Updated the document with the correct west build command,
and done some restructuring as well.
Signed-off-by: Rajkumar Kanagaraj <rajkumar.kanagaraj@linaro.org>
The current stm32l562_dk_ns has no flash partitions defined. This add
flash partitions following partition sizes that are compatible with
the TF-M platform defined at flash_layout.h and removes the redundant
overlays board files.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Exclude the non-secure TF-M application from being built by TF-M.
This also stops the building of the tfm_ns_api library that we were
linking against.
This library is defined by the tf-m regression tests.
Add the installed interface source files exported by the TF-M build
system compile them in the zephyr build system.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This defaults the TF-M regression tests to isolation level 2.
It is set in order to showcase a more secure configuration
by default. The default behavior of the sample is changed in
the prj.conf file. The yaml file which includes the test cases
enables testing for the three configurations: the library mode,
the IPC mode isolation level 1 and the IPC mode isolation level 2.
Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
As Zephyr currently requires CMake version 3.20.0, update all
occurrences of cmake_minimum_required.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
Scenarios sample.tfm.psa_test_crypto and
sample.tfm.psa_test_crypto require longer timeout to fully finish.
This commit increase them accordingly.
Signed-off-by: Maciej Perkowski <Maciej.Perkowski@nordicsemi.no>
Some TFM samples run different test suites/cases based on
which configurations are set.
Enumerate more of these.
For samples/tfm_integration/tfm_psa_test,
add the following new build configurations:
* Add CONFIG_TFM_PSA_TEST_STORAGE
* Add CONFIG_TFM_PSA_TEST_CRYPTO
* Add CONFIG_TMF_PSA_TEST_INITIAL_ATTESTATION
For samples/tfm_integration/tfm_regression_test,
add this to all build configurations:
* Add CONFIG_TFM_PARTITION_PROTECTED_STORAGE
* Add CONFIG_TFM_PARTITION_INTERNAL_TRUSTED_STORAGE
* Add CONFIG_TFM_PARTITION_CRYPTO
* Add CONFIG_TFM_PARTITION_INITIAL_ATTESTATION
* Add CONFIG_TFM_PARTITION_PLATFORM
* Add CONFIG_TFM_PARTITION_AUDIT_LOG
And build the above for CONFIG_TFM_IPC as well.
Signed-off-by: Torstein Grindvik <torstein.grindvik@nordicsemi.no>
Remove v1 implementation from log_core and all references in the tree.
Remove modules used by v1: log_list and log_msg.
Remove Kconfig v1 specific options.
Remove Kconfig flags used for distinction between v1 and v2.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
Set the TF-M profile type to none for TF-M integration samples.
If the default profile has been set to something else these samples may
fail.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
As per 'Adding Secure Partition' in the TF-M documentation,
every secure partition must have a unique 32-bit partition ID.
If no value is provided, one will be auto-allocated by the
TF-M build system, but this can lead to unpredictable behaviour
in some cases. One example is key derivation where the partition
ID is used as part of the key derivation inputs. Different builds
can results in different PID values being assigned, resulting
in inconsistent key derivation output.
To avoid these problems, this commit sets a fixed PID as a
best pratice.
A value of 1000 has been set to place it within the
'PSA and user Partitions' range (256 - 2999) described in the
documentation.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Adds mps3_an547_ns to certain TF-M samples to improve
testing in CI by including the Arm Cortex-M55 platform.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Removes lpcxpresso55s69_ns from certain sample.yaml files due
to changes required for TF-M 1.6.0 not being added to the
upstream project before the 1.6.0 release.
The NXP SDK available for download from NXP contains the required
updates, but these will need to be committed to TF-M, then made
available in the Zephyr fork, at which point the yaml files here can
have the LPC added back.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
mps2_an521 and mps3_an547 need yet more time with TFM 1.6 to pass their
tests. This change was recomended by RajKumar Kanagaraj. Thanks!
Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
The goal of this commit is to update existing STM32 boards descriptions
to use these size "DT_SIZE" macros to enhance readability. To realize this
i used a python script, which will detect the STM32 Boards
/zephyr/board/arm, and then will update in the dts files the partition
description using "DT_SIZE_K" and "DT_SIZE_M" macros.
Check manually and modify in .overlay files in samples and tests.
Signed-off-by: TLIG Dhaou <dhaou.tlig-ext@st.com>
In order to bring consistency in-tree, migrate all samples to the use
the new prefix <zephyr/...>. Note that the conversion has been scripted:
```python
from pathlib import Path
import re
EXTENSIONS = ("c", "h", "cpp", "rst")
for p in Path(".").glob("samples/**/*"):
if not p.is_file() or p.suffix and p.suffix[1:] not in EXTENSIONS:
continue
content = ""
with open(p) as f:
for line in f:
m = re.match(r"^(.*)#include <(.*)>(.*)$", line)
if (m and
not m.group(2).startswith("zephyr/") and
(Path(".") / "include" / "zephyr" / m.group(2)).exists()):
content += (
m.group(1) +
"#include <zephyr/" + m.group(2) +">" +
m.group(3) + "\n"
)
else:
content += line
with open(p, "w") as f:
f.write(content)
```
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
- Previously non-secure request at the 6th run expected to return status
"-135 (PSA_ERROR_INVALID_ARGUMENT)" which is the expected status so
updating "if" condition on the non-secure side handles this expected
type error status from the secure side.
- update sample YAML harness config regex of Digest message as this gets
compared at the run of twister.
- Update the readme console logs.
Signed-off-by: Rajkumar Kanagaraj <rajkumar.kanagaraj@linaro.org>
Prior instructions were incomplete, included extra, unneeded ways to
build the app.
This should simplify the instructions.
Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
Previously, you were required to set the image versions through the
CMake variables TFM_IMAGE_VERSION_{S,NS}. For better integration with
the rest of the zephyr build system, these are now KConfig variables
with the same name.
Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
This displays the secure firmware version before the nonsecure firmware
version at the beginning of boot.
Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
Previously, the example was a scheleton. This patch
pushes firmware images with psa_fwu_write, and completes
the firmware update example.
Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
This commit adds a sample application demonstrating how to use
the PSA Firmware Update API from TF-M. It also enables the
`FIRMWARE_UPDATE` partition to be included at build time.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Signed-off-by: Jimmy Brisson <jimmy.brisson@linaro.org>
Fix err and sys_token_sz not initialized when used.
Fix logging of uint32_t variables as signed.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix argument to psa_sign_hash call. Sending in the size of the hash
buffer instead of the size of the hash.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
According to Kconfig guidelines, boolean prompts must not start with
"Enable...". The following command has been used to automate the changes
in this patch:
sed -i "s/bool \"[Ee]nables\? \(\w\)/bool \"\U\1/g" **/Kconfig*
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Use the set of headers that the TF-M build system places in the
install output. Not all public header files are available in the
interface/include directory and the TF-M build system uses the install
mechanism of cmake to include additional headers based on platform
or configuration.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Following the work done to add TFM support on b_u585i_iot02a,
update other STM32 TFM enabled boards to benefit from the
progress made on TFM flashing instructions.
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
For functions returning nothing, there is no need to document
with @return, as Doxgen complains about "documented empty
return type of ...".
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This sample requires to much flash compared to nucleo_l552ze_q
available resources.
Remove it from this sample.
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
Due to a recent change in TFM, some more space should be allocated
to mcuboot flash partition (some space should be allocate for OTP)
(Cf commit db07170a34f ("Platform: Allocate space in flash for OTP")
in trusted-firmware-m repo)
Take this into account and increase mcuboot flash partition for
nucleo_l552ze_q_ns target.
