-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add test spec to run crypto and TF-M tests #130
Open
stephen-nordic
wants to merge
127
commits into
main
Choose a base branch
from
add_test_spec
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-crypto_types.h: Added definition of mbedtls_svc_key_id_t needed for NS build TLS/DTLS APIs -crypto_values.h: Added lots of functions for mbedtls_svc_key_id_t needed for NS build TLS/DTLS APIs Add missing function for TLS/DTLS usage in crypto_extra.h. This needs to go upstream, but most likely containing more functions. Signed-off-by: Frank Audun Kvamtrø <[email protected]> Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 08bb0ce) (cherry picked from commit c93707c) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 7466755) Signed-off-by: Markus Swarowsky <[email protected]>
Adjust CRYPTO_HW_ACCELERATOR build scripts to also support nrf_security. Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit c136210) (cherry picked from commit 3834117) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 2bdad64) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: Ied8e378ef55fe398ea4e45f65b3c270e9e9cd030 Signed-off-by: Markus Swarowsky <[email protected]>
…nce. Add an option to send the log output from the secure firmware on a UART instance that would be shared with the non-secure application. This option is added where the number of UART instances is limited and the application only cares about the receiving the TF-M log on fatal errors. To allow this option to be enabled the log is disabled in the boot process before the non-secure application is started. It is enabled again when an unrecoverable exception has occurred in the secure firmware. NCSDK-18595 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 19403a8) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 54af7a2) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I65e33f48bd7c6334d04b528c28e8b2d4a3331d0d Signed-off-by: Markus Swarowsky <[email protected]>
…RT0 instance Add support for selecting which UART instance to use as the secure UART instance. The supported options are UART0 and UART1. Add support for the secure UART instance being shared with the non-secure application. The UART instance is configured as non-secure after it has been uninitialized, and configured as secure when it is initialized again on a fatal error. NCSDK-18595 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit b2346e8) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 97224b0) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I2da826ec4817143ece52baeceaab14999f0d2d96 Signed-off-by: Markus Swarowsky <[email protected]>
Check if the required configuration has been set in the configuration header instead of suddenly setting it outside of the configuration header. If the configuration is missing this definition this could lead to an inconsistent configuration. This is a noup commit because this definition has been removed in another upstream commit 7e80490 and this is not easily backported. Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 4be04d6) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: Iea8daa284033611c76dd8102a3cd9bbec99ffcbf Signed-off-by: Markus Swarowsky <[email protected]>
Add platform default UART control definition. For platforms that wishes to use a UART configuration different from the default CMSIS control value the default valuse need to be supplied in the call to set control. This makes it possible for a platform to set for example Hardware Flow Contol configuration. Having support for Hardware Flow Control is useful for running the TF-M regression tests reliably. Upstream PR: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20374 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit f16b472) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I64ea2f1f261624c82037d3e85231234427978c7e Signed-off-by: Markus Swarowsky <[email protected]>
Add driver support for hardware flow control. Leave it as default off. Upstream PR: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/20375 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit ab8140d) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I86aa7a19270ad6cd9d852c73101c9de1941f364c Signed-off-by: Markus Swarowsky <[email protected]>
Replaces usage of mbedtls_hkdf with PSA Crypto API. Noup: This is essentially the same functionality as in change I41ea9cb2af6627aa7ed3a8454898d16d4b5d6306 from upstream, that can't be cleanly cherry-picked since the code has been refactored. Signed-off-by: Vidar Lillebø <[email protected]> (cherry picked from commit 2ff3fdd) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: Ib4bcea3f9b7ea2676b612a20b226a8ae6118bb9b Signed-off-by: Markus Swarowsky <[email protected]>
Include the PSA config file in TF_M PSA interface header. This is a noup commit because it is and adapted change based on upstream commit that contains other changes that would cause merge conflicts. An additional PR was made to upstream to improve the way the config header is included. Upstream commit: 34a0ffd Upstream PR: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/21759 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 86fdfb9) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I048f4174486a911bd1451de5a244446601608d29 Signed-off-by: Markus Swarowsky <[email protected]>
