) after the
integrity checker operation.
Could you please confirm whether this is a known issue, and advise on the
recommended way to handle integrity checker outputs with respect to cache
settings?
Thank you.
JK Park
Hello, I'm a RSE firmware developer for Arm Neoverse V3 core.
I tried to build with argument MCUBOOT_ENC_IMAGES, MCUBOOT_ENCRYPT_RSA, and MCUBOOT_USE_PSA_CRYPTO for RSE PE encryption.
In this process, I encountered an error during build TF-M using the repo for tag:RD-INFRA-2025.07.03.
It seems that linking problem, and I found out that the error occurred while configuring BL2.
However, that's all. Can anyone help me?
Below log is in my terminal output.
p.s. If I reached wrong site, please forgive me and teach me a right one.
cmake --build build --target bl2
[ 0%] Built target manifest_tool
[ 0%] Built target bl2_scatter
[ 10%] Built target bl2_cc3xx_psa_driver_api
[ 31%] Built target bl2_cc3xx
[ 68%] Built target platform_bl2
[ 78%] Built target bl2_crypto
[ 94%] Built target bootutil
[ 94%] Linking C executable ../bin/bl2.axf
/home/gth1919/gcc-arm-none-eabi/bin/../lib/gcc/arm-none-eabi/10.3.1/../../../../arm-none-eabi/bin/ld: ext/mcuboot/bootutil/libbootutil.a(encrypted.o): in function `bootutil_rsa_oaep_decrypt':
/TF_M/build/lib/ext/mcuboot-src/boot/bootutil/include/bootutil/crypto/rsa.h:107: undefined reference to `psa_asymmetric_decrypt'
Memory region Used Size Region Size %age Used
FLASH: 80356 B 126 KB 62.28%
RAM: 35360 B 896 KB 3.85%
collect2: error: ld returned 1 exit status
gmake[3]: *** [bl2/CMakeFiles/bl2.dir/build.make:222: bin/bl2.axf] Error 1
gmake[2]: *** [CMakeFiles/Makefile2:2661: bl2/CMakeFiles/bl2.dir/all] Error 2
gmake[1]: *** [CMakeFiles/Makefile2:2668: bl2/CMakeFiles/bl2.dir/rule] Error 2
gmake: *** [Makefile:520: bl2] Error 2
HP.
Mail.
010-6768-7791
gth1919(a)adtek.co.kr
Application Platform Group김태훈 연구원
(주)에이디테크놀로지
(16512) 경기도 수원시 영통구 광교중앙로248번길 7-8
Web. http://www.adtek.co.kr
Hi everyone,
We would like to propose the deprecation of the following two TF-M platforms:
1. Musca-S1 (Arm)
Musca-S1 was one of the earliest platforms featuring an Armv8-M silicon implementation, providing a valuable real hardware target for initial development. However, with the availability of many modern hardware platforms, Musca-S1 is no longer essential and can be deprecated.
2. BL5340_dvk_cpuapp (Laird Connectivity)
This platform was initially proposed for deprecation at the end of 2023. Support activity has been minimal, and it closely mirrors the already-supported nRF5340 platform from Nordic Semiconductor.
Please share any comments or objections regarding this proposal. If no major concerns are raised by the end of June 2025, we plan to mark these platforms as deprecated and proceed with their removal from the codebase.
Thank you,
Anton
Hi All,
We have recently undergone a migration of our Gerrit server and are seeing some issues.
One such change appears to be that https://review.trustedfirmware.org/TF-M/trusted-firmware-m no longer resolves to https://review.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m. So please use the latter link if that is what you wish to access.
This is causing a large slow-down on the CI causing jobs to not be run.
These issues are being actively worked on and we hope all will be back up and running normally soon.
If you have any questions or related issues please feel free to respond to this chain.
Thank you for your patience,
Matt
Hi
When compiling with IAR bxarm 9.7.1 i get the following linker errors:
cmake -S . -B cmake_build -DTFM_PLATFORM=arm/mps2/an521 -DTFM_TOOLCHAIN_FILE=toolchain_IARARM.cmake
cmake --build cmake_build -- install
[25/31] Linking C executable bin/tfm_s.axf
Warning[Li065]: duplicate file: "/home/ubuntu/import/source/trusted-firmware-m/
cmake_build/platform/libplatform_s.a"
Warning[Li065]: duplicate file: "/home/ubuntu/import/source/trusted-firmware-m/
cmake_build/secure_fw/partitions/lib/runtime/libtfm_sprt.a"
Warning[Li065]: duplicate file: "/home/ubuntu/import/source/trusted-firmware-m/
cmake_build/secure_fw/spm/libtfm_spm.a"
In the build.ninja file you can see that all those libraries are includes twice.
