- TF-M - lists.trustedfirmware.org

Re: [TF-M] Regression observed in PSA Crypto after Mbed TLS upgrade to 2.25

by David Hu

Hi Alexander, Thanks for reporting this issue. Can I ask for more details of the failures? * What's the build configuration on PSoC 64 with PSA Arch test? * What's the version of TF-M? Have you tried the latest one in master branch? * What's the version of PSA Arch test? * Can you share more log of the failure test case? Thanks. Best regards, Hu Ziji From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Alexander.Moore--- via TF-M Sent: Tuesday, March 23, 2021 6:42 AM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Regression observed in PSA Crypto after Mbed TLS upgrade to 2.25 Hello, After "28659c49 Crypto: Upgrade Mbed TLS to 2.25" we see the following 7 PSA Crypto test failures on PSoC64 which were passing before this commit: TEST: 206 TEST: 207 TEST: 208 TEST: 211 TEST: 237 TEST: 243 TEST: 244 Are these failures expected? As far as we can tell, there is nothing else to be done associated with the 2.25 upgrade, i.e. the build automatically pulls 2.25 down, and there are no corresponding commits to psa-arch-tests to support the upgrade or any other changes necessary. Thanks, Alex

5 years, 3 months

2
1
0 0

Re: [TF-M] Armclang linker alignement question

by Kevin Peng

Hi Michel, Quote from the armlink user guide: ALIGN on an execution region causes both the load address and execution address to be aligned. This can result in padding being added to the ELF file. To align only the execution address, use the AlignExpr expression on the base address. So I guess the alignment on execution regions (TFM_UNPRIV_CODE) overrides the alignment of the Load Region. And the fix is easy - as the user guide suggests - use AlignExpr In you case, could you try: +0 ALIGN 0x2000 -> AlignExpr(+0, 0x2000) Best Regards, Kevin From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Michel JAOUEN via TF-M Sent: Tuesday, March 16, 2021 10:33 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Armclang linker alignement question Hello, This question is relative to linker script with Compiler armclang 'V6.14' (For the other toolchain IAR , GNUARM ,it works ) I need to place code aligned to flash PAGE SIZE (0x2000 or 8192) to be able to set hardware protection. As follow , here is the description of the issue. With a Linker file having the following value for Code placement LR_CODE 0x0c024400 0x20000 { ER_TFM_CODE 0x0c024400 { *.o (RESET +First) * (+RO) } TFM_UNPRIV_CODE +0 ALIGN 0x2000 { stm32u5xx_hal*.o (+RO) tick.o (+RO) *(SFN) *armlib* } } We get the following error : Build started: Project: Project_s *** Using Compiler 'V6.14', folder: 'C:\Keil_v5\ARM\ARMCLANG\Bin' Build Project 'Project_s' - Target xxxxxxxxxxx _TFM_Appli_S' linking... xxxxxxxxxxx_S\Exe\Project.axf: Error: L6244E: Load region LR_CODE address (0x0c024400) not aligned on a 8192 byte boundary. Not enough information to list image symbols. Finished: 1 information, 0 warning and 1 error messages. " xxxxxxxxxxx _S\Exe\Project.axf" - 1 Error(s), 0 Warning(s). Target not created. Build Time Elapsed: 00:00:03 If we change the linker file as follow : LR_CODE 0x0c024400 0x20000 { ER_TFM_CODE 0x0c024400 { *.o (RESET +First) * (+RO) } TFM_UNPRIV_CODE +0 ALIGN 0x400 { stm32u5xx_hal*.o (+RO) tick.o (+RO) *(SFN) *armlib* } } No Error is reported. Is this an known issue with ARMCLANG ? Best Regards .

5 years, 3 months

2
5
0 0

Regression observed in PSA Crypto after Mbed TLS upgrade to 2.25

by Alexander.Moore＠infineon.com

Hello, After "28659c49 Crypto: Upgrade Mbed TLS to 2.25" we see the following 7 PSA Crypto test failures on PSoC64 which were passing before this commit: TEST: 206 TEST: 207 TEST: 208 TEST: 211 TEST: 237 TEST: 243 TEST: 244 Are these failures expected? As far as we can tell, there is nothing else to be done associated with the 2.25 upgrade, i.e. the build automatically pulls 2.25 down, and there are no corresponding commits to psa-arch-tests to support the upgrade or any other changes necessary. Thanks, Alex

5 years, 3 months

1
0
0 0

TF-M v1.3.0 Release Candidate 1 is ready

by Anton Komlev

Hi, All TF-M repositories are tagged with TF-Mv1.3.0-RC1 tag. Code is frozen for the release candidate testing. Please use this tag for your tests and report any issues found by the end of April 2. The best, Anton

