With the update of MbedTLS to 3.6.0 the configuration files
(mbedtls/mbedtls_config.h, psa/crypto_config.h)
are not found anymore by default.
Make the ARoT's CMake target inherit from psa_crypto_config;
it defines what is needed to find the MbedTLS
configuration files.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Update install path of tfm_ioctl_api.h, remove include of tfm_api.h
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Signed-off-by: Markus Swarowsky <markus.swarowsky@nordicsemi.no>
Update TF-M secure partition sample for TF-M 1.7.0.
Removes the support for Library model in the sample.
Updates to using PSA framework 1.1.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Signed-off-by: David Brown <david.brown@linaro.org>
Fix all comments-indentation errors detected by yamllint:
yamllint -f parsable -c .yamllint $( find -regex '.*\.y[a]*ml' ) | \
grep '(comments-indentation)'
This checks that the comment is aligned with the content.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fix all hyphens errors detected by yamllint:
yamllint -f parsable -c .yamllint $( find -regex '.*\.y[a]*ml' ) | \
grep '(comments)'
Default config would be to require two spaces after the start of the
comment, proposing to keep it on 1, inline with the Linux binding
config, that is:
```
- comments:
- min-spaces-from-content: 1
```
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
As per 'Adding Secure Partition' in the TF-M documentation,
every secure partition must have a unique 32-bit partition ID.
If no value is provided, one will be auto-allocated by the
TF-M build system, but this can lead to unpredictable behaviour
in some cases. One example is key derivation where the partition
ID is used as part of the key derivation inputs. Different builds
can results in different PID values being assigned, resulting
in inconsistent key derivation output.
To avoid these problems, this commit sets a fixed PID as a
best pratice.
A value of 1000 has been set to place it within the
'PSA and user Partitions' range (256 - 2999) described in the
documentation.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Remove the conditional attribute from the sample partition manifest.
The conditional behavior will change with TF-M 1.5 to only accept
cmake bool values on/off enabled/disabled true/false and is intended
to be generated by the build system.
Since the partition is supposed to always be enabled in the sample
there is no need to have a conditional for it.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The sample implements a dummy ARoT (Application Root of Trust) partition
in TF-M and calls it from the app.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