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
Adds notes on how to run the two main test suites for TF-M using
the supplied sample applications.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Various obsolote and misnamed platfomrs in test filters theat went
undetected for a while.
Fixes#41222
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Remove the conditional attribute from the sample partition manifest.
The conditional behavior will change with TF-M 1.5 to only accept
cmake bool values on/off enabled/disabled true/false and is intended
to be generated by the build system.
Since the partition is supposed to always be enabled in the sample
there is no need to have a conditional for it.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
The sample implements a dummy ARoT (Application Root of Trust) partition
in TF-M and calls it from the app.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Update TF-M documentation to match the current integrated TF-M version.
Include mention of the Platform secure partition that can be enabled.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This is a first step towards demonstrating provisioning of X.509
certificates. The device certificate signing request is created using
Mbed TLS X.509 APIs. The elliptic curve key `SECP256R1` used to sign the
CSR is generated inside TF-M and Mbed TLS is configured to use TF-M for
crypto services. This approach will ensure that private key never
leaves secure side.
The CSR is encoded in JSON and is printed on the console.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@linaro.org>
Split the zephyr project maintained repository trusted-firmware-m into
forks of the individual upstream repositories.
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git
Upstream: TF-Mv1.4.1
Additions:
zephyr: module: Add zephyr module file
trusted-firmware-m: platform: lpcxpresso55s69: Update SDK
https://git.trustedfirmware.org/TF-M/tf-m-tests.git
Upstream: 51ff2bdfae043f6dd0813b000d928c4bda172660
Additions:
zephyr: module: Add module file for tf-m-tests
https://github.com/ARM-software/psa-arch-tests.git
Upstream: 60faad2ead1b967ec8e73accd793d3ed0e5c56bd
Additions:
zephyr: module: Add module file for psa-arch-tests
psa-arch-tests: Allow overriding of toolchain file
The organization of folders remain the same with the following
exceptions:
Moved:
root folder moved from modules/tee/tfm to modules/tee/tf-m to avoid
problems with west update.
zephyr/module.yml to trusted-firmware-m/zephyr/module.yml and
${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR} points to what was previously
${ZEPHYR_TRUSTED_FIRMWARE_M_MODULE_DIR}/trusted-firmware-m.
Added:
psa-arch-tests/zephyr/module.yml and ${ZEPHYR_PSA_ARCH_TESTS_MODULE_DIR}
tf-m-tests/zephyr/module/ and ${ZEPHYR_TF_M_TESTS_MODULE_DIR}
Removed:
init-git.sh
README.rst
Fixes: #39353
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Moving to Mbed TLS 3.0 changes some of the Mbed TLS to better match the
PSA spec. Fix up the things where we are affected by these API changes.
Signed-off-by: David Brown <david.brown@linaro.org>
Move to CMake 3.20.0.
At the Toolchain WG it was decided to move to CMake 3.20.0.
The main reason for increasing CMake version is better toolchain
support.
Better toolchain support is added in the following CMake versions:
- armclang, CMake 3.15
- Intel oneAPI, CMake 3.20
- IAR, CMake 3.15 and 3.20
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
This commit adds a high-level overview of Trusted Firmware-M,
describing the basic architecture and integration work with Zephyr.
Co-authored-by: Marti Bolivar <marti.bolivar@nordicsemi.no>
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Some devicetre overlays do not reflect the recent rename to make NS
variants of boards with TF-M support have more consistent names; fix
it.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
We add a test variant in tfm_ipc test, to validate the
scenario where TF-M is built without BL2 (MCUboot). We
test this on QEMU only (MPS2 AN521).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Due to changes in flash_layout.h for STM32L562, in the current
TF-M module update, we need to modify the DTS overlay files in
the TF-M samples where the board is supported.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
NS regression tests are hanging on qemu for AN521. The problem is
present in the upstream project as well (issue is filed) so disable
the tests for now on QEMU.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Switch to calling the sys_arch_reboot() API directly,
instead of going through the generic sys_reboot API.
