The caller saved registers were restored both as caller saved and
callee saved registers, i.e. register 0-15 were restored into
both register 0-15 and 15-31.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Currently the MBEDTLS_HAVE_TIME_DATE mbedTLS option is enabled based on
the CONFIG_POSIX_API option. This doesn't seem right, since the enabling
the POSIX API does not guarantee that there is a valid time source in
the system. This was the case for the qemu_x86 platform, where enabling
POSIX_API caused TLS handshake failures due to certificate validation
errors caused by no valid time avaialble in the system.
Fix this by adding a specific KConfig entry for date/time configuration
in mbedTLS. Applications that need to enforce date verification in
mbedTLS should enable it explicitly instead of relying on the
non-obvious implicit configuration.
Fixes#35401
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
The nRF SOCs declare support for SWO using the HAS_SWO define. In
addition, the SWO pin has to be configured at runtime, which is done
through the Nordic HAL by defining ENABLE_SWO.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Follow-up: #34868
The CMAKE_ARGS was accidentally lost during work on #34868.
This commit fixes that by re-adding `CMAKE_ARGS` as multi value arg.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Follow-up: #34843
This commit is a followup to PR #34843.
The Zephyr subsys/tracing/Kconfig file has a
`depends on ZEPHYR_TRACERECORDER_MODULE` but that symbol is only
available when the module is part of the manifest.
This commit adds the second part of the comment:
https://
github.com/zephyrproject-rtos/zephyr/pull/34843#discussion_r628154265
To ensure all Kconfig symbols are defined.
Without this commit, users without TraceRecorder will see following
checkpatch error:
```
ERROR : Test KconfigBasic failed: Undefined Kconfig symbols:
warning: undefined symbol ZEPHYR_TRACERECORDER_MODULE:
- Referenced at subsys/tracing/Kconfig:35:
config PERCEPIO_TRACERECORDER
bool "Percepio Tracealyzer support"
select THREAD_NAME
select INIT_STACKS
select THREAD_MONITOR
depends on ZEPHYR_TRACERECORDER_MODULE && <choice>
```
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Now using CONFIG_MBEDTLS_USER_CONFIG_FILE instead of
CONFIG_MBEDTLS_USER_CONFIG_ENABLE for inclusion of user config file.
The Kconfig MBEDTLS_USER_CONFIG_ENABLE setting now now determines if
MBEDTLS_USER_CONFIG_FILE is visible.
This removes the problem of MBEDTLS_USER_CONFIG_FILE to be stuck on its
first value.
Users can use MBEDTLS_USER_CONFIG_ENABLE to get the prompt and define
their own value.
As the CONFIG_MBEDTLS_USER_CONFIG_FILE is default promptless then we can
use this setting directly as it will only be defined if another Kconfig
file specifies a default value to use, or user enables:
MBEDTLS_USER_CONFIG_ENABLE.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Introducing MBEDTLS_PROMPTLESS and CUSTOM_MBEDTLS_CFG_FILE settings.
The MBEDTLS_PROMPTLESS can be set to true whenever configuration of
mbedTLS is done from a subsystem or module.
Such an example is OpenThread, which selects mbedTLS for some predefined
crypto settings using OPENTHREAD_MBEDTLS=y.
Unfortunately, extensive use of select can easily cause stuck symbol
syndrome making it harder than neccesarry for users to later reconfigure
as they easily get stuck in incompatible configurations.
Providing a MBEDTLS_PROMPTLESS allows such configurations to disable the
MBEDTLS prompt itself when selected but avoid stuck symbol if user
select another security configuration.
Similar with CUSTOM_MBEDTLS_CFG_FILE which ensures that user must
explicitly select this symbol before providing a custom mbedTLS config
file.
Today, other parts the Kconfig tree may set a default value for
MBEDTLS_CFG_FILE but that value is stuck and thus changed Kconfig
selections elsewhere in the tree will not adjust the value.
Introducing CUSTOM_MBEDTLS_CFG_FILE ensures it is known when the user
has provided the value.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit removes the prompt from MBEDTLS_USER_CONFIG_FILE unless
MBEDTLS_USER_CONFIG_ENABLE is true.
This fixes issues where other parts would specify a default value for
MBEDTLS_USER_CONFIG_FILE that would become stuck and not updated if
user re-configured the system using menuconfig.
