-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nrf_security: Change default value of PSA_WANT configurations to disabled #11610
Conversation
The following west manifest projects have been modified in this Pull Request:
Note: This message is automatically posted and updated by the Manifest GitHub Action. |
Test specificationCI/Jenkins/NRF
CI/Jenkins/integration
test-fw-nrfconnect-chip: added because there was no .github/test-spec.yml in 'matter' Detailed information of selected test modules Note: This message is automatically posted and updated by the CI |
You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds. Note: This comment is automatically posted by the Documentation Publishing GitHub Action. |
473d602
to
d116c7f
Compare
ab8ed5d
to
0f1c23f
Compare
4a0ac81
to
4ddb97a
Compare
e330d31
to
987ad5f
Compare
Add sample configurations for the PSA algorithms being used. This makes the samples not rely on default configurations. NCSDK-18031 Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add sample configurations for the PSA algorithms being used. This makes the samples not rely on default configurations. NCSDK-18031 Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add sample configurations for the PSA algorithms being used. This makes the sample not rely on default configurations. NCSDK-18031 Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add sample configurations for the PSA algorithms being used. This makes the sample not rely on default configurations. NCSDK-18031 Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add test configurations for the PSA algorithms being used. This makes the test not rely on default configurations. NCSDK-18031 Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add PSA default configuration with select for the required PSA algorithms needed by TF-M. key derivation is used by TF-M builtin keys and Protected Storage. AEAD algorithm is used by Protected Storage. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Explicitly enable the default set of PSA want algorithms in the psa_tls sample. The set of algorithms is not neccesarily the required set of algorithms but instead just what was already enabled as a simplifiction in order to not cause any configuration changes in the sample. Remove PSA want configuration from other kconfig fragments. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add missing CCM dependency for ciphersuites. The CCM cipher mode can be used in ciphersuites so it should satisfy the requirements. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Update sdk-zephyr to disable PSA configurations by default. Remove default configuration overrides in matter project. Fix TF-M compilation error in ITS when disabling PS. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Change the default value of PSA_WANT configurations to be default disabled.
Kconfig options that required PSA crypto should use
select PSA_WANT_<feature>
.Samples or tests that use PSA crypto should use
CONFIG_PSA_WANT_<feature_>=y
This simplifies the use of Kconfig default value overrides that are present in OpenThread and Matter.
This is a step towards making the PSA_WANT configurations available in upstream zephyr.