The new Apple M1 Mac computers are ARM based. When compiling and running
unit tests on an M1 Mac, the architecture is defined as __arm__
An extra check for __aarch64__ is needed to set MBED_EXCLUSIVE_ACCESS to 0U for the M1
Mac
If not, compilation fails with "Unknown ARM architecture for exclusive access" error
Some host operating systems are case-insensitive and cannot
distinguish (for example) `semaphore.h` in `os_wrapper` from
`Semaphore.h` from Mbed OS `rtos`. This causes the wrong header to be
included.
By adding `os_wrapper/.mbedignore`, we guarantee that
#include "Semaphore.h"
always points to `rtos/Semaphore.h`, while the fully-qualified include
#include "os_wrapper/semaphore.h"
continues to work because its parent directory is still in the include
path.
Previous, we patched TF-M to replace its OS wrapper with CMSIS RTOS
to resolve manage management issue when integrated with Mbed OS. But
as of TF-M v1.2, the OS wrapper has been reworked in the vanilla TF-M,
and now it makes identical calls to its underlying CMSIS RTOS as our
patches do. So, we remove our patches and use vanilla TF-M's OS
wrapper instead to avoid extra maintenance overhead.
This commit re-imports TF-M files associated with the OS wrapper.
This commit adds post binary hook support for TF-M targets.
To apply this hook to a TF-M target, do the following in the target's
`CMakeLists.txt`:
* include `mbed_set_post_build_tfm.cmake`
* call `mbed_post_build_tfm_sign_image()`, passing
- Mbed OS target name
- TF-M target name
- path containing the target's bootloader, layout files and signing
keys
- path to the secure binary
- path to the non-secure binary (i.e. the "raw" Mbed application)
Mbed TLS 2.24.0 requires a few new macros and an inline function in
the PSA Crypto header. This PR adds them to make sure the TF-M v1.0
target (specifically CYTFM_064B0S2_4343W) continues to compile with
the new Mbed TLS.
Note: Support for older versions of TF-M than v1.2 will be dropped,
so existing TF-M targets should migrate to TF-M v1.2 as soon as
possible.
Setting/getting key enrollment algorithm is not recommended and not
part of the vanilla PSA or TF-M. For now keep the API just for
backward compatibility with existing projects, and this commit
adds deprecation warnings.
Add `psa_set_key_enrollment_algorithm()` and
`psa_get_key_enrollment_algorithm()` for TF-M targets.
Note: This is deprecated and for backward compatibility only.
Setting an enrollment algorithm is not recommended, because
using the same key with different algorithms can allow some
attacks based on arithmetic relations between different
computations made with the same key, or can escalate harmless
side channels into exploitable ones. Use this function only
if it is necessary to support a protocol for which it has been
verified that the usage of the key with multiple algorithms
is safe.
The PSA headers imported from TF-M does not contain a declaration of
mbedtls_ecc_group_to_psa(), which is expected by pk.c from Mbed TLS.
This leads to an "undefined symbol" error when using the ARM toolchain
to compile an application for a TF-M target.
These files have been imported/copied from:
* ARMmbed/trusted-firmware-m
* ARMmbed/tf-m-tests
These are generic files, which are required for TF-M v1.2 integration
with Mbed OS for PSA_V8M and PSA_DUAL_CORE targets.
Rather than maintaining a specific `TARGET_TFM_V1_x`, its better to use
more generic name `TARGET_TFM_LATEST` to avoid confusion on the latest
TFM version supported by Mbed OS
* Rename the folder from `TARGET_TFM_V1_1` to `TARGET_TFM_LATEST`
* Update the CmakeLists.txt
* Change the name of the MUSCA targets to maintain uniformity
with TF-M v1.2
* Update target.json for PSA_V8_M to use `TFM_LATEST`
Files have been automatically imported by setting MBED_TLS_RELEASE to
mbedtls-2.24.0 in connectivity/mbedtls/tools/importer/Makefile and
running `make` in that directory.
mbed-os consists of mbed-core and mbed-rtos
mbed-baremetal consists of mbed-core
The main change is for mbed-core. Changing from object library to be interface. This way it allows us to do the above to have 2 main targets for users to use.
This should be backward compatible change as mbed-os target we used contains the same files/options as previously set.
Aside from the core mbed-os CMake target, a number of targets have been created so they can optionally be included by application executables that require them using `target_link_libraries()`.
Co-authored-by: Martin Kojtal <martin.kojtal@arm.com>
Co-authored-by: Rajkumar Kanagaraj <rajkumar.kanagaraj@arm.com>
Scancode found missing license notices in our source files. This commit
addresses those issues by adding an Apache-2.0 notice to source files
highlighted.
Remove the static allocation for the dirent, and allocate it from the
heap during opendir().