Disabling the prompt ensures that only when a user specifically enables
MBEDTLS_USER_CONFIG_ENABLE and specify a custom user value in
MBEDTLS_USER_CONFIG_FILE the setting will be fixed.
Also updates the manifest with related change in the mbedtls project.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This Mbed TLS configuration option was being selected based on a
non-existent Kconfig option, and hence would never be defined. v2.1 of
PKCS1 was published in 2003. Use of v1.5 has been deprecated since
2016, and should not be used in new or existing designs.
Enable the v2.1 version in any situation where RSA is used for
signatures. In the future, we should disable v1.5 entirely, but only
after all uses have been determined and possibly corrected.
No significant weaknesses have been found in v1.5, however v2.1 has a
significant security proof. However, v2.1 does require an entropy
source, which may be an issue in some embedded device situations (which
likely are problematic for other cryptographic reasons).
Signed-off-by: David Brown <david.brown@linaro.org>
Instead of exposing publicly the TF-M NS interface include
directories, we include them when we build relevant projects.
This is required, as the TF-M include directories contains
psa crypto sources that are also provided by the mbedtls
crypto module. The downside of this solution is that the
TF-M includes need to be added explicitly in each application
that uses TF-M APIs.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Define the MBEDCRYPTO_PATH variable for the TF-M build,
so the latter can used a checked-out version of mbedtls,
instead of pulling an external tree during build time.
This will make Zephyr builds with TF-M must faster.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Updates in CMakeLists.txt to reflect the restructuring
in the module directory. This also bumps mbetls version
to 2.26.0.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We move the Zephyr-specific CMakeLists.txt file into
the main Zephyr tree. We also move the zephyr_init.c
source file.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit removes the prompt from MBEDTLS_USER_CONFIG_FILE unless
MBEDTLS_USER_CONFIG_ENABLE is true.
This fixes issues where other parts would specify a default value for
MBEDTLS_USER_CONFIG_FILE that would become stuck and not updated if
user re-configured the system using menuconfig.
Disabling the prompt ensures that only when a user specifically enables
MBEDTLS_USER_CONFIG_ENABLE and specify a custom user value in
MBEDTLS_USER_CONFIG_FILE the setting will be fixed.
Also updates the manifest with related change in the mbedtls project.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
Introducing MBEDTLS_PROMPTLESS and CUSTOM_MBEDTLS_CFG_FILE settings.
The MBEDTLS_PROMPTLESS can be set to true whenever configuration of
mbedTLS is done from a subsystem or module.
Such an example is OpenThread, which selects mbedTLS for some predefined
crypto settings using OPENTHREAD_MBEDTLS=y.
Unfortunately, extensive use of select can easily cause stuck symbol
syndrome making it harder than neccesarry for users to later reconfigure
as they easily get stuck in incompatible configurations.
Providing a MBEDTLS_PROMPTLESS allows such configurations to disable the
MBEDTLS prompt itself when selected but avoid stuck symbol if user
select another security configuration.
Similar with CUSTOM_MBEDTLS_CFG_FILE which ensures that user must
explicitly select this symbol before providing a custom mbedTLS config
file.
Today, other parts the Kconfig tree may set a default value for
MBEDTLS_CFG_FILE but that value is stuck and thus changed Kconfig
selections elsewhere in the tree will not adjust the value.
Introducing CUSTOM_MBEDTLS_CFG_FILE ensures it is known when the user
has provided the value.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
This commit allows a subsystem to specify additional CMake flags to be
given to the TF-M build.
The additional CMake flags can be provided through the TFM_CMAKE_OPTIONS
property on the zephyr_property_target.
Using the zephyr_property_target allows Zephyr modules to append extra
TFM_CMAKE_OPTIONS regardless of the CMake processing order.
It splits the ExternalProject_Add into a two step process with the CMake
invocation executed using add_custom_target() and the build process
using ExternalProject_Add(). The reason for this split is because CMake
generator expressions passed through ExternalProject_Add to CMake will
quoted so that `$<TARGET_PROPERTY:<tgt>,<prop>>` becomes
`"-DFOO=bar -DBAR=foo"` instead of `-DFOO=bar -DBAR=foo` which again
results in CMake failures.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
When ARM_NONSECURE_PREEMPTIBLE_SECURE_CALLS is enabled, if FPU is
being used (CONTROL.FPCA == 1), store all FP registers before
entering the secure function, and restore them afterwards.
