Age | Commit message (Collapse) | Author |
|
Move tf-m-tests specific configurations from TF-M to tf-m-tests.
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: I89db28ce892c8e3f04d79cbf59e1946e1e61823d
|
|
Refine the control logic of TF-M SPM log and SP log.
- If SP log level is higher than silence or TF-M regerssion tests are
enabled, enable SP raw log.
- If SP raw log is enabled or SPM log level is higher than silence,
enable SPM raw log.
Add a config file to complete the configure settings.
Change-Id: Ifc4e3c60e753bf464a12fb1037ef6a50b0470ff6
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Move tf-m-tests specific config setting to tf-m-tests repo to decouple
tf-m-tests config from TF-M.
In the meantime, move tf-m-tests repo fetch operation during TF-M config
setting. Therefore, tf-m-tests specific config file is available when
TF-M config starts as tf-m-tests configs are coupled with those in TF-M.
Change-Id: I5dd7e382378990c6dfe7a5a148d0e12d7933d1a1
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Align the commit reference to pick up the fix for the ECDH
test.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: Ib0c0ee1b658ab2fd9d41ab69b96581022fca90a5
|
|
QCBOR util files in tf-m/lib/ext/qcbor/util are not used in tf-m and
are only used by the attestation test suite. Hence moving them to
appropriate location.
Also, updating the tf-m-tests to a new commit.
Change-Id: I1f658aaf053b6820c62268304d082f1880603e36
Signed-off-by: Maulik Patel <maulik.patel@arm.com>
|
|
Search regression test config passed via command line. If regression
test flags are found in CMake cache variables and values are set to ON,
enable corresponding regression test flag in TF-M build.
It can get rid of long list in if condition check of regression test
configs. Developers only need to name regression test group starting
with "TEST_NS" or "TEST_S", without updating the long if condition
check.
Change-Id: I83f0589390d2120afe94feb9f0867f4aa8187202
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Signed-off-by: Abbas Bracken Ziad <abbas.brackenziad@arm.com>
Change-Id: I167cdbf1a7b73b719f1ffb7b9f73b09e3e957dba
|
|
Signed-off-by: Abbas Bracken Ziad <abbas.brackenziad@arm.com>
Change-Id: I98da8b182a35d0076cf2ad0b4345a5867974fa4b
|
|
Update tf-m-tests commit to support test services out-of-tree build.
Change-Id: I7bbcc7a348d32dcbe6b359e515a04be3919d34c5
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Support TF-M to build mulitple scure partition whose source code folder
is maintained outside TF-M repo.
- Rename TFM_EXTRA_MANIFEST_LIST_PATH to TFM_EXTRA_MANIFEST_LIST_FILES
to indicate the out-of-tree secure partition manifest list files.
- Add config TFM_EXTRA_PARTITION_PATHS to indicate the out-of-tree
secure partition directories
- Add attribute output_path in manifest list to enable out-of-tree
partition to specify the directory of its generated files.
- Support relative manifest path in the manifest list of an out-of-tree
secure partition.
For example, a manifest path can be set as a relative path to the
manifest list file. Therefore, the manifest path can be independent
to out-of-tree secure partitionsourece code path.
Change-Id: I743b458c405d2a9af43d4f234e52f80cdb545103
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Update Version of Test Repo
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: I8a1f1e5d86596d82f3abb8ffd1b797b76acf0389
|
|
The build process cannot pass because the CMake configuration files
in tf-m-tests repo are included before auto-downloading the
tf-m-tests repo. This patch will move these files into TF-M repo.
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: I1d4b4d6de252f6ec2c584c6a474faee9604e4ecf
|
|
Update Version of Test Repo
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: I53d142694426f8d844addfdbab4cc18f8b5499cd
|
|
To decrease the size of TF-M image so that it can work on a platform
with limited resource, the build configure should allow developers
to select one or more single test suites. The tf-m-test repo has
added some build control flags. These flags can be controlled with
"-D<FLAG>=ON" to turn on the related test suites' build. With the
build control flags are added in tf-m-tests repo, the cmake build
logic need to be refined. To make it easier to start single test
suite without TEST_NS or TEST_S, more conditions need to be added to
link tf-m-tests repo. Moreover, some test services should also
depend on the new single test flags.
By this patch, when TEST_S or TEST_NS is ON, all the secure or
non-secure test suites will run either. When single test configuration
like TEST_NS_XXX or TEST_S_XXX is ON, the single test suite will run
if its dependencies are configurated.
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: I2ca5b400ddfee2832e0eaae49da529f1c2d70c98
|
|
Update tf-m-tests repo version to a46efaa.
Change-Id: I979c900ae136177a7c2cb6982c7630cf82cfc1be
Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
|
|
TF-M Crypto service allocates a key handle array to map keys and
owners. However, this array is redundant since TF-M Crypto eventually
relies on Mbed TLS key handle management.
Remove TF-M Crypto service key handle array to simplify TF-M Crypto key
handling routine and optimize memory footprint.
