{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":330651908,"defaultBranch":"main","name":"sdk-trusted-firmware-m","ownerLogin":"nrfconnect","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-01-18T11:58:41.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/40860733?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1726558151.0","currentOid":""},"activityList":{"items":[{"before":"dc309f687d4ad579013a6022db12794a69e47bdd","after":"9f68daeafd7b662c96d6fdf61c83222248e3ed9f","ref":"refs/heads/main","pushedAt":"2024-09-03T13:03:01.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: Fix SPU include for 54l\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nInclude the SPU header for the NRF54L which it does not\nhave the define NRF_SPU.\n\nSigned-off-by: Georgios Vasilakis ","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: Fix SPU include for 54l"}},{"before":"ac5004232f9b5ae7209b5b1b77eb30ae89309abe","after":"dc309f687d4ad579013a6022db12794a69e47bdd","ref":"refs/heads/main","pushedAt":"2024-08-30T11:54:21.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"carlescufi","name":"Carles Cufí","path":"/carlescufi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/12450381?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: Remove unused define for nRF54L15\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nThe latest nrfx removes the define NRF_GPIO_PIN_SEL_TND\nfor the nRF54L15 indirectly since it removes the define:\nGPIO_PIN_CNF_MCUSEL_TND and the GPIO_PIN_CNF_CTRLSEL_TND\nis also not defined.\n\nSigned-off-by: Georgios Vasilakis ","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: Remove unused define for nRF54L15"}},{"before":"44ba9acb4b1968b305a8eb687cfa4d80903d68b1","after":"ac5004232f9b5ae7209b5b1b77eb30ae89309abe","ref":"refs/heads/main","pushedAt":"2024-08-22T07:34:30.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"nordicjm","name":"Jamie","path":"/nordicjm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40387179?s=80&v=4"},"commit":{"message":"[nrf fromtree] platform: nordic: Guard nvmc header with soc\n\nThe anomaly only appears on nRF91 platforms and some\nplatforms do not have NVMC so the header cannot be\nincluded.\n\nChange-Id: I02c73c9a752599ca9be9320dc19f390aea0f767a\nSigned-off-by: Seppo Takalo \n(cherry picked from commit 539dd8949b2f7a9785f447907dfc1e242eeb0965)","shortMessageHtmlLink":"[nrf fromtree] platform: nordic: Guard nvmc header with soc"}},{"before":"ca4d8e6defc0b050989c88761fd1999fa5a5c335","after":"44ba9acb4b1968b305a8eb687cfa4d80903d68b1","ref":"refs/heads/main","pushedAt":"2024-08-09T13:34:06.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: Remove unused code\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nRemoved an ifdef which was never used because it was included\nin the else statement with the same symbol.\n\nIn nRF54L by default we configure all peripherals as non-secure and\nthen we excplicitely configure as secure the ones needed. So this\nwas in other case not needed.\n\nSigned-off-by: Georgios Vasilakis ","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: Remove unused code"}},{"before":"e345a0769d7e073729b1999f0346cc5b2ea964a5","after":"ca4d8e6defc0b050989c88761fd1999fa5a5c335","ref":"refs/heads/main","pushedAt":"2024-08-09T08:45:53.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf fromtree] platform: nordic_nrf: APPROTECT to lock debugging\n\nNRF_APPROTECT and NRF_SECURE_APPROTECT\nto take precedence over other mechanisms when configuring\ndebugging for TF-M.\n\nFor nRF53 and nRF91x1 the actual locking of firmware is done\nelsewhere. This further locks the UICR.\n\nnRF9160 supports only hardware APPROTECT. This will lock the\nAPPROTECT / SECUREAPPROTECT in the next boot, when the above\nsettings are configured.\n\nChange-Id: I5e304be0f8a34c0016488d9ec09929bbcb38481f\nSigned-off-by: Markus Lassila \n(cherry picked from commit 734a51d3b18422ad516e08e7ddc107e921d64180)","shortMessageHtmlLink":"[nrf fromtree] platform: nordic_nrf: APPROTECT to lock debugging"}},{"before":"beb7825332ac2184b972e71d297564854408bffd","after":"e345a0769d7e073729b1999f0346cc5b2ea964a5","ref":"refs/heads/main","pushedAt":"2024-07-29T08:43:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"nordicjm","name":"Jamie","path":"/nordicjm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40387179?s=80&v=4"},"commit":{"message":"[noup] KMU: Add NOLOAD to linker section for the nRF KMU region\n!fixup [nrf noup] platform: ext: nordic_nrf: Custom nRF54L15 linker file\n\nThis was missed in a previous commit without this the linker will place\nthe initialization of this global variable which is 0 at the address of\nS_DATA_START in Flash, now it will be discarded.