commit 618fc15d17f1744c23f3fa4491d9b76aaefcf710
author Raef Coles <raef.coles@arm.com> Fri Jun 18 09:26:46 2021 +0100
committer Raef Coles <raef.coles@arm.com> Thu Oct 07 09:10:40 2021 +0100
tree 99e8de21fe80237b2013fe73bfac4dbe59a3ac42
parent 91fadb93706c9c14eb6352374a8360802ba81e0a

Platform: Use OTP as backing for NV seed

Change from a dummy implementation to loading the inital NV seed into
ITS from the OTP HAL. Enable by default on all platforms that have no
other entropy source. Tidy up cmake config related to entropy sources.
Tidy up mbedtls config changes. This will fallback to a dummy
implementation in library model, but will provide a runtime warning when
that happens.

Change-Id: Ica877a07dc08c1ed67d14cf37cc6b4a1f8479018
Signed-off-by: Raef Coles <raef.coles@arm.com>

platform/CMakeLists.txt

diff --git a/platform/CMakeLists.txt b/platform/CMakeLists.txt
index 18b2cf2..0a66eda 100755
--- a/platform/CMakeLists.txt
+++ b/platform/CMakeLists.txt
@@ -50,6 +50,7 @@
         $<$<BOOL:${PLATFORM_DUMMY_CRYPTO_KEYS}>:ext/common/template/crypto_keys.c>
         $<$<BOOL:${PLATFORM_DUMMY_ROTPK}>:ext/common/template/tfm_rotpk.c>
         $<$<BOOL:${PLATFORM_DUMMY_IAK}>:ext/common/template/tfm_initial_attestation_key_material.c>
+        $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:ext/common/template/crypto_nv_seed.c>
         $<$<AND:$<NOT:$<BOOL:${ATTEST_TEST_GET_PUBLIC_KEY}>>,$<NOT:$<BOOL:${SYMMETRIC_INITIAL_ATTESTATION}>>,$<BOOL:${PLATFORM_DUMMY_IAK}>,$<BOOL:${TEST_S_ATTESTATION}>>:ext/common/template/tfm_initial_attest_pub_key.c>
         $<$<OR:$<BOOL:${PLATFORM_DUMMY_NV_COUNTERS}>,$<BOOL:${PLATFORM_DEFAULT_OTP}>>:ext/common/template/flash_otp_nv_counters_backend.c>
         $<$<BOOL:${PLATFORM_DEFAULT_OTP}>:ext/common/template/otp_flash.c>
@@ -65,6 +66,7 @@
         tfm_secure_api
         tfm_arch
         tfm_partition_defs
+        crypto_service_mbedtls
 )
 
 target_compile_definitions(platform_s
@@ -176,22 +178,3 @@
         $<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
         $<$<BOOL:${TFM_CODE_SHARING}>:CODE_SHARING>
 )
-
-#========================= Crypto =============================================#
-if (TFM_PARTITION_CRYPTO)
-    target_sources(tfm_psa_rot_partition_crypto
-        PRIVATE
-            $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/template/crypto_nv_seed.c>
-            $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/template/crypto_dummy_nv_seed.c>
-    )
-
-    target_compile_definitions(tfm_psa_rot_partition_crypto
-        PRIVATE
-            $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:PLATFORM_DUMMY_NV_SEED>
-    )
-
-    target_include_directories(crypto_service_mbedcrypto
-        PUBLIC
-            $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/include>
-    )
-endif()