5 years, 3 months

1
0
0 0

TF-M at Linaro Connect 2021

by Anton Komlev

Hello, This is the list of TF-M related sessions on Linaro Virtual Connect 2021 https://connect.linaro.org/schedule/ * 23/3 @ 17:15 Introducing the Trusted Services project - Julian Hall * 23/3 @ 18:30 Physical Attack Mitigation - Tamas Ban, Raef Coles * 24/3 @ 9:45 Firmware update service in TF-M - Sherry Zhang * 24/3 @ 10:45 Firmware Framework - M 1.1 feature update in TF-M - Ken Liu * 25/3 @ 12:45 X.509 Certificate Management with Zephyr/TF-M - David Vincze * 25/3 @ 13:15 Essential ARM Cortex-M Debugging with GDB - Kevin Townsend Cheers, Anton

5 years, 3 months

1
0
0 0

Re: [TF-M] Static analysic checking & reporting - inquiry about interest

by Karl Zhang

Hi Ioannis, Thanks for the suggestions. There are already a lot of info from Anton and Leonardo, I would like to clarify from: * The static check is applied to the CI per-patch job, it will feedback to the Gerrit review of each patch, this has been enabled per the recent mail, attached. * Coverity scan daily, and upload the result, https://scan.coverity.com/projects/trusted-firmware-m-35b064f0-65c2-4afb-9b… BR Karl From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Leonardo Sandoval via TF-M Sent: 2021年3月17日 23:15 To: Anton Komlev <Anton.Komlev(a)arm.com<mailto:Anton.Komlev@arm.com>> Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Subject: Re: [TF-M] Static analysic checking & reporting - inquiry about interest Hi Anton & Ioannis, Karl's presentation goes in detail but I just want to highlight that TF-M (and also TF-A) are two type of static checks: [1] Project related static checks & cppcheck executed per-patch [2] Coverity scan, executed daily For 1, other project-related static checks can be included. For 2, coverity scan coverage is about 42 % so one community effort would be to increase it and cover mode code. In order to increase the latter, 'coverity needs to compile more code', which means that more platforms/parameters should be taken into account. Check this file [3] in case you want to participate in this effort. [1] https://ci.trustedfirmware.org/job/tf-m-static/ [2] https://ci.trustedfirmware.org/job/tf-m-coverity/ [3] https://git.trustedfirmware.org/ci/tf-m-ci-scripts.git/tree/script/tf-cover… On Wed, 17 Mar 2021 at 05:31, Anton Komlev via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>> wrote: Hi Ioannis, Thanks for bringing up the important topic up. Believe Karl will comment the details of it in TF-M but you could be interested watch his presentation on Tech Forum from Feb 4th. https://www.trustedfirmware.org/docs/tech_forum_20210204_TF-M_openCI_static… Forum records are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ And yes, the check we have now is not enough so any improvements are welcome. Hope it helps, Anton From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Glaropoulos, Ioannis via TF-M Sent: Wednesday, March 17, 2021 11:15 AM To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Subject: [TF-M] Static analysic checking & reporting - inquiry about interest Hi everyone, I would like to ask whether there is an interest in the Project for integrating static code analysis tools with the rest of CI, on the TF-M code base. To the best of my knowledge, this is not available today. In short, a simple process would involve maintaining and running static analysis checking (e.g. using Coverity or any other licensed tool) in nightly/weekly/etc. CI runs, reporting the found issues in the Project, triaging them, and tracking the progress of fixing the issues that are identified as real bugs. Has this topic been raised already in the Project? If not, is this something the project members would consider adding as part of the TF-M Project QA/release process? Thanks! Ioannis Glaropoulos Nordic Semiconductor -- TF-M mailing list TF-M(a)lists.trustedfirmware.org<mailto:TF-M@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-m

5 years, 3 months

1
0
0 0

Re: [TF-M] Technical Forum call - March 18

by Anton Komlev

The agenda for the forum tomorrow: 1. Upcoming changes in Secure Partition Manager (SPM) 2. AOB Thanks, Anton From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Ken Liu via TF-M Sent: Tuesday, March 16, 2021 8:20 AM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] Technical Forum call - March 18 Hi, I would introduce the upcoming SPM changes in general. Assume it is a big topic so 40 mins are needed. /Ken From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Anton Komlev via TF-M Sent: Thursday, March 11, 2021 12:56 AM To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Cc: nd <nd(a)arm.com<mailto:nd@arm.com>> Subject: [TF-M] Technical Forum call - March 18 Hello, The next Technical Forum is planned on Thursday, March 18 at 15:00-16:00 UTC (US time zone). Please reply on this email with your proposals for agenda topics. Recording and slides of previous meetings are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ Best regards, Anton

