Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nrf54l15dk: add TF-M (/ns) support #17463

Merged
merged 10 commits into from
Oct 16, 2024
Merged

nrf54l15dk: add TF-M (/ns) support #17463

merged 10 commits into from
Oct 16, 2024

Conversation

tomi-font
Copy link
Contributor

@tomi-font tomi-font commented Sep 24, 2024
edited by stephen-nordic
Loading

Bring in changes needed in Zephyr and TF-M, and make needed adjustments.

Support for TF-M in nrf54l15pdk is removed at the same time.

test_crypto: PR-667
test_tfm: PR-175

@github-actions github-actions bot added manifest changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. labels Sep 24, 2024
@NordicBuilder
Copy link
Contributor

NordicBuilder commented Sep 24, 2024
edited
Loading

The following west manifest projects have been modified in this Pull Request:

Name Old Revision New Revision Diff
psa-arch-tests nrfconnect/sdk-psa-arch-tests@94a349d nrfconnect/sdk-psa-arch-tests@3da9313 (main) nrfconnect/sdk-psa-arch-tests@94a349db..3da9313e
trusted-firmware-m nrfconnect/sdk-trusted-firmware-m@9573717 nrfconnect/sdk-trusted-firmware-m@d762004 (main) nrfconnect/sdk-trusted-firmware-m@9573717c..d7620047
zephyr nrfconnect/sdk-zephyr@98662fc nrfconnect/sdk-zephyr@6b4c840 (main) nrfconnect/sdk-zephyr@98662fcd..6b4c8404

Note: This message is automatically posted and updated by the Manifest GitHub Action.

@NordicBuilder
Copy link
Contributor

NordicBuilder commented Sep 24, 2024
edited
Loading

CI Information

To view the history of this post, clich the 'edited' button above
Build number: 30

Inputs:

Sources:

trusted-firmware-m: PR head: d76200476c9b6c137a6e5fc400264134ae589708
sdk-nrf: PR head: 9a1b4a7a69649a18326bcc19691fb5da32a58487
zephyr: PR head: 6b4c8404d24374b63546044c2e5752678ede1441

more details

trusted-firmware-m:

PR head: d76200476c9b6c137a6e5fc400264134ae589708
merge base: 9573717cc8c078326fceb2869fe029e98615723b
Diff

sdk-nrf:

PR head: 9a1b4a7a69649a18326bcc19691fb5da32a58487
merge base: 3ad9997ca9d769a0c37bdd03abaea90cb512b91f
target head (main): 3ad9997ca9d769a0c37bdd03abaea90cb512b91f
Diff

zephyr:

PR head: 6b4c8404d24374b63546044c2e5752678ede1441
merge base: 98662fcd51860d23e15471744658f817e34a85ed
Diff

