Hi Jamie,

 

Can I ask about your toolchain in use?

GNUARM 10-2020-q4-major will cause a similar issue. TF-M suggests to avoid using this version: https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/getting_started/tfm_getting_started.rst#n164.

 

Best regards,

Hu Ziji

 

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of David Hu via TF-M
Sent: Tuesday, July 27, 2021 4:48 PM
To: Jamie Mccrae <Jamie.Mccrae@lairdconnect.com>; Anton Komlev <Anton.Komlev@arm.com>; tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: [TF-M] FW: TF-M v1.4.0 release started

 

Hi Jamie,

 

Sorry for the trouble.

According to your description, the violation error is caused by non-secure test cases. is it correct?

 

The error message is dumped by tfm_secure_api_error_handler(). It is called multiple times in Library model routine.

Can you please help narrow the step in which tfm_secure_api_error_handler() is called?

 

Besides, do you mind trying if IPC model can work on your board?

 

Best regards,

Hu Ziji

 

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Jamie Mccrae via TF-M
Sent: Tuesday, July 27, 2021 3:43 PM
To: Anton Komlev <Anton.Komlev@arm.com>; tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: Re: [TF-M] TF-M v1.4.0 release started

 

Hi,

I have tried the RC1 and RC2 on our platform, the BL5340 (nRF5340-based), which I am testing by building with the following:

cmake -DTFM_PLATFORM=lairdconnectivity/bl5340_dvk_cpuapp -GNinja -DTFM_TOOLCHAIN_FILE=../toolchain_GNUARM.cmake -DTEST_S=on -DTEST_NS=on -DCMAKE_BUILD_TYPE=debug -DPS_TEST_NV_COUNTERS=on  ..

 

And upon starting the non-secure tests, a security violation occurs which reboots the module. Output from secure core:

Test suite 'Crypto secure interface tests (TFM_S_CRYPTO_TEST_1XXX)' has PASSED

Test suite 'Initial Attestation Service secure interface tests(TFM_S_ATTEST_TEST_1XXX)' has PASSED

Test suite 'Platform Service Secure interface tests(TFM_S_PLATFORM_TEST_1XXX)' has PASSED

Test suite 'Audit Logging secure interface test (TFM_S_AUDIT_TEST_1XXX)' has PASSED

 

*** End of Secure test suites ***

Security violation when calling secure API

[INF] Starting bootloader

[INF] Primary image: magic=good, swap_type=0x1, copy_done=0x3, image_ok=0x3

[INF] Scratch: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3

[INF] Boot source: primary slot

 

Output from non-secure core:

Non-Secure system starting...

 

#### Execute test suites for the Non-secure area ####

Running Test Suite PSA protected storage NS interface tests (TFM_NS_PS_TEST_1XXX)...

> Executing 'TFM_NS_PS_TEST_1001'

  Description: 'Set interface'

Non-Secure system starting...

 

So something that has changed from 1.3 to 1.4 seems to have broken our platform.

Thanks,

Jamie

 

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: 26 July 2021 09:50
To: tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: Re: [TF-M] TF-M v1.4.0 release started

 

EXTERNAL EMAIL: Be careful with attachments and links.

Hi,

 

All TF-M repositories are updated with TF-Mv1.4.0-RC2 tag.

The changes are minimal and shall not invalidate the tests, already done.

 

Please use this tag for new tests and report any issues found by the end of July 30.

 

Thanks and good luck,

Anton

 

 

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M
Sent: Wednesday, July 21, 2021 11:25 AM
To: tf-m@lists.trustedfirmware.org
Cc: nd <nd@arm.com>
Subject: [TF-M] TF-M v1.4.0 release started

 

Hi,

 

All TF-M repositories are tagged with TF-Mv1.4.0-RC1 tag.

Code is frozen now for the release candidate testing. Note that changes to other repositories are still possible during that time.

 

Please use this tag for your tests and report any issues found by the end of July 30.

 

Thanks and good luck,

Anton

 

THIS MESSAGE, ANY ATTACHMENT(S), AND THE INFORMATION CONTAINED HEREIN MAY BE PROPRIETARY TO LAIRD CONNECTIVITY, INC. AND/OR ANOTHER PARTY, AND MAY FURTHER BE INTENDED TO BE KEPT CONFIDENTIAL. IF YOU ARE NOT THE INTENDED RECIPIENT, PLEASE DELETE THE EMAIL AND ANY ATTACHMENTS, AND IMMEDIATELY NOTIFY THE SENDER BY RETURN EMAIL. THIS MESSAGE AND ITS CONTENTS ARE THE PROPERTY OF LAIRD CONNECTIVITY, INC. AND MAY NOT BE REPRODUCED OR USED WITHOUT THE EXPRESS WRITTEN CONSENT OF LAIRD CONNECTIVITY, INC.