…ader included The PSA header only includes the configuration header when MBEDTLS_PSA_CRYPTO_CONFIG_FILE is given on the command line. If the configuration file has not been included assume that the maximum hash size is the maximum possible instead of the minimal possible. This is consistent with how PSA_VENDOR_ECC_MAX_CURVE_BITS is defined. Change-Id: I4c137a947ca0dbdbddf7eaac74e6ce59ae988224 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 779cfe0) (cherry picked from commit ccab64f) Signed-off-by: Markus Swarowsky <[email protected]>
Unify common code between nrf startup files. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit cca1de1) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I78be920afe68f2a9d930605617b654cbf12af5d4 Signed-off-by: Markus Swarowsky <[email protected]>
Currently we are generating dozens of default IRQ Handlers that each just spin. In sum, 256 bytes of IRQ handlers that do nothing. In this patch we save these bytes by using the alias attribute. Now there is only one default IRQ handler placed in flash and all the default IRQ handlers alias to it. I tried to place the duplicated default_tfm_IRQHandler in the common startup.c, but it did not work. I am not certain, but I think this is due to a problem with the way we link in TF-M. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit 3dcb0c3) Signed-off-by: Markus Swarowsky <[email protected]>
The current default IRQ handler will hang forever. It is bad practice to hang forever in production. Instead we now print the exception information and then panic. Which will either reboot or hang forever depending on the configuration. It is bad practice to for the default IRQ handler to be triggered at all and it should indicate a configuration error. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit 49627ca) Signed-off-by: Markus Swarowsky <[email protected]>
There is a build system bug where the wrong IRQ handler is used for the SPU. trusted-firmware-m/platform/ext/target/nordic_nrf/common/core/faults.c defines the symbol SPU_IRQHandler. And the intention is for this to be used. But the linker never checks faults.c for undefined symbols because it already has a weak symbol for SPU_IRQHandler from the startup file to satisfy itself. For the weak symbol to work properly faults.c needs to be linked into the build either because it provides some symbol that is undefined, or through the use of --whole-archive as Zephyr does. Until TF-M uses --whole-archive, weak symbols will not work as intended. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit b2580be) Signed-off-by: Markus Swarowsky <[email protected]>
Default IRQ handlers will usually be overriden as they are weak. But due to the way TF-M links it's binary (doesn't use whole-archive), weak doesn't always work. So we explicitly ifdef out some IRQ handlers that we know will be overridden by non-weak symbols anyway to be safe. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit 5fa2863) Signed-off-by: Markus Swarowsky <[email protected]>
Fix a bug in the startup file where the ifdef was incorrectly negated. Also add declarations for when the default irq handler is not used. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit 26d6cb4) Signed-off-by: Markus Swarowsky <[email protected]>
unify target configuration for nrf53, nrf91, and laird. Combining these three source files into a single file makes it easier to make changes as patches don't need to be applied three times. Change-Id: I3c0db861b8db9981552b689e298b525918afff36 Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit 652bcb4) Signed-off-by: Markus Swarowsky <[email protected]>
Rewrite the SPU functions to make it more clear what the permissions will be and thereby prevent accidental priviledge elevation. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: I3c0db861b8db9981552b699e298b525918afff36 (cherry picked from commit 64f3141) Signed-off-by: Markus Swarowsky <[email protected]>
Move CMake code for adding a startup file into common code. This improves portability. Signed-off-by: Sebastian Bøe <[email protected]> (cherry picked from commit 7815216) Signed-off-by: Markus Swarowsky <[email protected]>
The MDK for nRF9120 used in the nRF9161 target doesn't define the Secure FPU as it doesn't exist, but for other platforms like the 9160 it has a dummy define, with an UNUSED field in the type. The long plan is to get this fixed in the MDK but until then, to make the nrfxlib 3.1.0 update possible this tempfix is applied. Ref: NCSDK-23046 Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I44042ee9aada99c59a5930440306bb6c40ae4880 (cherry picked from commit 6ad9c58) Signed-off-by: Markus Swarowsky <[email protected]>