Github labels

Enabled Name Description
ci-disabled Disable the ci execution
ci-all-test Run all of ci, no test spec filtering will be done
ci-force-downstream Force execution of downstream even if twister fails
ci-run-twister Force run twister
ci-run-zephyr-twister Force run zephyr twister
List of changed files detected by CI (104) 
doc
│  ├── nrf
│  │  ├── app_dev
│  │  │  ├── board_support
│  │  │  │  │ board_names.rst
│  │  ├── includes
│  │  │  │ sample_board_rows.txt
│  │  ├── releases_and_maturity
│  │  │  ├── releases
│  │  │  │  │ release-notes-changelog.rst
lib
│  ├── hw_unique_key
│  │  ├── CMakeLists.txt
│  │  ├── hw_unique_key_cc3xx.c
│  │  ├── hw_unique_key_cc3xx_acl.c
│  │  ├── hw_unique_key_cc3xx_kmu.c
│  │  ├── hw_unique_key_cracen_kmu.c
│  │  │ pm.yml.huk_cc3xx
modules
│  ├── tee
│  │  ├── tf-m
│  │  │  ├── trusted-firmware-m
│  │  │  │  ├── platform
│  │  │  │  │  ├── ext
│  │  │  │  │  │  ├── target
│  │  │  │  │  │  │  ├── nordic_nrf
│  │  │  │  │  │  │  │  ├── common
│  │  │  │  │  │  │  │  │  ├── core
│  │  │  │  │  │  │  │  │  │  ├── CMakeLists.txt
│  │  │  │  │  │  │  │  │  │  ├── nrfx_config.h
│  │  │  │  │  │  │  │  │  │  ├── services
│  │  │  │  │  │  │  │  │  │  │  ├── src
│  │  │  │  │  │  │  │  │  │  │  │  │ tfm_platform_hal_ioctl.c
│  │  │  │  │  │  │  │  │  │  ├── startup_nrf54l15.c
│  │  │  │  │  │  │  │  │  │  ├── target_cfg.c
│  │  │  │  │  │  │  │  │  │  │ target_cfg.h
│  │  │  │  │  │  │  │  │  ├── nrf54l15
│  │  │  │  │  │  │  │  │  │  │ cpuarch.cmake
│  │  │  │  │  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp
│  │  │  │  │  │  │  │  │  ├── ns
│  │  │  │  │  │  │  │  │  │  ├── CMakeLists.txt
│  │  │  │  │  │  │  │  │  │  │ cpuarch_ns.cmake
│  │  │  │  │  │  │  │  │  │ tfm_peripherals_config.h
│  ├── trusted-firmware-m
│  │  ├── Kconfig.tfm.defconfig
│  │  ├── Kconfig.tfm.pm
│  │  ├── tfm_boards
│  │  │  ├── CMakeLists.txt
│  │  │  ├── board
│  │  │  │  │ device_cfg.h
│  │  │  ├── nrf54l15_cpuapp
│  │  │  │  │ CMakeLists.txt
samples
│  ├── crypto
│  │  ├── aes_cbc
│  │  │  │ sample.yaml
│  │  ├── aes_ccm
│  │  │  │ sample.yaml
│  │  ├── aes_ctr
│  │  │  │ sample.yaml
│  │  ├── aes_gcm
│  │  │  │ sample.yaml
│  │  ├── chachapoly
│  │  │  │ sample.yaml
│  │  ├── ecdh
│  │  │  │ sample.yaml
│  │  ├── ecdsa
│  │  │  │ sample.yaml
│  │  ├── ecjpake
│  │  │  │ sample.yaml
│  │  ├── eddsa
│  │  │  │ sample.yaml
│  │  ├── hkdf
│  │  │  │ sample.yaml
│  │  ├── hmac
│  │  │  │ sample.yaml
│  │  ├── pbkdf2
│  │  │  │ sample.yaml
│  │  ├── persistent_key_usage
│  │  │  │ sample.yaml
│  │  ├── psa_tls
│  │  │  ├── boards
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │ sample.yaml
│  │  ├── rng
│  │  │  │ sample.yaml
│  │  ├── rsa
│  │  │  │ sample.yaml
│  │  ├── sha256
│  │  │  │ sample.yaml
│  │  ├── spake2p
│  │  │  │ sample.yaml
│  ├── matter
│  │  ├── light_bulb
│  │  │  ├── Kconfig.sysbuild
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  ├── pm_static_nrf54l15dk_nrf54l15_cpuapp_ns.yml
│  │  │  │ sample.yaml
│  │  ├── light_switch
│  │  │  ├── Kconfig.sysbuild
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  ├── pm_static_nrf54l15dk_nrf54l15_cpuapp_ns.yml
│  │  │  │ sample.yaml
│  │  ├── lock
│  │  │  ├── Kconfig.sysbuild
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  ├── pm_static_nrf54l15dk_nrf54l15_cpuapp_ns.yml
│  │  │  │ sample.yaml
│  │  ├── template
│  │  │  ├── Kconfig.sysbuild
│  │  │  ├── README.rst
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  ├── pm_static_nrf54l15dk_nrf54l15_cpuapp_ns.yml
│  │  │  │ sample.yaml
│  │  ├── thermostat
│  │  │  ├── Kconfig.sysbuild
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  ├── pm_static_nrf54l15dk_nrf54l15_cpuapp_ns.yml
│  │  │  │ sample.yaml
│  │  ├── window_covering
│  │  │  ├── Kconfig.sysbuild
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  ├── pm_static_nrf54l15dk_nrf54l15_cpuapp_ns.yml
│  │  │  │ sample.yaml
│  ├── tfm
│  │  ├── tfm_hello_world
│  │  │  │ sample.yaml
scripts
│  │ quarantine_integration.yaml
subsys
│  ├── nrf_security
│  │  ├── src
│  │  │  ├── drivers
│  │  │  │  ├── cracen
│  │  │  │  │  ├── common
│  │  │  │  │  │  ├── include
│  │  │  │  │  │  │  ├── cracen
│  │  │  │  │  │  │  │  │ lib_kmu.h
│  │  │  │  │  ├── cracenpsa
│  │  │  │  │  │  ├── src
│  │  │  │  │  │  │  ├── blkcipher.c
│  │  │  │  │  │  │  ├── kmu.c
│  │  │  │  │  │  │  │ lib_kmu.c
│  │  │  │ psa_crypto_driver_wrappers.c
│  ├── partition_manager
│  │  │ pm.yml.tfm
tests
│  ├── subsys
│  │  ├── bluetooth
│  │  │  ├── fast_pair
│  │  │  │  ├── crypto
│  │  │  │  │  │ testcase.yaml
│  ├── tfm
│  │  ├── tfm_psa_test
│  │  │  ├── boards
│  │  │  │  ├── nrf5340dk_nrf5340_cpuapp_ns.overlay
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  │  ├── nrf54l15pdk_nrf54l15_cpuapp_ns.overlay
│  │  │  │  ├── nrf9151dk_nrf9151_ns.overlay
│  │  │  │  ├── nrf9160dk_nrf9160_ns.overlay
│  │  │  │  │ nrf9161dk_nrf9161_ns.overlay
│  │  │  │ testcase.yaml
│  │  ├── tfm_regression_test
│  │  │  ├── boards
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.conf
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.overlay
│  │  │  │  ├── nrf9151dk_nrf9151_ns.overlay
│  │  │  │  │ nrf9161dk_nrf9161_ns.overlay
│  │  │  │ testcase.yaml
west.yml
zephyr
│  ├── boards
│  │  ├── nordic
│  │  │  ├── nrf54l15dk
│  │  │  │  ├── Kconfig
│  │  │  │  ├── Kconfig.defconfig
│  │  │  │  ├── Kconfig.nrf54l15dk
│  │  │  │  ├── board.cmake
│  │  │  │  ├── board.yml
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.dts
│  │  │  │  ├── nrf54l15dk_nrf54l15_cpuapp_ns.yaml
│  │  │  │  │ nrf54l15dk_nrf54l15_cpuapp_ns_defconfig

