M2351: Pre-build secure image/lib to favor pelion application #11594
Conversation
|
@ccli8, thank you for your changes. |
Yes, allocate more memory for non-secure program to meet min requirement of pelion.
Just patch release But for CI/Greentea, it is necessary to re-partition memory for building secure target NU_PFM_M2351_NPSA_S, commented as above. |
|
Update? |
| @@ -19,13 +20,51 @@ The pre-built secure code has the following hardware partition: | |||
| - **PDMA0** hardwired to secure. Implements secure asynchronous transfer. | |||
| - **PDMA1** configured to nonsecure. Implements nonsecure asynchronous transfer. | |||
|
|
|||
| ## Pre-built secure code files | |||
| In this memory partition, secure program is the most simplified. | |||
| Then non-secure program can make use of the most memory available for its large application like pelion. | |||
There was a problem hiding this comment.
"pelion" should be "Pelion"
| } | ||
| } | ||
| } | ||
| ``` |
There was a problem hiding this comment.
Why is it necessary to change mbed_app.json to build the default image? Shouldn't the default targets.json for NU_PFM_M2351_NPSA_S be modified to have these values as the default instead?
There was a problem hiding this comment.
Modify README.md and Non-PSA secure code. The default secure program can re-generate without modification.
| "mbed_ram_start" : "0x20000000", | ||
| "mbed_ram_size" : "0x8000" | ||
| "mbed_ram_size" : "0x2000" |
There was a problem hiding this comment.
Should we add "target.boot-stack-size" : "0x600" here and also "target.device_has_remove": ["SERIAL", "SERIAL_ASYNCH", "SERIAL_FC", "STDIO_MESSAGES"],?
ccli8
force-pushed
the
nuvoton_m2351_partition-memory-pelion
branch
from
61a231b to
f406f5a
Compare
|
Make modification: Default non-PSA secure program can re-generate without modification in Non-PSA secure program. |
| :104710008F46C04600F026B800F027B800F028B851 | ||
| :1047200000F029B800F02AB800F02BB800F02CB83F | ||
| :1047300000F02DB800F02FB800F02DB800F02BB825 | ||
| :1047400000F029B800F027B800F025B8 |
There was a problem hiding this comment.
What is the maintenance plan for this binary? When will it need to be rebuilt? When will we notice that it is broken and requires rebuilding? Maybe some sort of automated test is needed.
There was a problem hiding this comment.
@0xc0170 How do we indicate the license this binary is provided under?
There was a problem hiding this comment.
What is the maintenance plan for this binary? When will it need to be rebuilt? When will we notice that it is broken and requires rebuilding? Maybe some sort of automated test is needed.
Currently, it is re-built by Nuvoton manually. When there's any of memory re-partition, change of IP security attribute, or change of secure function I/F, it will be re-built.
There was a problem hiding this comment.
@0xc0170 How do we indicate the license this binary is provided under?
license file located in the folder
|
General question, why does this need to be a binary rather than source? |
@bulislaw This is well-defined build flow for TrustZone targets. TF-M targets like MUSCA_A1 also follows it. |
|
Other concern? |
|
Update? |
|
I am reviewing now, sorry for the delay. Looks like all reviewers approved (not explicitly though). |
|
CI started |
Test run: FAILEDSummary: 1 of 4 test jobs failed Failed test jobs:
|
|
To achieve minimum memory footprint on secure target, this PR re-partitions memory and makes related modifications for non-secure target to have maximum memory to run Pelion. To run CI on secure target, the above configuration must change back to normal use for secure target via "NU_PFM_M2351_NPSA_S": {
"target.boot-stack-size" : "0x1000",
"target.device_has_add" : ["SERIAL", "SERIAL_ASYNCH", "SERIAL_FC", "STDIO_MESSAGES"],
"target.mbed_rom_start" : "0x0",
"target.mbed_rom_size" : "0x40000",
"target.mbed_ram_start" : "0x20000000",
"target.mbed_ram_size" : "0x8000"
}, |
|
@Patater Can you re-review please? |
|
@ccli8 The latest comment was regarding CI failures? Or not? How do we fix them? |
ccli8
force-pushed
the
nuvoton_m2351_partition-memory-pelion
branch
from
45547e4 to
26e6b15
Compare
|
Make modifications:
|
|
CI restarted, might still fails, will follow up what to do with the build with @ARMmbed/mbed-os-test |
Test run: FAILEDSummary: 1 of 4 test jobs failed Failed test jobs:
|
|
Expected failure.
Please help us reviewing the failures and what can we do to pass the build for this target. |
|
On |
|
@ccli8 We will have the NU_PFM_M2351_NPSA_S disabled for building, so will restart CI once it is integrated |
|
@0xc0170 For restart CI, do you need any help on the integration of "NU_PFM_M2351_NPSA_S disabled for building" ? |
|
@cyliangtw I'll restart CI (should be fixed) later today |
|
CI restarted |
Test run: SUCCESSSummary: 11 of 11 test jobs passed |
0xc0170
added
the
release-version: 6.0.0-alpha-1
|
What's the schedule for 6.0.0? 5.14.3 or 5.15.0 in between? |
We almost missed this one. 6.0.0-alpha1 tomorrow. 5.15 was released back in December |
Description
In this PR, default secure program is re-built most simplified so that non-secure program can make most use of memory for its large application like pelion. The secure program will partition memory:
Note for running greentea on secure target
With secure program most simplified, there's no memory available to run greentea on secure target NU_PFM_M2351_NPSA_S. If it is necessary, re-partition memory in mbed_app.json:
Related PR
ARMmbed/mbed-os-example-pelion#25 (comment)
Pull request type