Dear All,
The Secure Enclave patches have been merged and caused a minor source structure change. The platform so far named musca_b1 became musca_b1/sse_200, because we added support to the other subsystem on the Musca-B1 board, musca_b1/secure_enclave.
So to build onto the old Musca-B1 platform the -DTFM_PLATFORM=musca_b1/sse_200 flag will be needed.
All information about the Secure Enclave topic can be found in these rsts: https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/design... https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/refere... https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/ex...
Best regards, Mark
From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Mark Horvath via TF-M Sent: 09 December 2020 10:11 To: 'tf-m@lists.trustedfirmware.org' tf-m@lists.trustedfirmware.org Subject: Re: [TF-M] Secure Enclave solution in TF-M
Dear All,
The patches for the Secure Enclave topic are planned to be merged soon if no further comments raised. https://review.trustedfirmware.org/q/topic:%22Secure+Enclave%22+(status:open...)
Best regards, Mark
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Mark Horvath via TF-M Sent: 03 December 2020 16:38 To: 'tf-m@lists.trustedfirmware.org' <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Subject: Re: [TF-M] Secure Enclave solution in TF-M
Dear All,
I would like to merge the Secure Enclave topic at about middle of next week, feel free to give any feedback. https://review.trustedfirmware.org/q/topic:%22Secure+Enclave%22+(status:open...)
Best regards, Mark
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Mark Horvath via TF-M Sent: 14 September 2020 21:00 To: 'tf-m@lists.trustedfirmware.org' <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Subject: [TF-M] Secure Enclave solution in TF-M
Dear All,
Following the tech forum presentation (back in 6th August) I uploaded the draft design document for the Secure Enclave topic: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5653
I also updated the first implementation of the proposed solution for the Musca-B1 board with minimal features, marked as WIP: https://review.trustedfirmware.org/q/topic:%22Secure+Enclave%22+(status:open...) Limitations, missing features, notes:
* No support for isolation level2 on SSE-200 * Protected Storage is an Application RoT partition, but PS also moved to Secure Enclave * Some regression tests running on secure side of SSE-200 fail as all messages are forwarded with the same client ID to Secure Enclave * All IPC message forwarding is a blocking call * Only one message is put into the mailbox at a time * Musca-B1 related documentation is not complete yet * Generated files are not committed, manifest parser should be run before build. * The BL0 component mentioned in the tech forum presentation is not uploaded, as it is based on the new cmake system, and not so interesting right now * Cmake changes are rudimentary, will be rebased to new cmake system.
Any feedback very welcomed!
Best regards, Márk Horváth Senior Software Engineer Mark.Horvath@arm.commailto:Mark.Horvath@arm.com Arm Hungary Kft., Corvin Offices II, Crystal Tower, Budapest, Futó u. 45. H-1082 Hungary www.arm.comhttp://www.arm.com/