-Adds encryption and authentication support for ITS files -Encryption is optional and is enabled using a CMake variable -The encryption implementation is platform dependent, the signatures of the APIs are provided in this change Change-Id: Ifd3a67ac2274fa8d7ceec19482f7cec01b2cac54 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 7de096f) Signed-off-by: Markus Swarowsky <[email protected]>
The TFM_ITS_ENCRYPTED define (and friends) are the same for all nrf platforms so put the CMake code in the common CMakeLists.txt file. This improves portability. Change-Id: Ifedb4eb6119aa9a50dd5444a07fb0d4ee3ab4303 (cherry picked from commit d49a3e4) Signed-off-by: Markus Swarowsky <[email protected]>
Disabling Second-level Interrupt handling tests to run the first-level tests as default on nordic platforms. Change-Id: I6547d942e892f78dfa954f4aed2398807eafa1df Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit a3e5318) Signed-off-by: Markus Swarowsky <[email protected]>
Move NRF_NS_STORAGE define to a common CMake file. This improves portability. Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I1fc57f58b507222a0927a9688d56c55549d5dcfa (cherry picked from commit 2f9e785) Signed-off-by: Markus Swarowsky <[email protected]>
Move NRF_NS_SECONDARY define to common CMake. This improves portability. Change-Id: Ie6dfff1b89cedfbc4bec93088c7d6f6e190a6f69 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit eb5162f) Signed-off-by: Markus Swarowsky <[email protected]>
The wrong CMake define for enabling encryption in ITS was used. Change-Id: I9e3b0e363e6588272167ef84f6ca1769ff7687d5 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 6e2de43) Signed-off-by: Markus Swarowsky <[email protected]>
The design of the ITS encryption was changed during the review process but the graphic in the doc was not updated to the final design. So update the graphic now. Change-Id: I97c9ece25743bdd1eae05557d5e027b8128b4a90 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit d1c6dd1) Signed-off-by: Markus Swarowsky <[email protected]>
This fixes an erroneous attempt to configure the FPU peripheral in NRF91 series. The FPU is not configurable in NRF91 series and it is always non-secure. This caused a failed assertion in the initialzation since the FPU present field is not set for the SPU configuration. This change configures the FPU only in NRF53 series devices which have a configurable FPU. Ref: NCSDK-23619 Upstream PR: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/23470 Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: Ia00e0e620ab51850e6ee8b382e5d03a245b6db0c
Updated nrfx_uarte driver requires missing atomic macros: - nrfx_atomic_t - NRFX_ATOMIC_FETCH_* Signed-off-by: Nikodem Kastelik <[email protected]> (cherry picked from commit 33c0f47)
Use the pinctrl method to define the UART pins for the nordic platform UART driver. This makes it easier to assign the UART pins from devicetree information which is used in out-of-tree board support. Change-Id: I8f18b730d705214670438b85c58032c6f32fff1c Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 70abd66) Signed-off-by: Joakim Andersson <[email protected]>
Check if the required configuration has been set in the configuration header instead of suddenly setting it outside of the configuration header. If the configuration is missing this definition this could lead to an inconsistent configuration. This is a noup commit because this definition has been removed in another upstream commit 7e80490 and this is not easily backported. Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 4be04d6) Signed-off-by: Markus Swarowsky <[email protected]>
Replaces usage of mbedtls_hkdf with PSA Crypto API. Noup: This is essentially the same functionality as in change I41ea9cb2af6627aa7ed3a8454898d16d4b5d6306 from upstream, that can't be cleanly cherry-picked since the code has been refactored. Signed-off-by: Vidar Lillebø <[email protected]> (cherry picked from commit 2ff3fdd) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: Ib4bcea3f9b7ea2676b612a20b226a8ae6118bb9b Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit ac52dba) Signed-off-by: Markus Swarowsky <[email protected]>
The MDK for nRF9120 used in the nRF9161 target doesn't define the Secure FPU as it doesn't exist, but for other platforms like the 9160 it has a dummy define, with an UNUSED field in the type. The long plan is to get this fixed in the MDK but until then, to make the nrfxlib 3.1.0 update possible this tempfix is applied. Ref: NCSDK-23046 Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I44042ee9aada99c59a5930440306bb6c40ae4880 (cherry picked from commit 6ad9c58) Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit a489e9f) Signed-off-by: Markus Swarowsky <[email protected]>
…nstance. Add an option to send the log output from the secure firmware on a UART instance that would be shared with the non-secure application. This option is added where the number of UART instances is limited and the application only cares about the receiving the TF-M log on fatal errors. To allow this option to be enabled the log is disabled in the boot process before the non-secure application is started. It is enabled again when an unrecoverable exception has occurred in the secure firmware. NCSDK-18595 upstream PR: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25905 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 19403a8) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 54af7a2) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I65e33f48bd7c6334d04b528c28e8b2d4a3331d0d Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 8f000f6) Signed-off-by: Markus Swarowsky <[email protected]>