This is to avoid locking the IRQs before the reset is
called, which is breaking the PSA call execution.
Also, align sample code to use the same secure service
(platform reset) to show case the PSA connect and close
APIs, instead of a random one (since the reset service
has to work to ultimately perform the system reset).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit updates the NS board variant from
`nrf9160dk_nrf9160ns` to `nrf9160dk_nrf9160_ns`
to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit updates the NS board variant from
`nrf5340dk_nrf5340_cpuappns` to `nrf5340dk_nrf5340_cpuapp_ns`
to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit update the NS board variant from
`v2m_musca_s1_nonsecure` to `v2m_musca_s1_ns` to maintain
consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit update the NS board variant from
`v2m_musca_b1_nonsecure` to `v2m_musca_b1_ns` to maintain
consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit update the NS board variant from `mps2_an521_nonsecure`
to `mps2_an521_ns` to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
This commit update the NS board variant from `bl5340_dvk_cpuappns`
to `bl5340_dvk_cpuapp_ns` to maintain consistency across zephyr.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Include the lpcxpresso55s69_ns board to the list of platforms
that support running the sample for the TF-M regression tests.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Removing the CONFIG_TEST=y setting from the TF-M
integration samples prj.conf. TEST does not need
to be enabled in these samples.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The README.rst in `samples/tfm_integration/tfm_ipc` was incorrectly
referring to `psa_level_1`. README.rst has been updated to refer to
`tfm_ipc` example.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@linaro.org>
The example in folder `samples/tfm_integration/psa_level_1` contains
code that demonstrate usage of PSA crypto APIs in Zephyr rather than the
PSA levels. Therefore renaming the sample as `psa_crypto`.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@linaro.org>
This commit extends the psa_level_1 sample's use of the PSA
Cryptography 1.0 API to demonstrate the following functionality:
- Generate a persistent key (secp256r1)
- Display the public key based on the private key above
- Calculates the SHA256 hash of a payload
- Signs the hash with the persistent key
- Verifies the signature using the public key
- Destroys the key
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
The AUDIT_LOG partition cannot be used in TF-M builds
with the IPC mode (CONFIG_TFM_IPC=y); we have added a
relevant dependency for this. So we can cleanup the
CONFIG_TFM_PARTITION_AUDIT_LOG=n from the configuration
files of the samples.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Update overlay file for nucleo_l552ze_q_ns board,
since now the sample does not enable REGRESSION,
and thus regular TF-M flash layout for the board
is used.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Removes the dependency on the external test service from the
CONFIG_TFM_REGRESSION_S test suite, instead
demonstrating how to make direct IPC calls to the CRYPTO
service that is available as a part of standard TF-M builds.
Signed-off-by: Kevin Townsend <kevin.townsend@linaro.org>
Instead of exposing publicly the TF-M NS interface include
directories, we include them when we build relevant projects.
This is required, as the TF-M include directories contains
psa crypto sources that are also provided by the mbedtls
crypto module. The downside of this solution is that the
TF-M includes need to be added explicitly in each application
that uses TF-M APIs.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit allows a subsystem to specify additional CMake flags to be
given to the TF-M build.
The additional CMake flags can be provided through the TFM_CMAKE_OPTIONS
property on the zephyr_property_target.
Using the zephyr_property_target allows Zephyr modules to append extra
TFM_CMAKE_OPTIONS regardless of the CMake processing order.
