-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TF-M: directory structure update proposal to import twincpu branch to mbed-os #11640
Conversation
@Devran01, thank you for your changes. |
@Devran01 Please could check the astyle issue by Travis. |
@jainvikas8 Updated .astyleignore to match new directory structure |
psa-autogen check fails because Mbed PSA services for v8-M have been removed from feature branch. |
It's hard to judge what's going on with 500 files moving, can you describe the new model and what has changed? Also Maybe it's time to remove PSA from |
@bulislaw I still can't get a handle on the true design intent behind "components" |
@bulislaw Good point. I guess COMPONENT was chosen for PSA to handle complex combination of supporting single v7-M, dual-v7-M and v8-M in both Secure (_S) and non-secure (_NS) modes in mbed-os (https://github.com/ARMmbed/mbed-os-5-docs/blob/development/docs/porting/psa/spm.md). Our plan is to run TF-M on the secure side and mbed-os on the non-secure side, but TF-M will be built outside of mbed-os build system. This simplifies the combination that needs to be supported with mbed-os build system which will be supporting single v7-M, dual-v7-M and v8-M for non-secure mode (_NS). I'll look into moving PSA related files to features/psa. The plan:
Merge feature-twincpu to master once it is stable and TF-M feature-twincpu branch gets merged with TF-M master branch. |
@Devran01 Do we need
|
@Patater No we don't for twincpu.
|
platform/mbed_retarget.cpp
Outdated
@@ -913,7 +913,7 @@ extern "C" long PREFIX(_flen)(FILEHANDLE fh) | |||
} | |||
|
|||
// Do not compile this code for TFM secure target | |||
#if !defined(COMPONENT_SPE) || !defined(TARGET_TFM) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why remove COMPONENT_SPE here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Patater We do not have COMPONENT_SPE
anymore or FEATURE_SPE
as we'll not build secure side using mbed-cli. But in this case we need to identify non-secure and the current #if i snot doing that. I'll change the code to #if defined(FEATURE_NSPE)
which is only defined for NSPE.
@@ -1,17 +0,0 @@ | |||
""" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Commit "Remvoe PSA related scripts from tools/test folder" should say "Remove PSA related scripts from tools/test folder"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll squash the commits and update the comment.
- python -m pip install --upgrade pip==18.1 | ||
- python -m pip install --upgrade setuptools==40.4.3 | ||
- pip install -r requirements.txt | ||
- pip list --verbose |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How was the events test working previously without these changes?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They were included as part of psa-autogen test. The events test failed when I removed them.
85c602e
to
825d727
Compare
.travis.yml
Outdated
@@ -1,4 +1,4 @@ | |||
# Copyright (c) 2013-2018 Arm Limited. All rights reserved. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please fix up the commit message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jainvikas8 what's missing from the commit message?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Heading less than 50 characters, please.
aac9784
to
0c73fa7
Compare
Fixed. |
If this is breaking change, it needs to have Release notes section: https://os.mbed.com/docs/mbed-os/v5.14/contributing/workflow.html#pull-request-template-breaking-changes |
Ah wait, this is for feature branch, was not labeled. Fixing now. Still, this should include how is this breaking. |
I would like to understand this one : Keep this up to date during the reviews here so we can read the current status. |
@0xc0170 I've updated PR |
0c73fa7
to
ddf6e89
Compare
@jainvikas8 As suggested, removed psa_manifest/sid.h as service id definitions are not relevant for single-v7-M. |
In the release notes there is no impact - so what is breaking here? Is it the switch from SPM to TFM? It's not clear to me. |
This commit should be on master as fix, I'll start CI now as this is for feature branch (rebase will clean it up anyway) |
Test run: FAILEDSummary: 3 of 4 test jobs failed Failed test jobs:
|
|
58f7534
to
134e2bd
Compare
@0xc0170 I've fixed the issues. Can you please restart the CI? |
@@ -2042,113 +2042,6 @@ | |||
"device_has_remove": ["QSPI"], | |||
"release_versions": ["2", "5"] | |||
}, | |||
"LPC55S69": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Commit "Remove v8-M and dual v7-M targets" seems only to remove v8-M targets. Consider changing commit message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, rebasing on top master had removed dual v7-M targets. Updated the commit message.
