- TF-M - lists.trustedfirmware.org

Adding platform support for ArmChina Alcor AN557 MPS3 board

by jidong.mei＠armchina.com

Hi I'm working on Adding Platform support for ArmChina Alcor AN557 MPS3 FPGA board . The code has been passed tfm_regression_test on AN557 fpga image and now submit to TF-M git repo. See: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/27267 Could you have a code review on these code ? Any comments and suggestion are welcomed. Thank you! B,R Jidong

9 months, 1 week

1
0
0 0

New TF-M maintainer

by Anton Komlev

Hi Everyone, I am glad to announce the new maintainer of TF-M project: * Antonio de Angelis aka adeaarm Antonio.deAngelis(a)arm.com><mailto:Antonio.deAngelis@arm.com%3e%60> Antonio was with TF-M from the very beginning being one of the project founders. Thank you, Antonio, for agreeing to maintain the project. All the best, Anton

9 months, 1 week

1
0
0 0

Image verification by 'untrusted client'

by Tomasz Jastrzębski

Is TFM-M currently able to verify the signature of the image downloaded by the 'untrusted client'? I mean, are there needed methods exposed to 'untrusted app'? If so, what methods need to be used? Kind regards, Tomasz

9 months, 1 week

1
0
0 0

tf-m main branch (latest commit) compiler error ,when build regression_test for corstone300/an547

by jidong.mei＠armchina.com

Hi I encounter a compile error , with latest main branch tf-m code. Code version : "commit 66c8eada12737f5cf6818ea84739f30ca275437d (HEAD -> main, origin/main, origin/HEAD) Author: Raef Coles <raef.coles(a)arm.com>" Build targert : corstone300/an547 regression_test Build command : cmake -S spe -B build_spe -DTFM_PLATFORM=arm/mps3/corstone300/an547 -DCONFIG_TFM_SOURCE_PATH=<tf-m_path> -DTFM_TOOLCHAIN_FILE=<tf-m_path>/toolchain_GNUARM.cmake -DTEST_S=ON -DTEST_NS=ON -DCMAKE_BUILD_TYPE=Debug & cmake --build build_spe -- install (these command fellow the build_test documentation : https://tf-m-user-guide.trustedfirmware.org/building/tests_build_instructio…) Compile error : "trusted-firmware-m/platform/ext/target/arm/mps3/corstone300/an547/cmsis_drivers/Driver_Flash.c:23:10: fatal error: tfm_hal_device_header.h: No such file or directory #include "tfm_hal_device_header.h" " Could you help to fix this issue. B,R Jidong

9 months, 2 weeks

3
2
0 0

ITS encryption

by Quach, Brian

Hi, It appears that ITS encryption would be required for PSA Certified Level 3. I'm seeing that this would required a platform specific HAL implementation. Is there some reason PSA Crypto APIs were not used like they were for attestation? Encryption in ITS ================= The ITS can optionally be configured to encrypt the internal trusted storage data. To support encryption in ITS the target platform must provide an implementation of the APIs defined in ``platform/include/tfm_hal_its_encryption.h``:: enum tfm_hal_status_t tfm_hal_its_aead_generate_nonce(uint8_t *nonce, const size_t nonce_size); enum tfm_hal_status_t tfm_hal_its_aead_encrypt( struct tfm_hal_its_auth_crypt_ctx *ctx, const uint8_t *plaintext, const size_t plaintext_size, uint8_t *ciphertext, const size_t ciphertext_size, uint8_t *tag, const size_t tag_size); enum tfm_hal_status_t tfm_hal_its_aead_decrypt( struct tfm_hal_its_auth_crypt_ctx *ctx, const uint8_t *ciphertext, const size_t ciphertext_size, uint8_t *tag, const size_t tag_size, uint8_t *plaintext, const size_t plaintext_size); Regards, Brian Quach SimpleLink MCU Texas Instruments Inc. 12500 TI Blvd, MS F-4000 Dallas, TX 75243 214-479-4076

9 months, 3 weeks

3
5
0 0

Build without re-downloading packages?

by Tomasz Jastrzębski

Hi All, Since ST platform seems to be supported only passively, I try to adapt tf-m for the new ST U5Axx and U5Gxx MPUs with 4MB flash on my own. It does not come easy since some things are hardcoded and new HAL version is required while breaking HAL changes have been introduced, but this is not the reason why I make this post. Is there any easy way, I mean, some cmake switch, which would allow for a full rebuild without redownloading the required packages? Since clean rebuild from scratch takes time and I need to do it frequently while my Internet connection currently is not super-fast and stable such option would be the most helpful. Kind regards, Tomasz