\n\nRef. NCSDK-25121\n\nSigned-off-by: Sigvart Hovland ","shortMessageHtmlLink":"[noup] KMU: Add NOLOAD to linker section for the nRF KMU region"}},{"before":"bc01a4cd6b9828c0d59d766e95092aee21aacbce","after":"beb7825332ac2184b972e71d297564854408bffd","ref":"refs/heads/main","pushedAt":"2024-07-22T08:28:41.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf fromlist] ITS: Fix checks for PS usage\n\nThe check for whether file should be encrypted, and be fully written\nmissed some PS usage.\n\nUpstream-PR: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/30056\nSigned-off-by: Vidar Lillebø \nChange-Id: Ifa7fe00e511a6071b2b5c455df84b8e4f0535c84","shortMessageHtmlLink":"[nrf fromlist] ITS: Fix checks for PS usage"}},{"before":"e7ecf59761197975b86c0c7077950ca3c9159681","after":"bc01a4cd6b9828c0d59d766e95092aee21aacbce","ref":"refs/heads/main","pushedAt":"2024-07-17T13:55:51.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] platform: ext: nordic_nrf: Custom nRF54L15 linker file\n\nAdd a custom section in the linker script for the CRACEN KMU\ndriver use by nRF54L15. We need a buffer in a static memory\nlocation which wil be used by the KMU to perform push\noperations.\n\nIt's a noup since the KMU is not supported fully upstream\nyet.\n\nRef: NCSDK-25121\n\nSigned-off-by: Georgios Vasilakis ","shortMessageHtmlLink":"[nrf noup] platform: ext: nordic_nrf: Custom nRF54L15 linker file"}},{"before":"f334e66e3d38aa99f4fbf08ebf17c16697bda4ed","after":"e7ecf59761197975b86c0c7077950ca3c9159681","ref":"refs/heads/main","pushedAt":"2024-07-16T15:41:27.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf fromtree] platform: nordic: Add platform memory write service\n\nThere are some hardware registers in Nordic platforms\nwhich are mapped as secure only. In order to allow the\nnon-secure application to control these registers I added\nhere a secure service which allows 32-bit writes to secure\nmapped memory. The writes are only allowed on addresses and\nmasks defined in a header list. It is also possible to\nprovide an allowed_values list in order to further limit\nthe accepted values.\n\nRenamed: tfm_read_ranges.h -> tfm_platform_user_memory_ranges.h\nsince now it can be used for both reads and writes.\n\nThe list in the current platforms is empty and might be populated\nlater.\n\nSigned-off-by: Georgios Vasilakis \nChange-Id: Ifa31ba73ec07b216a7e987653255fcc6e9d3989c\n(cherry picked from commit 57b33427d15fbbb966ee3991c1ae4471364259b4)","shortMessageHtmlLink":"[nrf fromtree] platform: nordic: Add platform memory write service"}},{"before":"553c47a6a4c490bc799f2b455dfd0ebe3a49b0d0","after":"f334e66e3d38aa99f4fbf08ebf17c16697bda4ed","ref":"refs/heads/main","pushedAt":"2024-07-15T12:49:52.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"nordicjm","name":"Jamie","path":"/nordicjm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40387179?s=80&v=4"},"commit":{"message":"[nrf noup] tfm: 54l: Remove TODO that has been addressed\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nRemove TODO that has been addressed.\n\nVPR is configured to be non-secure when NRF_SPU is memset to 0.\n\nSigned-off-by: Sebastian Bøe \nChange-Id: I8f1ee39a51f0d87855d2476b6337994cea5901f5","shortMessageHtmlLink":"[nrf noup] tfm: 54l: Remove TODO that has been addressed"}},{"before":null,"after":"553c47a6a4c490bc799f2b455dfd0ebe3a49b0d0","ref":"refs/heads/v2.0.0-ncs2-branch","pushedAt":"2024-07-04T19:29:31.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"anangl","name":"Andrzej Głąbek","path":"/anangl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/16913290?s=80&v=4"},"commit":{"message":"[nrf noup] Fix version warning\n\nVersion check depends on upstream's tagging scheme which differs\nfrom NCS's\n\nSigned-off-by: Vidar Lillebø ","shortMessageHtmlLink":"[nrf noup] Fix version warning"}},{"before":"0fa3c2a105a9c737643594bed2fef6dca11049f7","after":"553c47a6a4c490bc799f2b455dfd0ebe3a49b0d0","ref":"refs/heads/main","pushedAt":"2024-06-21T09:51:13.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf noup] Fix version warning\n\nVersion check depends on upstream's tagging scheme which differs\nfrom NCS's\n\nSigned-off-by: Vidar Lillebø ","shortMessageHtmlLink":"[nrf noup] Fix version warning"}},{"before":"92a5b4ffa527a1d9fb00924c227536e46169bd6e","after":"0fa3c2a105a9c737643594bed2fef6dca11049f7","ref":"refs/heads/main","pushedAt":"2024-06-12T06:55:10.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"anangl","name":"Andrzej Głąbek","path":"/anangl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/16913290?