This is needed if any NS thread or ISR that interrupts the secure
function uses FP registers. If they do, a secure UsageFault occurs
unless this change is applied.
This allows k_sched_lock() and k_sched_unlock() to be dropped when
ARM_NONSECURE_PREEMPTIBLE_SECURE_CALLS is enabled.
Enable ARM_NONSECURE_PREEMPTIBLE_SECURE_CALLS by default when
building TF-M.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Add new kconfigs
Include the ns-app built by TF-M build system for regression tests
Update tfm_ipc sample to use new kconfig
Signed-off-by: Andreas Vibeto <andreas.vibeto@nordicsemi.no>
Add necessary libs and files to the build
Add support for new kconfigs
Add Zephyr-only implementations of tfm_log and tfm_ns_interface.
Add zephyr_tfm_psa_test.c for easily running PSA tests.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Do not allow the TFM_ISOLATION_LEVEL to be non-hidden option,
if the TFM_IPC (PSA_API) option is not set, since, in that case,
only Isolation Level 1 is supported.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add the nanopb library and generator tools as a module.
Nanopb is a small code-size Protocol Buffers implementation in ansi C.
It is especially suitable for use in microcontrollers,
but fits any memory restricted system.
Nanopb home: https://jpa.kapsi.fi/nanopb/
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
We add a Kconfig choice for the TF-M profile, in
TF-M's Kconfig file. The reason for that is to be
able to easily enable additional configurations,
depending on the profile type being selected. We
also enhance the documentation of TFM_PROFILE,
stressing that there is now also profile_large
available as an option. TFM_PROFILE is now made
hidden, forcing the users to select one of the
available choice symbols. IF the TFM_PROFILE is
set to something other than "none", then certain
options shall be made hidden, namely, IPC and
isolation level, as they are determined by the
profile setting.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add a dependency on IPC for the Audit Log secure service,
since the service is not compliant with the IPC model.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Update revision of hal_nordic which introduces new radio driver
integration scheme.
The glue cmake has been updated to use the new integration scheme
for the nrf-802154 component.
Added config option to exclude radio driver in hal_nordic from the
build process. This allows the radio driver to be supplied from
other sources.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
The default value is not needed because there is only one choice.
This allows the default choice to be set in a different module.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
When compiling TF-M with profile_medium, disable the support
for Audit Log due to an upstream bug.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Prevent a thread from being preempted, while executing a Secure
function. This is required to prevent system crashes that could
occur if a thead context switch is triggered in the middle of a
Secure call.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
To allow using TFM NS interface without enabling
CMSIS_RTOS V2 support. And to allow using TFM NS
code that uses logging.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The TF-M NS interface needs to be initialized before
it is used. We add an initialization function that
calls tfm_ns_interface_init(), at boot time, so then
we can use TF-M interface calls (veneers).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
In ARM Non-Secure builds with TF-M it is not, generally,
possible to issue system reset requests from Non-Secure
domain. When the Platform SPM Partition is enabled, the
tfm_platform_system_reset(.) API can be used to request
system resets from TF-M. This commit overrides the weak
sys_arch_reboot() implementation in scb.c so Non-Secure
code is able to issue system resets.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Instruct CMake to include interface libraries when
building a Non-Secure ARM target with TF-M. In
particular, include the reboot.c source file, which
overrides the sys_arch_reboot implementation.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Rename lib.
Disable AUDIT_LOG in regression sample because of a bug upstream.
Update stm32l562e_dk_ns overlay.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
There was an inconsistency in the API as z_nrf_rtc_timer_chan_alloc
returned int but other function were using uint32_t for channel
argument. Updated api to use int32_t everywhere.
Update nrf_802154 driver which was using this api to use int32_t.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
This commit enables the TF-M IPC sample application on stm32l562e_dk
board.
It provides device tree flash partition as an overlay in order to
configure and flash the bl2, secure/non secure firmwares.
Signed-off-by: Yestin Sun <sunyi0804@gmail.com>
This commit allows to append an optional --hex-addr argument to
the wrapper script if speficied. This can adjust the base address
of the output hex file when signing the non-secure or secure
firmware images.
Signed-off-by: Yestin Sun <sunyi0804@gmail.com>
