From 14bd2e9d039e178521ca66ff501bcb0e2687d584 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Tue, 13 Aug 2024 16:21:21 +0200 Subject: [PATCH 001/217] manifest: update manifest for upmerge Updates manifest for upmerge Signed-off-by: Bjarki Arge Andreasen --- west.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/west.yml b/west.yml index 06a328bc7203..8321530d5ce5 100644 --- a/west.yml +++ b/west.yml @@ -72,7 +72,7 @@ manifest: # https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/zephyr/guides/modules.html - name: zephyr repo-path: sdk-zephyr - revision: 8005d4e87b9bcba25f441a51f4f5d29b541022b9 + revision: 775af134b1b6b370769f0a9eb700326f176f3ad1 import: # In addition to the zephyr repository itself, NCS also # imports the contents of zephyr/west.yml at the above @@ -140,7 +140,7 @@ manifest: compare-by-default: true - name: mcuboot repo-path: sdk-mcuboot - revision: 763edd653b1b9a5efd643221333e9ea16767da11 + revision: 22adc04fc4b35a6ee477675c8a33e038a98258de path: bootloader/mcuboot - name: qcbor url: https://github.com/laurencelundblade/QCBOR @@ -149,19 +149,19 @@ manifest: - name: mbedtls path: modules/crypto/mbedtls repo-path: sdk-mbedtls - revision: v3.5.2-ncs2 + revision: 2e24f78c02d34d1fe0fb0933bd6c2b0357c8a5d2 - name: oberon-psa-crypto path: modules/crypto/oberon-psa-crypto repo-path: sdk-oberon-psa-crypto - revision: 5bfe42c2375204e38a067fe15bd33d581fbfbd01 + revision: b41e899e7302462eb952b0b6a7c6903e368fb395 - name: nrfxlib repo-path: sdk-nrfxlib path: nrfxlib - revision: 84e2649fd9b2edab85d40c32ed8d16c8d16031cd + revision: 93309673d14e3c4bf406ea73d55435354eeca75e - name: trusted-firmware-m repo-path: sdk-trusted-firmware-m path: modules/tee/tf-m/trusted-firmware-m - revision: 9f68daeafd7b662c96d6fdf61c83222248e3ed9f + revision: 9573717cc8c078326fceb2869fe029e98615723b - name: psa-arch-tests repo-path: sdk-psa-arch-tests path: modules/tee/tf-m/psa-arch-tests @@ -169,7 +169,7 @@ manifest: - name: matter repo-path: sdk-connectedhomeip path: modules/lib/matter - revision: 89eb37b47ca8e4b9d309c431bde30bdb19d07577 + revision: a5bd0170c9d1257b10e1f4d80fae99cba83cc7bc west-commands: scripts/west/west-commands.yml submodules: - name: nlio @@ -218,12 +218,12 @@ manifest: compare-by-default: false - name: sidewalk repo-path: sdk-sidewalk - revision: 34856b20d97fbd19123aada99ceb4530fca7253c + revision: 437ef188aa9256e4cf227589ac34217e99ba5bb4 groups: - sidewalk - name: find-my repo-path: sdk-find-my - revision: 71a5358138fc6aaffac8ff9b478f693b919bd53b + revision: 2f5a081d933212d08ccb7e9f7c6f15ba5ca81a06 groups: - find-my - name: azure-sdk-for-c @@ -274,7 +274,7 @@ manifest: remote: throwtheswitch - name: memfault-firmware-sdk path: modules/lib/memfault-firmware-sdk - revision: 1.6.0 + revision: 1.12.0 remote: memfault - name: ant repo-path: sdk-ant From 3d99277b2c53d757fdc634f1dd4ae356f741d3fd Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Mon, 23 Sep 2024 15:20:27 +0200 Subject: [PATCH 002/217] lib: date_time: define _POSIX_C_SOURCE for gmtime_r We need to define _POSIX_C_SOURCE to include gmtime_r from the standard library. Include minimum required _POSIX_C_SOURCE version. Signed-off-by: Bjarki Arge Andreasen --- lib/date_time/date_time_core.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/date_time/date_time_core.c b/lib/date_time/date_time_core.c index 45f2aca435b8..0953e6e062b5 100644 --- a/lib/date_time/date_time_core.c +++ b/lib/date_time/date_time_core.c @@ -4,6 +4,9 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ +#undef _POSIX_C_SOURCE +#define _POSIX_C_SOURCE 200809L /* Required for gmtime_r */ + #include #include #include From f96c838aaafe37f83daeed7a673853bd0827ddd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 09:11:54 +0200 Subject: [PATCH 003/217] libraries: Change autoconf.h to zephyr/autoconf.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -During the last Zephyr upmerge the includes changed from autoconf.h to zephyr/autoconf.h which this commit fixes for the following: - TF-M header for IOCTL API - Out-of-tree device nrf device integration for TF-M - HW unique key library (and sysbuild) - lwm2m_carrier (sysbuild) - Bootloader (Partition Manager) - Netboot (Partition Manager) - Lots of Partition Manager yml files Signed-off-by: Frank Audun Kvamtrø --- include/hw_unique_key.h | 2 +- include/tfm/tfm_ioctl_api.h | 2 +- lib/bin/lwm2m_carrier/pm.yml.lwm2m_carrier | 2 +- lib/hw_unique_key/pm.yml.huk | 2 +- .../tfm_boards/board/RTE_Device.h | 2 +- .../tfm_boards/board/device_cfg.h | 2 +- .../tfm_boards/board/nrf_board.h | 2 +- .../tfm_boards/board/tfm_peripherals_config.h | 2 +- .../tfm_boards/common/assert.c | 2 +- .../tfm_boards/common/tfm_hal_platform.c | 2 +- .../tfm_boards/include/zephyr/sys/__assert.h | 2 +- .../tfm_boards/include/zephyr/sys/check.h | 2 +- .../tfm_boards/partition/flash_layout.h | 2 +- .../tfm_boards/src/tfm_ioctl_ns_api.c | 2 +- samples/bootloader/pm.yml | 2 +- samples/nrf5340/netboot/pm.yml | 2 +- .../secure_peripheral_partition.c | 2 +- .../partition_manager/partition_manager.rst | 2 +- subsys/nrf_security/tfm/CMakeLists.txt | 21 ++++++------------- subsys/partition_manager/pm.yml.emds | 2 +- subsys/partition_manager/pm.yml.file_system | 2 +- subsys/partition_manager/pm.yml.fmfu | 2 +- subsys/partition_manager/pm.yml.libmodem | 2 +- subsys/partition_manager/pm.yml.mcuboot | 2 +- subsys/partition_manager/pm.yml.memfault | 2 +- subsys/partition_manager/pm.yml.modem_trace | 2 +- subsys/partition_manager/pm.yml.nvs | 2 +- subsys/partition_manager/pm.yml.pcd | 2 +- subsys/partition_manager/pm.yml.pgps | 2 +- subsys/partition_manager/pm.yml.rpmsg_nrf53 | 2 +- .../pm.yml.secure_boot_storage | 2 +- subsys/partition_manager/pm.yml.settings | 2 +- subsys/partition_manager/pm.yml.tfm | 2 +- subsys/partition_manager/pm.yml.vpr_launcher | 2 +- subsys/partition_manager/pm.yml.zboss | 2 +- .../suit/cache/src/suit_dfu_cache_internal.h | 2 +- 36 files changed, 41 insertions(+), 50 deletions(-) diff --git a/include/hw_unique_key.h b/include/hw_unique_key.h index c2aefe0e09da..125fa28b46ee 100644 --- a/include/hw_unique_key.h +++ b/include/hw_unique_key.h @@ -26,7 +26,7 @@ extern "C" { #include #if defined(__NRF_TFM__) -#include +#include #endif #include diff --git a/include/tfm/tfm_ioctl_api.h b/include/tfm/tfm_ioctl_api.h index ca5086f39a6c..07184476f7a4 100644 --- a/include/tfm/tfm_ioctl_api.h +++ b/include/tfm/tfm_ioctl_api.h @@ -26,7 +26,7 @@ /* Include core IOCTL services */ #include -#include +#include #if CONFIG_FW_INFO #include diff --git a/lib/bin/lwm2m_carrier/pm.yml.lwm2m_carrier b/lib/bin/lwm2m_carrier/pm.yml.lwm2m_carrier index 06cb563d6027..954c706ae6dc 100644 --- a/lib/bin/lwm2m_carrier/pm.yml.lwm2m_carrier +++ b/lib/bin/lwm2m_carrier/pm.yml.lwm2m_carrier @@ -1,4 +1,4 @@ -#include +#include lwm2m_carrier: placement: diff --git a/lib/hw_unique_key/pm.yml.huk b/lib/hw_unique_key/pm.yml.huk index 666eae168d3e..bfe11ff5c113 100644 --- a/lib/hw_unique_key/pm.yml.huk +++ b/lib/hw_unique_key/pm.yml.huk @@ -1,4 +1,4 @@ -#include +#include # Use the last partition in flash to store the Hardware Unique Key (HUK) # The size of the partition matches the fprotect block size since it will diff --git a/modules/trusted-firmware-m/tfm_boards/board/RTE_Device.h b/modules/trusted-firmware-m/tfm_boards/board/RTE_Device.h index 8dc751dae641..72211f035232 100644 --- a/modules/trusted-firmware-m/tfm_boards/board/RTE_Device.h +++ b/modules/trusted-firmware-m/tfm_boards/board/RTE_Device.h @@ -7,7 +7,7 @@ #ifndef __RTE_DEVICE_H #define __RTE_DEVICE_H -#include +#include /* ARRAY_SIZE causes a conflict as it is defined both by TF-M and indirectly by devicetree.h */ #undef ARRAY_SIZE diff --git a/modules/trusted-firmware-m/tfm_boards/board/device_cfg.h b/modules/trusted-firmware-m/tfm_boards/board/device_cfg.h index ef2bfbacaa27..d22a2ab73eb7 100644 --- a/modules/trusted-firmware-m/tfm_boards/board/device_cfg.h +++ b/modules/trusted-firmware-m/tfm_boards/board/device_cfg.h @@ -7,7 +7,7 @@ #ifndef DEVICE_CFG_H__ #define DEVICE_CFG_H__ -#include +#include /* ARRAY_SIZE causes a conflict as it is defined both by TF-M and indirectly by devicetree.h */ #undef ARRAY_SIZE diff --git a/modules/trusted-firmware-m/tfm_boards/board/nrf_board.h b/modules/trusted-firmware-m/tfm_boards/board/nrf_board.h index 271377a0df5b..ff42640792fc 100644 --- a/modules/trusted-firmware-m/tfm_boards/board/nrf_board.h +++ b/modules/trusted-firmware-m/tfm_boards/board/nrf_board.h @@ -7,7 +7,7 @@ #ifndef NRF_BOARD_H__ #define NRF_BOARD_H__ -#include +#include #include #include diff --git a/modules/trusted-firmware-m/tfm_boards/board/tfm_peripherals_config.h b/modules/trusted-firmware-m/tfm_boards/board/tfm_peripherals_config.h index 5e937e735af7..6bb59df8c4df 100644 --- a/modules/trusted-firmware-m/tfm_boards/board/tfm_peripherals_config.h +++ b/modules/trusted-firmware-m/tfm_boards/board/tfm_peripherals_config.h @@ -11,7 +11,7 @@ extern "C" { #endif -#include +#include #include #define TFM_PERIPHERAL_DCNF_SECURE CONFIG_NRF_DCNF_SECURE diff --git a/modules/trusted-firmware-m/tfm_boards/common/assert.c b/modules/trusted-firmware-m/tfm_boards/common/assert.c index e02d9cbd3d0f..b711ecfa26fe 100644 --- a/modules/trusted-firmware-m/tfm_boards/common/assert.c +++ b/modules/trusted-firmware-m/tfm_boards/common/assert.c @@ -5,7 +5,7 @@ */ #include -#include "autoconf.h" +#include "zephyr/autoconf.h" #include "region_defs.h" #include "utilities.h" diff --git a/modules/trusted-firmware-m/tfm_boards/common/tfm_hal_platform.c b/modules/trusted-firmware-m/tfm_boards/common/tfm_hal_platform.c index ca8919ea96ac..c8d2da1a19a0 100644 --- a/modules/trusted-firmware-m/tfm_boards/common/tfm_hal_platform.c +++ b/modules/trusted-firmware-m/tfm_boards/common/tfm_hal_platform.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #if defined(TFM_PARTITION_CRYPTO) && defined(CONFIG_HAS_HW_NRF_CC3XX) #include diff --git a/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/__assert.h b/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/__assert.h index a01b1d844be5..ff0c7f6533db 100644 --- a/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/__assert.h +++ b/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/__assert.h @@ -15,7 +15,7 @@ * The functionality will be forwarded to TF-M equivalent of the Zephyr API. */ -#include +#include #include "tfm_sp_log.h" #include "utilities.h" diff --git a/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/check.h b/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/check.h index 361a83c417bb..a8ab39506a77 100644 --- a/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/check.h +++ b/modules/trusted-firmware-m/tfm_boards/include/zephyr/sys/check.h @@ -15,7 +15,7 @@ * The functionality will be forwarded to TF-M equivalent of the Zephyr API. */ -#include +#include #include /* Note: diff --git a/modules/trusted-firmware-m/tfm_boards/partition/flash_layout.h b/modules/trusted-firmware-m/tfm_boards/partition/flash_layout.h index a0ad53009780..4c4cef76c664 100644 --- a/modules/trusted-firmware-m/tfm_boards/partition/flash_layout.h +++ b/modules/trusted-firmware-m/tfm_boards/partition/flash_layout.h @@ -8,7 +8,7 @@ #define __FLASH_LAYOUT_H__ #include -#include +#include /* This header file is included from linker scatter file as well, where only a * limited C constructs are allowed. Therefore it is not possible to include diff --git a/modules/trusted-firmware-m/tfm_boards/src/tfm_ioctl_ns_api.c b/modules/trusted-firmware-m/tfm_boards/src/tfm_ioctl_ns_api.c index 585179e29833..4ad48f9516ed 100644 --- a/modules/trusted-firmware-m/tfm_boards/src/tfm_ioctl_ns_api.c +++ b/modules/trusted-firmware-m/tfm_boards/src/tfm_ioctl_ns_api.c @@ -8,7 +8,7 @@ #include #include -#include +#include #include static int status2err(enum tfm_platform_err_t status, uint32_t result) diff --git a/samples/bootloader/pm.yml b/samples/bootloader/pm.yml index f3d3d7b15165..ff124043e38e 100644 --- a/samples/bootloader/pm.yml +++ b/samples/bootloader/pm.yml @@ -1,4 +1,4 @@ -#include +#include b0: size: CONFIG_PM_PARTITION_SIZE_B0_IMAGE diff --git a/samples/nrf5340/netboot/pm.yml b/samples/nrf5340/netboot/pm.yml index d57b4bdee88a..0197a1d313a6 100644 --- a/samples/nrf5340/netboot/pm.yml +++ b/samples/nrf5340/netboot/pm.yml @@ -1,4 +1,4 @@ -#include +#include b0n: size: CONFIG_B0N_SIZE diff --git a/samples/tfm/tfm_secure_peripheral/secure_peripheral_partition/secure_peripheral_partition.c b/samples/tfm/tfm_secure_peripheral/secure_peripheral_partition/secure_peripheral_partition.c index c37b3468980b..bbadad492e5c 100644 --- a/samples/tfm/tfm_secure_peripheral/secure_peripheral_partition/secure_peripheral_partition.c +++ b/samples/tfm/tfm_secure_peripheral/secure_peripheral_partition/secure_peripheral_partition.c @@ -19,7 +19,7 @@ #include "util.h" -#include +#include #include #define BUTTON_PIN DT_GPIO_PIN(DT_NODELABEL(button0), gpios) diff --git a/scripts/partition_manager/partition_manager.rst b/scripts/partition_manager/partition_manager.rst index 91bf26a7aed9..716018f75fe8 100644 --- a/scripts/partition_manager/partition_manager.rst +++ b/scripts/partition_manager/partition_manager.rst @@ -420,7 +420,7 @@ The information extracted from devicetree is the alignment value for some partit .. code-block:: yaml - #include + #include #include b0: diff --git a/subsys/nrf_security/tfm/CMakeLists.txt b/subsys/nrf_security/tfm/CMakeLists.txt index 0525af5c9752..64d45b222885 100644 --- a/subsys/nrf_security/tfm/CMakeLists.txt +++ b/subsys/nrf_security/tfm/CMakeLists.txt @@ -3,17 +3,7 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # - -# This file is nrf_security's entry-point for the TF-M build system -set(BUILD_INSIDE_TFM True) - -set(west_root_dir ${CMAKE_CURRENT_LIST_DIR}/../../../..) - -set(NRFXLIB_DIR ${west_root_dir}/nrfxlib) -set(NRF_SECURITY_ROOT ${CMAKE_CURRENT_LIST_DIR}/..) - -set(ZEPHYR_NRF_MODULE_DIR ${NRF_DIR}) -set(ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR ${west_root_dir}/modules/crypto/oberon-psa-crypto) +include(${TFM_EXTRA_CONFIG_PATH}) include(${NRF_SECURITY_ROOT}/cmake/extensions.cmake) @@ -25,7 +15,7 @@ set(mbedtls_target ${MBEDTLS_TARGET_PREFIX}mbedtls) # Building nrf security for TF-M implies the following: # - Parse NRF_SECURITY_SETTINGS into CMake variables. # Variables transferred from Zephyr to nRF Security TF-M build includes: -# - /zephyr/.config +# - /zephyr/.configc # - GCC_M_CPU # - ARM_MBEDTLS_PATH # - autoconf.h @@ -63,7 +53,7 @@ set(CONFIG_MBEDTLS_MD_C False) # control of the CryptoCell. Therefore, specifically for building TF-M we # enable it manually. if(CONFIG_HAS_HW_NRF_CC3XX) - set(CONFIG_NRF_CC3XX_PLATFORM True) + set(CONFIG_NRF_CC3XX_PLATFORM True) endif() # Disable threading for TF-M SPM image @@ -86,10 +76,11 @@ set(CONFIG_BUILD_WITH_TFM False) # Enable the MBEDTLS_ENABLE_HEAP configuration since TF-M implements heap in crypto_init.c set(CONFIG_MBEDTLS_ENABLE_HEAP True) +# Ensure that RNG is not usling legacy code set(CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG True) -# TF-M build require that PSA Crypto APIs are compiled -set(COMPILE_PSA_APIS True) +# Ensure that PSA core is built inside TF-M image +set(CONFIG_MBEDTLS_PSA_CRYPTO_C True) if ("${PROJECT_NAME}" STREQUAL "Bootloader") set(CONFIG_CC3XX_MBEDTLS_RSA_C True) diff --git a/subsys/partition_manager/pm.yml.emds b/subsys/partition_manager/pm.yml.emds index 16f94977c973..fc9115002104 100644 --- a/subsys/partition_manager/pm.yml.emds +++ b/subsys/partition_manager/pm.yml.emds @@ -1,4 +1,4 @@ -#include +#include emds_storage: placement: diff --git a/subsys/partition_manager/pm.yml.file_system b/subsys/partition_manager/pm.yml.file_system index 4476d0c337e7..7ca2530bf78c 100644 --- a/subsys/partition_manager/pm.yml.file_system +++ b/subsys/partition_manager/pm.yml.file_system @@ -1,4 +1,4 @@ -#include +#include littlefs_storage: placement: diff --git a/subsys/partition_manager/pm.yml.fmfu b/subsys/partition_manager/pm.yml.fmfu index db6b606baeff..4c2242a9703a 100644 --- a/subsys/partition_manager/pm.yml.fmfu +++ b/subsys/partition_manager/pm.yml.fmfu @@ -1,4 +1,4 @@ -#include +#include fmfu_storage: placement: {before: [end]} diff --git a/subsys/partition_manager/pm.yml.libmodem b/subsys/partition_manager/pm.yml.libmodem index f8879ba86b57..88171f3b3013 100644 --- a/subsys/partition_manager/pm.yml.libmodem +++ b/subsys/partition_manager/pm.yml.libmodem @@ -1,4 +1,4 @@ -#include +#include nrf_modem_lib_sram: span: [nrf_modem_lib_ctrl, nrf_modem_lib_tx, nrf_modem_lib_rx, nrf_modem_lib_trace] diff --git a/subsys/partition_manager/pm.yml.mcuboot b/subsys/partition_manager/pm.yml.mcuboot index acec00f53207..40c1b13e28c3 100644 --- a/subsys/partition_manager/pm.yml.mcuboot +++ b/subsys/partition_manager/pm.yml.mcuboot @@ -1,4 +1,4 @@ -#include +#include mcuboot_sram: #ifdef CONFIG_MCUBOOT_USE_ALL_AVAILABLE_RAM diff --git