Fix copy-paste mistake in SPM log level silence configuration, PARTITION
should be SPM in order to correctly silence SPM log.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Deprecate the use of CAN-specific error return values and replace them
with standard errno values.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
MBEDTLS_ECP_MAX_BITS is now set automatically by mbed TLS, redefining it
in the config file ends up in compilation warnings.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Adds a driver using the SNVS high power and optionally low power
RTC instances. A device specific function `mcux_snvs_rtc_set` is
provided to update the current counter value.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Switch from using can_configure() to using can_set_mode() for disabling
CAN controller transmissions.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Move all defines that specifies (D)PPI resources which are used
to dedicated files which have no include dependencies. This allow
to use them in nrfx_glue.h to specify fixed (D)PPI channels used
by the bluetooth.
Additionally, added mask with GPIOTE channels used by the bluetooth
controller. It was previously not defined which could lead to
conflicts since same channels could be allocated by the nrfx_gpiote
user
Updated nrfx_glue.h to use new approach.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Set NRF_SKIP_FICR_NS_COPY_TO_RAM for nrf53 and nrf91 until corresponding
memory region is excluded from use.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Update the hal_nordic module revision, to switch to nrfx v2.6.0.
nrfx 2.6.0 includes extended API in nrfx_gpiote which can be
used by the zephyr shim.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Mcuboot's bootutil libraries has option to use hooks which
allows to customize its behavior while proceeding on images
date. This patch introduces configuration options required for
enabling that option.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Use nrfx_gpiote and nrfx_ppi allocators to allocate channels
at runtime instead of fixed, device-tree based allocation which
is harder to maintain.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
This commit adds UCPD HAL and LL drivers to the Kconfig system
required to enable USB Power Delivery interface (UCPD)
on STM32G0/G4/L5/U5 devices
Signed-off-by: Sam Hurst <sbh1187@gmail.com>
The TFM build directory path is hardcoded in many places.
In order to support out-of-tree secure partitions the output path
has to be known in potentially out-of-tree build scripts.
This could potentially break out-of-tree build scripts if the
location of the build directory was changed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add a pin control driver for GD32 SoCs using the AFIO model.
Thanks to Gerson Fernando Budke for testing and implementation
suggestions.
Co-authored-by: Gerson Fernando Budke <gerson.budke@atl-electronics.com>
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
Fix issue with TFM signing of images not using the correct imgtool.
The wrapper command expects the mcuboot scripts folder to be the
current working directory when called in order to find its own
version of imgtool.
Since the command is using a different current working directory
this is not found and the system imgtool is used instead.
This causes the commands to be run with 2 different version of imgtool
if the system imgtool is found and does not have any issues.
The system imgtool could not be installed or have compatibility issues
as 1.7.2 version of imgtool is currently required by the wrapper script
Fixes: #40254
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This rework module hal_gigadevice to be compliance with rule
that requires firmware libraries directories names be lowercase.
This rule was created at hal_gigadevice/README and it is not
a Zephyr general rule. This only affect how hal_gigadevice is
used.
Signed-off-by: Gerson Fernando Budke <gerson.budke@atl-electronics.com>
GD32F4XX requires access to SoC definitions (e.g. GD32F450) when
including library header files, so expose them at Zephyr level.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
Fix cmake warnings for TF-M build system when PSA tests are not enabled.
This produces the following warnings:
"
CMake Warning:
Manually-specified variables were not used by the project:
PSA_TOOLCHAIN_FILE
TOOLCHAIN
"
These warnings can point to cache or config variables being updated in
the TF-M build system so keep this free of warnings.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Update crypto modules prompt strings to follow the Kconfig guidelines.
"For a Kconfig symbol that enables a driver/subsystem FOO, consider
having just “Foo” as the prompt, instead of “Enable Foo support” or the
like."
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The ASSYMETRIC crypto module has been split in two, for sign and
encrypt. Update Kconfig entries to match.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove CRYPTO_GENERATOR_MODULE Kconfig which has been removed.
Its features are covered by TFM_CRYPTO_KEY_MODULE and
CRYPTO_KEY_DERIVATION_MODULE.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Set a thread name for the tx_workq thread, so that it shows up in
"kernel stacks" when the shell or thread debugging are enabled.
Signed-off-by: Fabio Baltieri <fabio.baltieri@gmail.com>
So far maximum PSK length was configured by mbedTLS as 32 bytes.
Introduce Kconfig option that will configure it instead of relying on
default value from mbedTLS library, so that user can easily adjust that
value to application needs.
Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
Split the zephyr project maintained repository trusted-firmware-m into
forks of the individual upstream repositories.
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git
Upstream: TF-Mv1.4.1
Additions:
zephyr: module: Add zephyr module file
trusted-firmware-m: platform: lpcxpresso55s69: Update SDK
https://git.trustedfirmware.org/TF-M/tf-m-tests.git
Upstream: 51ff2bdfae043f6dd0813b000d928c4bda172660
Additions:
zephyr: module: Add module file for tf-m-tests
https://github.com/ARM-software/psa-arch-tests.git
Upstream: 60faad2ead1b967ec8e73accd793d3ed0e5c56bd
Additions:
zephyr: module: Add module file for psa-arch-tests
psa-arch-tests: Allow overriding of toolchain file
The organization of folders remain the same with the following
exceptions:
Moved:
root folder moved from modules/tee/tfm to modules/tee/tf-m to avoid
problems with west update.
zephyr/module.yml to trusted-firmware-m/zephyr/module.yml and
${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR} points to what was previously
${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}/trusted-firmware-m.
Added:
psa-arch-tests/zephyr/module.yml and ${ZEPHYR_PSA_ARCH_TESTS_MODULE_DIR}
tf-m-tests/zephyr/module/ and ${ZEPHYR_TF_M_TESTS_MODULE_DIR}
Removed:
init-git.sh
README.rst
Fixes: #39353
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use the zephyr module dir variable for the trusted-firmware-m root
folder. Update documentation to TF-M documentation in
tfm-secure-boot.rst.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The previous CONFIG_CAN_MAX_FILTER is specific to certain drivers.
Using the new API makes the CAN open driver independent of the used
CAN hardware / driver.
Signed-off-by: Martin Jäger <martin@libre.solar>
Add the inclusion of the Common Peripheral Access Layer for aarch32
Cortex-A SoCs in combination with the respective SoC's header file,
in which the feature flags evaluated in core_ca.h must be provided.