Removing the static data can reduce RAM usage on some toolchains when
directories are not being used. The static allocation sometimes is
combined with the file handle array and can't be dropped by the linker.
Original readdir() was not thread-safe at all.
This was in violation of POSIX which states the result of readdir "is
not overwritten by another call to readdir() on a different directory
stream."
POSIX also defines readdir_r() as separate totally reentrant form where
the caller allocates the dirent, but this is generally deprecated as it
opens the door for an inadequate allocation causing a stack smash. Full
reentrancy is not typically necessary - having readdir()'s buffer data
be per-DIR is generally sufficient.
* Move mbed-client-randlib/ headers into include/
(Note: we don't rename it to "randlib" because this library
is mirrored to https://github.com/ARMmbed/mbed-client-randlib,
and "mbed-client-randlib" may be reference by some projects)
* Move the standalone local unit test into tests/unit
If we take platform as a component, platform/source would be outside of this component.
I removed the prefix as these are implementation specific (they are located in source folder,
not in include as the others).
Fixes two errors produced on except.S by the IAR assembler (as seen in
issue #13200).
The first: "'ALIGN' is illegal. Use directive ALIGNROM or ALIGNRAM (the
first parameter is raised to the power of 2, the second is a 32-bit fill
value)."
Fixed by changing ALIGN to ALIGNROM 2 to align to a 4-byte boundary
(mirroring what ALIGN does in the ARM except.S).
The second (on THUMB): "Must be placed inside a section"
Fixed by moving THUMB after the SECTION directive so that it affects
that section.
Mbed OS will soon be changing directory structure to the below:
```
[component name]
├── mbed_lib.json
├── CMakeList.txt
├── README.md
├── include
│ └── [component name]
│ └── internal
├── source
└── tests
├── <framework>
│ └── <test suite one>
├── UNITTESTS
│ └── <unit test suite one>
└── TESTS
└── <greentea test suite one>
```
This PR implements the above new directory structure for the current \platform directory.
**NOTE:** This PR does NOT include the refactoring of UNITTESTS as shown in the above directory structure. This will be done in a subsequent PR.
Add TF-M to Mbed OS, replacing the previous PSA implementation for
TF-M-capable targets. This commit adds files imported from TF-M, without
modification. The version of TF-M imported can be found in
`features/FEATURE_PSA/TARGET_TFM/VERSION.txt`.
These changes switch to TF-M as the sole PSA implementation for v8-M and
dual core targets, with TF-M running on the secure side and Mbed OS
running on the non-secure side. Single core v7-M targets will continue
to have PSA implemented via PSA emulation, implemented by Mbed OS.
Move or remove many PSA-implementing files, as PSA will be provided by
TF-M on non-single-v7-M targets. Delete any files that are not relevant
for PSA emulation mode.
- Remove imported TF-M SPM
- Remove Mbed SPM and tests
- Remove Mbed-implemented PSA services and tests
- Remove PSA_SRV_IMPL, PSA_SRV_IPC, PSA_SRV_EMUL and NSPE.
- Replace PSA_SRV_EMUL and PSA_SRV_IMPL with MBED_PSA_SRV
- Remove any files autogenerated by
"tools/psa/generate_partition_code.py", which no longer exists.
Add new feature `PSA` to support PSA in Mbed OS.
Move the Mbed OS implementation of PSA services for v7-M targets (which
employ PSA emulation, and don't yet use TF-M) to
features/FEATURE_PSA/TARGET_MBED_PSA_SRV. Update the `requires`
attribute in TESTS/configs/baremetal.json to avoid breaking baremetal
testing builds.
Update .astyleignore to match new directory structure
Update Mbed TLS importer to place files into FEATURE_PSA
Create the following generic PSA targets:
* `PSA_Target` (Root level PSA generic target)
* `PSA_V7_M` (Single v7-M PSA generic target)
* `PSA_DUAL_CORE` (Dual-core PSA generic target)
* `PSA_V8_M` (v8-M PSA generic target)
Flatten MUSCA_NS and private MUSCA targets into public MUSCA targets.
Move mcuboot.bin to flat location (removing prebuilt folder)
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Anna Bridge
Ladislas de Toldi
Lingkai Dong
Martin Kojtal
George Psimenos
jeromecoutant
mbedmain
Saheer Babu
Vikas Katariya
Rajkumar Kanagaraj
caodd
Hugues Kamba
Marc Emmers
Oliver Wildtgrube
Kevin Bracey
Leon
George Beckstein
Hugues Kamba
Evelyne Donnaes
pea-pod
Harrison Mutai
Paul Szczeanek
Moshe Shahar
Gabor Toth
Ashok Rao
Matthew Macovsky
Devaraj Ranganna