aboutsummaryrefslogtreecommitdiff
path: root/platform
AgeCommit message (Collapse)Author
46 hoursAN547: Fix secure startup fileHEADmasterMark Horvath
Reset MSP stack initial value in secure startup function to clear MSP stack before calling c library entry point. Change-Id: Idf333df1421e228d53a9d56a670367c995b1eac3 Signed-off-by: Mark Horvath <mark.horvath@arm.com>
5 daysBuild: Fix build error when Crypto Partition is disabledKevin Peng
This patch fixes build error when Crypto Partition is not enabled, for example for Musca-B1 with -DFORWARD_PROT_MSG=1 build option. This patch also replaces CMAKE_SOURCE_DIR with CMAKE_CURRENT_SOURCE_DIR to have shorter and more stable paths. Change-Id: I652afe9e48fc8d2391523cd7e835b4617a08515a Signed-off-by: Kevin Peng <kevin.peng@arm.com>
10 daysPlatform: Update STM accelerator for mbedtls 3.0Raef Coles
Change-Id: I402532359fdb6fc8aa8605712465025412a87e74 Signed-off-by: Raef Coles <raef.coles@arm.com>
10 daysPlatform: Expand CMSE_VENEER_REGION_SIZE for musca_b1Summer Qin
Expand CMSE_VENEER_REGION_SIZE for musca_b1. Change-Id: Iebbae7cd4a76e2151bf545c7cf7f866e9094fa4e Signed-off-by: Summer Qin <summer.qin@arm.com>
10 daysCrypto: Use NV SEED as default entropy sourceSummer Qin
MBEDTLS_TEST_NULL_ENTROPY is removed from mbedtls 3.0.0. Change to use 'MBEDTLS_ENTROPY_NV_SEED' as the default entropy source if a platform doesn't generate entropy from hardware. Change-Id: If03c9dec3c6fb0d7bb98721963ac2142d43ed00d Signed-off-by: Summer Qin <summer.qin@arm.com>
10 daysCrypto: Align PSA Crypto API to 1.0 versionSummer Qin
Some functions and macros are deprecated in PSA Crypto spec 1.0. Align them with the spec definition. Change-Id: Icc2a8c6fe245873ea76b3e0a1bdf32a87fd016ad Signed-off-by: Summer Qin <summer.qin@arm.com>
11 daysPlatform: LPCXpresso55s69: Synchronized platform code with NXP SDK portMartinaHanusovaNXP
Synchronized platform/ext/target/nxp folder with MCUx latest SDK port: - Common: o Replaced Driver_Flash.c with Driver_Flash_iap1.c in CMSIS_Driver o Deleted mini_mbedcrypto_config.h, added mbedcrypto_user_config.h instead o Added crypto_hw.c - LPCXpresso55s69: o Deleted lpcxpresso55s69_mbedcrypto_config.h o Updated README file  Added -DTFM_PROFILE=profile_medium into build instructions  Added Linux/Windows and PyOCD/JLink tab sections  Fixed mistake in flash instructions for PyOCD o Updated scripts  Added -DTFM_PROFILE=profile_medium attribute into build scripts  Fixed previous file removement in flash scripts o Synchronized BL2 startup file with SDK o Moved project_template folder from Native_Driver to lpcxpresso55s69 o Automatically fetched common project template files from NXP git (board, pin_mux, peripherals) Signed-off-by: MartinaHanusovaNXP <martina.hanusova@nxp.com> Change-Id: Id6a0c905bf7df1032bc3352c5907223e0ffcb2db
12 daysPlatform: Disable FLIH testing by default on AN521Kevin Peng
Change-Id: Ic48ecedb9d857645bd8b3cb16f13ce1ac9c0641c Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-07-16Platform: stm: Fix for TF-M small profile supportMichel Jaouen
Since platform is not built in small profile, Error_Handler defined in platform service and used only by low_level_rng is removed. Since stm platform does not support for now MBEDTLS_AES_SETKEY_DEC_ALT and MBEDTLS_AES_SETKEY_DEC_ALT beeing defined in small profile, they are undefined. Signed-off-by: Michel Jaouen <michel.jaouen@st.com> Change-Id: I32c4808865558a6ce42105ef978b53740e8d52d6
2021-07-16Platform: Add a customized manifest list for Musca-B1Kevin Peng