LINK_LIBRARIES = platform/libplatform_s.a secure_fw/partitions/lib/runtime/libtfm_sprt.a secure_fw/spm/libtfm_spm.a secure_fw/partitions/internal_trusted_storage/libtfm_psa_rot_partition_its.a secure_fw/partitions/platform/libtfm_psa_rot_partition_platform.a platform/libplatform_s.a secure_fw/partitions/lib/runtime/libtfm_sprt.a secure_fw/spm/libtfm_spm.a secure_fw/partitions/internal_trusted_storage/libtfm_psa_rot_partition_its.a secure_fw/partitions/platform/libtfm_psa_rot_partition_platform.a
Is there a reason this is not resolved or this just the way Cmake works?
Is there an easy way to resolve this on the platform level?
I used the an521 as a template to create my platform.
In my platform this list grows with every feature I activate:
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/platform/libplatform_s.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/lib/runtime/libtfm_sprt.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/spm/libtfm_spm.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/platform/libplatform_crypto_keys.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/crypto/mbedcrypto/library/libmbedcrypto.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/crypto/libtfm_psa_rot_partition_crypto.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/internal_trusted_storage/libtfm_psa_rot_partit
ion_its.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/platform/libtfm_psa_rot_partition_platform.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/firmware_update/libtfm_psa_rot_partition_fwu.a
"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/lib/runtime/libtfm_sp_log.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/platform/libplatform_s.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/lib/runtime/libtfm_sprt.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/spm/libtfm_spm.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/platform/libplatform_crypto_keys.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/crypto/mbedcrypto/library/libmbedcrypto.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/crypto/libtfm_psa_rot_partition_crypto.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/internal_trusted_storage/libtfm_psa_rot_partit
ion_its.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/platform/libtfm_psa_rot_partition_platform.a"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/firmware_update/libtfm_psa_rot_partition_fwu.a
"
Warning[Li065]: duplicate file: "/home/source/trusted-firmware-m/cmake_buil
d/secure_fw/partitions/lib/runtime/libtfm_sp_log.a"
If possible, I want to build without warnings.
Thanks for your help
Kind regards,
Nico
Hello,
I just recently found out that there's a concept of key ownership in TF-M
(e.g., if a new secure partition creates a key and returns the key handle
to NSPE, NSPE can't export it even if the key is config-ed to be exportable
-- the key can only be used by the owner).
My question is: is this design based on PSA or specific to just TF-M
implementation?
Thank you in advance,
--
Oak Norrathep
--
ศูนย์กลางการศึกษานานาชาติ มุ่งสู่ความเป็นเลิศทางวิชาการของอาเซียน
International education hub towards ASEAN’s academic excellence
Hi TF-M community,
When I am trying to build TF-M regression test for 2.2.x release, I sets the tf-m-tests repo version to recommended TF-Mv2.1.2-RC2. The tf-m-tests tests_reg/spe/CMakeLists.txt has following line:
install(FILES ${CONFIG_TFM_SOURCE_PATH}/lib/ext/qcbor/q_useful_buf.h
DESTINATION ${CMAKE_BINARY_DIR}/api_ns/qcbor/inc)
However, release 2.2.x https://git.trustedfirmware.org/plugins/gitiles/TF-M/trusted-firmware-m.git… has removed q_useful_buf.h. Therefore, causing a build error.
Is there anything I am missing. Any help would be appreciated.
Best regards,
Hao
Dear whoever that may concern,
I am trying to build TF-M with release/2.1.x. The first error I see when cloning mbedcrypto is
Cloning into 'mbedcrypto-src'...
remote: Enumerating objects: 31188, done.
remote: Counting objects: 100% (31188/31188), done.
remote: Compressing objects: 100% (15898/15898), done.
remote: Total 31188 (delta 24658), reused 20224 (delta 15043), pack-reused 0 (from 0)
Receiving objects: 100% (31188/31188), 35.81 MiB | 4.89 MiB/s, done.
Resolving deltas: 100% (24658/24658), done.
fatal: invalid reference: f985bee
CMake Error at mbedcrypto-subbuild/mbedcrypto-populate-prefix/tmp/mbedcrypto-populate-gitclone.cmake:40 (message):
Failed to checkout tag: 'f985bee'
I therefore change the GIT_SHALLOW to FALSE, and it builds. However, another build error come up when applying patches for mbedcrypto.
Checking patch library/psa_crypto.c...
Checking patch library/psa_crypto_driver_wrappers.h...
error: library/psa_crypto_driver_wrappers.h: No such file or directory
Checking patch library/psa_crypto_driver_wrappers_no_static.c...
error: library/psa_crypto_driver_wrappers_no_static.c: No such file or directory
I did checkout commit f985bee and find in fact there is no psa_crypto_driver_wrappers.h. Is it possible that the commit hash is incorrect?
Best regards,
Hao
This email keeps the event up to date in your calendar.
