Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PSOC6_SB: initial integration of Cypress Secure Boot target CY8CPROTO_064_SB #11018

Merged
merged 16 commits into from Aug 30, 2019

Conversation

@romanjoe
Copy link
Contributor

commented Jul 10, 2019

Kind request for ARM team!!!

Could you please make a review as soon as possible - we need this for our customer. Ideally at start on the next week.

Description

This PR brings the following major updates to the Cypress PSoC 6 targets for Mbed OS 5.13:

  • Initial implementation of the Cypress Secure Boot enabled target CY8CPROTO_064_SB (targets/TARGET_Cypress/TARGET_PSOC6/TARGET_CY8CPROTO_064_SB)
  • Initial implementation of the Cypress Secure Boot tools to support CY8CPROTO_064_SB development (targets/TARGET_Cypress/TARGET_PSOC6/sb-tools)
  • Added post build functions to integrate Secure Image creation in standard mbed-os build flow.
    (tools/targets/PSOC6.py)

Dependencies;

  • This PR is based on changes introduced in #10692 and is relying on them

Testing results*:
LIN_064_ARMC6_bg.txt
LIN_064_ARMC6_bg_b.txt
LIN_064_GCC_ARM_bg.txt
LIN_064_GCC_ARM_bg_b.txt
MAC_064_GCC_ARM_bg.txt
MAC_064_GCC_ARM_bg_b.txt
WIN_064_ARMC6_bg.txt
WIN_064_ARMC6_bg_b.txt
WIN_064_GCC_ARM_bg.txt
WIN_064_GCC_ARM_bg_b.txt
WIN_064_IAR_bg.txt
WIN_064_IAR_bg_b.txt

(_bg.txt - basic greentea run
(_bg_b.txt - basic greentea buildlog)

  • there are 2 tests which fail right now. Their root cause is specific implementation of HAL. Our team address this issue right now. And fix will be uploaded.

Pull request type

[ ] Fix
[ ] Refactor
[X] Target update
[ ] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

Reviewers

Please suggest

Release Notes

@ciarmcom ciarmcom requested review from ARMmbed/mbed-os-maintainers Jul 10, 2019
@ciarmcom

This comment has been minimized.

@ciarmcom ciarmcom requested a review from ARMmbed/mbed-os-tools Jul 10, 2019
@romanjoe romanjoe force-pushed the romanjoe:cy8c064-sb branch from ffa493c to 7d289d4 Jul 11, 2019
@artokin

This comment has been minimized.

Copy link
Contributor

commented Jul 15, 2019

@romanjoe , #10692 is now merged to master. Would you rebase?

@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Jul 15, 2019

@romanjoe , #10692 is now merged to master. Would you rebase.

Hi, thank you for response.

I have made a fork from official master right after #10692 was merged to master. So my PR branch has that changes.

@mbed-ci

This comment has been minimized.

Copy link

commented Jul 17, 2019

Test run: FAILED

Summary: 3 of 4 test jobs failed
Build number : 1
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_build-ARM
  • jenkins-ci/mbed-os-ci_build-GCC_ARM
  • jenkins-ci/mbed-os-ci_build-IAR
@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Jul 17, 2019

I found an error message from CI log

ImportError: No module named pathlib

this module is required by post build script of Secure Boot tools and is present in requirements.txt targets/TARGET_Cypress/TARGET-PSOC6/sb-tools.

What should i do in this case?

@ifyall

This comment has been minimized.

Copy link

commented Jul 19, 2019

@maclobdell Can you ping someone to assist @romanjoe with the question regarding the post-build script?

@SeppoTakalo

This comment has been minimized.

Copy link
Contributor

commented Jul 22, 2019

@ARMmbed/mbed-os-tools Can you tel us how those dependencies are handled from platform specific build scripts? Are there any limitations, or should we just accept all dependencies?

@mark-edgeworth

This comment has been minimized.

Copy link
Contributor

commented Jul 22, 2019

I'm sorry, we do not have enough experience yet with this build system to answer this.

@SeppoTakalo

This comment has been minimized.

Copy link
Contributor

commented Jul 23, 2019

@ARMmbed/mbed-os-test Are we OK on adding dependencies on per-platform build scripts? Should those be added into main requirements.txt?

@SeppoTakalo SeppoTakalo removed the needs: CI label Jul 24, 2019
@SeppoTakalo

This comment has been minimized.

Copy link
Contributor

commented Jul 25, 2019

@romanjoe Due the summer holiday period, we have very delayed responses from developer teams. Therefore I have no clear answer how to handle those Python requirements.

In the mean time, I would like to suggest that you add your requirements into the root requirements.txt or find another way around it. That would allow us the test this change, as the CI will dynamically install dependencies.

@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Jul 25, 2019

Hi @SeppoTakalo, thank you for response. I added platform specific requirements to main requirements.txt of mbed-os.

But i see another problem with CI. Our target uses a specific set of post build tools. To use these tools set of cryptography keys must be generated. These keys are then used for signing hex files, generated by mbed-os.