It splits the ExternalProject_Add into a two step process with the CMake
invocation executed using add_custom_target() and the build process
using ExternalProject_Add(). The reason for this split is because CMake
generator expressions passed through ExternalProject_Add to CMake will
quoted so that `$<TARGET_PROPERTY:<tgt>,<prop>>` becomes
`"-DFOO=bar -DBAR=foo"` instead of `-DFOO=bar -DBAR=foo` which again
results in CMake failures.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
TF-M NS interface is initialized by the TF-M module
code, so it does not need to be re-initialized in the
sample code.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add new kconfigs
Include the ns-app built by TF-M build system for regression tests
Update tfm_ipc sample to use new kconfig
Signed-off-by: Andreas Vibeto <andreas.vibeto@nordicsemi.no>
Add nucleo_l552ze_q_ns boards to the list of platforms
that can build and run the psa_level1 tf-m integration
sample. We add a dts overlay as well.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We do not need to force TFM Isolation Level 2 for the
STM32 board that can build with TM-M. We remove the
respective Kconfig setting. We also remove the Kconfig
overlay for STM32L562 board in the psa_level1 sample,
which was used for forcing Isolation Level 1; this is
not needed any more.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
To allow using TFM NS interface without enabling
CMSIS_RTOS V2 support. And to allow using TFM NS
code that uses logging.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Rename lib.
Disable AUDIT_LOG in regression sample because of a bug upstream.
Update stm32l562e_dk_ns overlay.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
This commit enables the TF-M IPC sample application on stm32l562e_dk
board.
It provides device tree flash partition as an overlay in order to
configure and flash the bl2, secure/non secure firmwares.
Signed-off-by: Yestin Sun <sunyi0804@gmail.com>
Now that we have consolidated tf-m signing, the combined
binary is always named tfm_merged, so we need to modify
the QEMU targets in the tfm-integration samples.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Place the new signing code in the TFM module CMakeLists.txt.
Make some small tweaks and add a sentence to the docs.
In the process, make a few changes to the signing code:
- Change some names of files created.
- Minimize the number of files created.
- Use hex files instead of bin files. This is so we don't need to know
the offset when creating hex files from bin files.
Also add signing for MCUBOOT_IMAGE_NUMBER=1 based on the code from the
v2m_musca_b1 board, though, this board does not build with =1 now
because of (I assume) some flash aliasing which places the S and NS
images 0x10000000 apart, where the manual algorithm places them next to
each other. It builds with =2, though.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Remove missing printout, and add the last line of printout.
Note that it's not possible to run this on hardware using Twister as of
now, since west flash will not flash tfm_s.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Musca-S1 is a Cortex-M33 based SoC. It's similar to the
Musca-B1, but among other things the embedded flash has
been replaced with embedded MRAM (eMRAM) memory.
The Musca-S1 files have been created based on the Musca-B1
SoC and board files.
Add the Musca-S1 board to the list of allowed platforms
for the TF-M integration examples.
Change-Id: I4f517d28d0a5b8c4a3fc3fab73adb5519acfc3c2
Signed-off-by: David Vincze <david.vincze@linaro.org>
Add a section about executable files produced by the build, as well as
how to access them.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Remove the DTS overlay files for nRF5340 DK and PDK,
since the SRAM partition changes are matching the
default SRAM partitioning in these boards.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add Kconfig options that will be used by the module
to call the function with the desired parameters.
Refactor the tfm_integration samples and
the supported boards.
Update west.yml to bring in Cmake changes that use the new KConfigs.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Make it easier to add TF-M in an app by selecting and implying the
necessary configs so the app doesn't have to specify the configs itself.
Remove unneeded configs from the prj.conf files in the tfm samples.
Also, fix case in key file name.
Signed-off-by: Øyvind Rønningstad <oyvind.ronningstad@nordicsemi.no>
Add support for nRF5340 DK in the TF-M integration
samples (nrf5340dk_nrf5340_cpuappns build target).
Add the required DTS overlays needed for the samples
to build and run successfully.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Add nucleo_l552ze_q_ns board to the allowed list of platforms
for the tfm_ipc sample. This allows the sample to be built for
the nucleo_l552ze_q_ns platform by sanity check.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Fix the name of the sample in the .yaml file so it matches
the sample directory, and does not collide with tfm_ipc.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
