AgeCommit message (Collapse)Author
7 hoursDocs: Add configuration descriptionsHEADmasterKevin Peng
This patch adds descriptions of the differences between configurations under configs/. Change-Id: I7081d79a5b75d22fac3ddf4511107237460103cd Signed-off-by: Kevin Peng <kevin.peng@arm.com>
3 daysPlatform: Enable multiple NS PSA Client calls on PSoC 64David Hu
Activate CPUSS IPC Interrupt #5 on Cortex-M4 as the NS mailbox IPC interrupt, triggered by PSA Client reply returned from SPE. Implement a wait/wake-up mechanism for NS mailbox to support multiple outstanding NS PSA client calls on PSoC 64. Implement tfm_ns_mailbox_hal_wait_reply() to force caller thread to sleep and wait for PSA Client reply. IPC interrupt handler fetches the task handle of the waiting thread by calling tfm_ns_mailbox_fetch_reply_msg_isr() and tfm_ns_mailbox_get_msg_owner(). Then the waiting caller thread is woken up according to the task handle. Enable the multiple NS PSA Client calls feature on PSoC 64. Set number of mailbox queue slots to 4 in PSoC 64 device_cfg.h Change-Id: I3e5285505c4c4191547c04638e447b24cfcd719a Signed-off-by: David Hu <david.hu@arm.com>
3 daysPlatform: Use spinlock to protect NS mailbox critical section on PSoC 64David Hu
Implement tfm_ns_mailbox_hal_enter_critical() and tfm_ns_mailbox_hal_exit_critical() with spinlock, instead of semaphore, on Cypress PSoC 64 platform to protect access to NS mailbox critical section in NS side. Implement tfm_ns_mailbox_hal_enter_critical_isr() and tfm_ns_mailbox_hal_exit_critical_isr() on PSoC 64 platform with spinlock. Spinlock enables the NS mailbox critical section protection in IRQ handler. Spinlock with IRQ status save/restore on NS side can mask NS mailbox interrupt and context switch to prevent current NS mailbox critical section access from being preempted by another NS mailbox access from NSPE. Change-Id: I264473e2be2b441e1391505dcc7713b12b63307a Signed-off-by: David Hu <david.hu@arm.com>
3 daysApp: Add event flags set and wait operations for thread synchronizationDavid Hu
Add os_wrapper_thread_set_flag(), os_wrapper_thread_set_flag_isr() and os_wrapper_thread_wait_flag() to provide event flags set and wait operations for synchronizing threads in NS application. Implement the above APIs by CMSIS-RTOS v2 Thread Flags as an example. Change-Id: Ifb7ffe22c27973725b8601e9037d807cfeadb8ad Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Adjust the definition number of mailbox queue slotsDavid Hu
If multiple outstanding NS PSA Client calls feature is enabled, require platform to define NUM_MAILBOX_QUEUE_SLOT in platform specific device_cfg.h. Otherwise, define NUM_MAILBOX_QUEUE_SLOT as 1 in tfm_mailbox.h. Also fix the initialization of queue empty slot status variables since NUM_MAILBOX_QUEUE_SLOT can be set to 32. Change-Id: I26ea1283f8c6cad9ebe31b24c06ddccf3d2e5699 Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Use counting semaphore in TF-M multi-core NS interfaceDavid Hu
Replace mutex with counting semaphore as the lock to sync up TF-M multi-core NS interface. Prepare for support of multiple outstanding NS PSA Client calls. Change-Id: I55832a9bed7ea411a639b33728dc81fb6ba6ec7f Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Add general NSPE mailbox wait functionDavid Hu
Add tfm_ns_mailbox_wait_reply() to wait for mailbox message reply from SPE. tfm_ns_mailbox_wait_reply() calls tfm_ns_mailbox_hal_wait_reply() to perform platform and NS OS specific waiting mechanism implemented based on use scenario. Update the wait function in PSA Client APIs implementations in dual-core system. If the system can support multiple outstanding NS PSA Client calls, call tfm_ns_mailbox_wait_reply() to sleep and wait for reply. Otherwise, still call tfm_ns_mailbox_is_msg_replied() to simply poll the reply status of the mailbox message of current thread. Change-Id: I2a3e808b05d7644465b20f7f4160b9872f2bdb63 Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Add NS mailbox functions to handle reply in IRQ handlerDavid Hu