a/subsys/partition_manager/pm.yml.memfault b/subsys/partition_manager/pm.yml.memfault index efbecdc7bb4a..b95486fb7eac 100644 --- a/subsys/partition_manager/pm.yml.memfault +++ b/subsys/partition_manager/pm.yml.memfault @@ -1,4 +1,4 @@ -#include +#include memfault_storage: placement: diff --git a/subsys/partition_manager/pm.yml.modem_trace b/subsys/partition_manager/pm.yml.modem_trace index 59d6aa44903e..fc0bf62748e4 100644 --- a/subsys/partition_manager/pm.yml.modem_trace +++ b/subsys/partition_manager/pm.yml.modem_trace @@ -1,4 +1,4 @@ -#include +#include modem_trace: placement: {before: [end]} diff --git a/subsys/partition_manager/pm.yml.nvs b/subsys/partition_manager/pm.yml.nvs index 8bbdcd3f49d4..8127e3ca01d3 100644 --- a/subsys/partition_manager/pm.yml.nvs +++ b/subsys/partition_manager/pm.yml.nvs @@ -1,4 +1,4 @@ -#include +#include # In nRF54L15 we place the TF-M non-secure storage partitions after the # TF-M non-secure application to avoid splitting the secure/non-secure diff --git a/subsys/partition_manager/pm.yml.pcd b/subsys/partition_manager/pm.yml.pcd index a7c9ec95353a..d0dde2cc1239 100644 --- a/subsys/partition_manager/pm.yml.pcd +++ b/subsys/partition_manager/pm.yml.pcd @@ -1,4 +1,4 @@ -#include +#include # This block of RAM is used for communicating Network Core firmware update # metadata diff --git a/subsys/partition_manager/pm.yml.pgps b/subsys/partition_manager/pm.yml.pgps index a04390b2db32..1de3deebe426 100644 --- a/subsys/partition_manager/pm.yml.pgps +++ b/subsys/partition_manager/pm.yml.pgps @@ -1,4 +1,4 @@ -#include +#include pgps: placement: diff --git a/subsys/partition_manager/pm.yml.rpmsg_nrf53 b/subsys/partition_manager/pm.yml.rpmsg_nrf53 index 6db564da5678..b60bd9e08e1e 100644 --- a/subsys/partition_manager/pm.yml.rpmsg_nrf53 +++ b/subsys/partition_manager/pm.yml.rpmsg_nrf53 @@ -1,4 +1,4 @@ -#include +#include # This block of RAM is used for IPC rpmsg_nrf53_sram: diff --git a/subsys/partition_manager/pm.yml.secure_boot_storage b/subsys/partition_manager/pm.yml.secure_boot_storage index 050ef47f4332..14f15691ff8e 100644 --- a/subsys/partition_manager/pm.yml.secure_boot_storage +++ b/subsys/partition_manager/pm.yml.secure_boot_storage @@ -1,4 +1,4 @@ -#include +#include provision: size: CONFIG_PM_PARTITION_SIZE_PROVISION diff --git a/subsys/partition_manager/pm.yml.settings b/subsys/partition_manager/pm.yml.settings index 4f0de177d746..c3044696c023 100644 --- a/subsys/partition_manager/pm.yml.settings +++ b/subsys/partition_manager/pm.yml.settings @@ -1,4 +1,4 @@ -#include +#include # In nRF54L15 we place the TF-M non-secure storage partitions after the # TF-M non-secure application to avoid splitting the secure/non-secure diff --git a/subsys/partition_manager/pm.yml.tfm b/subsys/partition_manager/pm.yml.tfm index b0c60768d0a1..0f4a63dfb3e0 100644 --- a/subsys/partition_manager/pm.yml.tfm +++ b/subsys/partition_manager/pm.yml.tfm @@ -1,4 +1,4 @@ -#include +#include tfm_sram: placement: {after: [start]} diff --git a/subsys/partition_manager/pm.yml.vpr_launcher b/subsys/partition_manager/pm.yml.vpr_launcher index 3eae60d1f35f..ff00e2a01dd4 100644 --- a/subsys/partition_manager/pm.yml.vpr_launcher +++ b/subsys/partition_manager/pm.yml.vpr_launcher @@ -1,4 +1,4 @@ -#include +#include vpr_launcher: placement: {before: app} diff --git a/subsys/partition_manager/pm.yml.zboss b/subsys/partition_manager/pm.yml.zboss index e18cd608c967..13e7ac9ccf97 100644 --- a/subsys/partition_manager/pm.yml.zboss +++ b/subsys/partition_manager/pm.yml.zboss @@ -1,4 +1,4 @@ -#include +#include zboss_nvram: placement: diff --git a/subsys/suit/cache/src/suit_dfu_cache_internal.h b/subsys/suit/cache/src/suit_dfu_cache_internal.h index 99b5a0dc616b..43a1c5a9b844 100644 --- a/subsys/suit/cache/src/suit_dfu_cache_internal.h +++ b/subsys/suit/cache/src/suit_dfu_cache_internal.h @@ -12,7 +12,7 @@ #include #include #include -#include +#include /* Adding 5 bytes for bstring header and 1 byte for indefinite map header and * 9 bytes for tstr From 3e69b280dbb2f93bf252c72f4b56df3532f22079 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 10:33:15 +0200 Subject: [PATCH 004/217] tf-m: Replace deprecated z_arch_esf_t types MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -There is a deprecation of "z_arch_esf_t" in favor of using the type "struct arch_esf" that is changed in fault handling code for TF-M. This commit fixes this Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/fault.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/modules/trusted-firmware-m/fault.c b/modules/trusted-firmware-m/fault.c index aa6d4f0a7588..dfe81decb149 100644 --- a/modules/trusted-firmware-m/fault.c +++ b/modules/trusted-firmware-m/fault.c @@ -58,12 +58,12 @@ LOG_MODULE_DECLARE(os, CONFIG_KERNEL_LOG_LEVEL); #endif /* CONFIG_ARMV8_M_SE */ -void z_arm_fatal_error(unsigned int reason, const z_arch_esf_t *esf); +void z_arm_fatal_error(unsigned int reason, const struct arch_esf *esf); static struct tfm_ns_fault_service_handler_context g_context; #if (CONFIG_FAULT_DUMP == 1) -static void fault_show(const z_arch_esf_t *esf, int fault) +static void fault_show(const struct arch_esf *esf, int fault) { uint32_t cfsr = g_context.status.cfsr; uint32_t sfsr = g_context.status.sfsr; @@ -85,14 +85,14 @@ static void fault_show(const z_arch_esf_t *esf, int fault) * * For Dump level 0, no information needs to be generated. */ -static void fault_show(const z_arch_esf_t *esf, int fault) +static void fault_show(const struct arch_esf *esf, int fault) { (void)esf; (void)fault; } #endif /* FAULT_DUMP == 1 */ -static int bus_fault(z_arch_esf_t *esf) +static int bus_fault(struct arch_esf *esf) { uint32_t reason = K_ERR_ARM_BUS_GENERIC; uint32_t cfsr = g_context.status.cfsr; @@ -145,7 +145,7 @@ static int bus_fault(z_arch_esf_t *esf) return reason; } -static uint32_t secure_fault(const z_arch_esf_t *esf) +static uint32_t secure_fault(const struct arch_esf *esf) { uint32_t reason = K_ERR_ARM_SECURE_GENERIC; uint32_t sfsr = g_context.status.sfsr; @@ -204,7 +204,7 @@ static uint32_t spu_fault(void) return reason; } -static void reserved_exception(const z_arch_esf_t *esf, int fault) +static void reserved_exception(const struct arch_esf *esf, int fault) { ARG_UNUSED(esf); @@ -214,7 +214,7 @@ static void reserved_exception(const z_arch_esf_t *esf, int fault) } -static uint32_t fault_handle(z_arch_esf_t *esf, int fault) +static uint32_t fault_handle(struct arch_esf *esf, int fault) { uint32_t reason = K_ERR_CPU_EXCEPTION; @@ -258,7 +258,7 @@ static inline bool is_nested_exc(uint32_t exc_return) * The stack frame is already determined by the ns callback service, so we can * assume that we have the right exception stack frame already. */ -void arm_fault(uint32_t exc_return, z_arch_esf_t *esf) +void arm_fault(uint32_t exc_return, struct arch_esf *esf) { uint32_t reason; int fault = g_context.status.vectactive; @@ -285,7 +285,7 @@ void arm_fault(uint32_t exc_return, z_arch_esf_t *esf) void tfm_ns_fault_handler_callback(void) { - z_arch_esf_t esf; + struct arch_esf esf; uint32_t exc_return; CONTROL_Type ctrl_ns; From e78afc8eaa3db2534169ca948e3132105be8308b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 11:51:50 +0200 Subject: [PATCH 005/217] nrf_modem_lib: Fix removed CONFIG_LOG_DOMAIN_ID config MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Changed CONFIG_LOG_DOMAIN_ID to Z_LOG_LOCAL_DOMAIN_ID as the former is removed Signed-off-by: Frank Audun Kvamtrø --- lib/nrf_modem_lib/nrf_modem_os.