PSA_ALG_AEAD_WITH_TAG_LENGTH has been replaced with
PSA_ALG_AEAD_WITH_SHORTENED_TAG upstream. We could just update
psa_util.h to use the new macro, but we still have some targets that
only support older versions of PSA, so we reinstate the removed macro.
We have added definitions that are needed by Mbed TLS's PSK key exchange
but missing from TF-M's PSA to `mbedtls_svc_key_id.h`. To pick up those
definitions, TF-M's `psa/crypto_values.h' needs to include
`mbedtls_svc_key_id.h`.
Include mbedtls_ecc_group_to_psa.h from crypto_extra.h so that clients
of PSA within Mbed OS do not need to behave differently depending on
which PSA implementation they are using.
This solution is not ideal as it makes it more difficult to update the
TF-M-provided psa/crypto_extra.h. We'll have to see what other options
we have for including additional headers based on the Mbed OS
configuration.
tfm_ns_interface.c is intended to be overriden by clients to support
different targets. We copy this file from upstream into the mbed-os
platform library. We also have a specific "strong" overridden version
for the NU_M2354 target, which is located in its target library.
Previously the implementations in the platform library were decorated
with __attribute__(weak), and we provided a strong definition for the
NU_M2354 target. This worked fine because of weak linking, the linker
will pick the first "strong" definition and use that, avoiding any ODR
violations. However, upstream have removed __attribute__(weak) from the
function definitions, which caused multiply defined symbol errors when
trying to build the NU_M2354 target.
To work around the above issue, we remove the common definition in the
platform library; instead we copy the file to the Musca B1 and Musca S1
target libaries. This means the appropriate tfm_ns_interface.c is only
included in the build when compiling for the specific target which uses
it.
The PSA Attestation test suite requires full RTOS. There is no need
to explicitly check PSA support, because when we build all greentea
tests from the top of Mbed OS, PSA tests only get included if PSA is
enabled.
On a target that doesn't support Firmware Update, compilation still works, and any attempt to call the Firmware Update API returns a runtime error which is good enough.
When building greentea tests, each test is an executable with its
own output binary path. This is also the case when a user project
produces multiple executables. But the current implementation of
post-build operations always assumes there's only one executable,
at the root of the build directory.
The post-build command depends on Mbed target, and it always takes
the the executable we build as an input file. To achieve this, we
let each Mbed target (that has a post-build command) define a function
function(mbed_post_build_function target)
which takes a CMake executable target as an argument from which it can
get its binary path using generator expressions. It generates and adds
to the passed executable target a post-build custom command.
Notes:
* The function name needs to be exact, because CMake only supports
literal function calls - CMake can't dereference a function name from
a variable. To avoid multiple definitions of this function, each Mbed
target needs to guard it with a macro to check if the user is
building this Mbed target.
* `mbed_post_build_function()` is a function, but it is usually
defined by another macro rather than a parent function, because
nesting functions would make many variables inaccessible inside the
innermost `mbed_post_build_function()`.
* There's no more need to force regenerate images. Previously, post-
build commands were custom *targets* which always got to run, so we
force regenerated images on every build to avoid patching an image
that's already been patched once on previous build. Now post-build
commands are custom *commands* of the same executable target, and they
are only run if the executable target itself is rebuilt.
subprocess.PIPE is used to enable the parent process to communicate with
the subprocess via pipes, which mean all stdout and stderr messages are
captured and returned as part of Popen.communicate's result tuple.
In our case, we want to display the error messages on the console, so we
don't need to capture the output from stdout.