The corresponding CMSIS include path is added to the build by setting
the HAS_CMSIS_CORE_A Kconfig item for all aarch32 Cortex-A CPUs.
Signed-off-by: Immo Birnbaum <Immo.Birnbaum@Weidmueller.com>
This add access to modules/hal/gigadevice with three firmware
libraries by updating west.yaml file:
- GD32E10X ARM (Cortex-M4F)
- GD32F403 ARM (Cortex-M4F)
- GD32VF103 RISC-V (Nucleisys Bumblebee core)
It introduce module/hal_gigadevice, which contains all Cmake
and Kconfig rules to build GigaDevice SoCs into zephyr main
tree.
Signed-off-by: Gerson Fernando Budke <gerson.budke@atl-electronics.com>
Fix configuration options for TF-M log levels configured to an empty
string when not defined. This can happen when none of the options
have been selected due to dependencies not being met.
For example when TFM_MINIMAL=y then TFM_PARTITION_LOG_LEVEL will not be
defined.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Issue #38643
Introduce a more powerful and well established mocking framework
into Zephyr. It also allows running the actual FFF tests using the
zephyr SDK and ztest framework to ensure compatibility.
As per TSC meeting, the fff.h header was directly added to
subsys/testsuite/include/. As per the guidelines, the file is exactly
the same as it is in FFF's library, but re-styled with clang-format.
The west.yml entry was added using the "ci" group and filtered by
default. (note that the tests will break until the CI actually
specifies that the group is needed).
Signed-off-by: Yuval Peress <peress@google.com>
Use the Mbed TLS module, expecting the upstream directory layout rather
than the nested directory we've been using before.
Signed-off-by: David Brown <david.brown@linaro.org>
Add Kconfig options for configuring TF-M log options.
- Partition log level
- SPM log level
- Exception info dump
Set log level to "info" which is the default in upstream TF-M.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Remove duplicated setting of TF-M CMakeCache.txt entry TFM_BOARD.
In addition it is also wrong since the CONFIG_ prefix is missing.
Leftover from: 583d5a6db3
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Don't build TF-M in parallel on Windows as it has been reported to
expose dependency issues with the TF-M build system.
These issues will be investigated at a later time.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Use ZEPHYR_<MODULE>_MODULE_DIR instead of relative paths. Moving the
module folder would otherwise break the build system.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Mbed TLS 3.0 changes the configuration defines used to determine the
buffer size used for TLS. We were still setting the old one, which was
causing Mbed TLS to revert back to the large default buffer size. Set
both the in and out buffer sizes to match the config setting. A future
improvement may be to separate this into two configurations within the
Zephyr config.
Signed-off-by: David Brown <david.brown@linaro.org>
The psa-arch-tests project changed how third-party toolchains are
integrated. This broke the Zephyr sdk.
This patch aligns with the new mechanism.
https://github.com/ARM-software/psa-arch-tests/pull/276
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
-The current scheme in zephyr has the two choices MBEDTLS_BUILTIN
and MBEDTLS_LIBRARY, but the choice of MBEDTLS_LIBRARY requires
setting CONFIG_MBEDTLS_INSTALL_PATH for includes and library linking.
This may not be neccesary when an alternative implementation of the
library is being used. This adds support for custom choices in
MBEDTLS_IMPLEMENTATION which can be added in an out-of-tree Kconfig
file.
-Made else an elseif(CONFIG_MBEDTLS_LIBRARY.
-Removed reduntant assertion between the two choices.
Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
No sources were ever added to the `zephyr_library()` defined in
modules/hal_nxp/usb/CMakeLists.txt, thus removing this lib to avoid
the warning:
> No SOURCES given to Zephyr library: modules__hal_nxp__usb
>
> Excluding target from build.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
This commit adds FMAC HAL and LL drivers to the Kconfig system
Required to enable Filter Math Accelerator (FMAC)
on STM32G4/H7 devices
Signed-off-by: Tom Owen <tom.owen@zepler.net>
The TF-M build is passed a path to the mbedtls project
directory, however, NCS has its own mbedtls variant. When
building with TF-M we use a generator expression to allow
setting the path to mbedtls from nrf_security.
Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
This commit updates the CMSIS-DSP configurations for the CMSIS-DSP
1.9.0, which is part of the CMSIS 5.8.0 release.
Note that the Helium/MVE configurations are removed because CMSIS-DSP
now automatically selects them if available.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Add nrf51 MDK defines needed to correctly select the nrf51 erratas
needed on the specific SoCs. The nrf51_erratas.h header file only uses
these defines to check which erratas should be applied.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add Kconfig options that allow users to select the way the APPROTECT
mechanism is handled in the SystemInit() function.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
Updates west manifest and module folder name to point to new
TensorFlow Lite Micro repo Google recently pulled out of
the TensorFlow repo.
Signed-off-by: Lauren Murphy <lauren.murphy@intel.com>
Update zephyr side to handle hal_nxp using cmake-ext/kconfig-ext. This
allows for having zephyr specific integration code live with the zephyr
source tree.
For now on the cmake side we just use add_subdirectory() of the hal_nxp
repo so the integration is effectively transparent.
For Kconfig we add a place holder Kconfig file since the hal_nxp repo
doesn't have any Kconfig files in it currently.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This commit increases number of available serialization buffers to
account for possible delays caused by serialization itself and
processing on the application core.
Signed-off-by: Paweł Kwiek <pawel.kwiek@nordicsemi.no>
This commit reworks nRF IEEE 802.15.4 temperature update module to save
resources, otherwise used to create thread, by using work queue.
Signed-off-by: Paweł Kwiek <pawel.kwiek@nordicsemi.no>
This commit extends size of stack used by IEEE 802.15.4 radio
temperature sensor. This commit fixes stack overflow issue in
echo_server sample for OpenThread.
Signed-off-by: Przemyslaw Bida <przemyslaw.bida@nordicsemi.no>
A new configuration is available in TF-M, for disabling RNG
independent from key derivation. Introduce a corresponding
Kconfig option to control the RNG API enabling/disabling from
Zephyr.