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/nrf_modem_lib/nrf_modem_os.c b/lib/nrf_modem_lib/nrf_modem_os.c index 8ccdad68684a..fc1ce239f17d 100644 --- a/lib/nrf_modem_lib/nrf_modem_os.c +++ b/lib/nrf_modem_lib/nrf_modem_os.c @@ -434,7 +434,7 @@ void nrf_modem_os_log(int level, const char *fmt, ...) source = (void *)__log_current_const_data; } - z_log_msg_runtime_vcreate(CONFIG_LOG_DOMAIN_ID, source, level, + z_log_msg_runtime_vcreate(Z_LOG_LOCAL_DOMAIN_ID, source, level, NULL, 0, 0, fmt, ap); #endif /* CONFIG_LOG_MODE_MINIMAL */ @@ -460,7 +460,7 @@ void nrf_modem_os_logdump(int level, const char *str, const void *data, size_t l source = (void *)__log_current_const_data; } - z_log_msg_runtime_vcreate(CONFIG_LOG_DOMAIN_ID, source, level, + z_log_msg_runtime_vcreate(Z_LOG_LOCAL_DOMAIN_ID, source, level, data, len, 0, str, (va_list) { 0 }); #endif /* CONFIG_LOG_MODE_MINIMAL */ From d7eaa6b8a5fbc7d612f10f9d5c439ebe2d6ee802 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 10:08:55 +0200 Subject: [PATCH 006/217] crypto: Add pk_ecc.c to the build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Align with Mbed TLS 3.6.0 by adding a new interface pk_ecc.c NOTE: This interface is built around the idea of fallback-to-ECP_C which likely needs to be resolved in a change of this file in Mbed TLS distribution, because of conflicting ideas on what should be happening in a pure configuration of crypto (only using PSA crypto, not enabling anything in legacy) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 69d9901544ef..309963161846 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -14,6 +14,7 @@ append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library cipher_wrap.c md.c pk.c + pk_ecc.c pk_wrap.c pkwrite.c sha1.c From 619ac0585f9e9c06aace08d3e0058d5ea220bb1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 22 Aug 2024 09:13:10 +0200 Subject: [PATCH 007/217] crypto: Removal of unsupported PSA crypto algorithm and key types MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Removal of unsupported algorithms in nRF Connect SDK: -ARC4 -ARIA -CAMELLIA -DES -SM3 -SM4 -SHAKE256_512 -RIPEMD160 -MD2 -MD4 -AES OFB - AES Output Feedback blockcipher -AES CFB - AES Cipher Feedback blockcipher -FFDH -DH -AES CBC MAC -Removal of deprecated configurations for ECC, RSA, SPAKE2P and SRP key pair (use IMPORT, EXPORT, GENERATE and DERIVE) -Adjusting Bluetooth Fast Pair to set ECC IMPORT, EXPORT, GENERATE and DERIVE key types (KEY_PAIR removed) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 16 ---------------- .../cmake/psa_crypto_config.cmake | 1 - .../cmake/psa_crypto_want_config.cmake | 19 ------------------- .../configs/psa_crypto_config.h.template | 1 - .../configs/psa_crypto_want_config.h.template | 19 ------------------- 5 files changed, 56 deletions(-) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index d70a740e2d96..33fe1e1a8a25 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -434,22 +434,6 @@ config MBEDTLS_CIPHER_MODE_CTR Enable the AES Counter Block Cipher mode (CTR) mode, MBEDTLS_CIPHER_MODE_CTR setting in mbed TLS config file. -config MBEDTLS_CIPHER_MODE_CFB - bool "AES-CFB - AES Cipher Feedback mode" - depends on OBERON_BACKEND - default y - help - Enable the AES Cipher Feedback mode (CFB) mode, - MBEDTLS_CIPHER_MODE_CFB setting in mbed TLS config file. - -config MBEDTLS_CIPHER_MODE_OFB - bool "AES-OFB - AES Output Feedback mode" - depends on OBERON_BACKEND - default y - help - Enable the AES Output Feedback mode (OFB) mode, - MBEDTLS_CIPHER_MODE_OFB setting in mbed TLS config file. - config MBEDTLS_CIPHER_MODE_XTS bool "AES-XTS - AES Xor-encrypt-xor with ciphertext stealing mode" depends on OBERON_BACKEND diff --git a/subsys/nrf_security/cmake/psa_crypto_config.cmake b/subsys/nrf_security/cmake/psa_crypto_config.cmake index cfc054cbed24..73e78d119107 100644 --- a/subsys/nrf_security/cmake/psa_crypto_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_config.cmake @@ -18,7 +18,6 @@ kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_CTR_AES) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_CBC_PKCS7_AES) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_CBC_NO_PADDING_AES) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_ECB_NO_PADDING_AES) -kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_OFB_AES) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_STREAM_CIPHER_CHACHA20) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_CIPHER_DRIVER) kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_ECDH_BRAINPOOL_P_R1_192) diff --git a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake index fae7cc23ab16..6a02c3c00500 100644 --- a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake @@ -10,12 +10,10 @@ kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_128) kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_192) kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_256) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CBC_MAC) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CBC_NO_PADDING) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CBC_PKCS7) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CCM) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CCM_STAR_NO_TAG) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CFB) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CHACHA20_POLY1305) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CMAC) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_CTR) @@ -27,7 +25,6 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_ECDSA) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_ECDSA_ANY) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_ED25519PH) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_ED448PH) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_FFDH) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_GCM) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_HKDF) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_HKDF_EXPAND) @@ -35,14 +32,10 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_HKDF_EXTRACT) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_HMAC) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_HMAC_DRBG) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_JPAKE) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_MD2) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_MD4) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_MD5) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_OFB) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_PBKDF2_HMAC) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_PURE_EDDSA) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RIPEMD160) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_OAEP) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) @@ -53,7 +46,6 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_224) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_256) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_384) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA3_512) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHAKE256_512) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_1) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_224) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_256) @@ -61,7 +53,6 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_384) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_512) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_512_224) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SHA_512_256) -kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SM3) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SPAKE2P_CMAC) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SPAKE2P_HMAC) kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SPAKE2P_MATTER) @@ -107,14 +98,8 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ECC_TWISTED_EDWARDS_255) kconfig_check_and_set_base_to_one(PSA_WANT_ECC_TWISTED_EDWARDS_448) kconfig_check_and_set_base_to_one(PSA_WANT_GENERATE_RANDOM) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_AES) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ARC4) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ARIA) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_CAMELLIA) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_CHACHA20) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_DERIVE) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_DES) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_DH_KEY_PAIR) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) @@ -126,20 +111,16 @@ kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_PASSWORD) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_PASSWORD_HASH) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_PEPPER) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RAW_DATA) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SM4) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_EXPORT) diff --git a/subsys/nrf_security/configs/psa_crypto_config.h.template b/subsys/nrf_security/configs/psa_crypto_config.h.template index 41dc67b1dd87..c24b2e3c71ac 100644 --- a/subsys/nrf_security/configs/psa_crypto_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_config.h.template @@ -230,7 +230,6 @@ #cmakedefine PSA_NEED_CRACEN_CBC_PKCS7_AES @PSA_NEED_CRACEN_CBC_PKCS7_AES@ #cmakedefine PSA_NEED_CRACEN_CBC_NO_PADDING_AES @PSA_NEED_CRACEN_CBC_NO_PADDING_AES@ #cmakedefine PSA_NEED_CRACEN_ECB_NO_PADDING_AES @PSA_NEED_CRACEN_ECB_NO_PADDING_AES@ -#cmakedefine PSA_NEED_CRACEN_OFB_AES @PSA_NEED_CRACEN_OFB_AES@ #cmakedefine PSA_NEED_CRACEN_STREAM_CIPHER_CHACHA20 @PSA_NEED_CRACEN_STREAM_CIPHER_CHACHA20@ #cmakedefine PSA_NEED_CRACEN_ECDH_BRAINPOOL_P_R1_192 @PSA_NEED_CRACEN_ECDH_BRAINPOOL_P_R1_192@ #cmakedefine PSA_NEED_CRACEN_ECDH_BRAINPOOL_P_R1_224 @PSA_NEED_CRACEN_ECDH_BRAINPOOL_P_R1_224@ diff --git a/subsys/nrf_security/configs/psa_crypto_want_config.h.template b/subsys/nrf_security/configs/psa_crypto_want_config.h.template index 47864135025a..3e8b1fe667f0 100644 --- a/subsys/nrf_security/configs/psa_crypto_want_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_want_config.h.template @@ -19,12 +19,10 @@ #cmakedefine PSA_WANT_AES_KEY_SIZE_128 @PSA_WANT_AES_KEY_SIZE_128@ #cmakedefine PSA_WANT_AES_KEY_SIZE_192 @PSA_WANT_AES_KEY_SIZE_192@ #cmakedefine PSA_WANT_AES_KEY_SIZE_256 @PSA_WANT_AES_KEY_SIZE_256@ -#cmakedefine PSA_WANT_ALG_CBC_MAC @PSA_WANT_ALG_CBC_MAC@ #cmakedefine PSA_WANT_ALG_CBC_NO_PADDING @PSA_WANT_ALG_CBC_NO_PADDING@ #cmakedefine PSA_WANT_ALG_CBC_PKCS7 @PSA_WANT_ALG_CBC_PKCS7@ #cmakedefine PSA_WANT_ALG_CCM @PSA_WANT_ALG_CCM@ #cmakedefine PSA_WANT_ALG_CCM_STAR_NO_TAG @PSA_WANT_ALG_CCM_STAR_NO_TAG@ -#cmakedefine PSA_WANT_ALG_CFB @PSA_WANT_ALG_CFB@ #cmakedefine PSA_WANT_ALG_CHACHA20_POLY1305 @PSA_WANT_ALG_CHACHA20_POLY1305@ #cmakedefine PSA_WANT_ALG_CMAC @PSA_WANT_ALG_CMAC@ #cmakedefine PSA_WANT_ALG_CTR @PSA_WANT_ALG_CTR@ @@ -36,7 +34,6 @@ #cmakedefine PSA_WANT_ALG_ECDSA_ANY @PSA_WANT_ALG_ECDSA_ANY@ #cmakedefine PSA_WANT_ALG_ED25519PH @PSA_WANT_ALG_ED25519PH@ #cmakedefine PSA_WANT_ALG_ED448PH @PSA_WANT_ALG_ED448PH@ -#cmakedefine PSA_WANT_ALG_FFDH @PSA_WANT_ALG_FFDH@ #cmakedefine PSA_WANT_ALG_GCM @PSA_WANT_ALG_GCM@ #cmakedefine PSA_WANT_ALG_HKDF @PSA_WANT_ALG_HKDF@ #cmakedefine PSA_WANT_ALG_HKDF_EXPAND @PSA_WANT_ALG_HKDF_EXPAND@ @@ -44,14 +41,10 @@ #cmakedefine PSA_WANT_ALG_HMAC @PSA_WANT_ALG_HMAC@ #cmakedefine PSA_WANT_ALG_HMAC_DRBG @PSA_WANT_ALG_HMAC_DRBG@ #cmakedefine PSA_WANT_ALG_JPAKE @PSA_WANT_ALG_JPAKE@ -#cmakedefine PSA_WANT_ALG_MD2 @PSA_WANT_ALG_MD2@ -#cmakedefine PSA_WANT_ALG_MD4 @PSA_WANT_ALG_MD4@ #cmakedefine PSA_WANT_ALG_MD5 @PSA_WANT_ALG_MD5@ -#cmakedefine PSA_WANT_ALG_OFB @PSA_WANT_ALG_OFB@ #cmakedefine PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 @PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128@ #cmakedefine PSA_WANT_ALG_PBKDF2_HMAC @PSA_WANT_ALG_PBKDF2_HMAC@ #cmakedefine PSA_WANT_ALG_PURE_EDDSA @PSA_WANT_ALG_PURE_EDDSA@ -#cmakedefine PSA_WANT_ALG_RIPEMD160 @PSA_WANT_ALG_RIPEMD160@ #cmakedefine PSA_WANT_ALG_RSA_OAEP @PSA_WANT_ALG_RSA_OAEP@ #cmakedefine PSA_WANT_ALG_RSA_PKCS1V15_CRYPT @PSA_WANT_ALG_RSA_PKCS1V15_CRYPT@ #cmakedefine PSA_WANT_ALG_RSA_PKCS1V15_SIGN @PSA_WANT_ALG_RSA_PKCS1V15_SIGN@ @@ -62,7 +55,6 @@ #cmakedefine PSA_WANT_ALG_SHA3_256 @PSA_WANT_ALG_SHA3_256@ #cmakedefine PSA_WANT_ALG_SHA3_384 @PSA_WANT_ALG_SHA3_384@ #cmakedefine PSA_WANT_ALG_SHA3_512 @PSA_WANT_ALG_SHA3_512@ -#cmakedefine PSA_WANT_ALG_SHAKE256_512 @PSA_WANT_ALG_SHAKE256_512@ #cmakedefine PSA_WANT_ALG_SHA_1 @PSA_WANT_ALG_SHA_1@ #cmakedefine PSA_WANT_ALG_SHA_224 @PSA_WANT_ALG_SHA_224@ #cmakedefine PSA_WANT_ALG_SHA_256 @PSA_WANT_ALG_SHA_256@ @@ -70,7 +62,6 @@ #cmakedefine PSA_WANT_ALG_SHA_512 @PSA_WANT_ALG_SHA_512@ #cmakedefine PSA_WANT_ALG_SHA_512_224 @PSA_WANT_ALG_SHA_512_224@ #cmakedefine PSA_WANT_ALG_SHA_512_256 @PSA_WANT_ALG_SHA_512_256@ -#cmakedefine PSA_WANT_ALG_SM3 @PSA_WANT_ALG_SM3@ #cmakedefine PSA_WANT_ALG_SPAKE2P_CMAC @PSA_WANT_ALG_SPAKE2P_CMAC@ #cmakedefine PSA_WANT_ALG_SPAKE2P_HMAC @PSA_WANT_ALG_SPAKE2P_HMAC@ #cmakedefine PSA_WANT_ALG_SPAKE2P_MATTER @PSA_WANT_ALG_SPAKE2P_MATTER@ @@ -116,14 +107,8 @@ #cmakedefine PSA_WANT_ECC_TWISTED_EDWARDS_448 @PSA_WANT_ECC_TWISTED_EDWARDS_448@ #cmakedefine PSA_WANT_GENERATE_RANDOM @PSA_WANT_GENERATE_RANDOM@ #cmakedefine PSA_WANT_KEY_TYPE_AES @PSA_WANT_KEY_TYPE_AES@ -#cmakedefine PSA_WANT_KEY_TYPE_ARC4 @PSA_WANT_KEY_TYPE_ARC4@ -#cmakedefine PSA_WANT_KEY_TYPE_ARIA @PSA_WANT_KEY_TYPE_ARIA@ -#cmakedefine PSA_WANT_KEY_TYPE_CAMELLIA @PSA_WANT_KEY_TYPE_CAMELLIA@ #cmakedefine PSA_WANT_KEY_TYPE_CHACHA20 @PSA_WANT_KEY_TYPE_CHACHA20@ #cmakedefine PSA_WANT_KEY_TYPE_DERIVE @PSA_WANT_KEY_TYPE_DERIVE@ -#cmakedefine PSA_WANT_KEY_TYPE_DES @PSA_WANT_KEY_TYPE_DES@ -#cmakedefine PSA_WANT_KEY_TYPE_DH_KEY_PAIR @PSA_WANT_KEY_TYPE_DH_KEY_PAIR@ -#cmakedefine PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY @PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY@ #cmakedefine PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC@ #cmakedefine PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE @PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE@ #cmakedefine PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT @PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT@ @@ -135,20 +120,16 @@ #cmakedefine PSA_WANT_KEY_TYPE_PASSWORD_HASH @PSA_WANT_KEY_TYPE_PASSWORD_HASH@ #cmakedefine PSA_WANT_KEY_TYPE_PEPPER @PSA_WANT_KEY_TYPE_PEPPER@ #cmakedefine PSA_WANT_KEY_TYPE_RAW_DATA @PSA_WANT_KEY_TYPE_RAW_DATA@ -#cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY @PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY@ -#cmakedefine PSA_WANT_KEY_TYPE_SM4 @PSA_WANT_KEY_TYPE_SM4@ -#cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY @PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY@ -#cmakedefine PSA_WANT_KEY_TYPE_SRP_KEY_PAIR @PSA_WANT_KEY_TYPE_SRP_KEY_PAIR@ #cmakedefine PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC@ #cmakedefine PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_DERIVE @PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_DERIVE@ #cmakedefine PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_EXPORT @PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_EXPORT@ From 22d3042f7eb66efa379325d5da9a21517c9070bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 22 Aug 2024 09:16:29 +0200 Subject: [PATCH 008/217] bluetooth: crypto: Adding missing key-types for ECC MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -PSA_WANT_KEY_TYPE_ECC_KEY_PAIR is deprecated in Mbed TLS and Bluetooth Fast Pairh have been enabling PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT for key type support. This commit adds the remaining (required): -PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT -PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE -PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE Signed-off-by: Frank Audun Kvamtrø --- .../bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto | 3 +++ 1 file changed, 3 insertions(+) diff --git a/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto b/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto index 12ef66112ef7..1e0fed4e677f 100644 --- a/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto +++ b/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto @@ -47,6 +47,9 @@ config BT_FAST_PAIR_CRYPTO_PSA select PSA_WANT_ALG_HMAC select PSA_WANT_ALG_ECDH select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE select PSA_WANT_ECC_SECP_R1_256 select PSA_WANT_KEY_TYPE_AES select PSA_WANT_ALG_ECB_NO_PADDING From edfb995f86917297acb062595fc41842fa2a9d80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 22 Aug 2024 09:09:34 +0200 Subject: [PATCH 009/217] crypto: Add missing config for key types for SPAKE2+ and RSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Adding config PSA_WANT_TYPE_SPAKE2P_KEY_PAIR_GENERATE -Adding config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/cmake/psa_crypto_want_config.cmake | 2 ++ subsys/nrf_security/configs/psa_crypto_want_config.h.template | 2 ++ 2 files changed, 4 insertions(+) diff --git a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake index 6a02c3c00500..21de9b426dfe 100644 --- a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake @@ -114,12 +114,14 @@ kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RAW_DATA) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_GENERATE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_DERIVE) diff --git a/subsys/nrf_security/configs/psa_crypto_want_config.h.template b/subsys/nrf_security/configs/psa_crypto_want_config.h.template index 3e8b1fe667f0..625b52f9ab37 100644 --- a/subsys/nrf_security/configs/psa_crypto_want_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_want_config.h.template @@ -121,6 +121,7 @@ #cmakedefine