All,
We've had reports of people being unable to send messages to the TF-M list.
If you are one of the people please could you send me a rough time, source
address and subject for the failed message.
Thanks,
Shaun Longhorn
Community Manager
Hi all,
I have noticed an issue with absolute paths in exported targets:
Background:
1. During Secure build some header file paths are added to include directories of tfm_config (and some other targets) – for example TARGET_CONFIG_HEADER_FILE, PROJECT_CONFIG_HEADER_FILE
2. Then tfm_config is exported to install directory and is used in Non-Secure build
There are several issues here:
1. In Non-Secure build exported tfm_config uses absolute paths that ware defined during secure build. This is an issue as NS-interface (api_ns folder) may be built on another machine.
2. Also looking into api_ns folder – I don’t see those files being exported (for example TARGET_CONFIG_HEADER_FILE, PROJECT_CONFIG_HEADER_FILE are not exported to api_ns)
* Looking into a code I was able to identify at least these defines that are effected (but list may be longer):
i. TARGET_CONFIG_HEADER_FILE
ii. PROJECT_CONFIG_HEADER_FILE
iii. MBEDTLS_PSA_CRYPTO_CONFIG_FILE
iv. MBEDTLS_CONFIG_FILE
Is there a plan to somehow solve this issue? If so, then what is the schedule on it?
Bohdan Hunko
Cypress Semiconductor Ukraine LLC
Senior Engineer
CSS ICW SW INT BFS SFW
Mobile: +380995019714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
Hi all,
I have noticed an issue with absolute paths in exported targets:
Background:
1. During Secure build some header file paths are added to include directories of tfm_config (and some other targets) – for example TARGET_CONFIG_HEADER_FILE, PROJECT_CONFIG_HEADER_FILE
2. Then tfm_config is exported to install directory and is used in Non-Secure build
There are several issues here:
1. In Non-Secure build exported tfm_config uses absolute paths that ware defined during secure build. This is an issue as NS-interface (api_ns folder) may be built on another machine.
2. Also looking into api_ns folder – I don’t see those files being exported (for example TARGET_CONFIG_HEADER_FILE, PROJECT_CONFIG_HEADER_FILE are not exported to api_ns)
* Looking into a code I was able to identify at least these defines that are effected (but list may be longer):
i. TARGET_CONFIG_HEADER_FILE
ii. PROJECT_CONFIG_HEADER_FILE
iii. MBEDTLS_PSA_CRYPTO_CONFIG_FILE
iv. MBEDTLS_CONFIG_FILE
Is there a plan to somehow solve this issue? If so, then what is the schedule on it?
Bohdan Hunko
Cypress Semiconductor Ukraine LLC
Senior Engineer
CSS ICW SW INT BFS SFW
Mobile: +380995019714
Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>
Hello, I'm a RSE firmware developer for Arm Neoverse V3 core.
I am currently reviewing the code to upgrade the version of TF-M used in our product from 2.1.1 to 2.2.2. In this process, I have a few questions and am sending this email.
1. In the previous TF-Mv2.1.1, there were dummy files for the data structure of the bundle to be provisioned to the OTP during CM and DM state. I have discovered that the method for creating the bundle has changed significantly in the TF-Mv2.2.2, but there are still parts I cannot locate: Host RoTPKs (for secure, non-secure, and CCA). This parts were provisioned during the DM provisioning process in the TF-Mv2.1.1 with a size of each 96B. I am curious how this parts are implemented in 2.2.2.
1-1. When TF-A sends a PSA call to the RSE, it distinguishes which Host RoTPK to request from the RSE via persistent key identifiers. I am also curious about how this aspect is handled within the RSE TF-M. (Should this fall outside the scope of the TF-M project, please disregard this point.)
2. In the latest TF-Mv2.2.2, as mentioned earlier, the data structure for the Provisioning value appears to have undergone significant changes. Reviewing the code, I observed that the CM and DM Provisioning values contain multiple RoTPK areas. Some are used to verify the signatures of the BL2 and PE, but many are not. Are the unused fields simply reserved for future use, or spares? Each area can contain up to four RoTPK Hashes, and in the case of DM, there are as many as eight such areas, which appears to be a significant waste of space. I would like to understand what scenarios this design anticipates.
3. To obtain information about RSE, I have been referring to the content of the official documentation. However, when comparing it to the current latest release, the documentation appears to remain based on an previous version. For example, For example, despite the code for the GPIO signal indicating the status for RSE Provisioning having been removed in the latest version, the documentation still retains that content. I would like to know specifically whether there are plans to update this documentation.
Truthfully, I suspect all these questions could be answered by better understanding the code, which makes me hesitant to send an email. However, due to various constraints, I kindly ask for your understanding regarding my posting this query on the forum.
Thank you.Best Regard,
TH Kim
This event has been updated with a note:
"The TF-M Technical Forum now runs on a monthly schedule in a time slot
chosen to maximize participation based on recent attendance patterns. We
recognise that time zones can be challenging, and we continue to review
scheduling based on community needs. Everyone is welcome to join, and as
always, recordings and notes will be available for those who can’t attend
live."
