TI MSPM0 VREF module is used by analog peripherals for reference voltage
Add support for TI MSPM0 VREF module.
Signed-off-by: Girinandha Manivelpandiyan <girinandha@linumiz.com>
Add the gdma driver component (driver.gdma) to the MCUX SDK build
system when CONFIG_DMA_NXP_GDMA is enabled.
Signed-off-by: Qiang Zhang <qiang.zhang_6@nxp.com>
Add support for the SPI module on TI’s MSPM0 MCUs.
The driver supports master mode transfers with configurable
frame size (4–16 bits), clock polarity/phase, bit order.
Signed-off-by: Santhosh Charles <santhosh@linumiz.com>
Signed-off-by: Jackson Farley <j-farley@ti.com>
Co-authored-by: Hans Binderup <habi@bang-olufsen.dk>
Add CMake integration to link the precompiled BLE controller library
(variant-specific), RF driver, and ROM patch library from the
hal_bouffalolab blobs directory. The variant is selected via Kconfig
(CONFIG_BFLB_BL70XL_BLE_*).
Signed-off-by: William Markezana <william.markezana@gmail.com>
Update CMakeLists to include all files needed for SRF support
on cm33ns. These are split between mtb-srf, mtb-dsl-pse8xxgp
and zephyr-ifx-cycfg.
Signed-off-by: Laura Carlesso <laura.carlesso@infineon.com>
- update module CMakeLists.txt compile definesfor non secure
- add infineon_kconfig.h file for definitions needed by non securesoc
Signed-off-by: Laura Carlesso <laura.carlesso@infineon.com>
Move files which are specific to nrf54h20 global domain from nrf54h
folder to common. Rename those files to use sd2ppi name instead of
nrf54h. SD2PPI (or SD^2PPI) is an abbrevation for Secure Distributed
(multi-Domain) DPPI - PPI system where DPPI resources requires
Ironside service.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Enabling such options by default is not great, and with Mbed TLS 4
it's now part of the APIs that should not be used anymore, so remove
its default enabling.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
1. Remove the NRF_PLATFORM_HALTIUM and NRF_PLATFORM_LUMOS Kconfig
symbols and eliminate all "haltium"/"lumos" naming from the zephyr
directory.
2. The shared haltium_power.c/h and haltium_pm_s2ram.c/h files from
soc/nordic/common/ are duplicated into the per-SoC-series directories
(nrf54h/ and nrf92/) as soc_power.c/h and soc_pm_s2ram.c/h. The
corresponding build rules are moved from common/CMakeLists.txt to the
per-series CMakeLists.txt files.
3. Kconfig guards that relied on the platform symbols are replaced with
individual hardware feature checks derived from nrfx/MDK:
- select NRFX_POWER if !NRF_PLATFORM_HALTIUM -> if HAS_HW_NRF_POWER
- CLOCK_CONTROL default ... !NRF_PLATFORM_HALTIUM -> HAS_HW_NRF_CLOCK
- depends on NRF_PLATFORM_LUMOS -> SOC_SERIES_NRF54L||SOC_SERIES_NRF71
4. C preprocessor guards using CONFIG_NRF_PLATFORM_HALTIUM are replaced
with explicit SoC series checks (CONFIG_SOC_SERIES_NRF54H ||
CONFIG_SOC_SERIES_NRF92).
5. The sysbuild option NRF_HALTIUM_GENERATE_UICR is renamed to
NRF_GENERATE_UICR.
Signed-off-by: Jakub Zymelka <jakub.zymelka@nordicsemi.no>
Increase heap requirement of hostap. This fixes
memory allocation errors seen with certificates'
processing.
Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
In wps pin support, WIFI_WPS_PIN_GET case only
retrieves the PIN but never starts WPS negotiation.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
The P2P connect command was failing because
keypad method does not require method string.
The PIN is directly provided as argument.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
- Added autanalog MFD support in PSE84 DTS files
- Refactored autanalog ADC in PSE84 to use a common
MFD for handling the global AC configuration
- Constructed AC to use phandle in the overlay
for a better the user experience.
- Added support for a basic and advanced mode
with custom AC
Assisted-by: Claude:claude-opus-4.6
Signed-off-by: Richard Mc Sweeney <Richard.McSweeney@infineon.com>
This patches uninitialized prev and next mac key ids.
Previously `prev_key_id` and `next_key_id` were declared within
an if-block, but a reference to them was used outside of the block.
This is a lifetime violation and leads to undefined behavior.
It is particularly critical when the uninitialized `prev_key_id`
has (by coincidence) the same value as `cur_key_id`. In this case,
the mac key associated with `prev_key_id` is used which leads to
rx security errors on parent and child not being attached.
