Configure Mbed TLS to automatically enable PSA as needed. When Mbed OS
is configured to use PSA, configure Mbed TLS to use PSA. This prevents
leaking of the "how to make Mbed TLS use PSA" knowledge up into
targets.json, and thus makes porting simpler. There is now one place
where "how to make TLS use PSA" exists rather than repeated throughout
targets.json for each target that can't inherit from PSA_Target.
Mbed Crypto 3.0.1 ships with TF-M. To make Mbed TLS 2.22.0 compatible
with Mbed Crypto 3.0.1, changes are needed in psa_util.h (which
abstracts some portions of the PSA Crypto API for use with TLS) to deal
with new ECC curve define changes.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Add TF-M to Mbed OS, replacing the previous PSA implementation for
TF-M-capable targets. This commit adds files imported from TF-M, without
modification. The version of TF-M imported can be found in
`features/FEATURE_PSA/TARGET_TFM/VERSION.txt`.
These changes switch to TF-M as the sole PSA implementation for v8-M and
dual core targets, with TF-M running on the secure side and Mbed OS
running on the non-secure side. Single core v7-M targets will continue
to have PSA implemented via PSA emulation, implemented by Mbed OS.
Move or remove many PSA-implementing files, as PSA will be provided by
TF-M on non-single-v7-M targets. Delete any files that are not relevant
for PSA emulation mode.
- Remove imported TF-M SPM
- Remove Mbed SPM and tests
- Remove Mbed-implemented PSA services and tests
- Remove PSA_SRV_IMPL, PSA_SRV_IPC, PSA_SRV_EMUL and NSPE.
- Replace PSA_SRV_EMUL and PSA_SRV_IMPL with MBED_PSA_SRV
- Remove any files autogenerated by
"tools/psa/generate_partition_code.py", which no longer exists.
Add new feature `PSA` to support PSA in Mbed OS.
Move the Mbed OS implementation of PSA services for v7-M targets (which
employ PSA emulation, and don't yet use TF-M) to
features/FEATURE_PSA/TARGET_MBED_PSA_SRV. Update the `requires`
attribute in TESTS/configs/baremetal.json to avoid breaking baremetal
testing builds.
Update .astyleignore to match new directory structure
Update Mbed TLS importer to place files into FEATURE_PSA
Create the following generic PSA targets:
* `PSA_Target` (Root level PSA generic target)
* `PSA_V7_M` (Single v7-M PSA generic target)
* `PSA_DUAL_CORE` (Dual-core PSA generic target)
* `PSA_V8_M` (v8-M PSA generic target)
Flatten MUSCA_NS and private MUSCA targets into public MUSCA targets.
Move mcuboot.bin to flat location (removing prebuilt folder)
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
TF-M provides its own PSA headers for TF-M targets. Single v7-M targets
need to get PSA crypto from Mbed Crypto.
Note that we don't yet move crypto_struct.h to its new location. This is
to avoid breaking v8-M targets for the time being. When TF-M provides
the PSA implementation on v8-M, we will add crypto_struct.h to the
correct place.
Likewise, none of the PSA-implementing source is moved out of
COMPONENT_PSA_SRV_IMPL yet, as still must not be built for PSA NS
targets. When PSA NS targets switch to using TF-M provided
implementations rather than MBED_PSA_SRV, we can take the source out of
COMPONENT_PSA_SRV_IMPL.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
The Mbed TLS import script is quite fragile, and depends on certain lines to be
present in the files it adjusts to be able to do the modifications it needs to
to allow Mbed TLS to build within Mbed OS.
Thsi commit changes the `adjust-config.sh` script to look for a the end of the
config.h file, defined as "#endif /* MBEDTLS_CONFIG_H */" rather than the
include line for "check_config.h".
That's because the inclusion of "check_config.h" is being removed upstream in
Mbed TLS to fix another issue.
Mbed Crypto has been remerged back into Mbed TLS. Update the
Mbed TLS importer script with the relevant parts of the
Mbed Crypto importer.
Signed-off-by: Darryl Green <darryl.green@arm.com>
Remove all PSA S-mode only code, as it is unused. Only PSA S targets
would use the code, and we've removed those targets in a previous
commit.
Ensure all tests for S-mode code we are deleting is also removed, even
if that code would run in NS-mode. Keep any tests that also test our PSA
emulation support (for single v7-M targets).
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Remove PSA v8-M S target binaries will be built outside of Mbed OS and
added in as binaries which NS targets consume. Mbed OS no longer
implements PSA for v8-M targets, so there is no reason for it to build
PSA S targets.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Relevant modifications:
1. Support degrading QSPI0/1 to SPI4/5 for normal SPI transfer
2. Fix with BSP crypto driver API change
3. Fix with BSP PDMA driver API change
4. Make necessary modifications to pass FPGA CI Test Shield tests
5. Don't distinguish pinmap among parts e.g. M480 LG. Application users must take care.
This commit changes the contribution guidelines to refer the user to the
contribution guidelines in the Mbed TLS repo. It also removes the outdated references to the
CLA, and CLA not being required for trivial changes.
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
Both Mbed TLS and Mbed Crypto libraries doesn't contain
`apache-2.0.txt` anymore. Do not access those files in the importer
script.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Jaeden Amero
Devaraj Ranganna
Martin Kojtal
jeromecoutant
Darryl Green
Simon Butcher
Marcelo Salazar
Chun-Chieh Li
Antti Kauppila
Teppo Järvelin
PARKJIHOON
Andrew Chong