- Add the no confidentiality & no replay protection flags
- Add actual size parameter in PS/ITS get APIs
- Change a few size parameters from uint32_t to size_t
Musca-A1 is a Cortex-M33 based target with security extension enabled.
- ARM_MUSCA_A1 is the non-secure target running mbed-os.
- ARM_MUSCA_A1_S is the secure target running TF-M.
- TF-M sources were imported and patched in previous commits.
- TF-M secure bootloader (McuBoot) for MUSCA_A1 is submitted by a pre-built binary.
- A post-build hook concatenates The secure and non-secure binaries,
signs it and then concatenates the bootloader with the signed binary.
due to partial implementation. Having FUTURE_SEQUANA_M0 and
FUTURE_SEQUANA PSA targets is misleading.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Reimplement atomic code in inline assembly. This can improve
optimisation, and avoids potential architectural problems with using
LDREX/STREX intrinsics.
API further extended:
* Bitwise operations (fetch_and/fetch_or/fetch_xor)
* fetch_add and fetch_sub (like incr/decr, but returning old value -
aligning with C++11)
* compare_exchange_weak
* Explicit memory order specification
* Basic freestanding template overloads for C++
This gives our existing C implementation essentially all the functionality
needed by C++11.
An actual Atomic<T> template based upon these C functions could follow.
One gets this compiler warning from nvstore.cpp:
```
Compile [ 48.6%]: nvstore.cpp
[Warning] nvstore.cpp@814,9: variable 'os_ret' set but not used [-Wunused-but-set-variable]
```
Turns out it's caused by the fact that the variable is only used
with MBED_ASSERTs, which get optimized out or not, depending on your
build profile. In reality we do not need a separate variable for that
in my opinion though, so we can just use the ret-variable instead
and drop the os_ret variable completely and thus avoid this
compiler warning.
To support block device out of mbed-os tree in KVStore, user needs to:
1. Configure blockdevice to "other".
2. Override get_other_blockdevice() to provide block device out of mbed-os tree.
Due to discovery of inconsistent sector sizes in devices storage the is_valid_erase function was adjusted,
For FlashIAPBD the 'code size' was included to the calculation, preventing faulty "virtual" addresses calculation.
For SlicingBD the same error was fixed and in all 3 validation functions that sent addresses for validation and program/read/erase
different addresses.
Added WiFi_Bt CM4 PSA target in mbedos json
Added SPE-NSPE mailbox initialization for CM4 SystemInit
Made similar to FUTURE_SEQUANA configurations
Copied FUTURE_SEQUANA CM0 SPM part for WiFi_Bt smoke test
Added CY8CKIT_062_WIFI_BT_M0 and CY8CKIT_062_WIFI_BT_M0_PSA targets
Sorted files for new CY8CKIT_062_WIFI_BT_M0 and CY8CKIT_062_WIFI_BT_M0_PSA targets
Copied files for CY8CKIT_062_WIFI_BT_M0_PSA from FUTURE_SEQUANA
Copied and updated cm0p start files
Corrected according to FUTURE_SEQUANA
Changes to M0 startup files to have SPM started
Fixed implicit declaration warning
Commented interrupts enabling according to FUTURE_SEQUANA flow
Updated prebuild spm_smore CM0 hex for CM4 target
Turned on greentea environment
Used special memory region for common CM0/CM4 data
Updated prebuild CM0 SPM hex
Placed shared memory region for flash operations into SPM shared memory region
Updated cyprotection code and configuration
Start address of protected regions is set by a defined number from target.json
Added masters pcMask configuration
Added support for PSA target to WIFI_BT board
Enabled resources protection for SPM
Aligned RAM usage according to Cypress FlashBoot and CyBootloader
alligned protection config
Added CYW943012P6EVB_01_M0 target
Enlarged heap size, remobed nv_seed
Added heap reservation in linker script from mbed-os
Removed heap size definition
turned on nv_seed config
Removed nv_seed macros
Enabled protection for PSoC6 CM0
Added PSoC6 CM0 PSA readme
Enabled mbed_hal-spm test
Enabled nv_seed and removed unneeded ipc config define
Added SPDX string to feature_ble cypress target files
Removed unneeded supported_toolchains lines for Cypress targets
Disabled protection settings
Corrected flash initialization for PSoC6 CM0 PSA
Changed PSoC6 IPC6 protection for flash
Enabled special flash initialization and enabled protection settings
Updated and added new prebuild PSoC6 CM0 PSA hex files
Disabled HW TRNG and CRC for PSoC6 CM4 PSA target
Added missing const to allow types to match
Updated PSoC6 WIFI_BT_PSA prebuilt directory
Moved PSoC6 shared section usage area definition to begin of ld
Added initial ARM_STD linker and startup files for PSoC6 CM0
Added initial IAR linker and startup files for PSoC6 CM0
Added defines to disable some SPM protection settings for PSoC64
Moved Flash function variables into separate memory region
Added defines for new Public area definition
Updated PSoC6 CM0_PSA hex-files
In addition, prevent FS tests from running on internal flash,
due to the fact that file system on internal flash is not part of
our offering (TDBStore should be used there instead).
This commit fixes the failure in the "Direct access to device key" test,
when working with internal flash components, whose erase size to program
size ratio is small. In such cases, the last two sectors are not large
enough to store the device key.
Due to targets enhancement some boards failed the general block device tests for flashiap component,
The fails were due to boards containing inconsistent sector sizes.
The tests were modified but should be improved to address the problem.
Rand() function issues were fixed.
Random number generation in case of IAR 8, requires TLS support.
Thread local storage is not part of Mbed OS, test is updated to have random
numbers sparse, but in future random number creation should be moved to main
thread, or use some other logic for randomization instead of rand() call.
