Do Not Review: Upmerge TF-M v2.1.0 Mbed TLS v3.6.0 (only for testing) #17229
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frkv
requested review from
Vge0rge,
stephen-nordic,
magnev,
tomchy,
ahasztag,
hakonfam,
alstrzebonski,
MarekPieta,
kapi-no,
tejlmand,
a team,
oyvindronningstad,
rlubos,
lemrey,
anangl,
krish2718,
sachinthegreen and
rado17
as code owners
github-actions
bot
added
doc-required
CI InformationTo view the history of this post, clich the 'edited' button above Inputs:Sources:more detailsGithub labels
List of changed files detected by CI (0)Outputs:ToolchainVersion: Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped;
|
|
You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds. Note: This comment is automatically posted by the Documentation Publishing GitHub Action. |
frkv
force-pushed
the
upmerge-TF-M-2.1-mbedtls-3.6
branch
from
9e9e629
to
2b7911e
Compare
frkv
requested review from
carlescufi,
a team,
grochu,
maje-emb,
wentong-li and
bama-nordic
as code owners
When sysbuild Wi-Fi needs to be enabled explicitly to avoid build issues. Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
fixup! crypto: Adding threading support for PSA core Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
-Fixes issues booting TF-M Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
This will be re-enabled when sdl2 is added to toolchain. Signed-off-by: Thomas Stilwell <Thomas.Stilwell@nordicsemi.no>
-Fixes issues on nRF54L15 devices (uses CRACEN) Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
Added this sample scenario to quarantine. Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
Fix build error by including missing file mbedtls_config.h. Signed-off-by: Simen S. Røstad <simen.rostad@nordicsemi.no>
Enable WIFI_NRF70 only for Wi-Fi builds Signed-off-by: Simen S. Røstad <simen.rostad@nordicsemi.no>
-Setting the flag was missing Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
-Added regression trying to fix tfm_hello_Word. This commmit fixes it Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
The flash_thread is using a colliding name when registering with the log module LOG_MODULE_REGISTER(flash, LOG_LEVEL_INF). Update name to flash_thd to avoid naming collision. Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
The write struct member has been removed in bt_gatt_subscribe_params. Replace it by another struct member 'subscribe'. Signed-off-by: Lang Xie <lang.xie@nordicsemi.no> Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
Update the nrf7002 in the thingy91x board to match upstream dts model. Additionally add COEX model of nrf700x for use with for example cpunet. Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
Ignore the min heap requirements for Wi-Fi and update the nrf9151/ns overlay to properly reference the wifi wlan0 node. Signed-off-by: Pete Skeggs <peter.skeggs@nordicsemi.no> Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
Signal that we knowingly are setting the heap size smaller than sum of min heaps. Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
-This enabled md_ext.c for nRF54H20 (CPUAPP/CPURAD) to ensuce psa_can_do_hash and psa_can_do_cipher is available Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
Quarantine net.lib.wifi_credentials_backend_psa temporarily to be fixed after upmerge. Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
Static RAM usage is exceeding the `RAM` region at build time. Decrease the number of RX buffers to fix this. Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
-This adds Kconfis that can be used to signal that legacy MD/CIPHER functionality must be used even though MBEDTLS_PSA_CRYPTO_CLIENT is set. This is done to allow TF-M miminmal configuration to work (as it doesn't enable anything other than RNG). The real solution is to port to use PSA crypto APIs, so these configurations can be removed Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
frkv
force-pushed
the
upmerge-TF-M-2.1-mbedtls-3.6
branch
from
0ec6c42
to
5421337
Compare
The builtin keys are used in different ways for the nRF54L15 and the nRF9160 and nRF5340 devices. The L15 devices don't use the default TFM builtin key loader but they implement their own function to load the builtin keys. The configuration MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is necessary for all the platforms though sinc the PSA core will not include basic builtin key functionality without it. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Enable MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for the nRF54L15 since it is always required in order to use the HUKs. This is relevant to the non-TFM target of L15. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Allow to import a ECC public key even when the algorithm is not set. This is allowed in the other drivers and we observed that some TLS tests don't set the algorithm. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Remove the test case for Oberon PSA on nRF54L15 since it is not fully suppoted. In nRF54L15 the random driver for Cracen has dependencies on other functionality of the Cracen driver which means that you are forced to enable more driver features in order to get random. Enabling features in Cracen automatically disable the equivalent features in Oberon. Since this case requires random from Cracen most of the Oberon functionality of Oberon will be disabled anyway so we disable it here. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
With a more relevant name Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
These will be moved later to the Zephyr file: modules/mbedtls/Kconfig.psa.nordic Placing them here now to minimize the changes in the upmerge Zephyr PR. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
No funtional change here, just fixes spacing issues causing compliance failures in nrf_security and TFM. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Vge0rge
force-pushed
the
upmerge-TF-M-2.1-mbedtls-3.6
branch
from
c6ffa89
to
b0be16e
Compare
|
This pull request has been marked as stale because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this pull request will automatically be closed in 7 days. Note, that you can always re-open a closed pull request at any time. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Current state: Do not merge, Do not review
This pull request adds support for TF-M 2.1.0 and Mbed TLS 3.6.0.
Missing:
The Do not Review statement will be removed once related repositories are synchronized)