When the Secure Enclave is enabled, the host core does not provide PSA RoT Services and Protected Storage services. Instead a Proxy Partition is provided to forward service requests to the SE. The manifest list does not need to include those Partitions. Having those Partitions causes potential conflicts with the Proxy Partition because they provide same services and use the same manifest items. This patch adds a customized manifest list for Musca-B1 with Secure Encalve and removes the Proxy Partition in the common manifest list. Change-Id: Ib83ee415b7b3fc8a53eb59e2de42964f8c5fe326 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-07-16Platform: Enable IRQ testing on some platforms by defaultKevin Peng
This patch enables the following IRQ tests by default so that CI could cover the testing: - FLIH test on AN521 - SLIH test on Musca-B1 Because FLIH and SLIH test can not be enabled at the same time, let users choose which to enable on other platforms. Note: Currently, FLIH test is only supported on AN519 and AN521. Change-Id: I2c40b46841ac54a3c8bc5e788c9184047626db4a Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-07-16Platform: Musca-B1: Enable Test SLIH on isolation L2 & 3Kevin Peng
This patch enables testing SLIH on isolation L2 & 3 by putting the timer driver needed by the ARoT test Partition to SPRT. This patch also change to build plat_test.c when either TEST_S or TEST_NS is enabled. plat_test.c is not part of Platform Partition but for test purpose. Change-Id: I639ec956ca09ad45454e0e730f832231e9ab6d32 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-07-16PsoC64: Make some functions staticChris Brand
Two of the functions in the mailbox directory are only ever called from within the same file, so they should be static. Change-Id: Id3fd7d8599d1740757f575378296a15406aa1b56 Signed-off-by: Chris Brand <chris.brand@cypress.com>
2021-07-16Docs: update NUCLEO-L552ZE-Q builds to use TFM_TOOLCHAIN_FILEAbbas Bracken Ziad
The build instructions for NUCLEO-L552ZE-Q were using the now deprecated CMAKE_TOOLCHAIN_FILE setting. In fact, the build would fail as this setting no longer accepts relative paths. There are two options: supply an absolute path or instead use TFM_TOOLCHAIN_FILE. This patch applies the second option. Signed-off-by: Abbas Bracken Ziad <abbas.brackenziad@arm.com> Change-Id: Id03dbf263afa466fc6c022a414d8d31b5bb40d5c
2021-07-13Docs: Move design documents into a dedicated folderDavid Hu
Collect all the design documents under a dedicated design_docs folder. Update the links in other documents. Change-Id: I2da761a11317144185e960c539f2245d3d46fd2a Signed-off-by: David Hu <david.hu@arm.com>
2021-07-13Platforms: Put timer driver to SPRT for IRQ testing onlyKevin Peng
In a previous change 362817f1713321203eb3147801e0711369060687 the timer driver was put into SPRT by default. That change was actually for testing purpose only. This patch puts timer driver to SPRT only when IRQ testing is enabled. Change-Id: I8d7629d30b56f3982b041bbe8edf0c89a685f4bc Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-07-09Platform: stm: fix after spm modificationMichel Jaouen
This fix is required for build with GNUARM. Change-Id: I5e10e7b21104673e3f4f26eaf209bfb5b93e3954 Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
2021-07-08psoc64: Disable watchdog on bootRaymondNgun
Bootloader may enable watchdog. The SPE needs to disable WDG on successful boot. Change-Id: If45c2c182c4f9f2741757951d8ef13966a76d0ca Signed-off-by: Raymond Ngun <raymond.ngun@infineon.com>
2021-07-08psoc64: Add dependent p64_utils libraryRaymondNgun
Change-Id: Ic446bd88c12e08c885cee1686e4abc042e96f78e Signed-off-by: Raymond Ngun <raymond.ngun@infineon.com>
2021-07-08psoc64: Update peripheral protection configurationRaymondNgun
The latest bootloader in production boards will protect the crypto block so TF-M no longer needs to do it. Additionally, because crypto is already protected, TF-M will fail to try to protect it again. Change-Id: I6cd3ad9ac14b5ac03b12425894faec1693bcf563 Signed-off-by: Raymond Ngun <raymond.ngun@infineon.com>