…RT0 instance Add support for selecting which UART instance to use as the secure UART instance. The supported options are UART0 and UART1. Add support for the secure UART instance being shared with the non-secure application. The UART instance is configured as non-secure after it has been uninitialized, and configured as secure when it is initialized again on a fatal error. NCSDK-18595 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit b2346e8) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 97224b0) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I2da826ec4817143ece52baeceaab14999f0d2d96 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit d2a1b89) Signed-off-by: Markus Swarowsky <[email protected]>
…um profile Disable the cipher crypto module in small, medium and medium-arotless profile. There is no algorithm for this module enabled in the mbedcrypto configuration header for these profiles. Change-Id: Ief1d38a984824c0e746ecbf9b1fe1a8483dba91b Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit e5e8150) Signed-off-by: Markus Swarowsky <[email protected]>
… and keys checks Add missing PSA defined algorithms and keys checks. The checks only covered supported algorithms in mbedtls. However mbedtls supports accelerated PSA crypto support through the psa crypto driver wrappers, which can support additional algorithms and key types. This fixes build error when enabling ECDH key agreement algorithm without enabling any other key derivation algorithms. Change-Id: Ic609d7ac58b7341316d0a071e5229ea9980fafab Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit a527aef) Signed-off-by: Markus Swarowsky <[email protected]>
…o context Add an API, `tfm_exception_info_get_context()`, which can be used to retrieve exception info from the exception_info module. This option is added allow for platform specific handling logic -- for example, saving the exception info to a non-volatile storage medium for postmortem analysis. Change Highlights: * Moved `struct exception_info_t` from `exception_info.c` to `exception_info.h` * Defined `tfm_exception_info_get_context()` which exposes access to the static scope `exception_info` struct from exception_info.h Signed-off-by: Chris Coleman <[email protected]> Change-Id: I635ef2cc79bf5221300064a3a2813d504f62d46a Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 9dd58c9) Signed-off-by: Markus Swarowsky <[email protected]>
…ters Change exception handler to use system registers instead of handler provided information to provide active exception information to the exception information handler. This frees up one register argument to the store and dump function. Change-Id: I70a29438fd5ac0bad6945588c5ae7431cd66d060 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 90e0c06) Signed-off-by: Markus Swarowsky <[email protected]>
…ormation Store the callee saved registers in the exception information logging. We store the current exception frame, which has the registers of the caller saved registers when the exception occurs, but the callee saved register information is lost during the exception handling. This provides us with an incomplete picture of the state at the time the exception occurred. Change-Id: I3d15f9eccf1aa8c2c1b99e75e38229ab82420f36 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit dbdcfa0) Signed-off-by: Markus Swarowsky <[email protected]>
Move the SPU fault handling to only dump fault information on UART when TFM_EXCEPTION_INFO_DUMP is enabled. Store the exception info for later retrieval as the SPU handler clears the events. Change-Id: I3da12c30dc845e81e8725c687aefb498c82c90d7 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 7eace88) Signed-off-by: Markus Swarowsky <[email protected]>
Unify the target configuration header, the target configuration source has already been unified. Change-Id: I23e3b47ac8e80fb5e54a24660fbb4e8313f54c78 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 7316fe1) Signed-off-by: Markus Swarowsky <[email protected]>
…ation Refactor peripheral SPU configuration to use peripheral ID instead of address. Remove helper function that is only used once. Refactor peripheral SPU init configuration to be a loop over an array of peripheral IDs. This is done to save flash-usage of this function. Change-Id: If22956dcc791dcee4cddc3715edc65af8bafad58 Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 8f8929b) Signed-off-by: Markus Swarowsky <[email protected]>
If MBEDTLS_P256M_ENABLED is not set then do not add the compile definitions and includes to the target upstream PR:https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/26339 Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I1bd8fda71e6c3fa90acc79c31bf967e60ac42e3a Signed-off-by: Markus Swarowsky <[email protected]>