Signed-off-by: Michael Hopfengaertner <michael.hopfengaertner@tado.com>
This commit add assert.h header file to avoid compilation warning due to
imnplicit declaration of function assert and respective linking related
error: undefined reference to 'assert'
Signed-off-by: Marcio Ribeiro <marcio.ribeiro@espressif.com>
ChaCha20-Poly1305 is the preferred cipher on platforms lacking hardware
AES acceleration, which is common on embedded targets. Adding this
ciphersuite allows Zephyr devices to negotiate it when connecting to
servers that support it (e.g. nginx, OpenSSL), avoiding a fallback to
AES-based suites.
Assisted-by: GitHub Copilot:claude-sonnet-4.6
Signed-off-by: Jérôme Pouiller <jerome.pouiller@silabs.com>
Add platformGetRadioSpinel() function to allow external modules
to access the Radio Spinel instance for vendor-specific commands.
This enables vendor extensions to send custom Spinel properties
without modifying the core OpenThread platform code.
Signed-off-by: Jean-Yves Salaun <jean-yves.salaun@nxp.com>
This is needed for any downstream vendors to replace wpa_supplicant
internal implementation with their own module (e.g., WPA3-PSA for
Nordic).
And the common symbol helps us maitain any implementations easily.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add Kconfig options to allocate OpenThread dynamic memory and message
pool buffer from external memory on ESP platforms:
- OPENTHREAD_EXTERNAL_HEAP_SHARED_MULTI_HEAPOPENTHREAD_HEAP_EXTERNAL:
routes otPlatCAlloc/otPlatFree through shared multi-heap to allocate
from external memory.
- OPENTHREAD_MESSAGE_POOL_CUSTOM_SECTION: places the message pool
buffer in a custom .ot_msg_pool linker section.
- Add .ot_msg_pool section to external RAM in the linker
script for ESP32, ESP32-C5, ESP32-S3, ESP32-S3
This allows offloading large OpenThread buffers to PSRAM, freeing
internal SRAM for other uses.
Signed-off-by: Marcio Ribeiro <marcio.ribeiro@espressif.com>
Add support for the DAC module on TI’s MSPM0 G-Series MCUs. The DAC
supports 8-bit and 12-bit resolution.
Signed-off-by: Santhosh Charles <santhosh@linumiz.com>
Posix is not a library per the definition of libraries in Zephyr. It
always has been a portability layer and shall reside with other
portability layers under subsys/portability.
Addresses #99250
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
In 7579ccc68e (modules: hal_nordic: nrfs: Fix initialization priority)
used wrong priority as it assumed that NRFS is using IPC service init
priority. Priorities are fixed now and static assert is added to ensure
that NRFS init priority is higher than IPC service.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
With new SDK 1.0, --specs=nosys.specs is not needed for minimal libc.
Fixes many build issues with new SDK when building for minimal libc.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
W/o MBEDTLS_ECP_NIST_OPTIM enabled DTLS handshakes are considerably
slower, making core Thread functionalities like commissioner/joiner
defunct on slower platforms. Therefore, enable the optimizations if
ECC cryptography is in use.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Rathenr that use the general RAM region for relocating
code use the dedicated memory region for each individual
core/partition.
Signed-off-by: Laura Carlesso <laura.carlesso@infineon.com>
NRFS initialization must happen after the IPC service. Setting
the same priority may lead to locking if NRFS initialization
happens before the IPC.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
Add missing mbedTLS and PSA configuration dependencies required by
wpa_supplicant enterprise, DPP and TLS 1.3 support.
This ensures that the enabled crypto features select the necessary
mbedTLS legacy and PSA components, such as CTR_DRBG, ECDHE-ECDSA,
extended master secret, RSA-PSS certificate verification, and required
ECC optimizations.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Add a new Kconfig option, MBEDTLS_X509_RSASSA_PSS_SUPPORT, to explicitly
enable verification of X.509 certificates signed using the RSASSA-PSS
(RSA-PSS) signature algorithm.
This allows Zephyr to support modern TLS 1.2 and TLS 1.3 deployments
that rely on RSA-PSS signed certificate chains, while keeping the
feature configurable through Kconfig instead of hard-coding it in
mbedTLS configuration headers.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Now that cm33/ns support has been introduced, we have
to properly use the secure or non secure start up code from
the mtb-templates files for cm33.
Signed-off-by: Laura Carlesso <laura.carlesso@infineon.com>
In a few CMakeLists.txt files there were duplicate
zephyr_library_sources entries - one conditional
and one unconditional. The unconditional entry
was removed in each case. A couple of device-
family conditionals needed to be added after this
update.