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: Fix 54L Add ITS encryption support\n\n!fixup [nrf noup] platform: nordic_nrf: Add support for 54l\n\nChange the implementation for cracen ITS encryption to match\ncryptocell.\n\nSigned-off-by: Markus Swarowsky \n\ndiff --git a/platform/ext/target/nordic_nrf/common/core/tfm_hal_its_encryption_cracen.c b/platform/ext/target/nordic_nrf/common/core/tfm_hal_its_encryption_cracen.c\nindex f75901622..8871bc2e9 100644\n\nSigned-off-by: Markus Swarowsky \n--- a/platform/ext/target/nordic_nrf/common/core/tfm_hal_its_encryption_cracen.c\n+++ b/platform/ext/target/nordic_nrf/common/core/tfm_hal_its_encryption_cracen.c\n@@ -110,10 +110,10 @@ static bool ctx_is_valid(struct tfm_hal_its_auth_crypt_ctx *ctx)\n }\n\n psa_status_t tfm_hal_its_get_aead(struct tfm_hal_its_auth_crypt_ctx *ctx,\n- const uint8_t *plaintext,\n- const size_t plaintext_size,\n- uint8_t *ciphertext,\n- const size_t ciphertext_size,\n+ const uint8_t *input,\n+ const size_t input_size,\n+ uint8_t *output,\n+ const size_t output_size,\n uint8_t *tag,\n const size_t tag_size,\n bool encrypt)\n@@ -121,7 +121,8 @@ psa_status_t tfm_hal_its_get_aead(struct tfm_hal_its_auth_crypt_ctx *ctx,\n psa_status_t status;\n uint8_t key_out[CHACHA20_KEY_SIZE];\n psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;\n- size_t ciphertext_length;\n+ cracen_aead_operation_t operation = {0};\n+ size_t out_length;\n size_t tag_length = PSA_AEAD_TAG_LENGTH(PSA_KEY_TYPE_CHACHA20,\n PSA_BYTES_TO_BITS(CHACHA20_KEY_SIZE),\n TFM_ITS_AEAD_ALG);\n@@ -134,13 +135,12 @@ psa_status_t tfm_hal_its_get_aead(struct tfm_hal_its_auth_crypt_ctx *ctx,\n return TFM_HAL_ERROR_INVALID_INPUT;\n }\n\n- if (encrypt && (ciphertext_size < PSA_AEAD_ENCRYPT_OUTPUT_SIZE(PSA_KEY_TYPE_CHACHA20,\n+ if (encrypt && (output_size < PSA_AEAD_ENCRYPT_OUTPUT_SIZE(PSA_KEY_TYPE_CHACHA20,\n TFM_ITS_AEAD_ALG,\n- plaintext_size))){\n+ input_size))){\n return TFM_HAL_ERROR_INVALID_INPUT;\n }\n\n-\n status = hw_unique_key_derive_key(HUK_KEYSLOT_MKEK, NULL, 0, ctx->deriv_label, ctx->deriv_label_size, key_out, sizeof(key_out));\n if (status != HW_UNIQUE_KEY_SUCCESS) {\n return TFM_HAL_ERROR_GENERIC;\n@@ -152,40 +152,35 @@ psa_status_t tfm_hal_its_get_aead(struct tfm_hal_its_auth_crypt_ctx *ctx,\n psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(CHACHA20_KEY_SIZE));\n\n if (encrypt) {\n- status = cracen_aead_encrypt(&attributes,\n- key_out,\n- sizeof(key_out),\n- TFM_ITS_AEAD_ALG,\n- ctx->nonce,\n- ctx->nonce_size,\n- ctx->aad,\n- ctx->add_size,\n- plaintext,\n- plaintext_size,\n- ciphertext,\n- ciphertext_size,\n- &ciphertext_length);\n+ status = cracen_aead_encrypt_setup(&operation, &attributes, key_out, sizeof(key_out), TFM_ITS_AEAD_ALG);\n } else {\n- status = cracen_aead_decrypt(&attributes,\n- key_out,\n- sizeof(key_out),\n- TFM_ITS_AEAD_ALG,\n- ctx->nonce,\n- ctx->nonce_size,\n- ctx->aad,\n- ctx->add_size,\n- plaintext,\n- plaintext_size,\n- ciphertext,\n- ciphertext_size,\n- &ciphertext_length);\n- }\n- if(status != PSA_SUCCESS){\n+ status = cracen_aead_decrypt_setup(&operation, &attributes, key_out, sizeof(key_out), TFM_ITS_AEAD_ALG);\n+ }\n+\n+ if (status != PSA_SUCCESS) {\n+ return status;\n+ }\n+\n+ status = cracen_aead_set_nonce(&operation, ctx->nonce, ctx->nonce_size);\n+ if (status != PSA_SUCCESS) {\n return status;\n }\n\n- /* copy tag from ciphertext buffer to tag buffer */\n- memcpy(tag, ciphertext + ciphertext_length - tag_length, tag_length);\n+ status = cracen_aead_update_ad(&operation, ctx->aad, ctx->add_size);\n+ if (status != PSA_SUCCESS) {\n+ return status;\n+ }\n+\n+ status = cracen_aead_update(&operation, input, input_size, output, output_size, &out_length);\n+ if (status != PSA_SUCCESS) {\n+ return status;\n+ }\n+\n+ if (encrypt) {\n+ status = cracen_aead_finish(&operation, output + out_length, output_size - out_length, &out_length, tag, tag_size, &tag_length);\n+ } else {\n+ status = cracen_aead_verify(&operation, output + out_length, output_size - out_length, &out_length , tag, tag_size);\n+ }\n\n return status;\n }","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: Fix 54L Add ITS encryption support"}},{"before":"39a386c797428a82d77c2b173a6b028af565f03c","after":"92a5b4ffa527a1d9fb00924c227536e46169bd6e","ref":"refs/heads/main","pushedAt":"2024-05-28T12:42:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] cmake: Fix TFM psa_crypto_config linking error\n\nFix linking errors with psa_crypto_config observed in TFM test\napplications.\n\nTo be reverted during the next TFM upmerge, as this isolated change is\nalready part of a larger commit upstream.