Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tfm: Configuration changes #19868

Merged
merged 1 commit into from
Jan 21, 2025
Merged

tfm: Configuration changes #19868

merged 1 commit into from
Jan 21, 2025

Conversation

MarkusLassila
Copy link
Contributor

@MarkusLassila MarkusLassila commented Jan 13, 2025
edited by magnev
Loading

  • Allow CONFIG_TFM_PARTITION_PLATFORM without other partitions.
  • Kconfig changes for better usability of PS.
  • Kconfig information for ITS.

test_crypto: PR-742

@MarkusLassila MarkusLassila requested review from a team January 13, 2025 11:16
@MarkusLassila MarkusLassila requested a review from a team as a code owner January 13, 2025 11:16
@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Jan 13, 2025
@NordicBuilder
Copy link
Contributor

NordicBuilder commented Jan 13, 2025
edited
Loading

CI Information

To view the history of this post, clich the 'edited' button above
Build number: 3

Inputs:

Sources:

sdk-nrf: PR head: 550d3b079c10142127b53465f81e17d3c78d1a97

more details

sdk-nrf:

PR head: 550d3b079c10142127b53465f81e17d3c78d1a97
merge base: 0e43ec203ca7d66c6e4e0a07da76a1ea9f0e99b3
target head (main): c361c8ac4ab828a90edb02a59cd982de05f4d818
Diff

Github labels

Enabled Name Description
ci-disabled Disable the ci execution
ci-all-test Run all of ci, no test spec filtering will be done
ci-force-downstream Force execution of downstream even if twister fails
ci-run-twister Force run twister
ci-run-zephyr-twister Force run zephyr twister
List of changed files detected by CI (3) 
modules
│  ├── trusted-firmware-m
│  │  ├── CMakeLists.txt
│  │  │ Kconfig
tests
│  ├── tfm
│  │  ├── tfm_regression_test
│  │  │  ├── boards
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.conf

Outputs:

Toolchain

Version: 11349092be
Build docker image: docker-dtr.nordicsemi.no/sw-production/ncs-build:11349092be_912848a074

Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped; ⚠️ Quarantine

  • ◻️ Toolchain - Skipped: existing toolchain is used
  • ✅ Build twister - Skipped: Skipping Build & Test as it succeeded in a previous run: 2
  • ✅ Integration tests
    • ✅ test-fw-nrfconnect-boot - Skipped: Job was skipped as it succeeded in a previous run
    • ✅ test-fw-nrfconnect-nrf_crypto
    • ✅ test-fw-nrfconnect-tfm - Skipped: Job was skipped as it succeeded in a previous run
    • ✅ test-sdk-find-my - Skipped: Job was skipped as it succeeded in a previous run
    • ✅ test-sdk-mcuboot - Skipped: Job was skipped as it succeeded in a previous run
    • ⚠️ test-fw-nrfconnect-fw-update
Disabled integration tests
    • desktop52_verification
    • doc-internal
    • test_ble_nrf_config
    • test-fw-nrfconnect-apps
    • test-fw-nrfconnect-ble_mesh
    • test-fw-nrfconnect-ble_samples
    • test-fw-nrfconnect-chip
    • test-fw-nrfconnect-fem
    • test-fw-nrfconnect-nfc
    • test-fw-nrfconnect-nrf-iot_libmodem-nrf
    • test-fw-nrfconnect-nrf-iot_mosh
    • test-fw-nrfconnect-nrf-iot_nrf_provisioning
    • test-fw-nrfconnect-nrf-iot_positioning
    • test-fw-nrfconnect-nrf-iot_samples
    • test-fw-nrfconnect-nrf-iot_serial_lte_modem
    • test-fw-nrfconnect-nrf-iot_thingy91
    • test-fw-nrfconnect-nrf-iot_zephyr_lwm2m
    • test-fw-nrfconnect-ps
    • test-fw-nrfconnect-rpc
    • test-fw-nrfconnect-rs
    • test-fw-nrfconnect-thread
    • test-fw-nrfconnect-zigbee
    • test-low-level
    • test-sdk-audio
    • test-sdk-dfu
    • test-sdk-pmic-samples
    • test-sdk-sidewalk
    • test-sdk-wifi
    • test-secdom-samples-public

Note: This message is automatically posted and updated by the CI

@NordicBuilder
Copy link
Contributor

You can find the documentation preview for this PR at this link.

Note: This comment is automatically posted by the Documentation Publish GitHub Action.

greg-fer
greg-fer requested changes Jan 13, 2025
View reviewed changes
@MarkusLassila
tfm: Configuration changes
550d3b0 
- Allow CONFIG_TFM_PARTITION_PLATFORM without other partitions.
- Kconfig changes for better usability of PS.
- Kconfig information for ITS.

Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
@MarkusLassila MarkusLassila force-pushed the tfm-configuration-changes branch from ca0b49a to 550d3b0 Compare January 14, 2025 09:59
Vge0rge
Vge0rge reviewed Jan 15, 2025
View reviewed changes
modules/trusted-firmware-m/Kconfig
@@ -179,17 +181,32 @@ config TFM_ITS_VALIDATE_METADATA_FROM_FLASH
Validate filesystem metadata every time it is read from flash

config TFM_ITS_MAX_ASSET_SIZE
range 512 4096
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe it makes sense to use the NRF_TRUSTZONE_FLASH_REGION_SIZE as the maximum range here (both here and in the PS)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense. Although, if we ever get something else than 4096, then other values will need to revisit other values as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or, actually, does not make sense in PS, as it is 4024, not 4096, but in here it can be used.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Spoke too soon:

  1. The maximum size would actually be the flash erase page size (4096).
  2. Range in Kconfig only deals with numerics, so it is not configurable.

modules/trusted-firmware-m/Kconfig

config TFM_PS_NUM_ASSETS
int "Maximum stored assets number"
range 1 120
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How was the 120 selected here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The table which stores the files needs to fit in TFM_PS_MAX_ASSET_SIZE. Maximum value of files stored with 4024 was (I think) 123.

modules/trusted-firmware-m/Kconfig
area
The maximum number of assets to be stored in the Protected Storage area.
(TF-M does not guarantee that the Protected Storage area is large
enough to store the maximum amount of assets with the maximum size.) Set
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
enough to store the maximum amount of assets with the maximum size.) Set
enough to store the maximum amount of assets with the maximum size) Set

nit
Or you can even just remove the parenthesis all together.

Copy link
Contributor

@greg-fer greg-fer Jan 16, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, both suggested edits introduce punctuation errors. Keep the parenthesis and the period.

greg-fer
greg-fer approved these changes Jan 16, 2025
View reviewed changes
Copy link
Contributor

@greg-fer greg-fer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving, but make sure not to implement this change: https://github.com/nrfconnect/sdk-nrf/pull/19868/files#r1916850492

@MarkusLassila MarkusLassila requested a review from Vge0rge January 16, 2025 10:46
@nordicjm nordicjm merged commit cb7eeac into nrfconnect:main Jan 21, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vge0rge Vge0rge Vge0rge approved these changes

@nordicjm nordicjm nordicjm approved these changes

@greg-fer greg-fer greg-fer approved these changes

@stephen-nordic stephen-nordic Awaiting requested review from stephen-nordic

@magnev magnev Awaiting requested review from magnev magnev is a code owner

Assignees
No one assigned
Labels
changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@MarkusLassila @NordicBuilder @Vge0rge @nordicjm @greg-fer