Add tfm_ns_mailbox_fetch_reply_msg_isr() to fetch the handle of the first replied mailbox message from NSPE mailbox queue in platform inter-processor communication interrupt handler. NS OS can get the handle of the waiting caller task by calling tfm_ns_mailbox_get_msg_owner() and wake-up the caller task according to the handle value. Change-Id: Id86e0b23819cf8963831006fd037142d9efb4d9f Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Protect NS mailbox critical section in NS IRQ handlerDavid Hu
Add tfm_ns_mailbox_hal_enter_critical_isr() and tfm_ns_mailbox_hal_exit_critical_isr() to protect NS mailbox critical access in NSPE IRQ handler. Change-Id: I2fd0bcaa6044183fe00d524fb4b423c61ca43efd Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Set mailbox message owner in NS mailbox queue slotDavid Hu
NSPE mailbox sets the task handle into the owner field of the queue slot. After the PSA Client result is returned, the task handle can be fetched from the owner filed and the waiting task can be woken up according to the handle value. Declare tfm_ns_mailbox_get_task_handle() to fetch the handle of current NS task executing the mailbox functionalities. Implement a dummy tfm_ns_mailbox_get_task_handle() which returns NULL when sleep/wake-up mechanism is not required. Change-Id: I58731dea26db5446bac35d6b4800bff936120ebd Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Implement tfm_rpc_set_caller_data()David Hu
Add a callback get_caller_data() in structure tfm_rpc_ops_t for SPE mailbox to return the pointer to the private data of NSPE client. Implement get_caller_data() callback in SPE mailbox to return the address of Secure mailbox message handle as the private data. Add a field cur_proc_slot_idx in SPE mailbox queue to record the mailbox queue slot index under processing. That field can be used in get_caller_data() callback to identify the slot and acquire the private data handle of the NSPE client. Change-Id: Ia5fc9b6f8df66bf6d9ca626b8b0496eb762baa0c Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Support multiple outstanding NS PSA client calls in SPE sideDavid Hu
Add the handling of multiple outstanding PSA client call in SPE side in multi-core topology. - Add a field caller_data in TF-M message body to contain the private data of message owner. - Declare tfm_rpc_set_caller_data(). TF-M SPM sets the private data of NS client in field caller_data by calling tfm_rpc_set_caller_data() in multi-core topology. - Implement dummy tfm_rpc_set_caller_data() for single Armv8-M platform and multi-core topology respectively. The entire implementation in SPE mailbox to support multiple outstanding NS PSA client call will be completed in further patches. Change-Id: I19a8ff0c1567dd4f384600e8a1a7691d6b7e4004 Signed-off-by: David Hu <david.hu@arm.com>
3 daysDualcpu: Control multiple outstanding NS PSA Client call feature in buildDavid Hu
Add function enable_multi_core_multi_client_call() in MultiCore.cmake to enable multiple outstanding NS PSA Client calls feature in multi-core topology. Change-Id: I21f38724af20135da5533c7b24008073ad9f89ba Signed-off-by: David Hu <david.hu@arm.com>
4 daysCore: Architecture context init function name refineSummer Qin
Rename architecture context init function. Change-Id: If642d745e111682168418f83446068c4ce2bbce7 Signed-off-by: Summer Qin <summer.qin@arm.com>
4 daysCore: Move state context init function into arch folderSummer Qin
Move tfm_thrd_initialize_context function into arch folder and change the name to tfm_arch_init_context. Change-Id: I8f22b1dd467e2de049ed1d810165c0adcb476d19 Signed-off-by: Summer Qin <summer.qin@arm.com>
4 daysCore: Remove thread exit functionSummer Qin
- Clear bit[0] of thread exit function to prevent thread returning. - Remove the exit function. Change-Id: I53b99dcd09addd2156a7a665c9a9714fbcf80bf4 Signed-off-by: Summer Qin <summer.qin@arm.com>
4 daysCore: Context structure refineSummer Qin
- Change the architecture context name to 'struct tfm_arch_ctx_t'. - Rename EXC_RETURN value in LR to Macro 'EXC_RETURN_THREAD_S_PSP'. Change-Id: Ia13f3ae5c477e4ad4dc092f11bdba1f2b32dd00b Signed-off-by: Summer Qin <summer.qin@arm.com>
4 daysCore: Update thread stack definitionsSummer Qin