Example of a typical error message before this change:
```
Traceback (most recent call last):
File "platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_LATEST/scripts/generate_mbed_image.py", line 197, in <module>
sign_and_merge_tfm_bin(args.tfm_target, args.target_path, args.non_secure_bin, args.secure_bin)
File "platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_LATEST/scripts/generate_mbed_image.py", line 81, in sign_and_merge_tfm_bin
" secure binary, Error code: " + str(retcode))
Exception: Unable to sign musca_b1 secure binary, Error code: 1
```
Example of the error message after this change:
```
Traceback (most recent call last):
File "/mbed-os/tools/psa/tfm/bin_utils/wrapper.py", line 13, in <module>
import click
ModuleNotFoundError: No module named 'click'
Traceback (most recent call last):
File "platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_LATEST/scripts/generate_mbed_image.py", line 194, in <module>
sign_and_merge_tfm_bin(args.tfm_target, args.target_path, args.non_secure_bin, args.secure_bin)
File "platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_LATEST/scripts/generate_mbed_image.py", line 80, in sign_and_merge_tfm_bin
raise Exception("Unable to sign " + target_name +
Exception: Unable to sign musca_b1 secure binary, Error code: 1
```
This is a significant improvement as now you can see what the reason for
the failure was.
Move /val and /pal directories into /test_abstraction_layers directory
and combine into one CMake target, mbed-psa-tal. Moved into seperate
directory in order to have own CMakeLists.txt, rather than adding to
/TARGET_MBED_PSA_SRV CMake file.
The macros `TARGET_PSA` and `COMPONENT_PSA_SRV_IPC` no longer exist.
The former is replaced by `COMPONENT_PSA` which is also a directory
where the tests are located, so its check can be assumed true.
The latter is not applicable to Mbed OS PSA and can be assumed false.
Note: The entropy_inject test is skipped by default unless a user
manually configures the required `MBEDTLS_ENTROPY_NV_SEED`.
A Greentea test is detectable by Mbed CLI 1 only if it's two-levels
deep inside a `TESTS` directory, e.g. `TESTS/foo/bar/main.cpp`. But
several Mbed OS PSA tests are only one-level deep. This commit fixes
the issue by adding an extra level of directory.
TF-M v1.0 implements an older version of PSA and does not have the macro
`PSA_ALG_ECB_NO_PADDING` required by
`mbedtls_psa_translate_cipher_mode()` in Mbed TLS v2.25.0. Copy this
macro from Mbed TLS to fix the issue.
We have added definitions that are needed by Mbed TLS's PSK key exchange
but missing from TF-M's PSA to `mbedtls_svc_key_id.h`. To pick up those
definitions, TF-M's `psa/crypto_values.h' needs to include
`mbedtls_svc_key_id.h`.
In order for Mbed TLS to use the PSA Crypto API, definitions of
`MBEDTLS_SVC_KEY_ID_INIT`, `mbedtls_svc_key_id_t` and
`mbedtls_svc_key_id_is_null()` need to be present but are not provided
by the PSA headers from TF-M.
To solve this issue, this commit copies those definitions from Mbed
TLS's original `psa/crypto_types.h` and `psa/crypto_values.h` into a
separate `mbedtls_svc_key_id.h` for TF-M PSA.
Include mbedtls_ecc_group_to_psa.h from crypto_extra.h so that clients
of PSA within Mbed OS do not need to behave differently depending on
which PSA implementation they are using.
This solution is not ideal as it makes it more difficult to update the
TF-M-provided psa/crypto_extra.h. We'll have to see what other options
we have for including additional headers based on the Mbed OS
configuration.
We'd like to enable Mbed TLS's PK module in using TF-M's PSA
implementation, even if it doesn't expose the same set of PSA extensions
as Mbed TLS's PSA implementation. To do this, we add
mbedtls_ecc_group_to_psa() in its own header available when using the
latest TF-M.
Add mbedtls_ecc_group_to_psa(), one of Mbed TLS's PSA compatibility
helpers, for internal use by the Mbed TLS PK module. Without this
conversion function, the Mbed TLS PK module is unable to use any PSA
implementation other than one which provides a compatible set of PSA
extensions.
Update CMAKE_MODULE_PATH at once place.
Note, we update also CMAKE_MODULE_PATH in app.cmake. This is temporary until we get a proper way to include
Mbed Os (removing app.cmake need to be included by an application).
CMAKE_CURRENT_LIST_DIR behaves differently in functions. We store it in the CMakeLists itself, so anyone
calling a function would get the actual list dir where the scripts are.