Remove CRYPTO_KEY_ID_ENCODES_OWNER.
Enforce MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER to be enabled.
Update the test commit ID accordingly.
Change-Id: Ic1ecff587ec33a95fbeabcd8dd9fd6430455117b
Signed-off-by: David Hu <david.hu@arm.com>
Co-authored-by: Summer Qin <summer.qin@arm.com>
|
|
Update tf-m-tests repo version to a602746.
Change-Id: If2504b8845e53368f6ae664f5441cbb34dbea13f
Signed-off-by: Shawn Shan <Shawn.Shan@arm.com>
|
|
Update tf-m-tests repo version to adfe6c1.
Change-Id: Ifbc9eaa4f18054697c059cbcdb667a4f4c305433
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
|
|
Update tf-m-tests repo version to d4600a4.
Change-Id: Ie22926533f742a53e0cdc802793d92bd2fe05747
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
|
|
The partition only includes one stateless service accessing
test. Remove this partition and put the test into IPC service
test partition.
Same changes are applied to the tf-m-test repo.
Change-Id: I37e2fabce61fe2a366bfea209d97d2968fdb5325
Signed-off-by: Mingyang Sun <mingyang.sun@arm.com>
|
|
By setting the TFM_PLAT_SPECIFIC_MULTI_CORE_COMM cmake flag platform
specific implementation can be used to communicate between the Secure
and Non-secure cpu.
Change-Id: Ia966fa7150a709b75b6dfd1bce0d41135f287398
Signed-off-by: Mark Horvath <mark.horvath@arm.com>
|
|
This commit introduces two cmake flags to let a platform overwrite BL2
related implementations created by the TF-M project.
- Setting DEFAULT_MCUBOOT_FLASH_MAP to OFF makes possible for a
platform to create custom flash map.
- Setting DEFAULT_MCUBOOT_SECURITY_COUNTER to OFF makes possible for a
platform to use custom security counter mapping.
Change-Id: Ib1955e63e78dd5a5a7dff67a49dab1d5d1a06fc1
Signed-off-by: Mark Horvath <mark.horvath@arm.com>
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
|
|
This patch disables the ECDH test in the Crypto regression
for profile small which does not support the feature. The
documentation is updated accordingly in relevant places.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I3781c473864d90ac26584b357c2903f750ed5190
|
|
The actual version of MCUboot is not changed, only the commit hash
is replaced in the build configuration with a tag on the same commit.
Change-Id: I5509f21d3c6d3e87a924e4000f6c6a654f9bdb56
Signed-off-by: David Vincze <david.vincze@arm.com>
|
|
Update the psa arch test version.
Change-Id: I4ab265fe7c86636920d19e60b70dbbe3c76dca27
Signed-off-by: Summer Qin <summer.qin@arm.com>
|
|
PLATFORM_DUMMY_NV_SEED and CRYPTO_HW_ACCELERATOR
should not be disabled at the same time.
Only one of them should be set to ON.
Change-Id: I1c0c5b187734e3a49b0cea9a3562693bd1d0e11c
Signed-off-by: Summer Qin <summer.qin@arm.com>
|
|
Update the TFM_TEST_REPO_VERSION which align with mbedtls-3.0.0
and support crypto single-shot test cases.
Change-Id: Ic61e5a4b31395df0864b21dac28ca02d62f25328
Signed-off-by: Summer Qin <summer.qin@arm.com>
|
|
MBEDTLS_TEST_NULL_ENTROPY is removed from mbedtls 3.0.0.
Change to use 'MBEDTLS_ENTROPY_NV_SEED' as the default entropy source
if a platform doesn't generate entropy from hardware.
Change-Id: If03c9dec3c6fb0d7bb98721963ac2142d43ed00d
Signed-off-by: Summer Qin <summer.qin@arm.com>
|
|
- Remove deprecated macros and functions
- Enable SHA-224 cryptographic hash algorithm by 'define
MBEDTLS_SHA224_C'
- Enable SHA-384 cryptographic hash algorithm by 'define
MBEDTLS_SHA384_C'
- 'psa_cipher_encrypt' and 'psa_cipher_decrypt' is supported by
mbedtls-3.0.0
- 'psa_mac_compute' and 'psa_mac_verify' is supported by mbedtls-3.0.0
- mbedtls-3.0.0 changes some internal mbedtls apis' name, mcuboot needs
to align.
Change-Id: Ia868c93deceee6c8042607acf35ce2f4c9c15e35
Signed-off-by: Summer Qin <summer.qin@arm.com>
|
|
Change-Id: If9e5749694300c22b4c8857c9c06f355bc4d0a46
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
|
|
The tfm_manifest_list.yaml is used by default and only extra
manifest lists are allowed for customization.
This patch makes the default manifest list replacable as well.
This can avoid issues that the extra manifest and the default
manifest may have conflict Partitions or there could be conflicts
within the default manifest list on some specific builds.
Note: The Partition configuration switches defined in "conditional"
are still required to set to OFF to disable building Partitions even
if they are not in manifest lists.
