Configure Mbed TLS to automatically enable PSA as needed. When Mbed OS
is configured to use PSA, configure Mbed TLS to use PSA. This prevents
leaking of the "how to make Mbed TLS use PSA" knowledge up into
targets.json, and thus makes porting simpler. There is now one place
where "how to make TLS use PSA" exists rather than repeated throughout
targets.json for each target that can't inherit from PSA_Target.
Add TF-M to Mbed OS, replacing the previous PSA implementation for
TF-M-capable targets. This commit adds files imported from TF-M, without
modification. The version of TF-M imported can be found in
`features/FEATURE_PSA/TARGET_TFM/VERSION.txt`.
These changes switch to TF-M as the sole PSA implementation for v8-M and
dual core targets, with TF-M running on the secure side and Mbed OS
running on the non-secure side. Single core v7-M targets will continue
to have PSA implemented via PSA emulation, implemented by Mbed OS.
Move or remove many PSA-implementing files, as PSA will be provided by
TF-M on non-single-v7-M targets. Delete any files that are not relevant
for PSA emulation mode.
- Remove imported TF-M SPM
- Remove Mbed SPM and tests
- Remove Mbed-implemented PSA services and tests
- Remove PSA_SRV_IMPL, PSA_SRV_IPC, PSA_SRV_EMUL and NSPE.
- Replace PSA_SRV_EMUL and PSA_SRV_IMPL with MBED_PSA_SRV
- Remove any files autogenerated by
"tools/psa/generate_partition_code.py", which no longer exists.
Add new feature `PSA` to support PSA in Mbed OS.
Move the Mbed OS implementation of PSA services for v7-M targets (which
employ PSA emulation, and don't yet use TF-M) to
features/FEATURE_PSA/TARGET_MBED_PSA_SRV. Update the `requires`
attribute in TESTS/configs/baremetal.json to avoid breaking baremetal
testing builds.
Update .astyleignore to match new directory structure
Update Mbed TLS importer to place files into FEATURE_PSA
Create the following generic PSA targets:
* `PSA_Target` (Root level PSA generic target)
* `PSA_V7_M` (Single v7-M PSA generic target)
* `PSA_DUAL_CORE` (Dual-core PSA generic target)
* `PSA_V8_M` (v8-M PSA generic target)
Flatten MUSCA_NS and private MUSCA targets into public MUSCA targets.
Move mcuboot.bin to flat location (removing prebuilt folder)
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
BL2 macro is used in `region_defs.h` to define the `BL2_HEADER_SIZE`.
Without BL2 macro, `BL2_HEADER_SIZE` is set to 0. This leads to
incorrect start address (Reset_Handler of Mbed OS) derived by TF-M based
on `region_defs.h` and BL2 macro.
BL2 macro is set for MUSCA B in TF-M.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Since Mbed OS 6.0, secure build is not supported yet. Remove it from master temporarily.
For non-TF-M support (NU_PFM_M2351_NPSA_S/NS), go to mbed-os-5.15 branch and Mbed OS 5.15 release.
For TF-M support (NU_PFM_M2351_S/NS), this needs M2351 integrated into TF-M repo first.
Expect M2351 TF-M support can come back into master after integration with TF-M is finished.
Having Freescale and NXP macro causes compile from both
TARGET_Freescale and TARGET_NXP HAL folders.
Signed-off-by: Mahesh Mahadevan <mahesh.mahadevan@nxp.com>
TF-M and PSA have experimental APIs. Musca targets must initialize the
tfm_ns_lock, via the experimental API tfm_ns_lock_init(), as part of
their ordinary initialization procedure. Therefore, Musca targets must
have experimental APIs present in order to function. Add the
experimental API feature to Musca targets by default to ease usability
of the Musca targets, rather than requiring all users and CI to manually
enable experimental APIs when using these targets.
Make single Armv7-M PSA targets pick up files under TARGET_MBED_PSA_SRV.
We'll be moving the Mbed implementation of PSA to TARGET_MBED_PSA_SRV
folders soon.
Targets (dual-core and Armv8-M) that expect to use TF-M for their PSA
implementation also have MBED_PSA_SRV labels added to them so that they
continue working with the Mbed PSA implementation for the time being.