DNM: PSA crypto static slots #20159
Closed
DNM: PSA crypto static slots #20159
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frkv
requested review from
a team,
trantanen,
tokangas,
carlescufi,
Frodevan,
adamkondraciuk,
lemrey,
wentong-li,
bama-nordic,
gmarull and
D-Triveni
as code owners
Output uses logging, which has no guarantee of even being enabled or supported Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
- `native_sim/native` needs to be used now instead of `native_sim` - add entries for failing samples and tests that are to be handled after the upmerge: * sample.mcumgr.smp_svr.ram_load.* * nrf_modem_dect_phy_pcc_event * secure_storage.psa.its.secure_storage.* * sample.net.prometheus - remove `native_posix` Signed-off-by: Maciej Perkowski <maciej.perkowski@nordicsemi.no> Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
So far when building for nRF54L15 static DPPI channels were assigned. After adding nRF54L15 support in the DPPI driver this code is unused for nRF54L15 and the common DPPI allocator used hardcoded DPPIC instance. This commit parameterizes the DDPIC instance number depending on the SoC and enables the coresponding instances in the ESB samples' configurations. ESB uses hardcoded instance number per SoC. TODO: Allow selection of the DPPIC instance in one place e.g. Kconfig based on the DTS. Signed-off-by: Michał Grochala <michal.grochala@nordicsemi.no>
- Change posix names to zsock. - Remove CONFIG_x_NRF_HW_ASYNC usage. - Correct size for the external flash. Signed-off-by: Markus Lassila <markus.lassila@nordicsemi.no>
Function has been deprecated in upstream zephyr, so remove from here. Signed-off-by: Sean Madigan <sean.madigan@nordicsemi.no>
Let HOSTAP_CRYPTO_ALT_LEGACY_PSA select MBEDTLS_MD5_C so that md5 related calls are available when crypto_alt is used. Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
In scan_only build we need to override the sysbuild config option as well. By default it gets set to SB_CONFIG_WIFI_NRF70_SYSTEM_MODE which enables supplicant. Overriding this with SB_CONFIG_WIFI_NRF70_SCAN_ONLY fixes this. Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
The ZMS implementation of the ITS store module is not supported when partition manager is used because the DT chosen `secure_storage_its_partition` cannot be used. This would require using a different, partition manager-specific configuration. As partition manager will be replaced this combination is just not supported. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
We cannot render/link Doxygen groups that belong to another project like Zephyr, see nrfconnect#19341 for progress on that. Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Add Zephyr tests due to overflow issues. Refers: NCSDK-31589 NCSDK-31590 NCSDK-31591 Signed-off-by: Katarzyna Giądła <katarzyna.giadla@nordicsemi.no>
BLE logging size requirements have increased a lot. We need to reduce logging to fit the application. Signed-off-by: Maximilian Deubel <maximilian.deubel@nordicsemi.no>
Switched from speed to size optimization for nRF54H20 DK target in debug configurations to reduce memory footprint. Jira: NCSDK-31374 Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
Switched from speed to size optimizations for nRF54L15 DK (nRF54L05 emulated SoC) and enabled LTO in debug and release configurations to reduce memory footprint. Jira: NCSDK-31374 Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
Remove reference of z_impl_sys_rand_get(). Signed-off-by: Eivind Jølsgard <eivind.jolsgard@nordicsemi.no>
Updates required by changes in zephyr upstream for the BT HCI driver. Signed-off-by: Tommi Rantanen <tommi.rantanen@nordicsemi.no>
Update pm policy event usage after API was changed from using relative time in cycles to absolute time in ticks. Signed-off-by: Knut Eldhuset <knut.eldhuset@nordicsemi.no>
This test is not really useful in NCS context (checking if the nRF Wi-Fi driver can be built successfully is done by other tests and samples), and it requires the hal_atmel module to be pulled in (because the WINC1500 driver requires two header files that are located in that module). And the module weights ~87 MB, so it's not reasonable to pull it in just for this one test. Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Fixes an issue with stream writer by providing the size of the partition Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Change posix names to zsock in nrf_cloud lib. Signed-off-by: Maximilian Deubel <maximilian.deubel@nordicsemi.no>
Some sdk-zephyr tests and samples reports issues due to RAM overflow issues. Refers: NCSDK-31667 NCSDK-31671 Signed-off-by: Katarzyna Giądła <katarzyna.giadla@nordicsemi.no>
Applications `applications.nrf_desktop.zrelease` and `applications.nrf_desktop.zdebug` report RAM overflow. Therefore, applications on listed platforms are moved to quaratine. Refers: NCSDK-31675 Signed-off-by: Katarzyna Giądła <katarzyna.giadla@nordicsemi.no>
-This updates sdk-oberon-psa-crypto to a version that support static key slots (see previous commit for configurations. -This updates trusted-firmware-m to a version that supports static key slots (see previous commit for configurations). -This updates Mbed TLS to a version that supports static key slots (see previous commit for configurations). Ref: NCSDK-30210 Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
-This added SYS_INIT will ensure that psa_crypto_init is called in kernel *after* Hw_CC3XX is executed to ensure that mutexes are ready to be used. Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
-Changing default y for nrf_security to use DT_HAS_ZEPHYR_PSA_CRYPTO_RNG_ENABLED instead of depending on ENTROPY_PSA_CRYPTO_RNG. Doing this avoids a dependency loop on ENTROPY_GENERATOR Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
-This commit is only used to enact testing. The dependency for PR nrfconnect#2464 to the previous commit is inherent, but we would like to have a commit that is pickable in the upmerge Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
frkv
force-pushed
the
psa_crypto_static_slots
branch
from
d3ab3c6 to
913672d
Compare
|
This pull request has been marked as stale because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 7 days. Note, that you can always re-open a closed pull request at any time. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support for statically allocated key slots (so heap can be avoided for constrained devices)
Just for testing. Changes will be taken in #19720 if this works
test_low_level: PR-1765
test_rs: PR-1483
test_fem: PR-1483
test_ble_mesh: ble_mesh_upmerge_test
test_crypto: PR-750
test_suit_dfu: PR-450
test_tfm: PR-194
test_secdom_samples_public: NCSDK-NONE_upmerge_jan2025
test_audio: PR-294