- TF-M - lists.trustedfirmware.org

Re: [TF-M] Changes to configure FPU at the architectural level in TF-M

by Ken Liu

Hi Robert, Thanks for the comment, just want to double check if the guidelines for vendors who providing platform sources to a secure software covers the recommendations here: https://lists.trustedfirmware.org/pipermail/tf-m/2020-June/001007.html As far as we can see not all existing platforms set the registers required in the above recommendation (In Jamie's second patch), so we are trying to provide an architecture-abstraction. Meanwhile, we would notify the platform owner checking the platform-specific setting. After all platform vendor confirmed the setting of FPU we can leave this back to platform setting as you suggested - but secure firmware core logic still needs to check if platform set the FPU setting correctly. @Soby @Jamie, please update if I missed something. BR /Ken From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: Wednesday, September 2, 2020 5:30 PM To: Jamie Fox <Jamie.Fox(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] Changes to configure FPU at the architectural level in TF-M Hi Jamie, I have concerns with moving FPU configuration from platform to architecture-abstraction layer. FPU configuration is typically configured within system configuration files that are standardized in CMSIS and provided by device vendors. Some vendors provide also tools that auto-generate the system file based on user configuration (ex: STM32CubeMX). Therefore it would be better to leave the FPU configuration to the platform rather than moving it into architecture-abstraction. Best regards, Robert From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Jamie Fox via TF-M Sent: Friday 28 August 2020 19:53 To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Cc: nd <nd(a)arm.com<mailto:nd@arm.com>> Subject: [TF-M] Changes to configure FPU at the architectural level in TF-M Hi all, There is a change open for review that adds configuration of FPU-related registers to the architecture-abstraction layer in TF-M, and removes this same configuration from platform support files. The reasoning for this is that these registers are defined by the Arm architecture, so FPU config can be unified for all platforms with the same architecture. For Armv8-M, this also includes configuration to ensure that information is not leaked in FPU registers to NSPE when the SPE uses the FPU, and to permit the NSPE to access the FPU. By default, TF-M will still be built without the FPU used in the SPE. You can review the changes at: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5405 Arch: Add function to configure coprocessors https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5406 Platform: Remove platform-specific FPU config It would be especially helpful if platform owners could check that they are happy with FPU config being moved out of the platform support files. Kind regards, Jamie

4 years, 4 months

1
0
0 0

Re: [TF-M] Changes to configure FPU at the architectural level in TF-M

by Robert Rostohar

Hi Jamie, I have concerns with moving FPU configuration from platform to architecture-abstraction layer. FPU configuration is typically configured within system configuration files that are standardized in CMSIS and provided by device vendors. Some vendors provide also tools that auto-generate the system file based on user configuration (ex: STM32CubeMX). Therefore it would be better to leave the FPU configuration to the platform rather than moving it into architecture-abstraction. Best regards, Robert From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Jamie Fox via TF-M Sent: Friday 28 August 2020 19:53 To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: [TF-M] Changes to configure FPU at the architectural level in TF-M Hi all, There is a change open for review that adds configuration of FPU-related registers to the architecture-abstraction layer in TF-M, and removes this same configuration from platform support files. The reasoning for this is that these registers are defined by the Arm architecture, so FPU config can be unified for all platforms with the same architecture. For Armv8-M, this also includes configuration to ensure that information is not leaked in FPU registers to NSPE when the SPE uses the FPU, and to permit the NSPE to access the FPU. By default, TF-M will still be built without the FPU used in the SPE. You can review the changes at: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5405 Arch: Add function to configure coprocessors https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5406 Platform: Remove platform-specific FPU config It would be especially helpful if platform owners could check that they are happy with FPU config being moved out of the platform support files. Kind regards, Jamie