Move CMake code for adding a startup file into common code. This improves portability. https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25902 Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: Ic59d3d01744eae3bb2ef2e0175a5294f7269c610 (cherry picked from commit 0f3bed474c9eabfe4423de27ee85ee26ca6a7d41) Signed-off-by: Markus Swarowsky <[email protected]>
The MBEDTLS_PSA_CRYPTO_CONFIG_FILE gets already defined in the mbedtls_common target and is included in the nrf-config.h file. TF-M adds the compile definition again, causing a redefined warning when building Signed-off-by: Markus Swarowsky <[email protected]>
[nrf fromlist] because this was cherry-picked from https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25904/1 Document FlashInfo fields. NB: I found this commit was missing from the TF-M upmerge branch. I don't know how it went missing. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: I9f92711edd754f7972a36baba2cd5c8e2675b03a Signed-off-by: Markus Swarowsky <[email protected]>
[nrf fromlist] because this was cherry-picked from https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25899/2 Remove unused driver functions. We are currently implementing several functions that TF-M is not using. This is bad practice as they are untested and may therefore be unreliable if TF-M were to start to use them. They also bloat the size of the binary and have a code maintenance cost. It would be better to implement the functions when they become used. NB: I found this commit was missing from the TF-M upmerge branch. I don't know how it went missing. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: Icd7df7caa38ea890742b4b70118d642b196c4d71 Signed-off-by: Markus Swarowsky <[email protected]>
[nrf fromlist] because this was cherry-picked from https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25903/1 Remove the function ARM_Flash_Uninitialize is it is only used in BL1 and BL2 integration and nordic is not compatible with BL1 or BL2. It is bad practice to have an unused function available as it is untested and may therefore be unreliable if TF-M were to start to using it. It also bloats the size of the binary and has a code maintenance cost. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: I319b13b916e78f7692fab23a4f542877b8484bcb Signed-off-by: Markus Swarowsky <[email protected]>
We added the option for sharing a UART instance for the secure and non-secure application. To do that we have to call stdio_uninit from the secure side in order to configure the UART as non-secure. This was done before but got dropped with the latest update.
The spu_peripheral_config_(non_)secure calls takes the ID of the peripheral as the argument and not the register address. Signed-off-by: Georgios Vasilakis <[email protected]>
…etting it" This reverts commit 6af37f1. This noup in tf-m is no longer needed as crypto_library.c is doing the same ifdef #error. Change-Id: I2dbcc4b44581201513ce3d5f834ee390a4177eb8
TF-M checks if P256M is available during build time using MBEDCRYPTO_PATH which is set to the TF-M repo to use custom mbed TLS cmake configurations, but this means the script can not be found. But as mbed TLS software crypto is not used anyway we can hardcode P256M to be disabled. Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: I94fde1f41e3493e840823cae284256176a364863 Signed-off-by: Markus Swarowsky <[email protected]>
Add support for 54l Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: I3574d73222dd23d202e5259a863f2e1b4b001739
fixup! platform: nordic_nrf: Add support for 54l Change-Id: I650ab5309cdea7f3508be7cfb124e0032c13d777
…nifest This commit is [nrf noup] because I would like to user-test this for a few months in case of unintended side-effects before upstreaming. In the TF-M build scripts we run the manifest tool twice, first from CMake and then from ninja. It is bad practice to configure CMake projects like this. Instead, if configuration from CMake is necessary, one should configure from CMake only, and then re-run CMake when necessary, not just the command. This organization has been causing problems for our users as they have been required to rebuild TF-M twice. This is due to this scenario playing out: CMake generates config_impl.cmake by invoking the manifest tool at Configure time. CMake generates build.ninja. Ninja generates config_impl.cmake by invoking the manifest tool at build time. When the user then invokes ninja a second time config_impl.cmake will be newer than build.ninja. But CMake is supposed to be includ'ing config_impl.cmake, so build.ninja is now considered out-of-date wrt. config_impl.cmake. ninja therefore invokes CMake again, and then ninja afterwards. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: Icef588479d27fa3a172b40b09eacad417922fba5
Run crypto and TF-M tests on sdk-nrf downstream Signed-off-by: Stephen Kingston <[email protected]>
stephen-nordic
force-pushed
the
add_test_spec
branch
from
March 8, 2024 13:28
ffccbc4
to
2955c89
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.