2021-07-08psoc64: Add UART initializationRaymondNgun
There was a dependancy on the bootloader initializing UART. This adds UART initialization to break that dependancy. Change-Id: Icfd8c5987ba29f2183025a8c157e1175343fb82e Signed-off-by: Raymond Ngun <raymond.ngun@infineon.com>
2021-07-08psoc64: Update policies used with production boardRaymondNgun
Change-Id: Ie7e532a320935490970779a0784cd3bc2fe36483 Signed-off-by: Raymond Ngun <raymond.ngun@infineon.com>
2021-07-07Platform: Nordic: Add partition runtime region in the linkerMingyang Sun
Apply changes to the nordic platform GCC link script, from: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/10148 SPM: Add partition runtime region in the linker Change-Id: I10cb3ac068172ee1af1c0be738dfb5876745dcd8 Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-07-05Platform: LPCXpresso55s69: Added flash layout parser into flash scriptsMartinaHanusovaNXP
Added flash layout parser into scripts with BL2 to update flash base addresses for the signed binaries of secure and non secure images according to the memory offsets in flash_layout.h. Signed-off-by: MartinaHanusovaNXP <martina.hanusova@nxp.com> Change-Id: I1f647ef89f2762ffbe41d08ca28b2bf9aea28e75
2021-06-30Test: Add the FLIH test PartitionKevin Peng
Currently the FLIH test is only supported on AN519 and AN521 Change-Id: Ic34aee26d4db732bdf9fb72c9163dd164b1e688e Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-30Platform: Refine plat_test for AN519 and AN521Kevin Peng
This patch: - Moves timer driver to SPRT. The timer driver only contain common timer control logics, which are supposed to be shared between Partitions. The accesses to different timers are controlled through MMIO regions of the timer registers. - Build plat_test.c when either TEST_S or TEST_NS is enabled. plat_test.c is not part of Platform Partition but for test purpose. - Add a clear interrupt interface for future use. Change-Id: I756300b76a9b7061972336cb8ecafaba47f8a8de Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-30SPM: Remove the IRQ priority in manifestKevin Peng
TF-M added a tfm_irq_priority attribute in the Partition manifest for SPM to set IRQ priorities so that IRQ can work correctly - TF-M requires external interrupt priorities must be higher than that of PendSV. However, a universal IRQ priority might not work on all platforms because different platforms have different number of configurable interrupt priorities. So the same value represents different priorities on different platforms. Besides, the attribute is not defined by FF-M. This patch removes the IRQ priority in manifest and in the HAL API as well so that platforms have the most flexibility to set priorities for IRQs based on their own cases. Note: the external interrupt priorities must be higher than PendSV. Change-Id: Id9e544a9afffcc7d019177cf29e51f32d1600504 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-30SPM: Add partition runtime region in the linkerKen Liu
- Add ZI region in the linker script for holding partition runtime and service runtime data, replacing the original runtime data arrays. - Organize the partition and service runtime data with linked list. - The logic for loading partitions and services is changed accordingly. Change-Id: I7ccfb5055cf62b7a3d185812af43084c767a98dd Signed-off-by: Ken Liu <Ken.Liu@arm.com> Co-authored-by: Mingyang Sun <mingyang.sun@arm.com>
2021-06-25Platform: AN519: Add MPU setup for MMIOKevin Peng
This patch adds missing MPU configurations for MMIO on AN519. Change-Id: I1c8199e4788ebe1b7524342e60618790848145f0 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-25Platform: AN519: Fix NVIC priority bitsKevin Peng