To illustrate: if I call a function from src/CMakelists.txt, function located in src/scripts, `CMAKE_CURRENT_LIST_DIR` in the function would point
to the src/ folder but not to src/scripts.
Some host operating systems are case-insensitive and cannot
distinguish (for example) `semaphore.h` in `os_wrapper` from
`Semaphore.h` from Mbed OS `rtos`. This causes the wrong header to be
included.
By adding `os_wrapper/.mbedignore`, we guarantee that
#include "Semaphore.h"
always points to `rtos/Semaphore.h`, while the fully-qualified include
#include "os_wrapper/semaphore.h"
continues to work because its parent directory is still in the include
path.
Previous, we patched TF-M to replace its OS wrapper with CMSIS RTOS
to resolve manage management issue when integrated with Mbed OS. But
as of TF-M v1.2, the OS wrapper has been reworked in the vanilla TF-M,
and now it makes identical calls to its underlying CMSIS RTOS as our
patches do. So, we remove our patches and use vanilla TF-M's OS
wrapper instead to avoid extra maintenance overhead.
This commit re-imports TF-M files associated with the OS wrapper.
This commit adds post binary hook support for TF-M targets.
To apply this hook to a TF-M target, do the following in the target's
`CMakeLists.txt`:
* include `mbed_set_post_build_tfm.cmake`
* call `mbed_post_build_tfm_sign_image()`, passing
- Mbed OS target name
- TF-M target name
- path containing the target's bootloader, layout files and signing
keys
- path to the secure binary
- path to the non-secure binary (i.e. the "raw" Mbed application)
Mbed TLS 2.24.0 requires a few new macros and an inline function in
the PSA Crypto header. This PR adds them to make sure the TF-M v1.0
target (specifically CYTFM_064B0S2_4343W) continues to compile with
the new Mbed TLS.
Note: Support for older versions of TF-M than v1.2 will be dropped,
so existing TF-M targets should migrate to TF-M v1.2 as soon as
possible.
Setting/getting key enrollment algorithm is not recommended and not
part of the vanilla PSA or TF-M. For now keep the API just for
backward compatibility with existing projects, and this commit
adds deprecation warnings.
Add `psa_set_key_enrollment_algorithm()` and
`psa_get_key_enrollment_algorithm()` for TF-M targets.
Note: This is deprecated and for backward compatibility only.
Setting an enrollment algorithm is not recommended, because
using the same key with different algorithms can allow some
attacks based on arithmetic relations between different
computations made with the same key, or can escalate harmless
side channels into exploitable ones. Use this function only
if it is necessary to support a protocol for which it has been
verified that the usage of the key with multiple algorithms
is safe.
The PSA headers imported from TF-M does not contain a declaration of
mbedtls_ecc_group_to_psa(), which is expected by pk.c from Mbed TLS.
This leads to an "undefined symbol" error when using the ARM toolchain
to compile an application for a TF-M target.
These files have been imported/copied from:
* ARMmbed/trusted-firmware-m
* ARMmbed/tf-m-tests
These are generic files, which are required for TF-M v1.2 integration
with Mbed OS for PSA_V8M and PSA_DUAL_CORE targets.
Rather than maintaining a specific `TARGET_TFM_V1_x`, its better to use
more generic name `TARGET_TFM_LATEST` to avoid confusion on the latest
TFM version supported by Mbed OS
* Rename the folder from `TARGET_TFM_V1_1` to `TARGET_TFM_LATEST`
* Update the CmakeLists.txt
* Change the name of the MUSCA targets to maintain uniformity
with TF-M v1.2
* Update target.json for PSA_V8_M to use `TFM_LATEST`
Files have been automatically imported by setting MBED_TLS_RELEASE to
mbedtls-2.24.0 in connectivity/mbedtls/tools/importer/Makefile and
running `make` in that directory.
Robert Walton
Lingkai Dong
Jaeden Amero
Martin Kojtal
Chun-Chieh Li
Hari Limaye
plan-do-break-fix
Vikas Katariya
Hugues Kamba