Changed: time
TF-M Tech forum
Every 4 weeks from 8am to 9am on Thursday from Thursday 27 May 2021 to
Wednesday 31 Dec
United Kingdom Time
Location
https://linaro-org.zoom.us/j/92535794925?pwd=TTl0cmo4R2hTNm8wcHo1M3ZKdjlnUT…https://www.google.com/url?q=https%3A%2F%2Flinaro-org.zoom.us%2Fj%2F9253579…
About TF-M Tech forum:This is an open forum for anyone to participate and
it is not restricted to Trusted Firmware project members. It will operate
under the guidance of the TF TSC.Feel free to forward it to
colleagues.Details of previous meetings are
here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/==…Topic:
TF-M Tech forum - Asia Time Zone FriendlyTime: Nov 12, 2020 07:00 AM
Greenwich Mean Time Every 4 weeks on Thu, until
Mar 4, 2021, 5 occurrence(s) Nov 12, 2020 07:00
AM Dec 10, 2020 07:00 AM
Jan 7, 2021 07:00 AM Feb 4, 2021 07:00
AM Mar 4, 2021 07:00 AMPlease download and
import the following iCalendar (.ics) files to your calendar system.Weekly:
https://linaro-org.zoom.us/meeting/tJYodOyvpz8jGNEc_1ykVap8Zg6oTLqZZSeJ/ics…
Zoom
Meetinghttps://linaro-org.zoom.us/j/92535794925?pwd=TTl0cmo4R2hTNm8wcHo1M3ZKdjlnUT09Meeting
ID: 925 3579 4925Passcode: 414410One tap mobile+12532158782,,92535794925#
US (Tacoma)+13462487799,,92535794925# US (Houston)Dial by your
location +1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 669 900 9128 US (San Jose) +1 301 715
8592 US (Germantown) +1 312 626 6799 US
(Chicago) +1 646 558 8656 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-freeMeeting ID: 925 3579 4925Find your local number:
https://linaro-org.zoom.us/u/aesS64I7GW
Guests
Don Harbin - creator
tf-m(a)lists.trustedfirmware.org
anton.komlev(a)arm.com
leonardo.sandoval(a)linaro.org
abdelmalek.omar1(a)gmail.com
View all guest info
https://calendar.google.com/calendar/event?action=VIEW&eid=aDM1OHZtbG0wa2di…
Reply for tf-m(a)lists.trustedfirmware.org and view more details
https://calendar.google.com/calendar/event?action=VIEW&eid=aDM1OHZtbG0wa2di…
Your attendance is optional.
~~//~~
Invitation from Google Calendar: https://calendar.google.com/calendar/
You are receiving this email because you are an attendee on the event.
Forwarding this invitation could allow any recipient to send a response to
the organizer, be added to the guest list, invite others regardless of
their own invitation status, or modify your RSVP.
Learn more https://support.google.com/calendar/answer/37135#forwarding
This email keeps the event up to date in your calendar.
TF-M Tech forum
Every 4 weeks from 8am to 9am on Thursday from Thursday 14 Sept 2023 to
Wednesday 31 Dec
United Kingdom Time
Location
https://linaro-org.zoom.us/j/92535794925?pwd=TTl0cmo4R2hTNm8wcHo1M3ZKdjlnUT…https://www.google.com/url?q=https%3A%2F%2Flinaro-org.zoom.us%2Fj%2F9253579…
About TF-M Tech forum:This is an open forum for anyone to participate and
it is not restricted to Trusted Firmware project members. It will operate
under the guidance of the TF TSC.Feel free to forward it to
colleagues.Details of previous meetings are
here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/==…Topic:
TF-M Tech forum - Asia Time Zone FriendlyTime: Nov 12, 2020 07:00 AM
Greenwich Mean Time Every 4 weeks on Thu, until
Mar 4, 2021, 5 occurrence(s) Nov 12, 2020 07:00
AM Dec 10, 2020 07:00 AM
Jan 7, 2021 07:00 AM Feb 4, 2021 07:00
AM Mar 4, 2021 07:00 AMPlease download and
import the following iCalendar (.ics) files to your calendar system.Weekly:
https://linaro-org.zoom.us/meeting/tJYodOyvpz8jGNEc_1ykVap8Zg6oTLqZZSeJ/ics…
Zoom
Meetinghttps://linaro-org.zoom.us/j/92535794925?pwd=TTl0cmo4R2hTNm8wcHo1M3ZKdjlnUT09Meeting
ID: 925 3579 4925Passcode: 414410One tap mobile+12532158782,,92535794925#
US (Tacoma)+13462487799,,92535794925# US (Houston)Dial by your
location +1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 669 900 9128 US (San Jose) +1 301 715
8592 US (Germantown) +1 312 626 6799 US
(Chicago) +1 646 558 8656 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-freeMeeting ID: 925 3579 4925Find your local number:
https://linaro-org.zoom.us/u/aesS64I7GW
Guests
Don Harbin - creator
anton.komlev(a)arm.com
leonardo.sandoval(a)linaro.org
abdelmalek.omar1(a)gmail.com
joanna.farley(a)arm.com
tf-m(a)lists.trustedfirmware.org
~~//~~
Invitation from Google Calendar: https://calendar.google.com/calendar/
You are receiving this email because you are an attendee on the event.
Forwarding this invitation could allow any recipient to send a response to
the organizer, be added to the guest list, invite others regardless of
their own invitation status, or modify your RSVP.
Learn more https://support.google.com/calendar/answer/37135#forwarding