PSA_WANT_KEY_TYPE_PEPPER @PSA_WANT_KEY_TYPE_PEPPER@ #cmakedefine PSA_WANT_KEY_TYPE_RAW_DATA @PSA_WANT_KEY_TYPE_RAW_DATA@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC@ +#cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE@ #cmakedefine PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT @PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT@ @@ -128,6 +129,7 @@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT@ +#cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_GENERATE @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_GENERATE@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT @PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT@ #cmakedefine PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY @PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY@ #cmakedefine PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC @PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC@ From 12c7fb901d4330510a3d10557d565a85bc443d5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 22 Aug 2024 09:11:09 +0200 Subject: [PATCH 010/217] crypto: Cleanup ordering of PAKE and RSA split configurations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This orders the configuration according to upstream Zephyr and Mbed TLS code on PAKE and RSA in the following order _IMPORT _EXPORT _GENERATE _DERIVE Signed-off-by: Frank Audun Kvamtrø --- .../cmake/psa_crypto_want_config.cmake | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake index 21de9b426dfe..070211ad4116 100644 --- a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake @@ -101,10 +101,10 @@ kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_AES) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_CHACHA20) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_HMAC) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_PASSWORD) @@ -112,21 +112,21 @@ kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_PASSWORD_HASH) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_PEPPER) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RAW_DATA) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_BASIC) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_IMPORT) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_GENERATE) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SPAKE2P_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_BASIC) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_DERIVE) -kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_EXPORT) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_IMPORT) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_EXPORT) +kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_KEY_PAIR_DERIVE) kconfig_check_and_set_base_to_one(PSA_WANT_KEY_TYPE_SRP_PUBLIC_KEY) kconfig_check_and_set_base_to_one(PSA_WANT_RSA_KEY_SIZE_1024) kconfig_check_and_set_base_to_one(PSA_WANT_RSA_KEY_SIZE_1536) From 7f19327f31b5a97b8598f9b9862a174fdf993dd7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 22 Aug 2024 09:01:32 +0200 Subject: [PATCH 011/217] crypto: Enable Kconfig NRF_SECURITY by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit adds more TLS/DTLS related configurations for the PSA Crypto oriented build-strategy. It's intent is to enable TLS/DTLS using PSA crypto by default while e.g. supporting PEM file input in NS world. -Removes a default y if BUILD_WITH_TFM for NORDIC_SECURITY_BACKEND -Add MBEDTLS_BASE64_C, MBEDTLS_ASN1_WRITE_C and MBEDTLS_ASN1_PARSE_C as prompt-less configurations that is enabled if PEM is enabled -Removed some dependencies for MBEDTLS_CIPHER_C to ensure it is only enabled when MBEDTLS_LEGACY_CRYPTO_C is enabled -Default enable MBEDTLS_PK_C when MBEDTLS_TLS_LIBRARY is enabled -Added dependencies for MBEDTLS_PK_WRITE_C/MBEDTLS_PK_PARSE_C towards MBEDTLS_PK_C being enabled -Added generation of aforementioned legacy configs for the PSA crypto centric configuration when SPM (TF-M secure image) is not enabled -Enabled X.509 in PSA crypto configuration scope (possible post Mbed TLS 3.6.0 addition, ensuring MBEDTLS_PSA_CRYPTO_CLIENT being properly supported... Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig | 2 +- subsys/nrf_security/Kconfig.legacy | 28 +++++++++++++-- .../cmake/psa_crypto_config.cmake | 35 ++++++++++++------- .../configs/psa_crypto_config.h.template | 15 ++++++-- 4 files changed, 62 insertions(+), 18 deletions(-) diff --git a/subsys/nrf_security/Kconfig b/subsys/nrf_security/Kconfig index 88751f1ec970..a258570130ae 100644 --- a/subsys/nrf_security/Kconfig +++ b/subsys/nrf_security/Kconfig @@ -18,7 +18,6 @@ config NORDIC_SECURITY_BACKEND bool prompt "Use nRF Security with Mbed TLS legacy crypto APIs support" \ if !NORDIC_SECURITY_PROMPTLESS - default y if BUILD_WITH_TFM depends on SOC_FAMILY_NORDIC_NRF select NRF_SECURITY select MBEDTLS_LEGACY_CRYPTO_C @@ -46,6 +45,7 @@ config NRF_SECURITY # Select TFM_BL2_NOT_SUPPORTED to prevent users from enabling # CONFIG_TFM_BL2. select TFM_BL2_NOT_SUPPORTED if BUILD_WITH_TFM + select PSA_CRYPTO_CLIENT help Set this configuration to enable nRF Security. This provides Arm PSA cryptography APIs with RNG support (optionally). diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 33fe1e1a8a25..6402cb062c27 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -24,6 +24,18 @@ config MBEDTLS_THREADING_C bool default y if CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX +config MBEDTLS_BASE64_C + bool + default y if MBEDTLS_PEM_WRITE_C || MBEDTLS_PEM_PARSE_C + +config MBEDTLS_ASN1_WRITE_C + bool + default y if MBEDTLS_PEM_WRITE_C + +config MBEDTLS_ASN1_PARSE_C + bool + default y if MBEDTLS_PEM_PARSE_C + # Platform configurations for _ALT defines config MBEDTLS_PLATFORM_EXIT_ALT bool @@ -742,7 +754,7 @@ endif #MBEDTLS_LEGACY_CRYPTO_C config MBEDTLS_CIPHER_C bool prompt "Enable Cipher support" - default y if MBEDTLS_PSA_CRYPTO_C || MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_LEGACY_CRYPTO_C + default y if MBEDTLS_LEGACY_CRYPTO_C config MBEDTLS_MD_C bool @@ -752,6 +764,7 @@ config MBEDTLS_MD_C config MBEDTLS_PK_C bool prompt "Enable PK support" + default y if MBEDTLS_TLS_LIBRARY config MBEDTLS_PKCS5_C bool @@ -763,17 +776,28 @@ config MBEDTLS_PKCS5_C config MBEDTLS_PK_WRITE_C bool prompt "Enable PK write support" - # default y if MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_PSA_CRYPTO_SPM + depends on MBEDTLS_PK_C config MBEDTLS_PK_PARSE_C bool prompt "Enable PK parse support" default y if MBEDTLS_TLS_LIBRARY + depends on MBEDTLS_PK_C config MBEDTLS_PK_PARSE_EC_EXTENDED bool prompt "Enhance support for reading EC keys" default y depends on MBEDTLS_PK_PARSE_C + +config MBEDTLS_PEM_PARSE_C + bool + prompt "Support parsing PEM files" + depends on MBEDTLS_BASE64_C + +config MBEDTLS_PEM_WRITE_C + bool + prompt "Support writing PEM files" + depends on MBEDTLS_BASE64_C endmenu # Legacy mbed TLS crypto APIs diff --git a/subsys/nrf_security/cmake/psa_crypto_config.cmake b/subsys/nrf_security/cmake/psa_crypto_config.cmake index 73e78d119107..2dd446377b3e 100644 --- a/subsys/nrf_security/cmake/psa_crypto_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_config.cmake @@ -509,14 +509,25 @@ kconfig_check_and_set_base_to_one(MBEDTLS_NO_PLATFORM_ENTROPY) kconfig_check_and_set_base_int(MBEDTLS_ENTROPY_MAX_SOURCES) # Legacy configurations for mbed TLS APIs -kconfig_check_and_set_base_to_one(MBEDTLS_CIPHER_C) -kconfig_check_and_set_base_to_one(MBEDTLS_PK_C) -kconfig_check_and_set_base_to_one(MBEDTLS_PK_WRITE_C) -kconfig_check_and_set_base_to_one(MBEDTLS_MD_C) kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_C) kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_ALT) if (NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + # Platform configuration + kconfig_check_and_set_base_to_one(MBEDTLS_ASN1_PARSE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_ASN1_WRITE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_BASE64_C) + kconfig_check_and_set_base_to_one(MBEDTLS_OID_C) + + # PKI configurations + kconfig_check_and_set_base_to_one(MBEDTLS_CIPHER_C) + kconfig_check_and_set_base_to_one(MBEDTLS_MD_C) + kconfig_check_and_set_base_to_one(MBEDTLS_PK_C) + kconfig_check_and_set_base_to_one(MBEDTLS_PKCS5_C) + kconfig_check_and_set_base_to_one(MBEDTLS_PK_PARSE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_PK_WRITE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_PEM_PARSE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_PEM_WRITE_C) # TLS/DTLS