AN519 is a Arm v8 base line arch. The number of configurable priorities is only 4 which is 2 bits. This patches fixes the wrong priority bits definition. Change-Id: I7e2672c96197d56c31437a8ffd5f07ef99077e2e Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-24Build: Rename ER_CODE_CMSE_VENEER with CMSE_VENEERXinyu Zhang
Remove customized region name prefix. Rename ER_CODE_CMSE_VENEER with CMSE_VENEER. Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com> Change-Id: I29e18453539a5a5bd17d3430361a8ffa5899acf7
2021-06-23Platform: LPCxpresso55s69: Added TFM_PLATFORM_NXP_HAL_FILE_PATH variableMartinaHanusovaNXP
Added TFM_PLATFORM_NXP_HAL_FILE_PATH CMake variable for specifying the location of NXP SDK hal. Defaultly the variable is set to DOWNLOAD. In this case, the pulling drivers from git during build is enabled. Otherwise, when specified the path to the checked out repository, this funcionality is disabled and the files are linked statically. Added NXP_SDK_GIT_TAG CMake variable for specifying the version of NXP MCUXpresso SDK. Change-Id: Ie3a6048d76f760591debbf9bee1c7c7c85a4b62d Signed-off-by: MartinaHanusovaNXP <martina.hanusova@nxp.com>
2021-06-23Docs: Refine tfm_sw_requirement.rstSummer Qin
Simplify the tfm software requirement document and change the document to 'tfm_getting_started.rst', let it more suitable for new starter. Signed-off-by: Summer Qin <summer.qin@arm.com> Change-Id: I10379aa92ac2c6cd784f0fd1b1b5431243716d74
2021-06-22Test: Refactor IRQ TestingKevin Peng
This patch: - Replaces the tfm_irq_test_service_1 with the tfm_slih_test_service - Docs update: - Remove the out-of-date tfm_non-secure_interrupt_handling.rst - Remove IRQ test part in core_test_services_integration_guide.rst as core test does not participate in IRQ testing anymore. Note: The new SLIH testing does not support Library Model. Change-Id: I578d43ca7a363cdcb298226cc9ebad5f7b66fb48 Signed-off-by: Kevin Peng <kevin.peng@arm.com>
2021-06-18Platform: Only put TF-M code to ER_TFM_CODEXinyu Zhang
The ER_TFM_CODE should only pick the real TF-M code, rather than anything that does not match any pattern. Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com> Change-Id: I13f8dba385c14fed06a4910d48859a25a0b5bd6f
2021-06-18Build MPS3 AN547 with GCCJimmy Brisson
Since this code was written, GCC now compiles for the M55. From what I can tell (by diffing scatter files), the an524 and the an547 have very similar code layout. So the linker scripts used are from the an524. This also includes a note in the documentation about the required gcc version. Change-Id: I365ad3f934956a46756293694a44cca08ea25898 Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
2021-06-17Platform: Fix build of Musca-B1's BL0Mark Horvath
Moving the arm platforms under arm directory broke some include paths for BL0. Change-Id: Ief3cf71afe5700099da1351f6605ffc060b8edde Signed-off-by: Mark Horvath <mark.horvath@arm.com>
2021-06-17Docs: Move build instruction and user guide into technical referenceSummer Qin
Move build instruction document and user guide document from getting started into technical references folder. Rename 'tfm_user_guide.rst' to 'tfm_run_instruction.rst'. This will make the document structure more clear for readers. Signed-off-by: Summer Qin <summer.qin@arm.com> Change-Id: I69d46151f2cb97c828c1b82775ffd1af9032ed45
2021-06-15Build: Remove duplicated target source in platform_sXinyu Zhang
According to line 49, attest_hal.c is added twice in target platform_s. Remove this line because this file should only be added when PLATFORM_DUMMY_ATTEST_HAL is enabled. Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com> Change-Id: Ie4df4763b9473a724eb4267f26b67147022e7639
2021-06-10platform: stm: Fix stm32l562e_dk test config with ARMCLANGMichel Jaouen
Change-Id: I7b8946ab6aa1939b130be9ccee618a6d09e17684 Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
