TF-M v1.2 integration #14187
Merged
TF-M v1.2 integration #14187
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@jainvikas8, thank you for your changes. |
|
@jainvikas8, thank you for your changes. |
|
Preceding PR: #14160 |
evedon
reviewed
Jan 25, 2021
...m/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_V1_2/include/psa/crypto_extra.h
Outdated
Show resolved
Hide resolved
|
Hi
Do you need to keep such path...? platform/FEATURE_PSA/TARGET_TFM should be enough....? |
|
The frozen files don't allow the Travis to continue after its failure... These are the results when they are not part of https://travis-ci.com/github/ARMmbed/mbed-os/builds/214540183 Are been modified, the Travis tracks them as frozen files as they are part of Mbed CLI 1 |
jainvikas8
force-pushed
the
tfm-integration-v1.2-Mbedtls-S1-B1
branch
from
b14e245 to
b97d92f
Compare
|
Forced pushed:
|
LDong-Arm
approved these changes
Jan 26, 2021
|
#14160 has been merged, feel free to rebase again onto feature-tf-m-1.2-integration |
jainvikas8
force-pushed
the
tfm-integration-v1.2-Mbedtls-S1-B1
branch
from
b97d92f to
c5e5487
Compare
|
Addressed comments from @urutva regarding error handling and using |
|
@jainvikas8 Changes look good, following commits can be squashed together,
|
jainvikas8
force-pushed
the
tfm-integration-v1.2-Mbedtls-S1-B1
branch
from
7dcc272 to
d1d28aa
Compare
Rather than maintaining a specific `TARGET_TFM_V1_x`, its better to use more generic name `TARGET_TFM_LATEST` to avoid confusion on the latest TFM version supported by Mbed OS * Rename the folder from `TARGET_TFM_V1_1` to `TARGET_TFM_LATEST` * Update the CmakeLists.txt * Change the name of the MUSCA targets to maintain uniformity with TF-M v1.2 * Update target.json for PSA_V8_M to use `TFM_LATEST`
These files have been imported/copied from: * ARMmbed/trusted-firmware-m * ARMmbed/tf-m-tests These are generic files, which are required for TF-M v1.2 integration with Mbed OS for PSA_V8M and PSA_DUAL_CORE targets.
The PSA headers imported from TF-M does not contain a declaration of mbedtls_ecc_group_to_psa(), which is expected by pk.c from Mbed TLS. This leads to an "undefined symbol" error when using the ARM toolchain to compile an application for a TF-M target.
* Partition files are synced with TF-M v1.2 * To have uniformity with TF-M v1.2, rename the following: ** image_macros_preprocessed_ns.c to `signing_layout_ns.c` ** image_macros_preprocessed_s.c to `signing_layout_s.c` * `MCUBOOT_IMAGE_NUMBER` is set to 2 by default for TF-M v1.2, therefore it is necessary that Mbed OS compiles the right macros for when linking and using the partition files ** Workaround ** The `region_defs.h` has an explicit definition of `BL2`, even though it is already defined in target.json for `ARM_MUSCA_B1`. This is because of Mbed CLI 1, as it can't seem to use the right macro when linking the files for Mbed OS application when using the ARMCLANG toolchain.
* Remove the old `mcuboot.bin` * Add `bl2.bin` * Update TF-M secure binaries GCC_ARM toolchain used.
The script changes are required with respect to TF-M v1.2 integration for this target. The imgtool.py is been replaced with `wrapper.py` which uses click command to run the signing algorithm. The version `-v` and dependencies `-d` have been updated to resolve upgrade issues from TF-M v1.1 --> v1.2
* Partition files are synced with TF-M v1.2 * To have uniformity with TF-M v1.2, rename the following: ** image_macros_preprocessed_ns.c to `signing_layout_ns.c` ** image_macros_preprocessed_s.c to `signing_layout_s.c` * `MCUBOOT_IMAGE_NUMBER` is set to 2 by default for TF-M v1.2, therefore it is necessary that Mbed OS compiles the right macros for when linking and using the partition files.
* Remove the old `mcuboot.bin` * Add `bl2.bin` * Update TF-M secure binaries GCC_ARM toolchain used.
The script changes are required with respect to TF-M v1.2 integration for this target. The imgtool.py is been replaced with `wrapper.py` which uses click command to run the signing algorithm. The version `-v` and dependencies `-d` have been updated to resolve upgrade issues from TF-M v1.1 --> v1.2
ARM_MUSCA_A1 is not supported since Mbed OS 6.0 Refer: ARMmbed#13165 Therefore remove files from kv_config and TF-M post binary hook script.
Raise an exception if there was an issue with handling any command when signing the binaries for MUSCA targets.
This files are imported and part of: mcu-tools/mcuboot@a8e12da Issue has been raised mcu-tools/mcuboot#930 As these scripts are going to be part of release its important to have licensing information.
jainvikas8
force-pushed
the
tfm-integration-v1.2-Mbedtls-S1-B1
branch
from
d1d28aa to
f675ec5
Compare
|
Forced pushed to address review comments, please ignore - #14187 (comment) I have squashed 6a08b17 with refactoring code commit |
LDong-Arm
approved these changes
Jan 27, 2021
urutva
approved these changes
Jan 27, 2021
|
CI restarted |
Jenkins CI Test : ❌ FAILEDBuild Number: 2 | 🔒 Jenkins CI Job | 🌐 Logs & ArtifactsCLICK for Detailed Summary
|
|
Excepted CI failures:
Can be merged. |
|
@evedon when merging a PR to a feature branch, if there are outstanding 'needs: ' labels, please remove them. |
Good question @jeromecoutant, we believe that we still need more developer feedback on the use of this API, so would like to keep it experimental for the time being. There are probably improvements around documentation, tooling and ease of use we'll need to make based on this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of changes
PR related to upgrading TF-M v1.1 --> v1.2
The following have been changed:
Impact of changes
Migration actions required
Documentation
Pull request type
Test results
Reviewers
@Patater @urutva @evedon @LDong-Arm @0xc0170