nrf_security: add initial support for nRF54l20 PDK #19741
Conversation
github-actions
bot
added
the
changelog-entry-required
CI InformationTo view the history of this post, clich the 'edited' button above Inputs:Sources:sdk-nrf: PR head: e9278eb1367b81e14d3c1c343c7fb878c787429a more detailssdk-nrf:
Github labels
List of changed files detected by CI (48)Outputs:ToolchainVersion: aedb4c0245 Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped;
|
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
07ab575 to
ea227cc
Compare
github-actions
bot
added
the
doc-required
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
ea227cc to
b93bdca
Compare
|
You can find the documentation preview for this PR at this link. Note: This comment is automatically posted by the Documentation Publish GitHub Action. |
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
b93bdca to
dc2178a
Compare
tomi-font
changed the title
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
dc2178a to
7e3f3fe
Compare
|
This pull request has been marked as stale because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 7 days. Note, that you can always re-open a closed pull request at any time. |
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
7e3f3fe to
8ec08c2
Compare
|
After documentation is built, you will find the preview for this PR here. Preview links for modified nRF Connect SDK documents: https://ncsdoc.z6.web.core.windows.net/PR-19741/nrf/dev_model_and_contributions/code_base.html |
tomi-font
removed
the
changelog-entry-required
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
8ec08c2 to
1ef31d0
Compare
github-actions
bot
added
the
changelog-entry-required
tomi-font
removed
the
changelog-entry-required
| @@ -42,6 +45,10 @@ static const uint8_t RSA_ALGORITHM_IDENTIFIER[] = {0x06, 0x09, 0x2a, 0x86, 0x48, | |||
|
|
|||
| psa_status_t silex_statuscodes_to_psa(int ret) | |||
| { | |||
| if (ret != SX_OK) { | |||
There was a problem hiding this comment.
Should this logging not be wrapped in a "#ifdef CONFIG_LOG_*" variant of some kind?
There was a problem hiding this comment.
Why should it be? The LOG_*() macros themselves are #ifdefed based on the log level of the current module.
There was a problem hiding this comment.
I just figured that from a new users perspective it would be a bit confusing to run a sample and then get two different error messages. Say as an example:
[00:00:00.433,727] <inf> ecdsa: Signing a message using ECDSA...
[00:00:00.434,181] <inf> cracen: SX_ERR 10
[00:00:00.434,193] <inf> ecdsa: psa_sign_hash failed! (Error: -149)
Would bit confusing from someone who is just trying to running a sample, as they now would need to know that there is a difference between the psa status codes and the SX status codes. So having it so you needed to set an option to get this output would make sense as it is only really relevant for people developing nrf and not for the people making applications?
There was a problem hiding this comment.
Yeah true. I could turn that into a debug log so it wouldn't be enabled by default. Although CONFIG_CRACEN_LOG_LEVEL_DBG=y can be a bit verbose due to logging all the power on/offs. (Maybe we can do something about this if it's annoying.)
Thoughts?
There was a problem hiding this comment.
That seems like the simplest option yeah. I haven't done much with the debug levels so don't know how much is logged on the debug level.
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
1ef31d0 to
626cdd3
Compare
github-actions
bot
added
the
changelog-entry-required
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
626cdd3 to
70bc035
Compare
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
2 times, most recently
from
eadc57a to
12c7d77
Compare
tomi-font
removed
DNM
changelog-entry-required
|
@nrfconnect/ncs-doc-leads @nrfconnect/ncs-aegir-doc please review |
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
12c7d77 to
3e47769
Compare
github-actions
bot
added
the
changelog-entry-required
|
|
||
| .. nrf54l20pdk_nrf54l20_cpuapp | ||
|
|
||
| | nRF54L20 PDK | - | :ref:`nrf54l20pdk <zephyr:nrf54l20pdk_nrf54l20>` | ``nrf54l20pdk/nrf54l20/cpuapp`` | |
There was a problem hiding this comment.
To avoid this:
| | nRF54L20 PDK | - | :ref:`nrf54l20pdk <zephyr:nrf54l20pdk_nrf54l20>` | ``nrf54l20pdk/nrf54l20/cpuapp`` | | |
| | nRF54L20 PDK | | :ref:`nrf54l20pdk <zephyr:nrf54l20pdk_nrf54l20>` | ``nrf54l20pdk/nrf54l20/cpuapp`` | |
Add the nrf54l20pdk/nrf54l20/cpuapp board target to the crypto samples. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
^ Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
- Remove leftover Oberon-only test scenarios (not a supported configuration). - Add nrf54l15dk/nrf54l10/cpuapp to the CRACEN + Oberon test scenarios. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
- Improve CRACEN memory read/write logging. Now the macro that enables the logging is prefixed with SX_ and some non-word-aligned reads/writes are logged. - Some minor cleanups. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Make the sx_*pkmem*() functions perform word-aligned and word-sized writes on 54L20, which requires that. Also, turn sx_rdpkmem() into an inline memcpy() as that's what the implementation was basically doing. Other than that, the original implementation is left untouched on other board targets to avoid potential breakages. ref: DLT-3873 Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Make silex_statuscodes_to_psa() log the SX error it translates to psa_status_t. This helps being aware of and debugging erros happening in the Silex drivers. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Introduce the CRACEN_HW_VERSION Kconfig choice to indicate what CRACEN IP is present. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Remove a step that is not needed and that was not performed properly. It showed up as an error on CRACEN Lite because the IP returns a different error code. ref: DLT-3834 Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Ensure that the memory pointing to the internal octet remains valid and untouched until the task's execution is complete as si_task_consume() says. This provoked issues in certain cases on CRACEN Lite because it's slower and takes more time to retrieve the data through DMA. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
tomi-font
force-pushed
the
security_cracen_support_54l20
branch
from
3e47769 to
e9278eb
Compare
|
tomi-font
removed
DNM
changelog-entry-required
See commits.