@@ -1,57 +0,0 @@ | |||
# Copyright (c) 2019 ARM Limited |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you are keeping the find_secure_image()
function, shouldn't we also keep the test?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, missed that. I'll bring back the test.
targets/targets.json
Outdated
@@ -9183,31 +9132,6 @@ | |||
}, | |||
"program_cycle_s": 10 | |||
}, | |||
"CY8CKIT_062_WIFI_BT": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why remove this target in commit "Refactor Mbed PSA service code base "?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The target shouldn't have been removed. Fixed.
2a9ec19
to
0174e69
Compare
The Mbed OS PSA services is moved to features/FEATURE_PSA/TARGET_MBED_PSA_SRV. Removed PSA_SRV_IMPL, PSA_SRV_EMUL and NSPE. Added new feature `PSA` to support PSA in Mbed OS. Created following generic PSA targets: * `PSA_Target` (Root level PSA target) * `PSA_V7_M_NSPE` (Single v7-M NSPE generic target) * `PSA_V7_M_SPE` (Single v7-M SPE generic target) * `PSA_DUAL_V7_M_NSPE` (Dual v7-M NSPE generic target) * `PSA_DUAL_V7_M_SPE` (Dual v7-M SPE generic target) * `PSA_V8_M_NSPE` (v8-M NSPE generic target) * `PSA_V8_M_SPE` (v8-M SPE generic target) Added document features/FEATURE_PSA/supporting_psa_in_mbed-os.md which describes PSA support in Mbed OS. Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
1. Remove psa related hooks from the build system. 2. Remove PSA related scripts from tools/test folder 3. Remove psa-autogen job from travis which was running generate_partition_code.py and is not needed anymore 4. Install python modules needed for events and littlefs tests Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Removed MUSCA A1 and LPC55S69 targets as they are not supported on feature branch. The targets will be re-introduced before merging feature branch to master. Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
The example `mbed-os-example-atecc608a` needs the secure element driver which is removed from feature branch. The secure element support should be added to TF-M and when we import TF-M to mbed-os, secure element will be supported in mbed-os. Because of this compilation of the example `mbed-os-example-atecc608a` is disabled. Note: DO NOT merge this to `master` without secure element support in mbed-os. Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Current algorithm doesn't support multiple inheritance when inheritance depth is more than 1 on two parents. It'll not parse the "_add" or "_remove" attributes on a second parent which is at the same level as that of a parent that defines the attribute. This change ensures that second parent which is at the same level as that of a parent that defines the attribute is parsed for "_add" or "_remove" attributes. However, this change will parse the parent which defines the attributes twice, once to evaluate the attribute and then to evaluate the "_add" or "_remove" attribute. But, no target is allowed to define an attribute and also "_add" or "_remove" for the same attribute. Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
0174e69
to
0423668
Compare
I restarted CI. Note, there is a failure on current master that might show up here as well. |
Test run: SUCCESSSummary: 11 of 11 test jobs passed |
@Patater All requests resolved? There's pr merge CI issue, will be fixed and this shall be ready to integrate? |
Not yet. |
Description
In mbed-os, we currently support v8-M targets using TF-M Secure Partition Manager (SPM) and mbed-os services and twin v7-M targets using MBED SPM and mbed-os services. This combination adds significant maintenance overhead. Therefore we are planning use both PSA SPM and services from TF-M to support v8-M and twin v7-M targets.
This PR proposes a new directory structure which is required to import TF-M twin cpu implementation into mbed-os.
At the time of creating this PR, TF-M master only supports v8-M targets and twin-cpu targets are supported on a feature branch. Therefore our plan is,
Pull request type
Reviewers
@Patater @jainvikas8
Release Notes
Impact Analysis
Non-secure side application:
There is no impact on non-secure side application as the PSA APIs will remain the same.
Secure side application:
Breaking change if someone wants to add their own secure service, but we don't provide any migration for them. They need to use TF-M (https://git.trustedfirmware.org/trusted-firmware-m.git/tree/) instead.