All tests will run for each storage component available on device excapt for test_get_type_functionality that will run once on the default blockdevice.
Few boards may fail the write actions due to HW limitations (like critical
drivers that disable flash operations). Just retry a few times until success.
In addition, remove the redundant retries in NVStore (not needed now).
Don't allocate the sector map array in this function,
as it was buggy and redundant. Separate user config vs. automatic allocation
cases instead (which was essentially the case anyway).
In addition, fix tests to get over failures in low end boards
The most common issue with using littlefs in mbed-os is when users
change from littlefs->FAT->littlefs (or with MBR or similar). When this
corrupts the superblock, littlefs tries to fall back to the backup
superblock. However, at this point in the time the old superblock may be
very out-of-date and pointing to an incorrect filesystem.
There's no complete solution to a malicious modification of the
filesystem (short of checking all metadata+data, a very expensive
operation), but we can at least expand our validation to all of the
metadata for the filesystem. This at least catches the common issues
with changing between different filesystems.
Change KVStore API tests to run only on K64F, these tests check the KVStore functionality without actually testing the board's storage,
Thus they should produce the same results for each device they run on.
K64F was selected for no special technical reason but only because of it being available and convenient to use.
remove of rbp_number_of_entries from the kvstore configuration. Adding default option for storage_type
allowing the system to choose TDB_INTERNAl, TDB_EXTERNAL or FILESYSTEM base on the blockdevice component
set in the target board. Adding remarks to kv_config.cpp and break simplify the _get_blockdevice_FLASHIAP function
The DEVICE_FOO macros are always defined (either 0 or 1).
This patch replaces any instances of a define check on a DEVICE_FOO
macro with value test instead.
Signed-off-by: Alastair D'Silva <alastair@d-silva.org>
- Consider data section in GCC_ARM toolchain
- Consider init_array section in IAR toolchain
- Rename macro to FLASHIAP_APP_ROM_END_ADDR for clarity sake
This is achieved by checking whether the board can allocate a certain memory
chunk (threshold) and skipping the test if it can't.
This should prevent these boards from failing in CI.
- Remove require integrity flag (authentication) - always authenticate
- Use RBP KV to store CMAC also in write once case
- Allow removing a key if reading it failed on RBP authentication error
- Disable SecureStore if user disables MBED TLS AES CTR or CMAC
* Modify linker scripts to be compatible with bootloader and PSA
* Add memory protection
* Modify original post-build step to allow link with PSA binaries
* Config kvstore for ITS on FUTURE_SEQUANA_PSA
* Enable PSA-Crypto on PSoC6 with NVSeed
Adding new modules inside the namespace could be breaking change for existing code base
hence add `using namespace::class` for classes newly added to mbed namespace to maintian
backwards compatibility.
MBED_NO_GLOBAL_USING_DIRECTIVE is added to remove auto-addition of namespace
Macro guard `MBED_NO_GLOBAL_USING_DIRECTIVE` is added around namespace, to avoid
polluting users namespace.
Implement the following:
KVStore base class
TDBStore class
FileSystemStore class
SecureStore class
Global APIs
Configuration framework
Design documentation
1. In drivers/Timer.cpp make sure that hardware timer is initialized outside of critical section.
This is because on PSoC 6 hardware resources are shared between both cores
and we have to make sure that the other core is not already using a particular resource.
This mechanism is based on interprocessor communication taht cannot be handled iside of
critical section.
2. Added support for post-binary hook function for PSoC 6 targets, so the hex image for M0+ CPU core
can be merged with M4 core image for the final image.
3. Added possibility to use hook function from exportes, so the M0+ hex image could be included
in the generated project.
4. Included hex images in the build dependency list, so the update of image is catched by the
build process.
mbed.h was added in test, via greentea and utest header files. 'mbed.h' is removed
from header files and required header file and namespace is added to CPP/C files
Revert deprecation of FlashIAPBlockDevice 2 argument constructor has this was a breaking change. This follows a similar change in the external flashiap-driver repo.
For Windows-formatted SD card, it is not partitioned (no MBR), but its PBR has the
same boot signature (0xaa55) as MBR. We would easily mis-recognize this SD card has valid
partitions if we only check partition type. We add check by only accepting 0x00 (inactive)
/0x80 (active) for valid partition status.
Make the built-in FileSystem::get_default_instance() implementation
instantiate storage as "flash" or "sd", with "default" as an alias.
This will aid interworking between simple and advanced filesystem code
on various platforms. The expectation is that the names "sd" or "flash"
will be always available if the device is available and configured,
regardless of what "default" represents.
"/fs" is a tautology - not a good name for the default filing system, as
whereever we use it, we know we're specifying a filing system. Rename to
"/default".
int_szyk
Seppo Takalo
Marcin Tomczyk
Kevin Bracey
David Saada
Volodymyr Medvid
Martin Kojtal
jeromecoutant
Qinghao Shi
Oren Cohen
Michael Schwarcz
Devaraj Ranganna
Olli-Pekka Puolitaival
Anna Bridge
Martin Kojtal
Yossi Levy
Janne Kiiskila
ccli8
Cruz Monrreal
Amir Cohen
Evgeni Bolotin
Mahesh Mahadevan
Oleg Kapshii
offirko
Marcus Chang
Senthil Ramakrishnan
Deepika
Ron Eldor
Veijo Pesonen
Christopher Haster
Jimmy Brisson
Alexander Zilberkant
Guy Wild
Mel Weed
Amir Cohen
Alastair D'Silva
Amanda Butler
Danny Shavit
Nir Sonnenschein
Leszek Rusinowicz
Jaakko Korhonen
Juho Eskeli
Aashish chaddha