Change the abbreviation of stack from 'sp' to 'stk', since sp may an architecture concept: - stk_top is the top of the stack which has a higher address. - stk_btm is the bottom of the stack which has a lower address. Change-Id: I7a1e1cf0bdf907c488bc11078f3d867e6e3d8301 Signed-off-by: Summer Qin <summer.qin@arm.com>
4 daysCore: Thread structure refineSummer Qin
- Change the thread context structure name from 'struct tfm_thrd_ctx' to 'struct tfm_core_thread_t'. - Change the thread context structure member from 'status' to 'state' to indicate the state machine of thread better. - Add 'core' prefix of thread functions to indicate that these functions are under core scope. Change-Id: I642956f4dde0c7cf9e0f98fbb3c670335d1b85de Signed-off-by: Summer Qin <summer.qin@arm.com>
4 daysBuild: Add conditional build for secure context managementKevin Peng
Secure context management is only needed in multiple secure context model. This patch adds a build flag to disable context management. It's set to ON by default. Note that the NS client ID functionality will lose if secure context management is disabled. Change-Id: I06ed4fdee20a0192c54e2d08d453ee965ee3cbfc Signed-off-by: Kevin Peng <kevin.peng@arm.com>
4 daysCore: Refine NSPM implementation when NS ID is disabledKevin Peng
There are some codes for NS client ID management compiled even when TFM_NS_CLIENT_IDENTIFICATION is OFF. This patch makes those codes optional and also install the nspm interfaces conditionally. Change-Id: Ia5d82d5dcdf12510b5c87f3bf400b56e950d4e4c Signed-off-by: Kevin Peng <kevin.peng@arm.com>
4 daysCore: Clear FP status before SPM initializationKen Liu
Float point (FP) is forbidden during SPM initialization, clear it before handler mode SPM initialization. And return the generic EXC_RETURN for subsequent thread scheduling. The usage of FP is still valid before SPM initialization and the subsequent thread execution, just do not happen during SPM initialization. Change-Id: I48d7bd0f140cb1c933cdd621d598446cb81eaee3 Signed-off-by: Ken Liu <ken.liu@arm.com>
4 daysPlatform: CM4 UART workaround (psoc64)Andrei Narkevitch
Reinitializing SCB5 UART by CM4 core causes garbled symbols. Relay on initialization done by CM0P instead. Added FIFO buffer clearing. Also removed excessive reinitialization calls in ARM_USARTx_Control. Signed-off-by: Andrei Narkevitch <ainh@cypress.com> Change-Id: I8b30f3827dbf90ca6d0ab01e1aa83e906f4873cb
5 daysPlatform: Update Mbed Crypto config fileJamie Fox
Updates the Mbed Crypto config file to be based on the latest upstream version. The options selected are unchanged. Change-Id: I961d2cd04d4deb4197a3f06060b93856bbf96a2c Signed-off-by: Jamie Fox <jamie.fox@arm.com>
5 daysBuild: Fix install directory for tfm_crypto_defs.hJamie Fox
Moves this header to the top level include directory as it is not a PSA header. Change-Id: Iadb472434eb17589de6dd0758d261409b218598d Signed-off-by: Jamie Fox <jamie.fox@arm.com>
5 daysDocs: How to add a secure partitionEdison Ai
This file is a user guide about how to add a secure partition, mainly focus on the configuration, manifest and implement rules. Change-Id: I7afde5de0de0b5556ac3e8990a73b0399dbe6136 Signed-off-by: Edison Ai <edison.ai@arm.com>
5 daysDocs: Add TFM build steps for PSA FF compliance testsJaykumar Pitambarbhai Patel
Update the documentation with TFM build steps for running PSA FF tests. Change-Id: I84b262f439a37b9e330520da5e6dbf755ba7e8e8 Signed-off-by: Jaykumar Pitambarbhai Patel <jay08ec71@yahoo.com>
5 daysTools: Add support for PSA FF test manifest parsingJaykumar Pitambarbhai Patel
This file contains the list of PSA FF test manifest files that are required by the tfm build tool to be able to run PSA FF tests. Usage: python tools/tfm_parse_manifest_list.py \ -m tools/psa_ff_test_manifest_list.yaml append Change-Id: If76bbeff0a81c8fea707751b6f6c796f290841fe Signed-off-by: Jaykumar Pitambarbhai Patel <jay08ec71@yahoo.com>
5 daysCore: Enhance caller security attribute detectingSummer Qin
Currently, the caller security attribute detection bases on LR of state context. However, if SP calls PSA APIs based on its customized SVC, the LR may be occupied by general purpose value while calling SVC. Add one condition judgement to avoid this. Change-Id: If3fa9522f83c728601228ca58563114e6be50f60 Signed-off-by: Summer Qin <summer.qin@arm.com>