Signed-off-by: Bill Waters <bill.waters@infineon.com>
Do not depend on "sys_csrand_get()" as this can create runtime deadloops
when CONFIG_PSA_CSPRNG_GENERATOR is also enabled. Instead poll directly
the entropy device if available.
Kconfig-wise enable MBEDTLS_PSA_CRYPTO_LEGACY_RNG also when
ENTROPY_NEEDS_PRNG. This helps when there are entropy drivers (therefore
CONFIG_CSPRNG_ENABLED is set) which can provide only limited amount of
data.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Mbed TLS libraries are external CMake targets created via
add_library()/add_subdirectory(), not zephyr_library(). They
link against zephyr_interface for include paths but miss the
automatic add_dependencies on zephyr_generated_headers that
zephyr_library() targets receive.
This causes a build race condition where generated headers
like heap_constants.h may not exist when Mbed TLS sources
compile, resulting in a fatal error when x509_crt.c includes
zephyr/kernel.h through the POSIX sys/socket.h shim.
Add an explicit dependency on zephyr_generated_headers for
all Mbed TLS library targets.
Signed-off-by: Sylvio Alves <sylvio.alves@espressif.com>
Equivalent of CONFIG_MBEDTLS_USER_CONFIG_FILE for TF-PSA-Crypto.
See the previous commit for an explanation on the implementation.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Move it to the top of the Kconfig/header files as it belongs together
with CONFIG_MBEDTLS_CONFIG_FILE.
Do not include it directly in config-mbedtls.h, just define
MBEDTLS_USER_CONFIG_FILE. Mbed TLS's build_info.h takes care of actually
including it.
Make it so that there is no need to enable a boolean Kconfig option
to define CONFIG_MBEDTLS_USER_CONFIG_FILE.
As a result of that, CONFIG_MBEDTLS_USER_CONFIG_ENABLE is deprecated.
To achieve that, the promptless CONFIG_MBEDTLS_USER_CONFIG Kconfig
option is introduced to allow to automatically figure out whether
CONFIG_MBEDTLS_USER_CONFIG_FILE is defined.
This is done to work around the following limitations:
- Kconfig does not allow string Kconfig options to not be defined
(they always default to "").
- The C preprocessor does not allow checking string macros (to check
whether the Kconfig option is an empty string).
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
c6e6f3e638 removed it without warning,
but it should first be deprecated.
Make it so that it still works for users defining it.
A helper Kconfig option is introduce to `select DEPRECATED` because
selecting Kconfig options from string ones is not allowed.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
WPA3 test case 19.5.2 (ECC P384 client certificate) requires the STA to
offer only TLS_ECDHE_ECDSA_AES_256_GCM_SHA384, which exists only in
TLS 1.2. In mbedtls 4.x, this SuiteB cipher is not available in TLS 1.3,
causing the ClientHello to miss the required cipher.
Disable TLS 1.3 when using SuiteB‑192 with P‑384 so that TLS 1.2 is
used and the correct cipher suite is advertised.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
In PSA client mode (e.g. TF-M NS builds) MBEDTLS_PSA_CRYPTO_C is not
set, so crypto_adjust_config_enable_builtins.h is skipped in the config
processing chain (build_info.h guards it with MBEDTLS_PSA_CRYPTO_C).
Without it MBEDTLS_ECP_C, MBEDTLS_BIGNUM_C and the curve macros are
never derived from PSA_WANT_*. The builtin source files (ecp.c,
bignum.c, ecp_curves.c) are always GLOBbed into the builtin target
but compile to empty without these symbols. Manually define what
enable_builtins.h would have set so the implementations are compiled
(PRIVATE on builtin) and the declarations are visible to consumers
(INTERFACE on mbedTLS).
These symbols are flagged as removed by the tf-psa-crypto config
validation in tf_psa_crypto_config.c. The builtin target already
has TF_PSA_CRYPTO_CONFIG_CHECK_BYPASS; extend the bypass to the
tfpsacrypto core target so the INTERFACE definitions do not trip
the check there either.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Co-authored-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
When CONFIG_TFM_USE_NS_APP is set TF-M will build its own NS application
which requires Mbed TLS include files to be installed in the interface
directory. This conflicts with "tfm_api". However this library is not
required in this case because TF-M builds another NS interface library
so we can simply exclude "tfm_api" from the build.
Since "tfm_api" is the reason for which CONFIG_MBEDTLS is implied in
CONFIG_BUILD_WITH_TFM, we gate this condition with !CONFIG_TFM_USE_NS_APP
as well.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
We modified TF-M CMake scripts so that legacy Mbed TLS 3.6.5 header files
are no more installed in TFM_INTERFACE_INCLUDE_DIR. This resolves all
the conflicts we had before and that we need to fix with extra compile
options.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