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Allow developers the option of using the DOWNLOAD option
for MCUboot in TF-M bulds with BL2. Using MCUboot from
Zephyr is still the default option.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
TFM_MCUBOOT_IMAGE_NUMBER Kconfig option should have
a dependency on TFM_BL2, since it is not applicable
otherwise.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We remove the tfm-mcuboot module in Zephyr (which hosts the
mcuboot version that is used for TF-M builds in Zephyr). We
will force TF-M builds in Zephyr to use the MCUboot version
that any Zephyr builds are using. This will allow Zephyr to
maintain a single mcuboot module version in its default
manifest.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
For TF-M builds on LPCXPRESSO55S69 we set the path to the
NXP HAL sources that are required for building TF-M for this
platform.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Upstream TF-M has modified the path name for ARM platforms,
so we fix the board names in the module integration code.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit adds temperature platform used by the IEEE 802.15.4 Radio
Driver. The new platform requires an enabled temperature sensor.
The new hal_nordic revision updates the nRF 802.15.4 component.
Signed-off-by: Pawel Kwiek <pawel.kwiek@nordicsemi.no>
This commit introduce new HAL Telink module used by
new Telink B91 RISC-V platform drivers.
Signed-off-by: Yuriy Vynnychek <yura.vynnychek@telink-semi.com>
This commit updates the NS board variant from
`nrf9160dk_nrf9160ns` to `nrf9160dk_nrf9160_ns`
to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit updates the NS board variant from
`nrf5340dk_nrf5340_cpuappns` to `nrf5340dk_nrf5340_cpuapp_ns`
to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit update the NS board variant from `bl5340_dvk_cpuappns`
to `bl5340_dvk_cpuapp_ns` to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Add Kconfig option for indicating that a given SoC contains the NXP
Kinetis Reset Control Module (RCM).
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Rename the top-level header file from <canbus/canopen.h> to
<canopennode.h>.
Rename CANopenNode related Kconfig options from CONFIG_CANOPEN* to
CONFIG_CANOPENNODE*.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Move the Zephyr-specific interface and support code for CANopenNode into
the modules directory. Consolidate the CMakeLists.txt files into one.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Since we now have separate Kconfig symbols for the different
MPS2 AN521 board variants, we need to update the BOARD switch
for the TF-M target on MPS2 AN521.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The current CMakeLists.txt contains a function that is called from
the same file.
This patch removes the abstraction, allowing to remove many
lines of parameter handling.
Additionally, with this patch, the Cmake argument handling is now
done via a list, which removes many more named variables.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
- Fixed some incorrect streamport references that pointed to the
base streamport files instead of those dedicated for Zephyr.
- Updated the source file compilation to match the updated
TraceRecorder module.
Signed-off-by: Torbjörn Leksell <torbjorn.leksell@percepio.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Update the LoRaMac-node library to the last stable release and fix
the Zephyr glue code to match it. Move CMakeLists.txt to the main
Zephyr repository to simplify loramac-node module maintenance.
Signed-off-by: Ilya Tagunov <tagunil@gmail.com>
The CMake variable `TFM_ISOLATION_LEVEL_ARG` was not properly set when
application configures higher isolation level. This led to isolation
level always being to set 1.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@linaro.org>
Fixes: #36101
The move of CMake invocation to a dedicated custom target, see #34868
results in tfm_cmake to always be considered out-of-date, causing CMake
to be reinvoked in the TF-M Binary dir, which again results in the
build command to rebuild.
This commit moves the invocation to a custom command with the
CMakeCache.txt as output. The custom target tfm_cmake is updated to
depend on CMakeCache.txt.
This mean that CMake for TF-M will only be invoked inside the Zephyr
build command if that file is missing.
If the CMakeCache.txt file is updated or TF-M CMake or source code is
modified, then the build command inside the TF-M build folder will
ensure correct re-run of CMake from within the TF-M build folder.
This ensures that TF-M will still rebuild if TF-M code is modified,
while at the same time avoid unnecessary rebuilds of TF-M code.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
We do not need the if BUILD_WITH_TFM guard in the main
Kconfig file, as the guards are present insude the respective
Kconfig files that are sourced by the main Kconfig.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The TF-M project is higly configurable and we end up having
a growing number of Kconfig option definitions in the main
Kconfig file. This commit splits out the configuration options
for the TF-M partition and for the crypto partition configuration
into separate Kconfig files, for ease of reading. The commit
does not introduce behavioral changes.
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Also, this eases readability.
The new API can be used any time all FP registers must be manually
saved and restored for an operation.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
When running with TFM Regression option set, but without
BL2 (MCUboot) we need to use the TF-M's NS binary, and not
the Zephyr application. This was selected properly for the
case with MCUboot boot already, but not when running the
regression tests without MCUboot.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
These are needed to disable not needed crypto modules in
the trusted-firmware-m module.
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Zephyr SDK is not supported on OS X, however, Zephyr toolchain can be
built on OS X using Crosstool-NG.
Currently, trusted-firmware-m CMakeLists.txt only supports `zephyr` and
`gnuarmemb` toolchains which prohibits building TF-M on OS X using
Zephyr toolchain built with Crosstool-NG.
docs:
https://docs.zephyrproject.org/latest/getting_started/toolchain_3rd_party_x_compilers.html#crosstool-ng
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@linaro.org>
The caller saved registers were restored both as caller saved and
callee saved registers, i.e. register 0-15 were restored into
both register 0-15 and 15-31.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Currently the MBEDTLS_HAVE_TIME_DATE mbedTLS option is enabled based on
the CONFIG_POSIX_API option. This doesn't seem right, since the enabling
the POSIX API does not guarantee that there is a valid time source in
the system. This was the case for the qemu_x86 platform, where enabling
POSIX_API caused TLS handshake failures due to certificate validation
errors caused by no valid time avaialble in the system.
Fix this by adding a specific KConfig entry for date/time configuration
in mbedTLS. Applications that need to enforce date verification in
mbedTLS should enable it explicitly instead of relying on the
non-obvious implicit configuration.
Fixes#35401
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The nRF SOCs declare support for SWO using the HAS_SWO define. In
addition, the SWO pin has to be configured at runtime, which is done
through the Nordic HAL by defining ENABLE_SWO.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Follow-up: #34868
The CMAKE_ARGS was accidentally lost during work on #34868.
This commit fixes that by re-adding `CMAKE_ARGS` as multi value arg.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Follow-up: #34843
This commit is a followup to PR #34843.
The Zephyr subsys/tracing/Kconfig file has a
`depends on ZEPHYR_TRACERECORDER_MODULE` but that symbol is only
available when the module is part of the manifest.
This commit adds the second part of the comment:
https://
github.com/zephyrproject-rtos/zephyr/pull/34843#discussion_r628154265
To ensure all Kconfig symbols are defined.