Outputs:

Toolchain

Version: 3dd8985b56
Build docker image: docker-dtr.nordicsemi.no/sw-production/ncs-build:3dd8985b56_81ed5a52d6

Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped; ⚠️ Quarantine

  • ◻️ Toolchain - Skipped: existing toolchain is used
  • ✅ Build twister
  • ❌ Integration tests
    • ✅ test-sdk-audio
    • ❌ desktop52_verification
    • ✅ test-fw-nrfconnect-boot
    • ❌ test-fw-nrfconnect-apps
    • ❌ test_ble_nrf_config
    • ✅ test-fw-nrfconnect-ble_mesh
    • ✅ test-fw-nrfconnect-ble_samples
    • ❌ test-fw-nrfconnect-chip
    • ❌ test-fw-nrfconnect-nfc
    • ❌ test-fw-nrfconnect-nrf-iot_cloud
    • ✅ test-fw-nrfconnect-nrf-iot_libmodem-nrf
    • ✅ test-fw-nrfconnect-nrf-iot_serial_lte_modem
    • ✅ test-fw-nrfconnect-nrf-iot_zephyr_lwm2m
    • ✅ test-fw-nrfconnect-nrf-iot_samples
    • ✅ test-fw-nrfconnect-nrf-iot_lwm2m
    • ✅ doc-internal
    • ❌ test-fw-nrfconnect-nrf-iot_thingy91
    • ❌ test-fw-nrfconnect-nrf_crypto - Error: Error starting job: Failed to trigger build of latest/sub/test-fw-nrfconnect-nrf_crypto/PR-667
    • ❌ test-fw-nrfconnect-proprietary_esb
    • ✅ test-fw-nrfconnect-rpc
    • ❌ test-fw-nrfconnect-rs
    • ✅ test-fw-nrfconnect-fem
    • ❌ test-fw-nrfconnect-tfm
    • ❌ test-fw-nrfconnect-thread
    • ❌ test-fw-nrfconnect-zigbee
    • ❌ test-sdk-find-my
    • ❌ test-fw-nrfconnect-nrf-iot_mosh
    • ❌ test-fw-nrfconnect-nrf-iot_positioning
    • ✅ test-sdk-sidewalk
    • ❌ test-sdk-wifi
    • ✅ test-low-level
    • ✅ test-fw-nrfconnect-nrf-iot_nrf_provisioning
    • ✅ test-sdk-pmic-samples
    • ✅ test-sdk-mcuboot
    • ✅ test-sdk-dfu
    • ❌ test-fw-nrfconnect-ps
    • ✅ test-secdom-samples-public
    • ⚠️ test-fw-nrfconnect-fw-update

Note: This message is automatically posted and updated by the CI

@tomi-font tomi-font force-pushed the security_tf-m_support_54l15dk branch 2 times, most recently from 12c5853 to a134757 Compare September 26, 2024 13:57
@github-actions github-actions bot added the doc-required PR must not be merged without tech writer approval. label Sep 26, 2024
@tomi-font tomi-font marked this pull request as ready for review September 26, 2024 13:58
@NordicBuilder
Copy link
Contributor

You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds.