4 years, 4 months

1
0
0 0

Re: [TF-M] CI Checkpatch

by Karl Zhang

Hi Chris, The CI job was trigged from https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/3521, you could find a list of all jobs and status of each job on Gerrit page that triggered by that job, job list example can be found at the end of this email. Another way is from the link you mentioned, that is a pipeline of how CI jobs start from one stage to another stage, if you click on the node of each stage, "Triggered Builds" will list the related job and you can check the details of it. The Open CI for TF-M is under development of Linaro, development plan and status can be found from https://developer.trustedfirmware.org/w/collaboration/openci/ , it is not stable at this moment that we are continuously addressing on. There is no latest document for detail introduction of current Open CI yet. Open CI - developer.trustedfirmware.org<https://developer.trustedfirmware.org/w/collaboration/openci/> Milestone Deliverables Target Completion Status; M1: Planning, Handover and Deployment SOW and project plan Hand over from OCE to Developer Services developer.trustedfirmware.org For the checkpatch job, it is a part of the static check stage, the error from this stage won't impact the final CI score, we need more investigation before active all static checks. The CI jobs were not able to trigger manually. There is a request to Linaro for the requirement that already working on, hope it can be deployed to the public Open CI soon. Job list example on Gerrit after CI job: Passed: 4, Failed: 18, Not done: 0 AN519_GNUARM_ConfigRegressionIPCTfmLevel2_Release_BL2<http://ci.trustedfirmware.org/job/tf-m-build-config/29147/> -1 AN519_GNUARM_ConfigRegressionIPC_Release_BL2<http://ci.trustedfirmware.org/job/tf-m-build-config/29146/> -1 AN519_GNUARM_ConfigRegressionProfileS_Release_BL2<http://ci.trustedfirmware.org/job/tf-m-build-config/29152/> -1 AN519_GNUARM_ConfigRegression_Release_BL2<http://ci.trustedfirmware.org/job/tf-m-build-config/29144/> -1 .... checkpatch<http://ci.trustedfirmware.org/job/tf-m-checkpatch/472/> -1 cppcheck<http://ci.trustedfirmware.org/job/tf-m-cppcheck/472/> 1 lava_boot<http://ci.trustedfirmware.org/job/tf-m-build-and-test/474/> 1 lava_test<http://ci.trustedfirmware.org/job/tf-m-build-and-test/474/> 1 psoc64_GNUARM_ConfigRegressionIPCTfmLevel2_Release_NOBL2<http://ci.trustedfirmware.org/job/tf-m-build-config/29157/> -1 psoc64_GNUARM_ConfigRegressionIPC_Release_NOBL2<http://ci.trustedfirmware.org/job/tf-m-build-config/29154/> -1 tf-m-build<http://ci.trustedfirmware.org/job/tf-m-build-and-test/479/> -1 tf-m-build-docs<http://ci.trustedfirmware.org/job/tf-m-build-docs/647/> 1 Thanks, Karl Zhang ________________________________ From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> on behalf of Christopher Brand via TF-M <tf-m(a)lists.trustedfirmware.org> Sent: Tuesday, September 1, 2020 12:35 AM To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org> Subject: [TF-M] CI Checkpatch So I see the CI system runs checkpatch, but I don’t see any mention of checkpatch under the “docs” directory, or in any of the gerrit reviews, or even on the mailing list. The output in the CI system, as far as I can see, is not particularly useful (I followed the link posted on my review to https://ci.trustedfirmware.org/blue/organizations/jenkins/tf-m-static/detai… but could find anything indicating what issue was actually found). Is there any documentation on how we can run checkptach manually? Or on how to see what the CI version is actually complaining about? Should I just be ignoring the CI checkpatch errors? Thanks, Chris Brand Sr Prin Software Engr, MCD: WIRELESS Cypress Semiconductor Corp. An Infineon Technologies Company #320-13700 International Place, Richmond, British Columbia V6V 2X8 Canada www.infineon.com<http://www.infineon.com> www.cypress.com<http://www.cypress.com> This message and any attachments may contain confidential information from Cypress or its subsidiaries. If it has been received in error, please advise the sender and immediately delete this message.

4 years, 4 months

1
0
0 0

[RFC] The code review guideline

by Ken Liu

Hi, We are creating one document to describe the code review guidelines: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5372 The goal of this document is to introduce the source management level concepts to be followed while reviewing a code – which try to simplify the contribution (but burdens the reviewers? 😉). Difference to the `coding style`: * It focuses more on the source placement, interface definition and including, etc. As this document is keeping evolving in a period, the plan is we merge a simple version as start and adding more contents by new patches, so please give enough comments if you have, and don’t forget the concept: we want to make things rational and simple. Thanks. /Ken

4 years, 4 months

1
0
0 0

psa_key_id_t type mismatch --- HardFault

by Alamy Liu

Dear all, While I was working on the PSoC64 platform, I hit the *psa_key_id_t* type mismatch problem. The patch - *98ab441e096f *enables *MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER* Which in terms to use the *psa_key_id_t* *structure* (psa_key_file_id_t) in <mbed-crypto/mbedtls>/include/psa/*crypto_platform.h* Interestingly, psa_key_id_t is also defined in <tf-m>/interface/include/psa/ *crypto_types.h*, as a uint32_t. So, I do the following testing I could compile the master HEAD no problem *66ee5c8861* (HEAD, origin/master, origin/HEAD) Tools: update iat-verifier README and samples I assume the psa_key_id_t should be a *structure* (from mbed-crypto/mbedtls), I applied the patch below --- a/interface/include/psa/crypto_types.h +++ b/interface/include/psa/crypto_types.h @@ -211,6 +211,8 @@ typedef uint8_t psa_key_persistence_t; */ typedef uint32_t psa_key_location_t;+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)+#error Should not compile this /** Encoding of identifiers of persistent keys. * * - Applications may freely choose key identifiers in the range @@ -222,6 +224,7 @@ typedef uint32_t psa_key_location_t; */ typedef uint32_t psa_key_id_t; #define PSA_KEY_ID_INIT 0+#endif Then, I notice that there are still many files that use *uint32_t* psa_key_id_t in the TF-M source tree. a) It's good (lucky?) that TF-M seems to cut it cleanly so it doesn't run into problems (well, it happens on PSoC64, or I won't notice it). b) It's bad that psa_key_id_t in TF-M has two different types. I'm not going to argue what's correct/wrong. Maybe this kind of coding could be a feature in the future. I just go with it. But I found no information to define the boundary of the two types under the <tf-m>/docs/ directory. I would like to know where the boundary is, in TF-M. In other words, *Which part of the code should use the structure definition from mbedtls/mbed-crypto; which part of the code should use uint32_t ?* In my work, the problem happens when it passes psa_key_id_t as a parameter, the parent & child functions see it differently (HardFault, in my case, memory violation to other parameters). e.g.: func_a.c (structure), func_b.c (uint32_t). func_b.h ---- the type changes when it's included by func_a.c and/or func_b.c Regards, Alamy