Without this commit, users without TraceRecorder will see following
checkpatch error:
```
ERROR : Test KconfigBasic failed: Undefined Kconfig symbols:
warning: undefined symbol ZEPHYR_TRACERECORDER_MODULE:
- Referenced at subsys/tracing/Kconfig:35:
config PERCEPIO_TRACERECORDER
bool "Percepio Tracealyzer support"
select THREAD_NAME
select INIT_STACKS
select THREAD_MONITOR
depends on ZEPHYR_TRACERECORDER_MODULE && <choice>
```
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Now using CONFIG_MBEDTLS_USER_CONFIG_FILE instead of
CONFIG_MBEDTLS_USER_CONFIG_ENABLE for inclusion of user config file.
The Kconfig MBEDTLS_USER_CONFIG_ENABLE setting now now determines if
MBEDTLS_USER_CONFIG_FILE is visible.
This removes the problem of MBEDTLS_USER_CONFIG_FILE to be stuck on its
first value.
Users can use MBEDTLS_USER_CONFIG_ENABLE to get the prompt and define
their own value.
As the CONFIG_MBEDTLS_USER_CONFIG_FILE is default promptless then we can
use this setting directly as it will only be defined if another Kconfig
file specifies a default value to use, or user enables:
MBEDTLS_USER_CONFIG_ENABLE.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Introducing MBEDTLS_PROMPTLESS and CUSTOM_MBEDTLS_CFG_FILE settings.
The MBEDTLS_PROMPTLESS can be set to true whenever configuration of
mbedTLS is done from a subsystem or module.
Such an example is OpenThread, which selects mbedTLS for some predefined
crypto settings using OPENTHREAD_MBEDTLS=y.
Unfortunately, extensive use of select can easily cause stuck symbol
syndrome making it harder than neccesarry for users to later reconfigure
as they easily get stuck in incompatible configurations.
Providing a MBEDTLS_PROMPTLESS allows such configurations to disable the
MBEDTLS prompt itself when selected but avoid stuck symbol if user
select another security configuration.
Similar with CUSTOM_MBEDTLS_CFG_FILE which ensures that user must
explicitly select this symbol before providing a custom mbedTLS config
file.
Today, other parts the Kconfig tree may set a default value for
MBEDTLS_CFG_FILE but that value is stuck and thus changed Kconfig
selections elsewhere in the tree will not adjust the value.
Introducing CUSTOM_MBEDTLS_CFG_FILE ensures it is known when the user
has provided the value.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit removes the prompt from MBEDTLS_USER_CONFIG_FILE unless
MBEDTLS_USER_CONFIG_ENABLE is true.
This fixes issues where other parts would specify a default value for
MBEDTLS_USER_CONFIG_FILE that would become stuck and not updated if
user re-configured the system using menuconfig.
Disabling the prompt ensures that only when a user specifically enables
MBEDTLS_USER_CONFIG_ENABLE and specify a custom user value in
MBEDTLS_USER_CONFIG_FILE the setting will be fixed.
Also updates the manifest with related change in the mbedtls project.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This Mbed TLS configuration option was being selected based on a
non-existent Kconfig option, and hence would never be defined. v2.1 of
PKCS1 was published in 2003. Use of v1.5 has been deprecated since
2016, and should not be used in new or existing designs.
Enable the v2.1 version in any situation where RSA is used for
signatures. In the future, we should disable v1.5 entirely, but only
after all uses have been determined and possibly corrected.
No significant weaknesses have been found in v1.5, however v2.1 has a
significant security proof. However, v2.1 does require an entropy
source, which may be an issue in some embedded device situations (which
likely are problematic for other cryptographic reasons).
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of exposing publicly the TF-M NS interface include
directories, we include them when we build relevant projects.
This is required, as the TF-M include directories contains
psa crypto sources that are also provided by the mbedtls
crypto module. The downside of this solution is that the
TF-M includes need to be added explicitly in each application
that uses TF-M APIs.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Define the MBEDCRYPTO_PATH variable for the TF-M build,
so the latter can used a checked-out version of mbedtls,
instead of pulling an external tree during build time.
This will make Zephyr builds with TF-M must faster.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Updates in CMakeLists.txt to reflect the restructuring
in the module directory. This also bumps mbetls version
to 2.26.0.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We move the Zephyr-specific CMakeLists.txt file into
the main Zephyr tree. We also move the zephyr_init.c
source file.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit removes the prompt from MBEDTLS_USER_CONFIG_FILE unless
MBEDTLS_USER_CONFIG_ENABLE is true.
This fixes issues where other parts would specify a default value for
MBEDTLS_USER_CONFIG_FILE that would become stuck and not updated if
user re-configured the system using menuconfig.
Disabling the prompt ensures that only when a user specifically enables
MBEDTLS_USER_CONFIG_ENABLE and specify a custom user value in
MBEDTLS_USER_CONFIG_FILE the setting will be fixed.
Also updates the manifest with related change in the mbedtls project.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Introducing MBEDTLS_PROMPTLESS and CUSTOM_MBEDTLS_CFG_FILE settings.
The MBEDTLS_PROMPTLESS can be set to true whenever configuration of
mbedTLS is done from a subsystem or module.
Such an example is OpenThread, which selects mbedTLS for some predefined
crypto settings using OPENTHREAD_MBEDTLS=y.
Unfortunately, extensive use of select can easily cause stuck symbol
syndrome making it harder than neccesarry for users to later reconfigure
as they easily get stuck in incompatible configurations.
Providing a MBEDTLS_PROMPTLESS allows such configurations to disable the
MBEDTLS prompt itself when selected but avoid stuck symbol if user
select another security configuration.
Similar with CUSTOM_MBEDTLS_CFG_FILE which ensures that user must
explicitly select this symbol before providing a custom mbedTLS config
file.
Today, other parts the Kconfig tree may set a default value for
MBEDTLS_CFG_FILE but that value is stuck and thus changed Kconfig
selections elsewhere in the tree will not adjust the value.
Introducing CUSTOM_MBEDTLS_CFG_FILE ensures it is known when the user
has provided the value.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
This commit allows a subsystem to specify additional CMake flags to be
given to the TF-M build.
The additional CMake flags can be provided through the TFM_CMAKE_OPTIONS
property on the zephyr_property_target.
Using the zephyr_property_target allows Zephyr modules to append extra
TFM_CMAKE_OPTIONS regardless of the CMake processing order.