Note: This comment is automatically posted by the Documentation Publishing GitHub Action.

kapi-no
kapi-no approved these changes Sep 27, 2024
View reviewed changes
Copy link
Contributor

@kapi-no kapi-no left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the Fast Pair tests

@github-actions github-actions bot removed the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Sep 27, 2024
nvlsianpu
nvlsianpu reviewed Oct 15, 2024
View reviewed changes
Copy link
Contributor

@nvlsianpu nvlsianpu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did review - see no obstacles against merging that PR.

@rlubos
Copy link
Contributor

rlubos commented Oct 16, 2024

@nrfconnect/ncs-test-leads @nrfconnect/ncs-co-doc Please review

@tomi-font
nrf54l15dk: add TF-M (/ns) support
40a002a 
Bring in changes needed in Zephyr and TF-M, and make needed
adjustments.

Support for TF-M in `nrf54l15pdk` is removed at the same time.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
tests: tfm_psa: rework the testcase.yaml file
b584021 
Put common stuff in the `common` section.
Also add the `nrf54l15dk/nrf54l15/cpuapp/ns` platform to the
`tfm.psa_test_crypto_lvl2` test.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
nrf_security: cracen: cipher_update: do not assert on NULL output
7cc0a28 
Return an error instead of triggering an assert when `output` is NULL.
This is to prevent PSA arch tests from hanging because of this.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
tests: tfm: improve DT overlay organization
54a42c1 
Remove the remaining `app.overlay` as it doesn't fit all the boards.
In addition, make sure that there are DT overlay files for every
supported board.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
lib: hw_unique_key: improve files naming
beef949 
Rename the source files to make it more clear what is using CC3XX.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
nrf_security: psa_crypto_driver_wrappers: cleanup ifdefs
a75f9ba 
Remove the !CONFIG_BUILD_WITH_TFM part because it's already guarded
against at the Kconfig level.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
nrf_security: cracen_kmu: small KMU DEST and METADATA improvement
703b8f0 
Define the KMU DEST field as uint32_t, and use UINT32_MAX everywhere
for to refer to the metadata of secondary slots.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
nrf_security: cracen_kmu: add read_primary_slot_metadata()
64e2b4b 
Remove duplicated code and call into the same common function.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
nrf_security: cracen_kmu: fix KMU provisioning on 54l15dk w/ TF-M
9c54b18 
Temporarily disable RRAMC write buffering when provisioning a KMU slot.
It provokes issues with symptoms being that after provisioning the read
metadata of the primary KMU slot has all bits 1 while it shouldn't.

This fixes the failing CRACEN IKG seed provisioning that was observed
on TF-M startup on nrf54l15dk/nrf54l15/cpuapp/ns.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font
nrf_security: cracen_kmu: rename kmu_src_t and make number less magic
9a1b4a7 
Rename struct kmu_src_t to kmu_src because its

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
@tomi-font tomi-font force-pushed the security_tf-m_support_54l15dk branch from fbb69a9 to 9a1b4a7 Compare October 16, 2024 12:46
@tomi-font tomi-font requested review from a team as code owners October 16, 2024 12:46
@NordicBuilder NordicBuilder removed the DNM label Oct 16, 2024
@umapraseeda
Copy link
Contributor

@wiba-nordic to check the Matter doc changes.

@rlubos rlubos merged commit 964fdb4 into nrfconnect:main Oct 16, 2024
11 of 14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ArekBalysNordic ArekBalysNordic ArekBalysNordic approved these changes

@divipillai divipillai divipillai approved these changes

@mia-ko mia-ko mia-ko approved these changes

@umapraseeda umapraseeda umapraseeda approved these changes

@ns-tolu ns-tolu ns-tolu approved these changes

@rlubos rlubos rlubos approved these changes

@nvlsianpu nvlsianpu nvlsianpu approved these changes

@kapi-no kapi-no kapi-no approved these changes

@carlescufi carlescufi carlescufi approved these changes

@Vge0rge Vge0rge Vge0rge approved these changes

@magnev magnev magnev approved these changes

@stephen-nordic stephen-nordic Awaiting requested review from stephen-nordic stephen-nordic is a code owner

@annwoj annwoj Awaiting requested review from annwoj

@nordicjm nordicjm Awaiting requested review from nordicjm nordicjm is a code owner

@greg-fer greg-fer Awaiting requested review from greg-fer

@tejlmand tejlmand Awaiting requested review from tejlmand tejlmand is a code owner

@gchwier gchwier Awaiting requested review from gchwier

Assignees
No one assigned
Labels
doc-required PR must not be merged without tech writer approval. manifest manifest-psa-arch-tests manifest-trusted-firmware-m manifest-zephyr
Projects
None yet
Milestone
2.8.0
Development

Successfully merging this pull request may close these issues.