This applies only to `ARM_MUSCA_B1` target
When MCUBOOT repo: UPSTREAM was set as default as part of TF-M 1.1
release, few things were changed:
MCUBOOT_IMAGE_NUMBER: '2'
MCUBOOT_UPGRADE_STRATEGY: 'OVERWRITE_ONLY'
MCUBOOT_HW_KEY: 'On'(default)
Therefore the signing strategy for Non-secure image (Mbed OS)
needs to be done with its own private key, which is validated during
boot.
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
The API is_PSA_non_secure_target() uses obsolete labels to detect if a
target is PSA non-secure target and is not needed anymore.
Mbed OS depends on TF-M for PSA SPM and services. TF-M is built using
it's own build system. Therefore, we don't need to differentiate secure
and non-secure targets anymore in Mbed OS as all PSA targets in Mbed OS
are non-secure targets.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Current logic `is_TFM_target` relies on the availability of attribute
`tfm_target_name` to identify PSA targets. The API `is_TFM_target` is
used in pytest to validate PSA target configuration which again checks
the availability of `tfm_target_name`. If a target doesn't contain the
attribute `tfm_target_name` then this check will fail instead of
catching it. Therefore, we now check for `TFM` config option in `labels`
attribute.
The API `is_TFM_target()` returns true for Mbed OS PSA targets which are
supported by TF-M also.
Add a new API `is_PSA_target()` which returns true for all Mbed OS PSA
targets.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Add TF-M to Mbed OS, replacing the previous PSA implementation for
TF-M-capable targets. This commit adds files imported from TF-M, without
modification. The version of TF-M imported can be found in
`features/FEATURE_PSA/TARGET_TFM/VERSION.txt`.
These changes switch to TF-M as the sole PSA implementation for v8-M and
dual core targets, with TF-M running on the secure side and Mbed OS
running on the non-secure side. Single core v7-M targets will continue
to have PSA implemented via PSA emulation, implemented by Mbed OS.
Move or remove many PSA-implementing files, as PSA will be provided by
TF-M on non-single-v7-M targets. Delete any files that are not relevant
for PSA emulation mode.
- Remove imported TF-M SPM
- Remove Mbed SPM and tests
- Remove Mbed-implemented PSA services and tests
- Remove PSA_SRV_IMPL, PSA_SRV_IPC, PSA_SRV_EMUL and NSPE.
- Replace PSA_SRV_EMUL and PSA_SRV_IMPL with MBED_PSA_SRV
- Remove any files autogenerated by
"tools/psa/generate_partition_code.py", which no longer exists.
Add new feature `PSA` to support PSA in Mbed OS.
Move the Mbed OS implementation of PSA services for v7-M targets (which
employ PSA emulation, and don't yet use TF-M) to
features/FEATURE_PSA/TARGET_MBED_PSA_SRV. Update the `requires`
attribute in TESTS/configs/baremetal.json to avoid breaking baremetal
testing builds.
Update .astyleignore to match new directory structure
Update Mbed TLS importer to place files into FEATURE_PSA
Create the following generic PSA targets:
* `PSA_Target` (Root level PSA generic target)
* `PSA_V7_M` (Single v7-M PSA generic target)
* `PSA_DUAL_CORE` (Dual-core PSA generic target)
* `PSA_V8_M` (v8-M PSA generic target)
Flatten MUSCA_NS and private MUSCA targets into public MUSCA targets.
Move mcuboot.bin to flat location (removing prebuilt folder)
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Currently, the final binary (TF-M + Mbed OS) is signed after
concatenating TF-M and Mbed OS binaries. But TF-M signs the images
separately and then concatenates them. Update the Musca B1 signing
strategy to match TF-M.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
When python3 is enforced to build the ARM_MUSCA_A1 or ARM_MUSCA_B1
targets, it is unable to find binary utility tool scripts which are
imported from TF-M.
