Hi Sherry,
Yes, you are correct - the check is only done if FWU_DEVICE_CONFIG_FILE is not defined.
BUT this is still a problem because even if FWU_DEVICE_CONFIG_FILE is defined it still may be generated (same way as if FWU_DEVICE_CONFIG_FILE is not defined it is generated). So default TFM implementation use generated file as FWU_DEVICE_CONFIG_FILE but restricts user from doing so.
So in current implementation FWU_DEVICE_CONFIG_FILE must be present on cmake config time and can not be generated. I see this as unnecessary limitation.
Actually this is not hypothetical problem, I only brought this problem up because I hit this issue when trying to use custom FWU_DEVICE_CONFIG_FILE and this custom file is generated (same way as default one is).
So my proposal is to remove this check, this will make the implementation more flexible.
Regards, Bohdan Hunko
Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko@infineon.commailto:Bohdan.Hunko@infineon.com
From: Sherry Zhang Sherry.Zhang2@arm.com Sent: Wednesday, November 15, 2023 04:32 To: Hunko Bohdan (CSS ICW SW FW 3) Bohdan.Hunko@infineon.com; tf-m@lists.trustedfirmware.org Cc: nd nd@arm.com Subject: RE: Redundant check on FWU_DEVICE_CONFIG_FILE
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safehttps://intranet-content.infineon.com/explore/aboutinfineon/rules/informationsecurity/ug/SocialEngineering/Pages/SocialEngineeringElements_en.aspx.
Hi Bohdan,
The code you posted is in the else routine of FWU_DEVICE_CONFIG_FILE not defined condition(see https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/secure_fw/p...):
if (NOT FWU_DEVICE_CONFIG_FILE) configure_file(${CMAKE_SOURCE_DIR}/interface/include/psa/fwu_config.h.in ${CMAKE_BINARY_DIR}/generated/interface/include/psa/fwu_config.h @ONLY) set(FWU_DEVICE_CONFIG_FILE "${CMAKE_BINARY_DIR}/generated/interface/include/psa/fwu_config.h") else() # FWU_DEVICE_CONFIG_FILE exists and is a file if(NOT EXISTS ${FWU_DEVICE_CONFIG_FILE}) message(FATAL_ERROR "FWU_DEVICE_CONFIG_FILE:${FWU_DEVICE_CONFIG_FILE} does not exist.") elseif(IS_DIRECTORY ${FWU_DEVICE_CONFIG_FILE}) message(FATAL_ERROR "FWU_DEVICE_CONFIG_FILE:${FWU_DEVICE_CONFIG_FILE} is a folder while a file is expected.") endif() endif()
If FWU_DEVICE_CONFIG_FILE is defined, it should be an existing file. The default routine is FWU_DEVICE_CONFIG_FILE not-defined(the if routine).
Regards, Sherry Zhang
From: Bohdan.Hunko--- via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Sent: Tuesday, November 14, 2023 11:43 PM To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org Subject: [TF-M] Redundant check on FWU_DEVICE_CONFIG_FILE
Hi all It seems to me like following check
# FWU_DEVICE_CONFIG_FILE exists and is a file if(NOT EXISTS ${FWU_DEVICE_CONFIG_FILE}) message(FATAL_ERROR "FWU_DEVICE_CONFIG_FILE:${FWU_DEVICE_CONFIG_FILE} does not exist.") elseif(IS_DIRECTORY ${FWU_DEVICE_CONFIG_FILE}) message(FATAL_ERROR "FWU_DEVICE_CONFIG_FILE:${FWU_DEVICE_CONFIG_FILE} is a folder while a file is expected.") endif()
in secure_fw/partitions/firmware_update/CMakeLists.txt is redundant as FWU_DEVICE_CONFIG_FILE may be generated, thus not present when cmake performs EXISTS check (note that by default FWU_DEVICE_CONFIG_FILE is generated so I dont see point in limiting user from using generated file)
So i propose to remove this check.
Regards, Bohdan Hunko
Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko@infineon.commailto:Bohdan.Hunko@infineon.com