6 daysTest: Update test framework APIDevaraj Ranganna
Currently the test framework which executes test suites doesn't return anything. Therefore it is not possible for application layer to know the status of test cases. This is change is intended to export the test case pass/fail status to application layer and beyond (if any test framework is used by Non-secure side). Change-Id: I67e6305a7e0947583bc5af88e909d4d22a9d7270 Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
10 daysITS: Add NAND flash type implementationsJamie Fox
Adds flash interface implementations for NAND flash types, used when the minimum program unit is a whole page. Change-Id: Ib706736185951169fa3e01f4f9713c557a0fb15c Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysITS: Add support for different flash typesJamie Fox
Adds support to the ITS flash filesystem and flash interface different implementations of the standard flash functions for different flash types. Change-Id: I0f5919ffd87f9e1db30ae721fd67add04d86f98c Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysITS: Support scalable buffersJamie Fox
Makes it possible to adjust the size of the ITS service's internal buffer at compile time. Reducing the buffer size will decrease the RAM usage of the service at the expense of latency, as data will be copied between the caller and flash in multiple iterations. Change-Id: I569f97444dd601e59cfcf40b35843382a36e7df7 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysITS: Refactor filesystem write functionJamie Fox
Refactors the filesystem write function to support writing data from an offset in the existing data, instead of having to always overwrite all existing data. Simplifies the dblock_write_file and dblock_cp_remaining_data functions into a single function, as it was mandatory to call them in sequence anyway. Change-Id: I5162276b4e528a2235d0ceb73272538db5f98f8a Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysITS: Delete unused functionJamie Fox
Deletes the its_flash_fs_dblock_cp_data_to_scratch function as it is unused and no longer required. Change-Id: Ibde9b71026fd5015e301fa47465002a1897d4195 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysDocs: Update storage integration guidesJamie Fox
Updates the SST and ITS integration guides to reflect the changes due to sharing common filesystem code between the two services. Change-Id: Iebd7caf4cf12f698b7c87e6c2ea5313edfeb9417 Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysSST: Use ITS as the backend of SSTTudorCretu
This patch updates the SST service to call ITS as its backend. Also updates ITS to maintain a second filesystem context for SST, using the external flash device instead of the internal one. Change-Id: I83027aa859b369e6d7d8e085518e2b068e2f9eac Co-authored-by: Jamie Fox <jamie.fox@arm.com> Signed-off-by: Tudor Cretu <tudor.cretu@arm.com> Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysITS: Add support for multiple filesystem contextsJamie Fox
Refactors the ITS flash filesystem to support multiple contexts, to permit multiple users of the filesystem. Removes the internal static context from the filesystem and replaces it with a context to be allocated by the user and passed as an argument. Also updates the flash layer to support multiple flash devices, with the ability to associate a flash device with a filesystem context. This will enable Protected Storage and Internal Trusted storage to share the same filesystem code. Change-Id: I7f2f2a6520816f36cdf0cd1e4b87a24c7b6ff5f9 Co-authored-by: Tudor Cretu <tudor.cretu@arm.com> Signed-off-by: Jamie Fox <jamie.fox@arm.com>
10 daysRevert "Build: Fix SRAM sanity check in common scatter file"Jamie Fox
This reverts commit 52182bc5e006752a4d28c3ccd909f93dafee0cf5. Reason for revert: Fix PSoc64 build Change-Id: I174bcd54b7b5f459c51095367571bddda65f94d8 Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
11 daysPlatform: Add and use QSPI Flash driver for Musca B1Gabor Abonyi
Add ip6514e QSPI controller and mt25ql memory controller, and update flash layout to store SST in QSPI flash memory. Change-Id: I1b38506b16aa767f1b3691119596eaa1050c2fea Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