It splits the ExternalProject_Add into a two step process with the CMake
invocation executed using add_custom_target() and the build process
using ExternalProject_Add(). The reason for this split is because CMake
generator expressions passed through ExternalProject_Add to CMake will
quoted so that `$<TARGET_PROPERTY:<tgt>,<prop>>` becomes
`"-DFOO=bar -DBAR=foo"` instead of `-DFOO=bar -DBAR=foo` which again
results in CMake failures.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
When ARM_NONSECURE_PREEMPTIBLE_SECURE_CALLS is enabled, if FPU is
being used (CONTROL.FPCA == 1), store all FP registers before
entering the secure function, and restore them afterwards.
This is needed if any NS thread or ISR that interrupts the secure
function uses FP registers. If they do, a secure UsageFault occurs
unless this change is applied.
This allows k_sched_lock() and k_sched_unlock() to be dropped when
ARM_NONSECURE_PREEMPTIBLE_SECURE_CALLS is enabled.
Enable ARM_NONSECURE_PREEMPTIBLE_SECURE_CALLS by default when
building TF-M.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Add new kconfigs
Include the ns-app built by TF-M build system for regression tests
Update tfm_ipc sample to use new kconfig
Signed-off-by: Andreas Vibeto <andreas.vibeto@nordicsemi.no>
Add necessary libs and files to the build
Add support for new kconfigs
Add Zephyr-only implementations of tfm_log and tfm_ns_interface.
Add zephyr_tfm_psa_test.c for easily running PSA tests.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Do not allow the TFM_ISOLATION_LEVEL to be non-hidden option,
if the TFM_IPC (PSA_API) option is not set, since, in that case,
only Isolation Level 1 is supported.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add the nanopb library and generator tools as a module.
Nanopb is a small code-size Protocol Buffers implementation in ansi C.
It is especially suitable for use in microcontrollers,
but fits any memory restricted system.
Nanopb home: https://jpa.kapsi.fi/nanopb/
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
We add a Kconfig choice for the TF-M profile, in
TF-M's Kconfig file. The reason for that is to be
able to easily enable additional configurations,
depending on the profile type being selected. We
also enhance the documentation of TFM_PROFILE,
stressing that there is now also profile_large
available as an option. TFM_PROFILE is now made
hidden, forcing the users to select one of the
available choice symbols. IF the TFM_PROFILE is
set to something other than "none", then certain
options shall be made hidden, namely, IPC and
isolation level, as they are determined by the
profile setting.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add a dependency on IPC for the Audit Log secure service,
since the service is not compliant with the IPC model.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Update revision of hal_nordic which introduces new radio driver
integration scheme.
The glue cmake has been updated to use the new integration scheme
for the nrf-802154 component.
Added config option to exclude radio driver in hal_nordic from the
build process. This allows the radio driver to be supplied from
other sources.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
The default value is not needed because there is only one choice.
This allows the default choice to be set in a different module.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
When compiling TF-M with profile_medium, disable the support
for Audit Log due to an upstream bug.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Prevent a thread from being preempted, while executing a Secure
function. This is required to prevent system crashes that could
occur if a thead context switch is triggered in the middle of a
Secure call.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
To allow using TFM NS interface without enabling
CMSIS_RTOS V2 support. And to allow using TFM NS
code that uses logging.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The TF-M NS interface needs to be initialized before
it is used. We add an initialization function that
calls tfm_ns_interface_init(), at boot time, so then
we can use TF-M interface calls (veneers).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
In ARM Non-Secure builds with TF-M it is not, generally,
possible to issue system reset requests from Non-Secure
domain. When the Platform SPM Partition is enabled, the
tfm_platform_system_reset(.) API can be used to request
system resets from TF-M. This commit overrides the weak
sys_arch_reboot() implementation in scb.c so Non-Secure
code is able to issue system resets.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Instruct CMake to include interface libraries when
building a Non-Secure ARM target with TF-M. In
particular, include the reboot.c source file, which
overrides the sys_arch_reboot implementation.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Rename lib.
Disable AUDIT_LOG in regression sample because of a bug upstream.
Update stm32l562e_dk_ns overlay.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
There was an inconsistency in the API as z_nrf_rtc_timer_chan_alloc
returned int but other function were using uint32_t for channel
argument. Updated api to use int32_t everywhere.
Update nrf_802154 driver which was using this api to use int32_t.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
This commit enables the TF-M IPC sample application on stm32l562e_dk
board.
It provides device tree flash partition as an overlay in order to
configure and flash the bl2, secure/non secure firmwares.
Signed-off-by: Yestin Sun <sunyi0804@gmail.com>
This commit allows to append an optional --hex-addr argument to
the wrapper script if speficied. This can adjust the base address
of the output hex file when signing the non-secure or secure
firmware images.
Signed-off-by: Yestin Sun <sunyi0804@gmail.com>
Make sure that CONFIG_NET_TCP_ISN_RFC6528 is not set when compiling
Civetweb. There are compile issues in Civetweb if both mbedtls and
POSIX API option are set, and this happens if the TCP ISN option is
enabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
The shim layer could in some circumstances not be properly
configured which would result in an unbound radio interrupt
handler.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
This commit moves all hal_nordic radio driver code that is
strictly dependent on Zephyr into the Zephyr repository.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
Introduce an option to instruct the build system
to flash the Non-Secure (Zephyr) firmware image
together with the TF-M (Secure) firmware image
as a single merged binary, instead of just flashing
the Non-Secure application.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Place the new signing code in the TFM module CMakeLists.txt.
Make some small tweaks and add a sentence to the docs.
In the process, make a few changes to the signing code:
- Change some names of files created.
- Minimize the number of files created.
- Use hex files instead of bin files. This is so we don't need to know
the offset when creating hex files from bin files.
Also add signing for MCUBOOT_IMAGE_NUMBER=1 based on the code from the
v2m_musca_b1 board, though, this board does not build with =1 now
because of (I assume) some flash aliasing which places the S and NS
images 0x10000000 apart, where the manual algorithm places them next to
each other. It builds with =2, though.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Add device tree nodes for QDEC peripheral instances
for nRF5340 Application core.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The choice allowed for using TFM's own default. We now need full
knowledge over whether BL2 is enabled or not (e.g. to do signing),
so remove this option and simplify to a bool.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
'IPC' and 'REGRESSION' are passed to the <option>
argument of cmake_parse_arguments, hence they are always defined,
and 'if (DEFINED)' would always return TRUE.
Use 'if' directly instead of 'if DEFINED' to check if these
options are set or not.
