Hi everyone,
IAS docs have thishttps://tf-m-user-guide.trustedfirmware.org/docs/integration_guide/services/tfm_attestation_integration_guide.html#:~:text=that%20data%20item.-,Note,-There%20is%20a note that says: There is a size field tlv_len which has different definitions in the upstream MCUboot repository and in its TF-M forked version:
* Upstream MCUboot: Covers only the length of data but not the header size. * TF-M MCUboot: Covers the size of the entry header and the data together. This difference is handled by TF-M code based on which bootloader is used along with TF-M runtime.
I was wondering where in code is this difference handled?
When calculating next TLV entry address attest_core.c line 213https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/secure_fw/partitions/initial_attestation/attest_core.c#n213 takes into account SHARED_DATA_ENTRY_HEADER_SIZE: tlv_curr = (*tlv_ptr) + SHARED_DATA_ENTRY_HEADER_SIZE + tlv_entry.tlv_len;
So tlv_entry.tlv_len then must cover only length of entry (without header). This way corresponds to: "Upstream MCUboot: Covers only the length of data but not the header size"
I was not able to find anything related to "TF-M MCUboot: Covers the size of the entry header and the data together". Is this difference handled in TF-M fork of MCUboot or is it just outdated IAS doc?
Best regards, Bohdan Hunko
Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko@infineon.commailto:Bohdan.Hunko@infineon.com