11 daysPlatform: Use eFlash for ITS for Musca B1Gabor Abonyi
Update flash layout to be able to still use the previous flash driver, that redirects reads and writes to the code sram. Change-Id: I6a059bf6724bd99e200ba30098332092559e47a6 Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
11 daysPlatform: Add Musca B1 eFlash DriverGabor Abonyi
Add GFC100 eFlash driver files and update linker and cmake files so to use, only configuration needs to be updated. Change-Id: I953e631983aff0f13cb4e19be6d62dedfcde0274 Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
12 daysBuild: Fix SRAM sanity check in common scatter fileGabor Abonyi
In case of S_RAM_CODE_START is defined, it directs linker to place .ramfunc tagged functions to an absolute address. In this case the SRAM_WATERMARK that follows with relative +0 address had wrong value. Now, this region is defined after APP RoT code. Change-Id: Ia7a069eab3bf2b6e68ae29b46d548f3a206eb42a Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
12 daysQCBOR: Quiet static analyzers; add bigfloat support; documentation improvementsLaurence Lundblade
Refined use of types, particular integer types and their signedness so there are fewer warnings from static analyzers. Added casts to make implicit type conversions explicit and more clear for code reader. No actual bugs or vulnerabilities where found by the static analyzer but a lot of lines were changed. Cleaner handling of too-long bstr and tstr error condition when decoding. Add support for bigfloats and decimal fractions -- all of RFC 7049 is now supported except duplicate detection when decoding maps and some of strict mode. Dead-stripping and/or linking through a .a file will automatically leave out the added code on the encoder side. bytes or so of code on the decode side Documentation corrections and improved code formatting, fewer long lines, spelling... A lot of lines where change for this. Repair a few tests that weren't testing what they were supposed to be testing. Change-Id: I4c9c56c1ee16812eac7a5c2f2ba0d896f3f1b5ae Signed-off-by: Laurence Lundblade <lgl@securitytheory.com>
12 daysTest: Increase secure test service stack sizeTamas Ban
Increase the stack size with 0x80 bytes because the updated version of QCBOR consume a slightly more stack. Change-Id: I5680a2af86d848bea0e248399da7649cb0c372e3 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
14 daysBuild: Add support for Armv8.1 architectureRonald Cron
Change-Id: I74c59cf816c5da7d90904eaa3027dd10adda8472 Signed-off-by: Ronald Cron <ronald.cron@arm.com>
14 daysArch: Add Armv8.1-M architecture supportRonald Cron
Change-Id: Iaf78b6262886103fbfac19bcdefdfa5f5fd8ecd1 Signed-off-by: Ronald Cron <ronald.cron@arm.com>
14 daysBuild: Add support for ArmClang 6.13Ronald Cron
Add support for the latest version of ArmClang Change-Id: I7dce821b393e65df1c9a418c050aeadd0a771343 Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-01-31Platform: PSoC64: S-IRQ: fix ArmClang compiling errorAlamy Liu
Commit e3c75a4955e665e78d55b22f07db73d31a6bf101 ("Platform: PSoC64: S-IRQ: timer interrupt handlers") caused the following compilation errors: "<tf-m>/.../armclang/startup_psoc64_s.s", line 131: Error: A1108E: Multiply defined symbol 'TFM_TIMER0_IRQ_Handler' "<tf-m>/.../armclang/startup_psoc64_s.s", line 131: Error: A1131E: Bad symbol type for exported symbol 'TFM_TIMER0_IRQ_Handler' "<tf-m>/.../armclang/startup_psoc64_s.s", line 131: Warning: A1464W: ENDP/ENDFUNC without corresponding PROC/FUNC "<tf-m>/.../armclang/startup_psoc64_ns.s", line 463: Error: A1131E: Bad symbol type for exported symbol 'TIMER1_Handler' "<tf-m>/.../armclang/startup_psoc64_ns.s", line 630: Error: A1108E: Multiply defined symbol 'TIMER1_Handler' Signed-off-by: Alamy Liu <alamy.liu@cypress.com> Change-Id: If75c40698d2acf185b900513e80c814a9c6ae647
2020-01-31Attest: Fix static code analyser issuesTamas Ban
Fix the following type of issues: - Dead code - Unused function - Uninitialized variable - Parameter type mismatch Change-Id: Ib4f8fa7c9037a8d55279154f875d0ec7f5a3c177 Signed-off-by: Tamas Ban <tamas.ban@arm.com>