TF-M 2.0.0 upmerge #1452
Merged
TF-M 2.0.0 upmerge #1452
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The following west manifest projects have been modified in this Pull Request:
Note: This message is automatically posted and updated by the Manifest GitHub Action. |
This was referenced Jan 18, 2024
mswarowsky
force-pushed
the
tfm_20_ncs_upmerge
branch
3 times, most recently
from
0a865f9 to
f68f52b
Compare
mswarowsky
force-pushed
the
tfm_20_ncs_upmerge
branch
5 times, most recently
from
b51761d to
fff2392
Compare
This was referenced Feb 9, 2024
Vge0rge
force-pushed
the
tfm_20_ncs_upmerge
branch
from
fff2392 to
07f95bb
Compare
SebastianBoe
force-pushed
the
tfm_20_ncs_upmerge
branch
2 times, most recently
from
40ee45d to
ae4ca98
Compare
mswarowsky
force-pushed
the
tfm_20_ncs_upmerge
branch
2 times, most recently
from
e6f3370 to
64b822c
Compare
SebastianBoe
requested review from
koffes,
alexsven,
erikrobstad,
rick1082,
gWacey and
carlescufi
as code owners
Sort the list of source files for the mbedTLSBase library Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit e53485c) Signed-off-by: Markus Swarowsky <[email protected]>
remove hash_info.c and add ecp_curves_new.c Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 85ecdd7) Signed-off-by: Markus Swarowsky <[email protected]>
The preload.cmake was renamed to cpuarch.cmake in TF-M so change Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 21098ac) Signed-off-by: Markus Swarowsky <[email protected]>
The preload.cmake was renamed to cpuarch.cmake in TF-M so change Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 132bfc4) Signed-off-by: Markus Swarowsky <[email protected]>
The preload.cmake was renamed to cpuarch.cmake in TF-M so change Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 78fd53f) Signed-off-by: Markus Swarowsky <[email protected]>
The place where TF-M places its non-secure api header files has changed Therefore changing it for for all applications that use it. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 11175c3) Signed-off-by: Markus Swarowsky <[email protected]>
The platform_ns library is no longer build with the split build anymore so removing it. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 8b257c0) Signed-off-by: Markus Swarowsky <[email protected]>
…interface files Update source lib and include path for TF-M interface files. Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit a14f42a) Signed-off-by: Markus Swarowsky <[email protected]>
The TFM error codes are no longer in the interface headers. All TF-M functions return PSA status codes, so use this here as well. Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit d931dde) Signed-off-by: Markus Swarowsky <[email protected]>
…nstall path Update install path of tfm_ioctl_api.h, remove include of tfm_api.h Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit f5eecd5) Signed-off-by: Markus Swarowsky <[email protected]>
psa_crypto_driver_wrappers.c got changed to psa_crypto_driver_wrappers_no_static.c Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit fbee1c6) Signed-off-by: Markus Swarowsky <[email protected]>
MbedTLS 3.5.0 requires a implementation of mbedtls_ms_time giving a time in ms for TLS 1.3 Therefor adding an alternative implementation using zephyrs k_uptime_get Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit dc76138) Signed-off-by: Markus Swarowsky <[email protected]>
Use TF-M PSA API headers when compiling with TF-M enabled. Fixes: #43249 Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 3398c98) Signed-off-by: Markus Swarowsky <[email protected]>
…s to tfm_config The target tfm_partition_defs got removed and tfm_config gets used now so updating it Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit e8eeecd) Signed-off-by: Markus Swarowsky <[email protected]>
…c_nrf platform. Add build of the NS application in the zephyr defined out-of-tree board support for the nordic_nrf platform. Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 6c92749) Signed-off-by: Markus Swarowsky <[email protected]>
… NS build folder TF-M no longer builds the NS app, but exports build files to api_ns folder and expects the user to build the rest themselves. Remove the option to build the NS app, and update the TFM_USE_NS_APP to look for an output hex file in the tfm_ns folder. Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit f49cbf1) Signed-off-by: Markus Swarowsky <[email protected]>
Update the TF-M regression tests sample to build the NS app in the tf-m-tests repository as an external project. The regression tests need to provide test configurations to both TF-M an NS app. Duplicate configuration done in the spe/CMakeLists.txt to configure TF-M image for the regression tests. Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit f48467a) Signed-off-by: Markus Swarowsky <[email protected]>
This removed the CMake code that builds the TF-M arch tests within the TF-M CMakeFile. It will be moved to the tfm_integration/tfm_psa_test sample CMakeFile. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit cac7f40) Signed-off-by: Markus Swarowsky <[email protected]>
The sample now builds the psa-arch-tests itself and doesn't rely anymore on the TF-M module CMakeFile. Additionally it will not run the zephyr main.c anymore but therefore only uses the tf-m non-secure application. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit ad9cdf0) Signed-off-by: Markus Swarowsky <[email protected]>
…r NS application Provide properties for selected TF-M toolchain so that the NS application will use the same toolchain as TF-M. Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 3a83043) Signed-off-by: Markus Swarowsky <[email protected]>
TF-M 2.0.0 doesn't use the TFM_TEST_REPO_PATH anymore so removing it. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 8e16b36) Signed-off-by: Markus Swarowsky <[email protected]>
QCBOR is only needed by the TF-M tests, as they are not build separately due to the TF-M split build. If we still set it there is a CMake build warning. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 75fc649) Signed-off-by: Markus Swarowsky <[email protected]>
The TF-M crypto modules got renames from CRYPTO_XXX_MODULE_DISABLED to CRYPTO_XXX_MODULE_ENABLED Therefore also re naming it in zephyr build integration. Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 49c7f43) Signed-off-by: Markus Swarowsky <[email protected]>
The new Oberon PSA core (1.2.0) uses new PSA_WANT symbols for the ECC and RSA keys. This adds these new Kconfigs without removing the old ones to avoid necessary changes in the configuration of an application. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
PSA_WANT_ALG_TLS12_PRF and PSA_WANT_ALG_TLS12_PSK_TO_MS rely on HMAC so They should have PSA_WANT_ALG_HMAC as dependency PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS uses SHA-256 so should have PSA_WANT_ALG_SHA_256 as dependency noup as these algorithms don't exist upstream Signed-off-by: Markus Swarowsky <[email protected]>
…neric fixup! [nrf noup] modules: mbedtls: Disable configurations in Kconfig.tls-generic Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
This reverts commit 5bb619d. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
We moved the header files in sdk-mbedtls from the library folder to the include/library folder. This was done to avoid issues when building MbedTLS with the nrf_security module and the Oberon PSA core. The Oberon PSA core provides a subset of these header files and since they are included with quotes we cannot have them in the same directory. This change make the needed adaptions in CMake for the applications that don't use nrf_security. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
mswarowsky
force-pushed
the
tfm_20_ncs_upmerge
branch
from
ded6c37 to
c1fbaf6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Taken from zephyrproject-rtos/zephyr#66288