Update TF-M to v1.3.0 #101
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
LDong-Arm
force-pushed
the
TF-Mv1.3-integration
branch
4 times, most recently
from
95090da to
59daeeb
Compare
Patater
suggested changes
Apr 27, 2021
| _copy_tfm_ns_files(cmake_build_dir, tgt[0]) | ||
|
|
||
| if args.commit: | ||
| _commit_changes(MBED_TF_M_PATH) |
Contributor
There was a problem hiding this comment.
What commit message does this make? Did we need to add this here? Should we remove the other call to _commit_changes(MBED_TF_M_PATH) to avoid two commits when one combined one is best?
Contributor
There was a problem hiding this comment.
There are indeed two commits. Instead of a unified "Upgrade TF-M for such and such platform", we have a point in history where the binary and the supporting files are out of sync. Also, there are " in the commit messages themselves...
ec76f07b91e7 (HEAD) "Updated directory platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/TARGET_TFM/TARGET_TFM_LATEST"
ddb94b8ee8ae "Updated secure binaries for [('ARM_MUSCA_B1', 'GNUARM')]"
Patater
force-pushed
the
TF-Mv1.3-integration
branch
from
59daeeb to
06e2bde
Compare
Contributor
|
Rebase on latest master |
rwalton-arm
previously requested changes
Apr 28, 2021
Patater
force-pushed
the
TF-Mv1.3-integration
branch
from
06e2bde to
c79282e
Compare
Contributor
|
Updated to address review comments |
Patater
force-pushed
the
TF-Mv1.3-integration
branch
from
c79282e to
4799167
Compare
Contributor
|
Fixed black style in each commit. |
Patater
force-pushed
the
TF-Mv1.3-integration
branch
from
4799167 to
4267835
Compare
Contributor
|
Fixed black style in each commit, using a newer black version. |
Patater
force-pushed
the
TF-Mv1.3-integration
branch
from
4267835 to
edca942
Compare
The "stable" image is pretty old and doesn't include mbed-tools. Upgrade always using the latest image.
Use black, version 21.4b2, to ensure consistent code style in our Python scripts.
Refactor build_tfm.py and psa_builder.py to make it obvious to mexperienced Python programmers where the os.path functions have come from, and to remove ambiguity from code that calls os.path.join() and str.join().
We used to fetch tf-m-tests and psa-arch-tests with our scripts, in order to use ARMmbed forks of those repositories that contain Mbed modifications. Having recently switched to unmodified versions from git.trustedfirmware.org, we should stop fetching dependencies ourselves and let trusted-firmware-m's build system do that, with the following advantages: * trusted-firmware-m tracks fixed versions of dependencies that have been tested. The latest development of individual repositories do not always work together. * trusted-firmware-m's build system automatically applies patches (if available) to fetched dependencies. We do not get those benefits if we passed prefetched dependencies, because by design trusted-firmware-m's build system does not version control user-provided dependency. This is reasonable and allows testing of local changes, but does not suit our main use case.
As we have switched to use trusted-firmware-m's own version control of
dependencies, our script only needs to track trusted-firmware-m now.
This commit
* removes the URLs and revisions of tf-m-tests and psa-arch-tests
* removes entries for ARMmbed repositories
* renames entries:
* mbed-tfm -> released-tfm
* upstream-tfm -> latest-tfm
Notes:
* The `dependencies` structure is not necessary as only fetch from one
URL, but we keep it just in case we use our own forks again in the
future.
* released-tfm now tracks TF-Mv1.3.0, as the continuous integration
branch containing this commit does not work with TF-Mv1.2.0.
When a repository already exists locally, `psa_builder.py` fetches the existing remote by name. If no remote with the given name exists, fetching would fail. This commit fixes the issue by adding a remote as needed.
We've updated to fetch TF-M v1.3.0 now, and some file locations have changed. Update the paths to the files we import.
TF-M redirects output to serial by declaring its own `FILE __stdout` and disables the toolchain's default version of this symbol using the flag `-nostdlib`. But stdlib is enabled and required by Mbed OS, so we need to disable the one from TF-M's libplatform_ns to avoid symbol duplication.
The following commit in trusted-firmware-m
b774fecd SPM: Remove *TFM* IRQ APIs for IPC Model
means that we need to disable IRQ tests in the regression suite.
Use TEST_ASSERT_EQUAL_UINT32() to get better feedback from Greentea when running the PSA Compliance Test Suite.
Support for the PSA IPC test suite has been added for Musca S1 recently. This commit * enables the PSA IPC test suite for Musca S1 * adds IPC test log for Musca S1 used by the Greentea test framework for output comparison * updates README.md
Now the `--commit` option of `build_tfm.py` not only commits `VERSION.txt` and target binaries like before, but also imported PSA API files.
Use the most recently released version of TF-M, rather than the tip of the `master` branch. At the present time, this effectively means TF-M v1.3.0.
A number of headers were historically needed for building tests but not needed for the current version of TF-M anymore. This PR cleans them up. Note: `platform_base_address.h` and `tfm_peripherals_def.h` are still needed but always copied during the build process, so there is no need to track them with git.
The latest `mbed-tools deploy` automatically uses the shallowest clone possible. It has the advantage of fetching the version in mbed-os.lib, compared to a hardcoded `git clone` in `.travis.yml` which fetches the latest `master` branch of Mbed OS.
Patater
force-pushed
the
TF-Mv1.3-integration
branch
from
edca942 to
a7a5a4a
Compare
Contributor
|
Updated with black again, using |
Patater
force-pushed
the
TF-Mv1.3-integration
branch
2 times, most recently
from
5b5f274 to
7c0f760
Compare
Contributor
|
The preceding Mbed OS PR has been merged now. Remove the TEMPORARY commit that points to Lingkai's Mbed OS branch. |
Patater
approved these changes
Apr 30, 2021
This was referenced May 4, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Preceding PR: ARMmbed/mbed-os#14582
This PR integrates TF-M v1.3.0 with Mbed OS.
See individual commits for details.