Ref: NCSDK-7702
Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
This commit moves TFM CMakeLists.txt into Zephyr and relocates the
Kconfig.tfm file under the modules/tfm folder.
Updates the manifest to point to related TFM changes.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
This commit brings in several latest bugfixes for the hal_nordic repo.
It also removes a Kconfig entry that these changes yield deprecated.
Signed-off-by: Jedrzej Ciupis <jedrzej.ciupis@nordicsemi.no>
This commit changes serialized radio initialization
priority. This fixes race condition where serialization
backend would boot earlier than the radio driver itself.
Signed-off-by: Pawel Kwiek <pawel.kwiek@nordicsemi.no>
Mark the PPI/DPPI channels and groups used by the 802.15.4 driver
as occupied and thus unavailable for allocation through nrfx_ppi.
Signed-off-by: Adam Zelik <adam.zelik@nordicsemi.no>
nRF5340 PDK is removed so there is no reason to keep it
in the list of supported tf-m targets.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Adds a hidden config symbol HAS_MCUX_FLEXSPI selected by NXP SoCs when
the FlexSPI peripheral is present. It will be used as a dependency for a
new FlexSPI flash driver to prevent users from accidentally enabling the
driver on platforms that don't have the necessary hardware.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Add Kconfig option for indicating that a given SoC contains the NXP
Kinetis Pulse Width Timer (PWT).
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
The introduction of Zephyr module glue code in the Zephyr repository
introduces a Kconfig variable in the form of:
`config ZEPHYR_<MODULE_NAME>_MODULE`.
All Kconfig variables go into `autoconf.h`, therefore it is necessary
to sanitize the Kconfig variable, so that it does not contain special
characters. To ensure consistent variable name, then the module name
will be sanitized in all variable use in both Kconfig and CMake.
The sanitization is done be replacing all special characters with an
underscore, `_`.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
This patch updates hal_nordic module revision to start using RPMsg
Service for serialization of 802.15.4. The serialization module is
implemented in the hal_nordic module.
Signed-off-by: Hubert Miś <hubert.mis@nordicsemi.no>
Move nrfx glue code (nrfx integration files, related Kconfig entries,
and related part of CMakeLists.txt taken from the hal_nordic module)
to modules/hal_nordic/nrfx/ directory.
CMakeLists.txt located in modules/hal_nordic/ is now the main cmake
file for the hal_nordic module. It points back to cmake stuff related
to the nRF IEEE 802.15.4 driver that still remains in that module and
it adds the extracted nrfx part as a subdirectory.
Kconfig.nordic is renamed to Kconfig and moved to modules/hal_nordic/.
It sources nrfx related entries from that separate file.
Update also the manifest to point to accordingly modified hal_nordic
revision.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
This commit introduces MODULE_EXT_ROOT which allows CMake and Kconfig
glue code to be placed outside of the Zephyr module repository.
This allows for placing glue code in Zephyr, but also allows users to
specify custom MODULE_EXT_ROOTs for glue code using either
`-DMODULE_EXT_ROOT` or `zephyr/module.yml` with
`build:settings:module_ext_root` settings.
MODULE_EXT_ROOT' is a list of directories, similar to other roots such
as BOARD_ROOT, DTS_ROOT, etc.
The Zephyr repo folder ${ZEPHYR_BASE} is always to the MODULE_EXT_ROOT
list as lowest priority.
For each MODULE_EXT_ROOT, the file
`<module_ext_root>/modules/modules.cmake` will be processed.
In Zephyr repo, the folder `modules/<module>/` contains CMakeLists.txt
and Kconfig glue code for the Zephyr module.
A Zephyr module can specify that CMakeLists.txt and Kconfig glue code is
placed in an external module root by specifying:
```
build:
cmake-ext: True
kconfig-ext: True
```
It is still possible to place the CMakeLists.txt and Kconfig files
directly in the Zephyr module using the existing:
```
build:
cmake: <path>
kconfig: <file>
```.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Some parts of subsys/dfu/boot code are re-implementations of
what is implemented in the MCUBoot repository.
Mcuboot's repository already provide implementation of function
required for application for interact with the MCUboot.
This patch introduces new MCUBOOT_BOOTUTIL module which covers
common code which is used in the bootloader and the chainnloaded
application.
dfu/boot: use MCUBoot's source code
Module was reworked so it start using MCUBoot's
bootutil_public API instead of copied code.
Reworked boot_is_img_confirmed() used MCUBoot's API
for determine image_ok flag.
mcuboot_shell switchd to use MCUboot's boot_read_swap_state_by_id()
This is MCUBoot function, use it for avoid linking conflict.
test/subsys/mcuboot: fix `test_write_confirm`
dfu/boot library was reworked so it uses MCUboot's bootutil_public
library whenever it can.
The library required that image was marked as copy-done before it
can be pending.
This patch adds such mark which fixes the test.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Add the Sound Open Firmware project as a Zephyr module under
modules/audio/sof.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Musca-S1 is a Cortex-M33 based SoC. It's similar to the
Musca-B1, but among other things the embedded flash has
been replaced with embedded MRAM (eMRAM) memory.
The Musca-S1 files have been created based on the Musca-B1
SoC and board files.
Add the Musca-S1 board to the list of allowed platforms
for the TF-M integration examples.
Change-Id: I4f517d28d0a5b8c4a3fc3fab73adb5519acfc3c2
Signed-off-by: David Vincze <david.vincze@linaro.org>
Use new Kconfig structure to marks which TIMER peripheral is reserved by
802.15.4 radio driver. It prevents peripheral usage collisions.
Signed-off-by: Hubert Miś <hubert.mis@nordicsemi.no>
This PR allows the use of direct IEEE 802.15.4 nRF Driver calls
in case a serialized (nRF53) version of the Radio Driver is used.
Signed-off-by: Czeslaw Makarski <Czeslaw.Makarski@nordicsemi.no>
BUILD_WITH_TFM needs to depend on
ARM_TRUSTZONE_M, which is selected
by the SoC or Board definition. In
addition to that we add an imply
statement for INIT_ARCH_HW_AT_BOOT
because Zephyr will be chain-loaded
by TF-M, and needs to cleanup its
core ARCH registers that might be
left in non-reset state.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
When we select BUILD_WITH_TFM we do not
really need to enable by default the
options THREAD_NAME, THREAD_STACK_INFO,
INIT_STACKS and THREAD_MONITOR, so we can
clean them up. We also remove CMSIS_RTOS_V2
for the same reason.