5 years, 3 months

1
0
0 0

Re: [TF-M] Static analysic checking & reporting - inquiry about interest

by Leonardo Sandoval

Hi Anton & Ioannis, Karl's presentation goes in detail but I just want to highlight that TF-M (and also TF-A) are two type of static checks: [1] Project related static checks & cppcheck executed per-patch [2] Coverity scan, executed daily For 1, other project-related static checks can be included. For 2, coverity scan coverage is about 42 % so one community effort would be to increase it and cover mode code. In order to increase the latter, 'coverity needs to compile more code', which means that more platforms/parameters should be taken into account. Check this file [3] in case you want to participate in this effort. [1] https://ci.trustedfirmware.org/job/tf-m-static/ [2] https://ci.trustedfirmware.org/job/tf-m-coverity/ [3] https://git.trustedfirmware.org/ci/tf-m-ci-scripts.git/tree/script/tf-cover… On Wed, 17 Mar 2021 at 05:31, Anton Komlev via TF-M < tf-m(a)lists.trustedfirmware.org> wrote: > Hi Ioannis, > > > > Thanks for bringing up the important topic up. Believe Karl will comment > the details of it in TF-M but you could be interested watch his > presentation on Tech Forum from Feb 4th. > > > https://www.trustedfirmware.org/docs/tech_forum_20210204_TF-M_openCI_static… > > Forum records are here: > > https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ > > > > And yes, the check we have now is not enough so any improvements are > welcome. > > > > Hope it helps, > > Anton > > > > > > *From:* TF-M <tf-m-bounces(a)lists.trustedfirmware.org> *On Behalf Of *Glaropoulos, > Ioannis via TF-M > *Sent:* Wednesday, March 17, 2021 11:15 AM > *To:* tf-m(a)lists.trustedfirmware.org > *Subject:* [TF-M] Static analysic checking & reporting - inquiry about > interest > > > > Hi everyone, > > > > I would like to ask whether there is an interest in the Project for > integrating static code analysis tools with the rest of CI, on the TF-M > code base. To the best of my knowledge, this is not available today. In > short, a simple process would involve maintaining and running static > analysis checking (e.g. using Coverity or any other licensed tool) in > nightly/weekly/etc. CI runs, reporting the found issues in the Project, > triaging them, and tracking the progress of fixing the issues that are > identified as real bugs. Has this topic been raised already in the Project? > If not, is this something the project members would consider adding as part > of the TF-M Project QA/release process? > > > > Thanks! > > Ioannis Glaropoulos > > Nordic Semiconductor > > > > > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m >

5 years, 3 months

1
0
0 0

Re: [TF-M] Static analysic checking & reporting - inquiry about interest

by Anton Komlev

Hi Ioannis, Thanks for bringing up the important topic up. Believe Karl will comment the details of it in TF-M but you could be interested watch his presentation on Tech Forum from Feb 4th. https://www.trustedfirmware.org/docs/tech_forum_20210204_TF-M_openCI_static… Forum records are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ And yes, the check we have now is not enough so any improvements are welcome. Hope it helps, Anton From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Glaropoulos, Ioannis via TF-M Sent: Wednesday, March 17, 2021 11:15 AM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Static analysic checking & reporting - inquiry about interest Hi everyone, I would like to ask whether there is an interest in the Project for integrating static code analysis tools with the rest of CI, on the TF-M code base. To the best of my knowledge, this is not available today. In short, a simple process would involve maintaining and running static analysis checking (e.g. using Coverity or any other licensed tool) in nightly/weekly/etc. CI runs, reporting the found issues in the Project, triaging them, and tracking the progress of fixing the issues that are identified as real bugs. Has this topic been raised already in the Project? If not, is this something the project members would consider adding as part of the TF-M Project QA/release process? Thanks! Ioannis Glaropoulos Nordic Semiconductor

5 years, 3 months

1
0
0 0

Static analysic checking & reporting - inquiry about interest

by Glaropoulos, Ioannis

Hi everyone, I would like to ask whether there is an interest in the Project for integrating static code analysis tools with the rest of CI, on the TF-M code base. To the best of my knowledge, this is not available today. In short, a simple process would involve maintaining and running static analysis checking (e.g. using Coverity or any other licensed tool) in nightly/weekly/etc. CI runs, reporting the found issues in the Project, triaging them, and tracking the progress of fixing the issues that are identified as real bugs. Has this topic been raised already in the Project? If not, is this something the project members would consider adding as part of the TF-M Project QA/release process? Thanks! Ioannis Glaropoulos Nordic Semiconductor

5 years, 3 months

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-M