\n\nSigned-off-by: Robert Lubos ","shortMessageHtmlLink":"[nrf noup] cmake: Fix TFM psa_crypto_config linking error"}},{"before":"3ebf3d3bd0fe906873eaaa3e13bba319b5705131","after":"39a386c797428a82d77c2b173a6b028af565f03c","ref":"refs/heads/main","pushedAt":"2024-05-24T10:39:10.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf fromtree] Platform: nordic_nrf: Don't configure NRF_VMC as non-secure\n\nDont configure the volatile memory controller as a non-secure peripheral\n\n(cherry picked from commit c670a6af1f0a3d7d6389e8879e8de17c1bd442fe)\n\nChange-Id: I2489defaf6deb89beba7447ba079ea3e5afebca5\nSigned-off-by: Markus Rekdal ","shortMessageHtmlLink":"[nrf fromtree] Platform: nordic_nrf: Don't configure NRF_VMC as non-s…"}},{"before":"67783a647d6b7976bd7b6b3a9acbda19565e7f3c","after":"3ebf3d3bd0fe906873eaaa3e13bba319b5705131","ref":"refs/heads/main","pushedAt":"2024-05-24T08:35:36.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: 54L Use HUK library for EITS\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nDue to dependencies problems between the ITS and crypto partitions\nrefactoring the ITS encryption interface to use the HUK library and the\ncracen driver directly.\n\nSigned-off-by: Markus Swarowsky ","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: 54L Use HUK library for EITS"}},{"before":"dd0114796baf44d249764b2f3b9bc3be9c1d01d4","after":"67783a647d6b7976bd7b6b3a9acbda19565e7f3c","ref":"refs/heads/main","pushedAt":"2024-05-23T09:57:53.000Z","pushType":"pr_merge","commitsCount":8,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf noup] Platform: Nordic: Configure misc. peripherals as Secure\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nConfigure misc. peripherals as Secure.\n\nSee the code for which peripherals and why.\n\nSigned-off-by: Sebastian Bøe \nChange-Id: I3cf4f42d5d3bc0aa4dc266e0c1d8035ad69372a1","shortMessageHtmlLink":"[nrf noup] Platform: Nordic: Configure misc. peripherals as Secure"}},{"before":"6e6d572c87480ccf816a8a08ff6f2bcb2ae557d3","after":"dd0114796baf44d249764b2f3b9bc3be9c1d01d4","ref":"refs/heads/main","pushedAt":"2024-05-15T14:18:02.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf noup] Add MPC and SPC error reporting for nrf54l\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nAdds handling of MPC and SPC errors.\n\nSigned-off-by: Vidar Lillebø ","shortMessageHtmlLink":"[nrf noup] Add MPC and SPC error reporting for nrf54l"}},{"before":"fb1c0db8d32a7a100210e31871461e0bb33ac3af","after":"6e6d572c87480ccf816a8a08ff6f2bcb2ae557d3","ref":"refs/heads/main","pushedAt":"2024-05-15T12:07:40.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf noup] tfm: 54l: Improve MPC configuration documentation\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nImprove MPC configuration documentation.\n\nSigned-off-by: Sebastian Bøe \nChange-Id: I191ca14ba8a6880217cc740a77ea2806af1e0d61\nSigned-off-by: Markus Swarowsky \n\ndiff --git a/platform/ext/target/nordic_nrf/common/core/target_cfg.c b/platform/ext/target/nordic_nrf/common/core/target_cfg.c\nindex fa1a8eda6..66929256a 100644\n--- a/platform/ext/target/nordic_nrf/common/core/target_cfg.c\n+++ b/platform/ext/target/nordic_nrf/common/core/target_cfg.c\n@@ -963,10 +963,30 @@ enum tfm_plat_err_t nrf_mpc_init_cfg(void)\n \t/* On 54l the NRF_MPC00->REGION[]'s are fixed in HW and the\n \t * OVERRIDE indexes (that are useful to us) start at 0 and end\n \t * (inclusive) at 4.\n+\t *\n+\t * Note that the MPC regions configure all volatile and non-volatile memory as secure, so we only\n+\t * need to explicitly OVERRIDE the non-secure addresses to permit non-secure access.\n+\t *\n+\t * Explicitly configuring memory as secure is not necessary.\n+\t *\n+\t * The last OVERRIDE in 54L is fixed in HW and exists to prevent\n+\t * other bus masters than the KMU from accessing CRACEN protected RAM.\n+\t *\n+\t * Note that we must take care not to configure an OVERRIDE that\n+\t * affects an active bus transaction.\n+\t *\n+\t * Note that we don't configure the NSC region to be NS because\n+\t * from the MPC's perspective it is secure. NSC is only configurable from the SAU.\n+\t *\n+\t * Note that OVERRIDE[n].MASTERPORT has a reasonable reset value\n+\t * so it is left unconfigured.\n+\t *\n+\t * Note that there are two owners in 54L. KMU with owner ID 1, and everything else with owner ID 0.\n \t */\n-\tuint32_t index = 0;\n\n-\t/* Configure the non-secure partition of the non-volatile\n+\tuint32_t index = 0;\n+\t/*\n+\t * Configure the non-secure partition of the non-volatile\n \t * memory. This MPC region is intended to cover both the\n \t * non-secure partition in the NVM and also the FICR. The FICR\n \t * starts after the NVM and ends just before the UICR.