TF-M Tech forum
Every 4 weeks from 8am to 9am on Thursday
Mountain Standard Time - Phoenix
Location
https://linaro-org.zoom.us/j/95570795742?pwd=N21YWHJpUjZyS3Fzd0tkOG9hanpidz…https://www.google.com/url?q=https%3A%2F%2Flinaro-org.zoom.us%2Fj%2F9557079…
This is an open forum for anyone to participate and it is not restricted to
Trusted Firmware project members. It will operate under the guidance of the
TF TSC.Feel free to forward it to colleagues.Details of previous meetings
are
here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/==…
Info====Trusted Firmware is inviting you to a scheduled Zoom meeting.Topic:
TF-M Tech forum - US Time Zone FriendlyTime: Oct 29, 2020 03:00 PM
Greenwich Mean Time Every 4 weeks on Thu, until
Mar 18, 2021, 6 occurrence(s) Oct 29, 2020 03:00
PM Nov 26, 2020 03:00 PM
Dec 24, 2020 03:00 PM Jan 21, 2021 03:00
PM Feb 18, 2021 03:00 PM
Mar 18, 2021 03:00 PMPlease download and import the following
iCalendar (.ics) files to your calendar system.Weekly:
https://linaro-org.zoom.us/meeting/tJEocOmvpz4tHtYu0Wvn2fOsG91u0kv_ECPd/ics…
Zoom
Meetinghttps://linaro-org.zoom.us/j/95570795742?pwd=N21YWHJpUjZyS3Fzd0tkOG9hanpidz09Meeting
ID: 955 7079 5742Passcode: 177658One tap mobile+12532158782,,95570795742#
US (Tacoma)+13462487799,,95570795742# US (Houston)Dial by your
location +1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 669 900 9128 US (San Jose) +1 301 715
8592 US (Germantown) +1 312 626 6799 US
(Chicago) +1 646 558 8656 US (New York)
877 853 5247 US Toll-free
888 788 0099 US Toll-freeMeeting ID: 955 7079 5742Find your local number:
https://linaro-org.zoom.us/u/abx3I7IoRq
Guests
Don Harbin - creator
anton.komlev(a)arm.com
abdelmalek.omar1(a)gmail.com
kevin.townsend(a)linaro.org
seth(a)nxmlabs.com
leonardo.sandoval(a)linaro.org
Joanna Farley
tf-m(a)lists.trustedfirmware.org
~~//~~
Invitation from Google Calendar: https://calendar.google.com/calendar/
You are receiving this email because you are an attendee on the event.
Forwarding this invitation could allow any recipient to send a response to
the organizer, be added to the guest list, invite others regardless of
their own invitation status, or modify your RSVP.
Learn more https://support.google.com/calendar/answer/37135#forwarding
This email keeps the event up to date in your calendar.
TF-M Tech forum
Every 4 weeks from 8am to 9am on Thursday from Thursday Aug 31, 2023 to
Wednesday Jun 4
Mountain Standard Time - Phoenix
Location
https://linaro-org.zoom.us/j/95570795742?pwd=N21YWHJpUjZyS3Fzd0tkOG9hanpidz…https://www.google.com/url?q=https%3A%2F%2Flinaro-org.zoom.us%2Fj%2F9557079…
This is an open forum for anyone to participate and it is not restricted to
Trusted Firmware project members. It will operate under the guidance of the
TF TSC.Feel free to forward it to colleagues.Details of previous meetings
are
here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/==…
Info====Trusted Firmware is inviting you to a scheduled Zoom meeting.Topic:
TF-M Tech forum - US Time Zone FriendlyTime: Oct 29, 2020 03:00 PM
Greenwich Mean Time Every 4 weeks on Thu, until
Mar 18, 2021, 6 occurrence(s) Oct 29, 2020 03:00
PM Nov 26, 2020 03:00 PM
Dec 24, 2020 03:00 PM Jan 21, 2021 03:00
PM Feb 18, 2021 03:00 PM
Mar 18, 2021 03:00 PMPlease download and import the following
iCalendar (.ics) files to your calendar system.Weekly:
https://linaro-org.zoom.us/meeting/tJEocOmvpz4tHtYu0Wvn2fOsG91u0kv_ECPd/ics…
Zoom
Meetinghttps://linaro-org.zoom.us/j/95570795742?pwd=N21YWHJpUjZyS3Fzd0tkOG9hanpidz09Meeting
ID: 955 7079 5742Passcode: 177658One tap mobile+12532158782,,95570795742#
US (Tacoma)+13462487799,,95570795742# US (Houston)Dial by your
location +1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 669 900 9128 US (San Jose) +1 301 715
8592 US (Germantown) +1 312 626 6799 US
(Chicago) +1 646 558 8656 US (New York)
877 853 5247 US Toll-free
888 788 0099 US Toll-freeMeeting ID: 955 7079 5742Find your local number:
https://linaro-org.zoom.us/u/abx3I7IoRq
Guests
Don Harbin - creator
anton.komlev(a)arm.com
abdelmalek.omar1(a)gmail.com
kevin.townsend(a)linaro.org
seth(a)nxmlabs.com
leonardo.sandoval(a)linaro.org
Joanna Farley
tf-m(a)lists.trustedfirmware.org
~~//~~
Invitation from Google Calendar: https://calendar.google.com/calendar/
You are receiving this email because you are an attendee on the event.
Forwarding this invitation could allow any recipient to send a response to
the organizer, be added to the guest list, invite others regardless of
their own invitation status, or modify your RSVP.
Learn more https://support.google.com/calendar/answer/37135#forwarding