Problem is, that these keys should be generated by user before starting work with our target. Keys should be unique every time for each user from security perspective reasons. Without keys in targets/TARGET_Cypress/TARGET_PSOC6/sb-tools/keys, mbed-os hexes will be built successfully, but not signed in post build hook which will lead to script error and CI failure.

How we can manage this issue?

PS: We use keys generation as one of jobs on our CI now. No default keys can be used in repositories.

@cmonr

This comment has been minimized.

Copy link
Contributor

commented Jul 25, 2019

@romanjoe Please review the python failures in Travis CI:

https://travis-ci.org/ARMmbed/mbed-os/jobs/563750975#L247

@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Jul 30, 2019

Hi, I got this message from travis-ci/tools-py2.7 runner.

Could not find a version that satisfies the requirement trollius==1.0.4 (from pyshark-legacy->icetea<1.3,>=1.2.1->-r requirements.txt (line 21)) (from versions: 2.1, 2.1.post2, 2.2, 2.2.post1)
No matching distribution found for trollius==1.0.4 (from pyshark-legacy->icetea<1.3,>=1.2.1->-r requirements.txt (line 21))
The command "pip install -r requirements.txt" failed and exited with 1 during .

This issue is already tracked in #11124 and is reproducible on all mbed-os versions due to external dependencies.

@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Jul 31, 2019

Hi, as issue #11124 is resolved and closed now, all automatic CIs are completed.

Only CI needed to be ran is

continuous-integration/jenkins/pr-head

@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Aug 1, 2019

Hi, again.

Before running last CI stage, which is continuous-integration/jenkins/pr-head please review my comment above #11018 (comment).

Also please consider to review attached GreenTea test reports, generated by our CI system.

@SeppoTakalo SeppoTakalo added needs: CI and removed needs: work labels Aug 1, 2019
@mbed-ci

This comment has been minimized.

Copy link

commented Aug 30, 2019

Test run: FAILED

Summary: 1 of 4 test jobs failed
Build number : 7
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_build-IAR
@0xc0170

This comment has been minimized.

Copy link
Member

commented Aug 30, 2019

I dont see any merge conflicts, but rebase won't hurt. @romanjoe if you can do it now before I restart CI

@0xc0170

This comment has been minimized.

Copy link
Member

commented Aug 30, 2019

Let me know asap

@romanjoe romanjoe force-pushed the romanjoe:cy8c064-sb branch from 0efa63a to 9780c90 Aug 30, 2019
@romanjoe

This comment has been minimized.

Copy link
Contributor Author

commented Aug 30, 2019

@0xc0170 PR rebased - sorry it took more time, because there was a fix needed considering changes is that PR i mentioned

@0xc0170

This comment has been minimized.

Copy link
Member

commented Aug 30, 2019

CI started

@mbed-ci

This comment has been minimized.

Copy link

commented Aug 30, 2019

Test run: FAILED

Summary: 3 of 4 test jobs failed
Build number : 8
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_build-GCC_ARM
  • jenkins-ci/mbed-os-ci_build-IAR
  • jenkins-ci/mbed-os-ci_build-ARM
@0xc0170

This comment has been minimized.

Copy link
Member

commented Aug 30, 2019

The error above fixed, restarting CI

@mbed-ci

This comment has been minimized.

Copy link

commented Aug 30, 2019

Test run: SUCCESS

Summary: 11 of 11 test jobs passed
Build number : 9
Build artifacts

@0xc0170 0xc0170 added ready for merge and removed needs: CI labels Aug 30, 2019
@0xc0170 0xc0170 merged commit 979e1f0 into ARMmbed:master Aug 30, 2019
25 checks passed
25 checks passed
continuous-integration/jenkins/pr-head This commit looks good
Details
jenkins-ci/build-ARM Success
Details
jenkins-ci/build-GCC_ARM Success
Details
jenkins-ci/build-IAR Success
Details
jenkins-ci/cloud-client-test Success
Details
jenkins-ci/dynamic-memory-usage RTOS ROM(+0 bytes) RAM(-72 bytes)
Details
jenkins-ci/exporter Success
Details
jenkins-ci/greentea-test Success
Details
jenkins-ci/mbed2-build-ARM Success
Details
jenkins-ci/mbed2-build-GCC_ARM Success
Details
jenkins-ci/mbed2-build-IAR Success
Details
jenkins-ci/unittests Success
Details
travis-ci/astyle Success!
Details
travis-ci/docs Success!
Details
travis-ci/doxy-spellcheck Success!
Details
travis-ci/events Success! Runtime is 8674 cycles.
Details
travis-ci/gitattributestest Success!
Details
travis-ci/include_check Success!
Details
travis-ci/licence_check Success!
Details
travis-ci/littlefs Success! Code size is 8464B.
Details
travis-ci/psa-autogen Success!
Details
travis-ci/tools-py2.7 Success!
Details
travis-ci/tools-py3.5 Success!
Details
travis-ci/tools-py3.6 Success!
Details
travis-ci/tools-py3.7 Success!
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.