\n@@ -1001,13 +1021,8 @@ enum tfm_plat_err_t nrf_mpc_init_cfg(void)\n \t\ttfm_core_panic();\n \t}\n\n-\t/* TODO: NCSDK-25050: Review configuration. Any other addresses we need to override? */\n\n-\t/* Note that we don't configure the NSC region to be NS because it is secure */\n\n-\t/* Note that OVERRIDE[n].MASTERPORT has a reasonable reset value\n-\t * so it is left unconfigured.\n-\t */\n\n \treturn TFM_PLAT_ERR_SUCCESS;\n }","shortMessageHtmlLink":"[nrf noup] tfm: 54l: Improve MPC configuration documentation"}},{"before":"7b734feaad68ae53d98dbdd916d80d45ffda9a9f","after":"fb1c0db8d32a7a100210e31871461e0bb33ac3af","ref":"refs/heads/main","pushedAt":"2024-05-14T10:23:19.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"nordicjm","name":"Jamie","path":"/nordicjm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40387179?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: config of UART instances\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nThis allows select which UART instance is used for TF-M\n\nRef: NCSDK-25009\nSigned-off-by: Markus Swarowsky \n\ndiff --git a/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c b/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c\nindex d69a84fa6..f2ffaf1a6 100644\n\nSigned-off-by: Markus Swarowsky \n--- a/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c\n+++ b/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c\n@@ -40,7 +40,8 @@\n\n #define ARM_USART_DRV_VERSION ARM_DRIVER_VERSION_MAJOR_MINOR(2, 2)\n\n-#if RTE_USART0 || RTE_USART1 || RTE_USART2 || RTE_USART3 || RTE_USART20 || RTE_USART30\n+#if RTE_USART0 || RTE_USART1 || RTE_USART2 || RTE_USART3 || \\\n+ RTE_UART00 || RTE_USART20 || RTE_UART21 || RTE_UART22 || RTE_USART30\n\n #define PSEL_DISCONNECTED 0xFFFFFFFFUL\n\n@@ -439,11 +440,22 @@ DRIVER_USART(2);\n DRIVER_USART(3);\n #endif\n\n-// TODO: NCSDK-25009: Support choosing an instance for TF-M\n+#if RTE_USART00\n+DRIVER_USART(00);\n+#endif\n+\n #if RTE_USART20\n DRIVER_USART(20);\n #endif\n\n+#if RTE_USART21\n+DRIVER_USART(21);\n+#endif\n+\n+#if RTE_USART22\n+DRIVER_USART(22);\n+#endif\n+\n #if RTE_USART30\n DRIVER_USART(30);\n #endif\ndiff --git a/platform/ext/target/nordic_nrf/common/core/nrfx_config.h b/platform/ext/target/nordic_nrf/common/core/nrfx_config.h\nindex 1bbe75f6e..f76e49cdd 100644\n--- a/platform/ext/target/nordic_nrf/common/core/nrfx_config.h\n+++ b/platform/ext/target/nordic_nrf/common/core/nrfx_config.h\n@@ -48,7 +48,8 @@\n\n #endif /* RTE_FLASH0 */\n\n-#if RTE_USART0 || RTE_USART1 || RTE_USART2 || RTE_USART3 || RTE_USART20 || RTE_USART30\n+#if RTE_USART0 || RTE_USART1 || RTE_USART2 || RTE_USART3 || \\\n+ RTE_USART00 || RTE_USART20 || RTE_USART21 || RTE_USART22 || RTE_USART30\n #define NRFX_UARTE_ENABLED 1\n #endif\n #if RTE_USART0\n@@ -64,10 +65,19 @@\n #define NRFX_UARTE3_ENABLED 1\n #endif\n\n-// TODO: NCSDK-25009: Moonlight: Make it possible to use different UARTS with TF-M\n+/* 54L15 has different UART instances */\n+#if RTE_USART00\n+#define NRFX_UARTE00_ENABLED 1\n+#endif\n #if RTE_USART20\n #define NRFX_UARTE20_ENABLED 1\n #endif\n+#if RTE_USART21\n+#define NRFX_UARTE21_ENABLED 1\n+#endif\n+#if RTE_USART22\n+#define NRFX_UARTE22_ENABLED 1\n+#endif\n #if RTE_USART30\n #define NRFX_UARTE30_ENABLED 1\n #endif\ndiff --git a/platform/ext/target/nordic_nrf/common/core/target_cfg.c b/platform/ext/target/nordic_nrf/common/core/target_cfg.c\nindex f4b8c534e..fa1a8eda6 100644\n--- a/platform/ext/target/nordic_nrf/common/core/target_cfg.c\n+++ b/platform/ext/target/nordic_nrf/common/core/target_cfg.c\n@@ -44,6 +44,11 @@\n\n #endif\n\n+#define SPU_ADDRESS_REGION (0x50000000)\n+#define GET_SPU_SLAVE_INDEX(periph) ((periph.periph_start & 0x0003F000) >> 12)\n+#define GET_SPU_INSTANCE(periph) ((NRF_SPU_Type*)(SPU_ADDRESS_REGION | (periph.periph_start & 0x00FC0000)))\n+\n+\n #ifdef CACHE_PRESENT\n #include \n #endif\n@@ -263,6 +268,34 @@ struct platform_data_t tfm_peripheral_uarte3 = {\n };\n #endif\n\n+#if TFM_PERIPHERAL_UARTE00_SECURE\n+struct platform_data_t tfm_peripheral_uarte00 = {\n+ NRF_UARTE00_S_BASE,\n+ NRF_UARTE00_S_BASE + (sizeof(NRF_UARTE_Type) - 1),\n+};\n+#endif\n+\n+#if TFM_PERIPHERAL_UARTE20_SECURE\n+struct platform_data_t tfm_peripheral_uarte20 = {\n+ NRF_UARTE20_S_BASE,\n+ NRF_UARTE20_S_BASE + (sizeof(NRF_UARTE_Type) - 1),\n+};\n+#endif\n+\n+#if TFM_PERIPHERAL_UARTE21_SECURE\n+struct platform_data_t tfm_peripheral_uarte21 = {\n+ NRF_UARTE21_S_BASE,\n+ NRF_UARTE21_S_BASE + (sizeof(NRF_UARTE_Type) - 1),\n+};\n+#endif\n+\n+#if TFM_PERIPHERAL_UARTE22_SECURE\n+struct platform_data_t tfm_peripheral_uarte22 = {\n+ NRF_UARTE22_S_BASE,\n+ NRF_UARTE22_S_BASE + (sizeof(NRF_UARTE_Type) - 1),\n+};\n+#endif\n+\n #if TFM_PERIPHERAL_UARTE30_SECURE\n struct platform_data_t tfm_peripheral_uarte30 = {\n NRF_UARTE30_S_BASE,\n@@ -1051,8 +1084,7 @@ enum tfm_plat_err_t spu_periph_init_cfg(void)\n \t\t\t}\n \t\t}\n\n-\t\t/* TODO: NCSDK-22597: Configure UART30 pins as secure */\n-\n+\t\t/* TODO: NCSDK-22597: Make peripherals configurable */\n \t\tfor(uint8_t index = 0; index < ARRAY_SIZE(spu_instance->PERIPH); index++) {\n \t\t\tif(!nrf_spu_periph_perm_present_get(spu_instance, index)) {\n \t\t\t\t/* Peripheral is not present, nothing to configure */\n@@ -1072,16 +1104,34 @@ enum tfm_plat_err_t spu_periph_init_cfg(void)\n \t\t\t}\n\n \t\t\t/* Note that we don't configure dmasec because it has no effect when secattr is non-secure */\n-\n-\t\t\t/* nrf_spu_periph_perm_lock_enable TODO: NCSDK-25009: Lock it down without breaking TF-M UART */\n \t\t}\n \t}\n\n-\t/* Configure TF-M's UART30 peripheral to be secure with secure DMA */\n+\t/* Configure TF-M's UART peripheral to be secure with secure DMA */\n+#if NRF_SECURE_UART_INSTANCE == 00\n+ uint32_t UART_SPU_SLAVE_INDEX = GET_SPU_SLAVE_INDEX(tfm_peripheral_uarte00);\n+ NRF_SPU_Type * p_spu_instance = GET_SPU_INSTANCE(tfm_peripheral_uarte00);\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 20\n+ uint32_t UART_SPU_SLAVE_INDEX = GET_SPU_SLAVE_INDEX(tfm_peripheral_uarte20);\n+ NRF_SPU_Type * p_spu_instance = GET_SPU_INSTANCE(tfm_peripheral_uarte20);\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 21\n+ uint32_t UART_SPU_SLAVE_INDEX = GET_SPU_SLAVE_INDEX(tfm_peripheral_uarte21);\n+ NRF_SPU_Type * p_spu_instance = GET_SPU_INSTANCE(tfm_peripheral_uarte21);\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 22\n+ uint32_t UART_SPU_SLAVE_INDEX = GET_SPU_SLAVE_INDEX(tfm_peripheral_uarte22);\n+ NRF_SPU_Type * p_spu_instance = GET_SPU_INSTANCE(tfm_peripheral_uarte22);\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 30\n+ uint32_t UART_SPU_SLAVE_INDEX = GET_SPU_SLAVE_INDEX(tfm_peripheral_uarte30);\n+ NRF_SPU_Type * p_spu_instance = GET_SPU_INSTANCE(tfm_peripheral_uarte30);\n+#endif\n \tbool enable = true; /* true means secure */\n-\tuint32_t UART30_SLAVE_INDEX = (NRF_UARTE30_S_BASE & 0x0003F000) >> 12;\n-\tnrf_spu_periph_perm_secattr_set(NRF_SPU30, UART30_SLAVE_INDEX, enable);\n-\tnrf_spu_periph_perm_dmasec_set(NRF_SPU30, UART30_SLAVE_INDEX, enable);\n+\tnrf_spu_periph_perm_secattr_set(p_spu_instance, UART_SPU_SLAVE_INDEX, enable);\n+\tnrf_spu_periph_perm_dmasec_set(p_spu_instance, UART_SPU_SLAVE_INDEX, enable);\n+ nrf_spu_periph_perm_lock_enable(p_spu_instance,UART_SPU_SLAVE_INDEX);\n\n #else\n static const uint8_t target_peripherals[] = {\n@@ -1114,9 +1164,13 @@ static const uint8_t target_peripherals[] = {\n /* When UART0 is a secure peripheral we need to leave Serial-Box 0 as Secure.\n * The UART Driver will configure it as non-secure when it uninitializes.\n */\n+#if defined(NRF54L15_ENGA_XXAA)\n+ NRFX_PERIPHERAL_ID_GET(NRF_SPIM00),\n+#else\n #if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 0)\n NRFX_PERIPHERAL_ID_GET(NRF_SPIM0),\n-#endif\n+#endif /* !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 0) */\n+#endif /* NRF54L15_ENGA_XXAA */\n\n /* When UART1 is a secure peripheral we need to leave Serial-Box 1 as Secure */\n #if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 1)\n@@ -1124,9 +1178,19 @@ static const uint8_t target_peripherals[] = {\n #endif\n NRFX_PERIPHERAL_ID_GET(NRF_SPIM2),\n NRFX_PERIPHERAL_ID_GET(NRF_SPIM3),\n- /* When UART30 is a secure peripheral we need to leave Serial-Box 30 as Secure */\n-#if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 30)\n- // TODO: NCSDK-25009: spu_peripheral_config_non_secure((uint32_t)NRF_SPIM30, false);\n+\n+/* For Moonlight if a UART instance is selected to be the secure instance leave it as secure */\n+#if NRF_SECURE_UART_INSTANCE == 20\n+ NRFX_PERIPHERAL_ID_GET(NRF_SPIM20),\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 21\n+ NRFX_PERIPHERAL_ID_GET(NRF_SPIM21),\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 22\n+ NRFX_PERIPHERAL_ID_GET(NRF_SPIM22),\n+#endif\n+#if NRF_SECURE_UART_INSTANCE == 30\n+ NRFX_PERIPHERAL_ID_GET(NRF_SPIM30),\n #endif\n\n #ifdef NRF_SPIM4\ndiff --git a/platform/ext/target/nordic_nrf/common/core/target_cfg.h b/platform/ext/target/nordic_nrf/common/core/target_cfg.h\nindex e430737c4..afa0f672a 100644\n--- a/platform/ext/target/nordic_nrf/common/core/target_cfg.h\n+++ b/platform/ext/target/nordic_nrf/common/core/target_cfg.h\n@@ -35,22 +35,22 @@\n #include \"tfm_plat_defs.h\"\n #include \"region_defs.h\"\n\n-// TODO: NCSDK-25009: Support configuring which UART is used by TF-M on nrf54L\n-\n #if NRF_SECURE_UART_INSTANCE == 0\n #define TFM_DRIVER_STDIO Driver_USART0\n #elif NRF_SECURE_UART_INSTANCE == 1\n #define TFM_DRIVER_STDIO Driver_USART1\n+#elif NRF_SECURE_UART_INSTANCE == 00\n+#define TFM_DRIVER_STDIO Driver_USART00\n+#elif NRF_SECURE_UART_INSTANCE == 20\n+#define TFM_DRIVER_STDIO Driver_USART20\n+#elif NRF_SECURE_UART_INSTANCE == 21\n+#define TFM_DRIVER_STDIO Driver_USART21\n+#elif NRF_SECURE_UART_INSTANCE == 22\n+#define TFM_DRIVER_STDIO Driver_USART22\n #elif NRF_SECURE_UART_INSTANCE == 30\n #define TFM_DRIVER_STDIO Driver_USART30\n #endif\n\n-#ifdef NRF54L15_ENGA_XXAA\n-#define NS_DRIVER_STDIO Driver_USART20\n-#else\n-#define NS_DRIVER_STDIO Driver_USART0\n-#endif\n-\n /**\n * \\brief Store the addresses of memory regions\n */","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: config of UART instances"}},{"before":"a829788f4645d709001926857aeb810f615cb4ef","after":"7b734feaad68ae53d98dbdd916d80d45ffda9a9f","ref":"refs/heads/main","pushedAt":"2024-04-25T08:29:30.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[noup] platform: nordic_nrf: Configure XL1/2 pin based on Kconfig\n\nFor Secure only builds on 53 there exists the Kconfig\nCONFIG_SOC_ENABLE_LFXO to define if the XL1 and XL2 pin should be\nconfigured to used for the LFXO oscillator. TF-M should have the same\nbehavior, to enable the possibility to use these pins for something else\n\nnoup as we don't have the NCS Kconfigs available in upstream TF-M,\nthe change to pull them in was done in the noup commit:\n1a178885e758b2a40a60a0dd419a29ed94236965\n\nRef: NCSDK-20678\nSigned-off-by: Markus Swarowsky \n\ndiff --git a/platform/ext/target/nordic_nrf/common/core/target_cfg.c b/platform/ext/target/nordic_nrf/common/core/target_cfg.c\nindex 81150740e..f1f0f1e4c 100644\n--- a/platform/ext/target/nordic_nrf/common/core/target_cfg.c\n+++ b/platform/ext/target/nordic_nrf/common/core/target_cfg.c\n@@ -1230,8 +1230,11 @@ static const uint8_t target_peripherals[] = {\n * register fields are not accessible. That's why it is placed here.\n */\n #ifdef NRF53_SERIES\n+#if defined(CONFIG_SOC_ENABLE_LFXO) && CONFIG_SOC_ENABLE_LFXO == 1\n+/* CONFIG_SOC_ENABLE_LFXO doesn't exist for 54L15 target, might be changed in future */\n nrf_gpio_pin_control_select(PIN_XL1, NRF_GPIO_PIN_SEL_PERIPHERAL);\n nrf_gpio_pin_control_select(PIN_XL2, NRF_GPIO_PIN_SEL_PERIPHERAL);\n+#endif /* CONFIG_SOC_ENABLE_LFXO */\n #endif\n #ifdef NRF54L15_ENGA_XXAA\n /* NRF54L has a different define */","shortMessageHtmlLink":"[noup] platform: nordic_nrf: Configure XL1/2 pin based on Kconfig"}},{"before":"be6042780b8f8e86ed9333e07d38b3c7f0160802","after":"a829788f4645d709001926857aeb810f615cb4ef","ref":"refs/heads/main","pushedAt":"2024-04-24T12:16:42.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] tfm: Detect wrong headers being included\n\nThis commit is a noup because we want an NCS specific error message.\n\nDetect wrong headers being included. See comment for details.\n\nSigned-off-by: Sebastian Bøe \nChange-Id: I23089b08cee5961a5800707ffb222e306004cfee","shortMessageHtmlLink":"[nrf noup] tfm: Detect wrong headers being included"}},{"before":"914545280fd8d8f65141398734685b924de10ad2","after":"be6042780b8f8e86ed9333e07d38b3c7f0160802","ref":"refs/heads/main","pushedAt":"2024-04-23T14:29:43.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf noup] platform: nordic_nrf: Add debug port support\n\nfixup! [nrf noup] platform: nordic_nrf: Add support for 54l\n\nThe Product spec says:\n To enable port protection access for both secure and non-secure modes,\n use the registers UICR.SECUREAPPROTECT and UICR.APPROTECT.\n\n Which is the same behavior than on the 91 platforms so TF-M doesn't\n need to do anything.\n\n Ref: NCSDK-25047\n\nSigned-off-by: Markus Swarowsky ","shortMessageHtmlLink":"[nrf noup] platform: nordic_nrf: Add debug port support"}},{"before":"9c8fa413ec47f59b35500b73210b6e8de4293fc0","after":"914545280fd8d8f65141398734685b924de10ad2","ref":"refs/heads/main","pushedAt":"2024-04-18T11:59:17.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"nordicjm","name":"Jamie","path":"/nordicjm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/40387179?s=80&v=4"},"commit":{"message":"[nrf noup] Support CMAC KDF and custom builtin solution\n\nAllows custom key-loader to be used for the PSA core and allows\nconfiguring CMAC KDF usage for PS.\n\nnoup-reason: PSA_ALG_SP800_108_COUNTER_CMAC is not available in upstream.\nAfter testing and verifying the solution (determining if we need further\nchanges) we should try to upstream this.