This patch also fixes the wrong directory in config/set_config.cmake
which happens to be correct when building.
Change-Id: Id701e174d511c8fe34d62e8a3ff4813460aab2e9
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: I90d70ac6363901e37cda7146ec17daad85408ee7
|
|
Library Mode does not support FLIH.
This patch adds config check for FLIH test being enabled for Lib Mode.
Change-Id: I567c9de279fcfba1bef6222a4a4070abf0be74bc
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Update Version of Test Repo
Signed-off-by: Jianliang Shen <jianliang.shen@arm.com>
Change-Id: Iad3c7a9f67677eebd54f67f8f900c5a0b7504c16
|
|
Change-Id: I0145b3fc877e0a21c2ba99ae2dc0332d897c2a03
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Currently the FLIH test is only supported on AN519 and AN521
Change-Id: Ic34aee26d4db732bdf9fb72c9163dd164b1e688e
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
This patch:
- Moves timer driver to SPRT. The timer driver only contain common
timer control logics, which are supposed to be shared between
Partitions. The accesses to different timers are controlled through
MMIO regions of the timer registers.
- Build plat_test.c when either TEST_S or TEST_NS is enabled.
plat_test.c is not part of Platform Partition but for test purpose.
- Add a clear interrupt interface for future use.
Change-Id: I756300b76a9b7061972336cb8ecafaba47f8a8de
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Change-Id: I9e95c5c4799ae77ac0c5e7fe6592c6f0e593ff30
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Add a config CRYPTO_KEY_ID_ENCODES_OWNER to control whether client ID is
encoded into PSA Crypto key ID. This config shall be aligned with
underlying crypto library key ID encoding configuration.
Change-Id: I3b6073a7c1b440e7de0f5889e8dc32416003e3b7
Signed-off-by: David Hu <david.hu@arm.com>
|
|
This patch bumps up the test repo version for IRQ testing refactor.
Change-Id: I3b7229869721b3e42bfa6daec56e4aa58f9e4cbb
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
This patch:
- Replaces the tfm_irq_test_service_1 with the tfm_slih_test_service
- Docs update:
- Remove the out-of-date tfm_non-secure_interrupt_handling.rst
- Remove IRQ test part in core_test_services_integration_guide.rst
as core test does not participate in IRQ testing anymore.
Note:
The new SLIH testing does not support Library Model.
Change-Id: I578d43ca7a363cdcb298226cc9ebad5f7b66fb48
Signed-off-by: Kevin Peng <kevin.peng@arm.com>
|
|
Update tf-m-tests to align attestation test service changes.
Change-Id: I97e36c303674b8c83b5f729007ea6fa1803b8c25
Signed-off-by: David Hu <david.hu@arm.com>
|
|
derivation
We introduce a compile-time option to control whether to disable
the API for tfm_crypto_generate_random, independent of the key
derivation. In addition to that, the above API function is moved
into its own source file.
The change allows us to disable or enable the random number
generation API function independent of whether we disable or
enable the key derivation. This introduces some additional
flexibility to the user, who can now enable the random number
generation API while they can disable the key derivation API
family.
The change does not introduce behavioral changes.
Change-Id: I7306caa38476ff1a67c918ddb9e5780e25cebd27
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
|
|
Currently, the PS partition relies on the ITS partition to access the flash
file system. So build time error will happen if ITS partition is not enabled
while PS partition is enabled. This commit adds checking the status of the
two partitions at configure time.
Change-Id: I3d7a30243209a1400524135a81bbc6037ec9d18f
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
|
|
Optimize the memory footprint required by Crypto service in Profile
Small.
- Decrease the MAX number of concurrent multi-part operations to 4.
- Decrease the heap size used in backend crypto library since asymmetric
cryptography is disabled.
Change-Id: If1b8d4b6cef098e132bd891a140be278993bf6c2
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Change-Id: If1d4ba1aaa706a1a6bbe3651454bfc717b369774
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Enable ATTEST_TEST_GET_PUBLIC_KEY flag in Musca-B1 and Musca-S1 with OTP
enabled.
Add Initial Attestation test service in manifest list.
Change-Id: I8e982ee1a7c31548b4e7c74b937e17660cb0e89e
Signed-off-by: David Hu <david.hu@arm.com>
|
|
Put arm platforms into arm folder and remove some unused
cryptocell-312-runtime. It will be convenient for users and
developers.
Signed-off-by: Summer Qin <summer.qin@arm.com>
Change-Id: I1187a8f2b18903e531ce28b2d23be251ec1e2b45
|
|
After updating the version of MCUBoot, revert mechanism in DIRECT_XIP
mode is supported in MCUBoot. This commit adds the support of it in
build system and updates the mcuboot based FWU shim layer
implementation accordingly.
Change-Id: I017d02e4161daee56f54ed3ed09f98ebb9a776e0
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
|
|
Change-Id: Id9859a00f5b7be0c0fb24724b2dd0c5738682c67
Signed-off-by: David Hu <david.hu@arm.com>
|