We also cleanup the default value for
NUM_PREEMPT_PRIORITIES, which does not
seem to be needed.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add STP transport support for MIPI SyS-T with Kconfig MIPI_SYST_STP,
this is following SyS-T spec Section 7.
And with Kconfig MIPI_SYST_RAW_DATA, add raw data output support for
MIPI SyS-T protocol stack.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Add TFM_PROFILE and TFM_ISOLATION_LEVEL options. Options are used to set
up custom board configurations, i.e. LPC55S69 uses medium_profile to fit
TFM images in a small flash area.
Signed-off-by: Andrei Gansari <andrei.gansari@nxp.com>
Add help text in some newly introduced and un-documented
TF-M Kconfig options: REGRESSION and IPC.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add Kconfig options that will be used by the module
to call the function with the desired parameters.
Refactor the tfm_integration samples and
the supported boards.
Update west.yml to bring in Cmake changes that use the new KConfigs.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Make it easier to add TF-M in an app by selecting and implying the
necessary configs so the app doesn't have to specify the configs itself.
Remove unneeded configs from the prj.conf files in the tfm samples.
Also, fix case in key file name.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
With STM32Cube updates
https://github.com/zephyrproject-rtos/hal_stm32/pull/75
'..._hal_rcc.c' and '..._hal_rcc_ex.c' are now systematically
compiled, due to more and more dependencies from HAL IP on rcc.
So USE_STM32_HAL_RCC and USE_STM32_HAL_RCC_EX becomes useless.
Signed-off-by: Alexandre Bourdiol <alexandre.bourdiol@st.com>
Refactors the i.mx rt soc series to enable device configuration data
(DCD) by default when the smart external memory controller (SEMC) is
present. This is in preparation for removing the DATA_LOCATION Kconfig
symbol and using a device tree chosen node instead.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Adds the socket option TLS_ALPN_LIST for SOL_TLS sockets
Passes the configured alpn list to the mbedtls config
on mbedtls init
Signed-off-by: Emil Hammarstrom <emil.hammarstrom@assaabloy.com>
Update the default paths to private keys used
for signing the Secure and the Non-Secure firmware,
when building Zephyr together with TF-M. The update
is done to match the default configuration in
the upstream TF-M project.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Align all sensor drivers that are using stmemsc (STdC) HAL i/f
to new APIs of stmemsc v1.03.
Requires https://github.com/zephyrproject-rtos/hal_st/pull/5
(merged as b52fdbf4b62439be9fab9bb4bae9690a42d2fb14)
Signed-off-by: Armando Visconti <armando.visconti@st.com>
Add initial support for LoRaWAN based on Semtech's loramac-node
library. Current implementation only supports OTAA config and
sending data to LoRaWAN server like ThingsNetwork.
While at it, this commit also moves the "loramac-node" library
definition from drivers/lora to subsys/lorawan. This is required
because, subsys/lorawan gets processed before drivers/lora and
that creates issue while building.
Signed-off-by: Manivannan Sadhasivam <mani@kernel.org>
The HAS_NRFX Kconfig option is selected also for the nrf52_bsim board,
where the nrfx drivers are compiled for a simulated target, without
CMSIS. Thus, selecting HAS_CMSIS_CORE in such case is inappropriate.
This patch removes then the selection of the HAS_CMSIS_CORE option from
HAS_NRFX. When the nrfx drivers are built for a real SoC, where CMSIS
is actually used, the option will get selected by the CPU_CORTEX_M one.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
When we build Zephyr for a Non-Secure image, using TFM
as the Secure counterpart, we may or may not use BL2 (e.g.
MCUboot in TFM). If we build with BL2 we need to account
for a ROM offset before the start of the non-secure image
where TFM BL2 expects the BL2 header. This offset is not
needed when TFM is built without BL2. We use the existing
Kconfig options to determine whether we need a ROM offset
or not. We use the value of 0x400 for the BL2 header,
which is the default value used in TFM, but the option is
non-hidden, allowing the user to overwrite the default
value if needed.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
On SoCs featuring the USBREG peripheral, the nrfx_power driver uses
the nrfx_usbreg one internally, so enable the latter when the former
is enabled.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
This PR updates the hal_nordic module revision, to switch to nrfx 2.3.0
and adds new configuration option to enable two stage LFCLK start
sequence.
Signed-off-by: Karol Lasończyk <karol.lasonczyk@nordicsemi.no>
RDC module is used by i.MX8MM SoC, so let's create a Kconfig symbol
which will be used to enable the module in SDK.
Signed-off-by: Manivannan Sadhasivam <mani@kernel.org>
This commit adds a NRF_802154_MULTIPROTOCOL_SUPPORT Kconfig switch
that makes it possible to use nRF 802.15.4 radio driver in
a multi-protocol scenario.
Signed-off-by: Jedrzej Ciupis <jedrzej.ciupis@nordicsemi.no>
Add support for the SX126x series of LoRa radios using the
LoRaMAC-Node HAL.
This driver currently makes the following assumptions:
* DIO1 is used as an interrupt line.
* There is an RF switch selecting between the TX and RX ports and
that switch is controlled by DIO2.
* There is either no TCXO or the TCXO is controlled by DIO3.
Specifically, the limitations above mean that modules that use GPIOs
to control the RF switch are currently not supported. Support for such
modules would need changes to the LoRaMAC-Node code.
Signed-off-by: Andreas Sandberg <andreas@sandberg.pp.se>
Add initial support for nuvoton numicro m48x SoC series, basic
init and uart functionality are covered with gpio and clock
directly relies on HAL.
Signed-off-by: Saravanan Sekar <saravanan@linumiz.com>
Currently user needs to specify quite much additional options to enable
OpenThread support. He also needs to set ip address count,
heap size, etc depending on features enabled.
Nade changes to automatically select/set some of the options on
enabling OpenThread
Signed-off-by: Marek Porwisz <marek.porwisz@nordicsemi.no>
tested on mimxrt1060_evt
MEMORY_NOCACHE is needed
test on frdmk64f
special test slot need configure with
CONFIG_DMA_TEST_SLOT_START
Signed-off-by: Hake Huang <hake.huang@oss.nxp.com>
Due to new checks in mbedTLS config sanitizer, TLS option can no longer
be left enabled, when TLS is not used. OpenThread needs MBEDTLS_MD_C
and MBEDTLS_CIPHER_C even without TLS being used, so we need an option
to enable them manually.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commits adds a config option to build a PSA trusted-firmware-m
(TF-M) application image for the secure processing environment, and
configures the Zephyr application image for the non-secure processing
environment. The secure and non-secure environment images will be
linked together via the veneer function table that is produced as an
artifact of the TF-M build process.