The reason to use the python3 environment is as follows: Mbed OS + TFM
contained a faulty boot record TLV, which failed the attestation test
(TF-M regression). The data in the boot record TLV will be included in
the generated attestation token as 1 item in the SW_COMPONENTS claim.
This data (in the boot record TLV) is pre-encoded in CBOR format at
build time and appended to the image during the image signing process
(done by the imgtool Python3 script).
Signed-off-by: Vikas Katariya <vikas.katariya@arm.com>
Make the MUSCA_B1 target TF-M compatible by doing the following:
- Add flash, region definitions, and preprocessed image macros from
TF-M (at version 6e7be077eabe "Core: Add lifecycle API")
- Update the MUSCA_B1 linker script to create a flash image
compatible with TF-M.
- Update the tfm/bin_utils/assemble.py signing script to work with
preprocessed image macros rather than flat C pre-processor defines
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Make the MUSCA_A1 target TF-M compatible by doing the following:
- Add flash, region definitions, and preprocessed image macros from
TF-M (at version 6e7be077eabe "Core: Add lifecycle API")
- Update the MUSCA_A1 linker script to create a flash image
compatible with TF-M.
- Update the tfm/bin_utils/assemble.py signing script to work with
preprocessed image macros rather than flat C pre-processor defines
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Targets that use TF-M for their PSA implementation are not compatible
with exporters at this time. Explicitly block use of exporters with TF-M
using targets, for better error messages.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
The PSA-implementing secure binary is not built using Mbed OS build
tools anymore. Instead, the TrustedFirmware-M (TF-M) build system is
used to produce the secure binary. As such, we remove PSA related hooks
from the build system, remove PSA related scripts from tools/test
folder, and also remove the psa-autogen job from travis which was
running the now unecessary and removed generate_partition_code.py.
Remove the ability to generate new PSA binaries in the old manner, where
Mbed OS implements PSA. We don't yet remove any PSA binaries or break
the currently checked-in Mbed-implemented PSA support. PSA targets
integrated in the old manner will continue working at this point.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Remove PSA v8-M S target binaries will be built outside of Mbed OS and
added in as binaries which NS targets consume. Mbed OS no longer
implements PSA for v8-M targets, so there is no reason for it to build
PSA S targets.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Musca-B1 is a Cortex-M33 based target with security extension enabled.
- ARM_MUSCA_B1 is the non-secure target running mbed-os.
- ARM_MUSCA_B1_S is the secure target running TF-M.
- TF-M sources were imported and patched in previous commits.
- TF-M secure bootloader (McuBoot) for MUSCA_B1 is submitted by a
pre-built binary.
- A post-build hook concatenates The secure and non-secure binaries,
signs it and then concatenates the bootloader with the signed binary.
Change-Id: I4b36290941b5f0bb7aa7c12dda2f38b5c1e39ae2
Signed-off-by: Tamas Kaman <tamas.kaman@arm.com>
Signed-off-by: Gabor Abonyi <gabor.abonyi@arm.com>
Support secure/non-secure combined build for non-PSA target:
1. In secure post-build, deliver built secure image to TARGET_NU_PREBUILD_SECURE
directory which is to combine later.
2. In non-secure post-build, merge non-secure image with secure image saved in
TARGET_NU_PREBUILD_SECURE directory.
3. In non-secure post-build, user can also drop pre-built secure image saved in
TARGET_NU_PREBUILD_SECURE directory and provide its own by adding the line below
in mbed_app.json:
"target.extra_labels_remove": ["NU_PREBUILD_SECURE"]
Martin Kojtal
Gabor Toth
Roman Okhrimenko
Raymond Ngun
Vikas Katariya
Devaraj Ranganna
Rob Walton
jeromecoutant
Marcelo Salazar
Jaeden Amero
George Beckstein
Taylor Heck
Tamas Kaman
Anna Bridge
Rajkumar Kanagaraj
Graham Hammond
Chun-Chieh Li
Alexander Zilberkant
Michael Schwarcz