2021-06-10platform: stm: Extend compiler path to all compiler postbuild scriptMichel Jaouen
It extends and makes the path optional, to keep compatibility with user using default compiler name Change-Id: I848b93940ca40eba0fb19471acc472b4d7b18309 Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
2021-06-08SPM: Rename 'static_info' to 'load_info'Mingyang Sun
Change the static data name to 'load_info' since they are used for loading partition and services. Change-Id: I061c55e570086930a852374207864d0a2fb9c06d Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-06-08HAL: Replace the 'idx' input param with 'privileged'Mingyang Sun
In tfm_spm_hal_configure_default_isolation(), a partition index is passed in to query the partition privilege. Change to pass in privilege directly instead of the partition index. Change-Id: Id046431cc8e224a94e83a71564ba2843fabf8ed7 Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
2021-06-08platform: nordic: rearrange veneer placement on builds without BL2Ioannis Glaropoulos
For builds without BL2, or when BL2 will be booting a single combined S and NS image, we force placing the veneers section at the end of the image (position 3), so as not to waste space as a result of the nRF veneer section alignment requirements. For regular builds with BL2 we keep the veneer placement as is (positions 1 or 2 depending on whether PSA_API_TEST_NS is defined). Change-Id: I292f9ec996445b9d7acedd1db24117d9345f3346 Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
2021-06-07Platform: Initialize PSA test memory on power-on and pin resetAndreas Vibeto
Initialize the memory area on both power-on and pin reset Only initialize memory from the non-secure application to prevent initializing twice Clear reset register after reading Signed-off-by: Andreas Vibeto <andreas.vibeto@nordicsemi.no> Change-Id: If3aee8d5b31f0a48ec432e3d3f39c029cda3fd7a
2021-06-07Attest: Support to retrieve Initial Attestation public key in runtimeDavid Hu
Enable ATTEST_TEST_GET_PUBLIC_KEY flag in Musca-B1 and Musca-S1 with OTP enabled. Add Initial Attestation test service in manifest list. Change-Id: I8e982ee1a7c31548b4e7c74b937e17660cb0e89e Signed-off-by: David Hu <david.hu@arm.com>
2021-06-07SPM: Add partition runtime region in the linker (IAR)TTornblom
Update to the IAR linker script for patch #10148 Signed-off-by: TTornblom <thomas.tornblom@iar.com> Change-Id: I142f9305965ddbb7cc7ac45ae9ba269dce7ee587
2021-06-04Platform: Add arm folder for arm platformsSummer Qin
Put arm platforms into arm folder and remove some unused cryptocell-312-runtime. It will be convenient for users and developers. Signed-off-by: Summer Qin <summer.qin@arm.com> Change-Id: I1187a8f2b18903e531ce28b2d23be251ec1e2b45
2021-06-04Boot & FWU: Add support of reverting mechanism in DIRECT_XIP modeSherry Zhang
After updating the version of MCUBoot, revert mechanism in DIRECT_XIP mode is supported in MCUBoot. This commit adds the support of it in build system and updates the mcuboot based FWU shim layer implementation accordingly. Change-Id: I017d02e4161daee56f54ed3ed09f98ebb9a776e0 Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
2021-06-03platform: stm: pass compiler path to STM32L552 postbuild scriptIoannis Glaropoulos
The STM32 post-build script is passed the compiler full name and path, and we remove the hard-coded call to arm-none-eabi-gcc. The rationale for doing this is to allow the script to work when the compiler application is not in the (default) path, and/or to allow the script to work with other GCC compilers (such as the Zephyr SDK GCC compiler), not only with GMU ARM Embedded. Change-Id: Ie45288002328bc03d0be0f4bbddd384f83741e36 Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>