Signed-off-by: Karl Zhang <karl.zhang@linaro.org>
Add infineon xmc series with XMC4500 support. XMC series comes with,
- CPU operates upto 120MHz
- 3 RAM (PSRAM1 - code, DSRAM1 - data and DSRAM2 - communiation)
- upto 1MB flash
init: clock control & gpio is not done, so SoC initialization directly
relies on HAL. Core operating clock is stored in no_init section, which
is kept under DSRAM1. Only DSRAM1 is used until clock support. Using
PSRAM1 and DSRAM1 needs adaptation in linker script - planned for next
revision.
Note: SystemInit cannot be consumed directly due to vector table +
HAL linker dependency.
Signed-off-by: Parthiban Nallathambi <parthiban@linumiz.com>
Both ST and STM32 modules where using same HAS_STLIB Kconfig
symbol.
Now that each module is createing is own lib, we need to be able
to distinguish libs.
Depends on zephyrproject-rtos/hal_stm32/pull/52
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
Update mbedTLS commit along with the following fixes:
* Fix naming inconsistencies in some cipher modes, to match core mbedTLS
configs
* Add Kconfig to enable CTR cipher mode
Fixes#22421
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Some Kinetis SoCs have an instance of the the TPM module
that can be used for PWM control. As such, add the necessary
configurations to enable it on the SoCs that support it, as well as
enable the clock for the module to function.
In this case, the enablement is done only for the KW41Z SoCs,
but there are other SoCs that support it, f.i. KW38Z
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Add option for indicating that a NXP Kinetis SoC contains a
Digital-to-Analog (DAC) module.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Add option for indicating that a NXP Kinetis SoC contains a
Digital-to-Analog (DAC32) module.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
This commit introduces the Kconfig configurations for the CMSIS-DSP
digital signal processing library.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This commit updates the west.yml to point to the commit that adds the
CMSIS-Core(A) and defines the configurations to enable it, in
preparation for the AArch32 Cortex-A architecture support in Zephyr.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
Add CSMA CA capability for the `ieee802154_nrf5` radio driver along with
appropriate implementation in the `nrf5_tx` function.
Introduce 802.15.4 radio driver with CSMA/CA support enabled. Add help
text, mentioning a list of peripherals occupied by the radio driver.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
We can build the openamp library configured with VirtIO master
support, VirtIO slave support, or both. By default both master
and slave code is enabled. We can reduce code footprint by only
build master or slave as needed.
Expose Kconfig options for Master & Slave and set them accordingly in
the sample.
Here's the code reduction we see:
For the total image we see as 1260 byte reduction:
Memory region Used Size Region Size %age Used
FLASH [Master & Slave]: 30308 B 256 KB 11.56%
FLASH [Master only] : 29048 B 256 KB 11.08%
On the remote side we see a 828 byte reduction:
Memory region Used Size Region Size %age Used
FLASH [Master & Slave]: 11564 B 64 KB 17.65%
FLASH [Slave only] : 10736 B 64 KB 16.38%
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This PR provides changes that are required after replacing Tinycbor
with copy of source code from mynewt-core.
The Tinycbor has been replaced with mynewt-core version to reduce
maintenance effort; by replacing it the Zephy specific changes have been
reduced to small patch over mynewt codebase.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
More clear and detailed description of choices, and explicit
recommendations for users. Based on a question on the mailing list.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Same deal as in commit eddd98f811 ("kconfig: Replace some single-symbol
'if's with 'depends on'"), for the remaining cases outside defconfig
files. See that commit for an explanation.
Will do the defconfigs separately in case there are any complaints
there.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The glob in modules/Kconfig accidentally picked up Kconfig.tls-generic,
which is only supposed to be included from modules/Kconfig.mbedtls.
Replace the globbing with explicit 'source's to fix it. Best to avoid
globbing unless absolutely necessary, because it tends to pick up random
non-checked-in files as well.
Use 'source' instead of 'osource' since the files are known to exists.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Kconfig.tls-generic is already 'source'd within an 'if MBEDTLS' in
modules/Kconfig.mbedtls (the 'if' covers most of the file).
Flagged by https://github.com/zephyrproject-rtos/ci-tools/pull/128.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Update the hal_nordic module revision, to switch to nrfx 2.1.0.
Because the list of peripherals for nRF5340 has changed as follows:
- SPIM2 has been renamed to SPIM4
- SPIM2-3, SPIS2-3, TWIM2-3, TWIS2-3, and UARTE2-3 have been added
a couple of related corrections needed to be applied in dts and Kconfig
files, plus the spi_nrfx_spim driver has been extended with the support
for SPIM4.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
So far, nRF 802.15.4 radio driver build was dependent on the 802.15.4
subsystem in Zephyr. While this was a reasonable approach for samples,
it prevented the radio driver from being built as a standalone entity,
which could be useful in some applications (e. g. running core nRF
802.15.4 radio driver tests with Zephyr).
Resolve this, by providing a separate set of Kconfigs for the radio
driver, therefore allowing to build it as a separate entity. The 802154
subsystem simply enables the radio driver module in this case.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Include the CANopenNode CANopen stack as a module in Zephyr.
CANopenNode is licensed under the Apache-2.0 license.
This fixes#15278.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
Add Kconfig option for indicating that a given SoC contains the
OpenISA RV32M1 Timer/PWM module (TPM).
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
The HAS_IMX_{RDC,CCM} symbols were added to ext/hal/nxp/imx/Kconfig in
commit 3afc2b6c61 ("ext/hal/nxp/imx: Import the nxp imx7 freertos bsp"),
and later copied over to modules/Kconfig.imx in commit 12438e1047 ("ext:
hal: Make NXP HALs a Zephyr module").
Never used.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
A single menu within an if like
if FOO
menu "blah"
...
endmenu
endif
can be replaced with
menu "blah"
depends on FOO
...
endmenu
Fix up all existing instances.
Also remove redundant extra menus underneath 'menuconfig' symbols.
'menuconfig' already creates a menu.
Also remove the menu in arch/arm/core/aarch32/Kconfig around the
"Floating point ABI" choice. The choice depends on FLOAT, which depends
on CPU_HAS_CPU, so remove the 'depends on CPU_HAS_FPU' too.
Piggyback removing a redundant 'default n' for BME280.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