4 years, 4 months

1
1
0 0

CI Checkpatch

by Christopher Brand

So I see the CI system runs checkpatch, but I don't see any mention of checkpatch under the "docs" directory, or in any of the gerrit reviews, or even on the mailing list. The output in the CI system, as far as I can see, is not particularly useful (I followed the link posted on my review to https://ci.trustedfirmware.org/blue/organizations/jenkins/tf-m-static/detai… but could find anything indicating what issue was actually found). Is there any documentation on how we can run checkptach manually? Or on how to see what the CI version is actually complaining about? Should I just be ignoring the CI checkpatch errors? Thanks, Chris Brand Sr Prin Software Engr, MCD: WIRELESS Cypress Semiconductor Corp. An Infineon Technologies Company #320-13700 International Place, Richmond, British Columbia V6V 2X8 Canada www.infineon.com<http://www.infineon.com> www.cypress.com<http://www.cypress.com> This message and any attachments may contain confidential information from Cypress or its subsidiaries. If it has been received in error, please advise the sender and immediately delete this message.

4 years, 4 months

1
0
0 0

Changes to configure FPU at the architectural level in TF-M

by Jamie Fox

Hi all, There is a change open for review that adds configuration of FPU-related registers to the architecture-abstraction layer in TF-M, and removes this same configuration from platform support files. The reasoning for this is that these registers are defined by the Arm architecture, so FPU config can be unified for all platforms with the same architecture. For Armv8-M, this also includes configuration to ensure that information is not leaked in FPU registers to NSPE when the SPE uses the FPU, and to permit the NSPE to access the FPU. By default, TF-M will still be built without the FPU used in the SPE. You can review the changes at: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5405 Arch: Add function to configure coprocessors https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5406 Platform: Remove platform-specific FPU config It would be especially helpful if platform owners could check that they are happy with FPU config being moved out of the platform support files. Kind regards, Jamie

4 years, 4 months

1
0
0 0

ST platforms building broken

by Kevin Peng

Hi Michel, Some of the configurations on ST platform building is broken. Please see the details in the following ticket: https://developer.trustedfirmware.org/T808 Would you please have a look. Thanks. Best Regards, Kevin

4 years, 4 months

1
0
0 0

TF-M Technical Forum call - September 3

by Anton Komlev

Hello, The next Technical Forum is planned on Thursday, September 3 at 15:00-16:00 UTC (US time zone). Please reply on this email with your proposals for agenda topics. Recording and slides of previous meetings are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ Best regards, Anton Komlev

4 years, 4 months

1
0
0 0

Re: [TF-M] New build system with IAR

by David Hu

Hi Thomas, Sorry if I misunderstand your problem. Does it mean that diverse compilers require different core config flags? Best regards, Hu Ziji ________________________________ From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> on behalf of Thomas Törnblom via TF-M <tf-m(a)lists.trustedfirmware.org> Sent: Tuesday, August 25, 2020 7:39 PM To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org> Subject: [TF-M] New build system with IAR I've started looking at the new build system, and it looks like a nice improvement. I have a problem, that likely has a simple solution, although I'm not sure which. I've looked at the AN521 target, and the preload.cmake file is included very early from the root CMakeLists.txt The first line of preload.cmake is: --- set(CMAKE_SYSTEM_PROCESSOR cortex-m33+nodsp) --- For IAR that line should be: --- set(CMAKE_SYSTEM_PROCESSOR Cortex-M33.no_dsp) --- I need to discriminate between the toolchains already there, but I haven't figured out what the best way would be to do that. Not much is setup at this moment in the run. Ideas? Thomas -- Thomas Törnblom, Product Engineer IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com<mailto:thomas.tornblom@iar.com> Website: www.iar.com<http://www.iar.com> Twitter: www.twitter.com/iarsystems<http://www.twitter.com/iarsystems>

4 years, 4 months

2
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-M