9 months, 4 weeks

2
1
0 0

Re: Attest token v2.0 in psa-arch-tests

by Maulik Patel

Hello Bohdan The PSA token spec v2.0 is still in draft and hence is not yet supported by the psa-arch-tests. I am not aware of the specific plan/timelines, but could you please contact psa-arch-tests team to know details? Best Regards, Maulik ________________________________ From: tf-m-request(a)lists.trustedfirmware.org <tf-m-request(a)lists.trustedfirmware.org> Sent: 27 February 2024 12:00 AM To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org> Subject: TF-M Digest, Vol 64, Issue 12 Send TF-M mailing list submissions to tf-m(a)lists.trustedfirmware.org To subscribe or unsubscribe via email, send a message with subject or body 'help' to tf-m-request(a)lists.trustedfirmware.org You can reach the person managing the list at tf-m-owner(a)lists.trustedfirmware.org When replying, please edit your Subject line so it is more specific than "Re: Contents of TF-M digest..." Today's Topics: 1. Re: Attest token v2.0 in psa-arch-tests (Bohdan.Hunko(a)infineon.com) ---------------------------------------------------------------------- Message: 1 Date: Mon, 26 Feb 2024 10:50:38 +0000 From: <Bohdan.Hunko(a)infineon.com> Subject: [TF-M] Re: Attest token v2.0 in psa-arch-tests To: <tf-m(a)lists.trustedfirmware.org> Cc: Kostiantyn.Tkachov(a)infineon.com, Roman.Mazurak(a)infineon.com, Hennadiy.Kytsun(a)infineon.com Message-ID: <be7dcff9aa504e3f894b7f4fd263512d(a)infineon.com> Content-Type: multipart/alternative; boundary="_000_be7dcff9aa504e3f894b7f4fd263512dinfineoncom_" Hi all, Any updates on this? Regards, Bohdan Hunko Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com> From: Bohdan.Hunko--- via TF-M <tf-m(a)lists.trustedfirmware.org> Sent: Monday, February 19, 2024 15:24 To: tf-m(a)lists.trustedfirmware.org Cc: Tkachov Kostiantyn (CSS ICW SW FW) <Kostiantyn.Tkachov(a)infineon.com>; Mazurak Roman (CSS ICW SW FW 3) <Roman.Mazurak(a)infineon.com>; Kytsun Hennadiy (CSS ICW SW FW 3) <Hennadiy.Kytsun(a)infineon.com> Subject: [TF-M] Attest token v2.0 in psa-arch-tests Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informati…>. Hi all, I was trying to run PSA arch tests for INITIAL_ATTESTATION and have some problems with them. Our platform uses version 2.0 of PSA token spec (ATTEST_TOKEN_PROFILE_PSA_2_0_0) - https://www.ietf.org/archive/id/draft-tschofenig-rats-psa-token-20.txt but psa arch tests does not seem to support it. Am I correct that psa-arch-tests does not support v2.0 of attest token? If yes, then how do I select v2.0 of attest token? If no, then is there a plan to support v2.0 of attest token in psa-arch-tests? If so then what is a release date for that? Regards, Bohdan Hunko Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>

9 months, 4 weeks

1
0
0 0

Attest token v2.0 in psa-arch-tests

by Bohdan.Hunko＠infineon.com

Hi all, I was trying to run PSA arch tests for INITIAL_ATTESTATION and have some problems with them. Our platform uses version 2.0 of PSA token spec (ATTEST_TOKEN_PROFILE_PSA_2_0_0) - https://www.ietf.org/archive/id/draft-tschofenig-rats-psa-token-20.txt but psa arch tests does not seem to support it. Am I correct that psa-arch-tests does not support v2.0 of attest token? If yes, then how do I select v2.0 of attest token? If no, then is there a plan to support v2.0 of attest token in psa-arch-tests? If so then what is a release date for that? Regards, Bohdan Hunko Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>

9 months, 4 weeks

1
1
0 0

Unable to determine default CMAKE_INSTALL_LIBDIR directory

by Quach, Brian

Hi, I'm seeing this warning when running cmake from a conan pkg: `/home/brian/.conan/data/cmake/3.21.3-0/library-msp/ga/package/be241241e9d4718e5bab4eb33935bbb69606bb0c/bin/cmake -S . -B build -DTFM_PLATFORM=arm/mps2/an521`. Does anyone know how to fix it? I see the language is set by `project("Trusted Firmware M" VERSION ${TFM_VERSION} LANGUAGES C CXX ASM)`. Per-partition files done: CMake Warning (dev) at /home/brian/.conan/data/cmake/3.21.3-0/library-msp/ga/package/be241241e9d4718e5bab4eb33935bbb69606bb0c/share/cmake-3.21/Modules/GNUInstallDirs.cmake:236 (message): Unable to determine default CMAKE_INSTALL_LIBDIR directory because no target architecture is known. Please enable at least one language before including GNUInstallDirs. Call Stack (most recent call first): build/lib/ext/mbedcrypto-src/CMakeLists.txt:42 (include) This warning is for project developers. Use -Wno-dev to suppress it. Regards, Brian Quach SimpleLink MCU Texas Instruments Inc. 12500 TI Blvd, MS F-4000 Dallas, TX 75243 214-479-4076

10 months, 1 week

2
1
0 0

There are many kinds

by bpqp9ny2＠nqmo.com

Car Mishaps is often harrowing experiences, leaving victims addressing physical injuries, emotional trauma, and financial burdens. In this sort of demanding occasions, owning the right lawful representation might make all the primary difference. When you are in Austin, Texas, and end up wanting legal support following a car accident, https://www.canadatopescorts.com

10 months, 1 week

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

TF-M