\n\nSigned-off-by: Vidar Lillebø ","shortMessageHtmlLink":"[nrf noup] Support CMAC KDF and custom builtin solution"}},{"before":"42494c104f56e247443d89c316911b0ffc11f6bd","after":"9c8fa413ec47f59b35500b73210b6e8de4293fc0","ref":"refs/heads/main","pushedAt":"2024-04-16T11:58:06.000Z","pushType":"pr_merge","commitsCount":9,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf toup] platform: nordic_nrf: Add support shared UART and using UART0 instance\n\nfixup! [nrf noup] area: previous short log goes here\n\nsupport 54L as well.\n\nSigned-off-by: Sebastian Bøe \nChange-Id: I06171d72b7d55d45f9719c531fc551fa4be47641","shortMessageHtmlLink":"[nrf toup] platform: nordic_nrf: Add support shared UART and using UA…"}},{"before":"0cf4946d14e4b67eec9b5cc139a70469892ec068","after":"42494c104f56e247443d89c316911b0ffc11f6bd","ref":"refs/heads/main","pushedAt":"2024-04-15T08:41:16.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"mswarowsky","name":"Markus Swarowsky","path":"/mswarowsky","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/9447733?s=80&v=4"},"commit":{"message":"[nrf fromtree] TFMV-7: SPM: Fix ARoT to PRot data access vulnerability.\n\nPlease check the advisory document for details.\n\nSigned-off-by: Anton Komlev \nChange-Id: I3fc948c948379e5a36cc577bdbac7c5f7a2c3d1e\n\nRef: NCSDK-26942\n(cherry picked from commit e6f5d8c065115a2531128066a735cce1345f6197)\nSigned-off-by: Markus Swarowsky ","shortMessageHtmlLink":"[nrf fromtree] TFMV-7: SPM: Fix ARoT to PRot data access vulnerability."}},{"before":"5454e8edfcb240e564405cc92708716e5846770c","after":"0cf4946d14e4b67eec9b5cc139a70469892ec068","ref":"refs/heads/main","pushedAt":"2024-04-08T14:46:16.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf fromtree] Crypto: Add missing key derivation APIs in the interface\n\nFollowing APIs are in psa/crypto.h hence they need to be linkable\nby partitions/applications:\n\n* psa_key_derivation_input_integer\n* psa_key_derivation_verify_bytes\n* psa_key_derivation_verify_key\n\nOnly psa_key_derivation_input_integer is currently implemented by\nMbed TLS 3.5.0 as the PSA Crypto backend hence it's the only one\nrequiring full plumbing from interface through service up to the\nCrypto backend library call.\n\nSigned-off-by: Summer Qin \nChange-Id: I69f262e5a95e04935c8bec05b0b6b509f4b65ad4\n(cherry picked from commit cec79b0328125b6730879966261ddf1a869440c4)\nSigned-off-by: Vidar Lillebø ","shortMessageHtmlLink":"[nrf fromtree] Crypto: Add missing key derivation APIs in the interface"}},{"before":"a22fef345c7d2287636dab3b750348cc88e8e79f","after":"5454e8edfcb240e564405cc92708716e5846770c","ref":"refs/heads/main","pushedAt":"2024-03-26T12:32:43.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"anangl","name":"Andrzej Głąbek","path":"/anangl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/16913290?s=80&v=4"},"commit":{"message":"Revert \"[nrf noup] Add missing SPU funcs in target_cfg.c\"\n\nThis reverts commit a22fef345c7d2287636dab3b750348cc88e8e79f.\n\nSigned-off-by: Andrzej Głąbek ","shortMessageHtmlLink":"Revert \"[nrf noup] Add missing SPU funcs in target_cfg.c\""}},{"before":"d824e9483ba22a628e7c0a715fa6115103de9bc7","after":"a22fef345c7d2287636dab3b750348cc88e8e79f","ref":"refs/heads/main","pushedAt":"2024-03-22T15:06:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] Add missing SPU funcs in target_cfg.c\n\nAdd missing SPU functions for nRF54L15.\nSPU support in nrfx seems limited at the moment for\nnRF54L15 and this is a workaround.\nThat's a noup because we expect to revert it when\nsupport is more mature.\n\nRef: NCSDK-26277\n\nSigned-off-by: Georgios Vasilakis ","shortMessageHtmlLink":"[nrf noup] Add missing SPU funcs in target_cfg.c"}},{"before":"2a2e1ce5e80fa3893a7747728003552bf6cfef55","after":"d824e9483ba22a628e7c0a715fa6115103de9bc7","ref":"refs/heads/main","pushedAt":"2024-03-18T15:24:24.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rlubos","name":"Robert Lubos","path":"/rlubos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22167799?s=80&v=4"},"commit":{"message":"[nrf noup] crypto: Add PAKE support\n\nThis is noup commit as upstream TF-M relies on the mbed TLS PSA Core\nhat does not support the PAKE API's according to 1.2 at the moment.\nOnce this exists then this can be up streamed, or removed if TF-M adds\nit themself.\n\nAdded PAKE API support accoding the PSA crypto spec 1.2\n\nRef: NCSDK-22416\n\nChange-Id: Ie3254db411e21b0d9408ca1c81f74917be2e632f\nSigned-off-by: Markus Swarowsky ","shortMessageHtmlLink":"[nrf noup] crypto: Add PAKE support"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0wM1QxMzowMzowMS4wMDAwMDBazwAAAASrlf7N","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wMy0xOFQxNToyNDoyNC4wMDAwMDBazwAAAAQYsFoS"}},"title":"Activity · nrfconnect/sdk-trusted-firmware-m"}