configurations kconfig_check_and_set_base_to_one(MBEDTLS_SSL_ALL_ALERT_MESSAGES) @@ -556,14 +567,14 @@ if (NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) kconfig_check_and_set_base_int(MBEDTLS_MPI_MAX_SIZE) # x509 configurations - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_USE_C) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRT_PARSE_C) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRL_PARSE_C) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_CSR_PARSE_C) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_CREATE_C) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRT_WRITE_C) - # kconfig_check_and_set_base_to_one(MBEDTLS_X509_CSR_WRITE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_USE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRT_PARSE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRL_PARSE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_CSR_PARSE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_CREATE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRT_WRITE_C) + kconfig_check_and_set_base_to_one(MBEDTLS_X509_CSR_WRITE_C) # TLS key exchange kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) diff --git a/subsys/nrf_security/configs/psa_crypto_config.h.template b/subsys/nrf_security/configs/psa_crypto_config.h.template index c24b2e3c71ac..cd76a59c0f1b 100644 --- a/subsys/nrf_security/configs/psa_crypto_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_config.h.template @@ -502,11 +502,20 @@ #cmakedefine MBEDTLS_ENTROPY_MAX_SOURCES @MBEDTLS_ENTROPY_MAX_SOURCES@ #cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY -/* Legacy configurations for mbed TLS APIs */ +/* Platform configurations for Mbed TLS APIs*/ +#cmakedefine MBEDTLS_BASE64_C +#cmakedefine MBEDTLS_OID_C +#cmakedefine MBEDTLS_ASN1_PARSE_C +#cmakedefine MBEDTLS_ASN1_WRITE_C + +/* Legacy configurations for Mbed TLS APIs */ #cmakedefine MBEDTLS_CIPHER_C -//#define MBEDTLS_PK_C @MBEDTLS_PK_C@ -//#define MBEDTLS_PK_WRITE_C @MBEDTLS_PK_WRITE_C@ #cmakedefine MBEDTLS_MD_C +#cmakedefine MBEDTLS_PK_C +#cmakedefine MBEDTLS_PK_WRITE_C +#cmakedefine MBEDTLS_PK_PARSE_C +#cmakedefine MBEDTLS_PEM_PARSE_C +#cmakedefine MBEDTLS_PEM_WRITE_C /* TLS/DTLS configurations */ #cmakedefine MBEDTLS_SSL_ALL_ALERT_MESSAGES From 25edf628e509446b5802df58a750585f0d16374c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 09:19:27 +0200 Subject: [PATCH 012/217] crypto: Removing weak and/or unused ciphers in nrf_security MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Removing the following ciphers: - Ripemd160 - Aria - Camellia - DES Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 4 ---- 1 file changed, 4 deletions(-) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 309963161846..8443ddbe461d 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -21,13 +21,9 @@ append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library sha256.c sha512.c sha3.c - ripemd160.c md5.c aesni.c aesce.c - aria.c - camellia.c - des.c psa_util.c platform_util.c ) From 8bf8db2c17d5009397637a3645bf7de680cfa18a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 09:26:40 +0200 Subject: [PATCH 013/217] crypto: Align psa_crypto_driver_wrappers to PSA key attributes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -There is a big change in structuring of PSA key attributes with TF-M 2.1. Previously there was a sub-type called "core" inside the PSA key attributes, but this has been swallowed into the top-level structure. This commit removes references to ->core. in code -This code also improves some return-codes to prevent unused variables for a few cases where no crypto drivers are enabled Signed-off-by: Frank Audun Kvamtrø --- .../src/psa_crypto_driver_wrappers.c | 79 ++++++++++--------- 1 file changed, 40 insertions(+), 39 deletions(-) diff --git a/subsys/nrf_security/src/psa_crypto_driver_wrappers.c b/subsys/nrf_security/src/psa_crypto_driver_wrappers.c index a5665e270000..0c6c5c30371f 100644 --- a/subsys/nrf_security/src/psa_crypto_driver_wrappers.c +++ b/subsys/nrf_security/src/psa_crypto_driver_wrappers.c @@ -196,7 +196,7 @@ psa_status_t psa_driver_wrapper_sign_message(const psa_key_attributes_t *attribu size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -258,7 +258,7 @@ psa_status_t psa_driver_wrapper_verify_message(const psa_key_attributes_t *attri size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -317,7 +317,7 @@ psa_status_t psa_driver_wrapper_sign_hash(const psa_key_attributes_t *attributes size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -379,7 +379,7 @@ psa_status_t psa_driver_wrapper_verify_hash(const psa_key_attributes_t *attribut size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -453,8 +453,8 @@ psa_driver_wrapper_get_key_buffer_size_from_key_data(const psa_key_attributes_t const uint8_t *data, size_t data_length, size_t *key_buffer_size) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - psa_key_type_t key_type = attributes->core.type; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_type_t key_type = attributes->type; *key_buffer_size = 0; switch (location) { @@ -490,9 +490,9 @@ psa_driver_wrapper_get_key_buffer_size_from_key_data(const psa_key_attributes_t psa_status_t psa_driver_wrapper_get_key_buffer_size(const psa_key_attributes_t *attributes, size_t *key_buffer_size) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - psa_key_type_t key_type = attributes->core.type; - size_t key_bits = attributes->core.bits; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); + psa_key_type_t key_type = attributes->type; + size_t key_bits = attributes->bits; *key_buffer_size = 0; switch (location) { @@ -519,7 +519,7 @@ psa_status_t psa_driver_wrapper_generate_key(const psa_key_attributes_t *attribu size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -527,7 +527,7 @@ psa_status_t psa_driver_wrapper_generate_key(const psa_key_attributes_t *attribu case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: #endif /* defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) */ /* Transparent drivers are limited to generating asymmetric keys */ - if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->core.type)) { + if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->type)) { /* Cycle through all known transparent accelerators */ #if defined(PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER) status = cracen_generate_key(attributes, key_buffer, key_buffer_size, @@ -733,7 +733,7 @@ psa_status_t psa_driver_wrapper_get_builtin_key(psa_drv_slot_number_t slot_numbe uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { #if defined(PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER) @@ -764,7 +764,7 @@ psa_status_t psa_driver_wrapper_copy_key(psa_key_attributes_t *attributes, size_t *target_key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { #if defined(PSA_NEED_CRACEN_KMU_DRIVER) @@ -788,7 +788,7 @@ psa_status_t psa_driver_wrapper_derive_key(const psa_key_attributes_t *attribute uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime)) { + switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime)) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Add cases for transparent drivers here */ #ifdef PSA_NEED_OBERON_KEY_MANAGEMENT_DRIVER @@ -821,7 +821,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt(const psa_key_attributes_t *attri size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -897,7 +897,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt(const psa_key_attributes_t *attri size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -953,7 +953,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup(psa_cipher_operation_t *ope size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1019,7 +1019,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup(psa_cipher_operation_t *ope size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1165,7 +1165,8 @@ psa_status_t psa_driver_wrapper_cipher_finish(psa_cipher_operation_t *operation, psa_status_t psa_driver_wrapper_cipher_abort(psa_cipher_operation_t *operation) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; + (void) status; switch (operation->id) { #if defined(PSA_NEED_CRACEN_CIPHER_DRIVER) @@ -1207,7 +1208,7 @@ psa_status_t psa_driver_wrapper_hash_compute(psa_algorithm_t alg, const uint8_t } #endif - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; /* Try accelerators first */ #if defined(PSA_NEED_CRACEN_HASH_DRIVER) @@ -1242,7 +1243,7 @@ psa_status_t psa_driver_wrapper_hash_compute(psa_algorithm_t alg, const uint8_t psa_status_t psa_driver_wrapper_hash_setup(psa_hash_operation_t *operation, psa_algorithm_t alg) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; #if !defined(PSA_WANT_ALG_SHA_1) if (alg == PSA_ALG_SHA_1) { @@ -1397,7 +1398,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt(const psa_key_attributes_t *attribu size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1471,7 +1472,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt(const psa_key_attributes_t *attribu size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1543,7 +1544,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt_setup(psa_aead_operation_t *operati size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1610,7 +1611,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt_setup(psa_aead_operation_t *operati size_t key_buffer_size, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -1879,7 +1880,7 @@ psa_status_t psa_driver_wrapper_mac_compute(const psa_key_attributes_t *attribut size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); #if !defined(PSA_WANT_ALG_SHA_1) if (PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1) { @@ -1944,7 +1945,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup(psa_mac_operation_t *operation, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); #if !defined(PSA_WANT_ALG_SHA_1) if (PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1) { @@ -2011,7 +2012,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup(psa_mac_operation_t *operation, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); #if !defined(PSA_WANT_ALG_SHA_1) if (PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1) { @@ -2111,7 +2112,7 @@ psa_status_t psa_driver_wrapper_mac_update(psa_mac_operation_t *operation, const psa_status_t psa_driver_wrapper_mac_sign_finish(psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, size_t *mac_length) { - psa_status_t status; + psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; switch (operation->id) { #if defined(PSA_NEED_CRACEN_MAC_DRIVER) @@ -2139,14 +2140,14 @@ psa_status_t psa_driver_wrapper_mac_sign_finish(psa_mac_operation_t *operation, (void)mac; (void)mac_size; (void)mac_length; - return PSA_ERROR_INVALID_ARGUMENT; + return status; } } psa_status_t psa_driver_wrapper_mac_verify_finish(psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length) { - psa_status_t status; + psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; switch (operation->id) { #if defined(PSA_NEED_CRACEN_MAC_DRIVER) @@ -2171,7 +2172,7 @@ psa_status_t psa_driver_wrapper_mac_verify_finish(psa_mac_operation_t *operation default: (void)mac; (void)mac_length; - return PSA_ERROR_INVALID_ARGUMENT; + return status; } } @@ -2201,7 +2202,7 @@ psa_status_t psa_driver_wrapper_mac_abort(psa_mac_operation_t *operation) psa_status_t psa_driver_wrapper_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_algorithm_t alg) { - psa_status_t status; + psa_status_t status = PSA_ERROR_NOT_SUPPORTED; #if defined(PSA_NEED_CRACEN_KEY_DERIVATION_DRIVER) status = cracen_key_derivation_setup(&operation->ctx.cracen_kdf_ctx, alg); @@ -2224,7 +2225,7 @@ psa_status_t psa_driver_wrapper_key_derivation_setup(psa_key_derivation_operatio (void)status; (void)operation; (void)alg; - return PSA_ERROR_NOT_SUPPORTED; + return status; } psa_status_t @@ -2371,7 +2372,7 @@ psa_status_t psa_driver_wrapper_key_agreement(const psa_key_attributes_t *attrib { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -2434,7 +2435,7 @@ psa_status_t psa_driver_wrapper_pake_setup(psa_pake_operation_t *operation, const psa_pake_cipher_suite_t *cipher_suite) { psa_status_t status; - switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime)) { + switch (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime)) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Add cases for transparent drivers here */ #ifdef PSA_NEED_CRACEN_PAKE_DRIVER @@ -2658,7 +2659,7 @@ psa_status_t psa_driver_wrapper_asymmetric_encrypt( { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -2718,7 +2719,7 @@ psa_status_t psa_driver_wrapper_asymmetric_decrypt( { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: @@ -2868,7 +2869,7 @@ psa_status_t psa_driver_wrapper_get_entropy(uint32_t flags, size_t *estimate_bit psa_status_t psa_driver_wrapper_destroy_builtin_key(const psa_key_attributes_t *attributes) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime); switch (location) { #if defined(PSA_NEED_CRACEN_KMU_DRIVER) From 9776b84f877aed0316ba98d83cfac7d4b6d12e30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 09:31:21 +0200 Subject: [PATCH 014/217] crypto: configs: Dis set of PSA_WANT_KEY_TYPE_ECC_XXXX_PAIR_BASIC MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -PSA_WANT_KEY_TYPE_XXXX_KEY_PAIR_BASIC is a configuration that previously was used to signal "basic type". It is no longer needed to set this configuration as it is only an internal construct. These has been made prompt-less configuration that is automatically enabled when key type support for _IMPORT, _EXPORT, _GENERATE or _DERIVE is requested -This updates the following project configs: -SUIT -psa_tls overlays for RSA -RSA sample Signed-off-by: Frank Audun Kvamtrø --- samples/crypto/psa_tls/overlays/rsa.conf | 6 +++++- samples/crypto/rsa/prj.conf | 7 ++++++- subsys/suit/platform/Kconfig | 5 +++-- subsys/suit/platform/sdfw/Kconfig | 3 ++- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/samples/crypto/psa_tls/overlays/rsa.conf b/samples/crypto/psa_tls/overlays/rsa.conf index dc794b410d44..da192589ba23 100644 --- a/samples/crypto/psa_tls/overlays/rsa.conf +++ b/samples/crypto/psa_tls/overlays/rsa.conf @@ -6,5 +6,9 @@ CONFIG_PSA_TLS_CERTIFICATE_TYPE_RSA=y CONFIG_MBEDTLS_RSA_C=y CONFIG_MBEDTLS_PKCS1_V15=y -CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY=y CONFIG_PSA_WANT_RSA_KEY_SIZE_2048=y diff --git a/samples/crypto/rsa/prj.conf b/samples/crypto/rsa/prj.conf index bc127dc2fc89..71a6c27f6c30 100644 --- a/samples/crypto/rsa/prj.conf +++ b/samples/crypto/rsa/prj.conf @@ -20,7 +20,12 @@ CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=16384 CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN=y -CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY=y + CONFIG_PSA_WANT_ALG_SHA_256=y # This samples source code explicitly uses an RSA key size of 4096 diff --git a/subsys/suit/platform/Kconfig b/subsys/suit/platform/Kconfig index b6723710a191..593eb13cc2b6 100644 --- a/subsys/suit/platform/Kconfig +++ b/subsys/suit/platform/Kconfig @@ -46,8 +46,9 @@ config SUIT_CRYPTO imply ENTROPY_GENERATOR imply PSA_CRYPTO_DRIVER_CRACEN imply PSA_WANT_ALG_PURE_EDDSA - imply PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC if SOC_FAMILY_NORDIC_NRF - imply PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if SOC_FAMILY_NORDIC_NRF + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if SOC_FAMILY_NORDIC_NRF + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if SOC_FAMILY_NORDIC_NRF + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if SOC_FAMILY_NORDIC_NRF imply PSA_WANT_ECC_TWISTED_EDWARDS_255 if SOC_FAMILY_NORDIC_NRF diff --git a/subsys/suit/platform/sdfw/Kconfig b/subsys/suit/platform/sdfw/Kconfig index 42b61a42ea6b..958fb5811333 100644 --- a/subsys/suit/platform/sdfw/Kconfig +++ b/subsys/suit/platform/sdfw/Kconfig @@ -43,7 +43,8 @@ config SUIT_AUTHENTICATE select PSA_WANT_ALG_SHA_256 if SOC_FAMILY_NORDIC_NRF select PSA_WANT_ALG_SHA_512 if SOC_FAMILY_NORDIC_NRF select PSA_WANT_ALG_ECDSA if SOC_FAMILY_NORDIC_NRF - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC if SOC_FAMILY_NORDIC_NRF select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if SOC_FAMILY_NORDIC_NRF + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if SOC_FAMILY_NORDIC_NRF + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if SOC_FAMILY_NORDIC_NRF select PSA_WANT_ECC_SECP_R1_256 if SOC_FAMILY_NORDIC_NRF select PSA_WANT_ECC_TWISTED_EDWARDS_255 if SOC_FAMILY_NORDIC_NRF From cc3a3dc086a019bfeb48634bb625b3d7b7ceea4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 09:21:56 +0200 Subject: [PATCH 015/217] crypto: Unify Mbed TLS configuration generation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit improves generation of nrf-config.h which can be built either using PSA crypto or legacy crypto as starting-point. It enables more legacy/platform configurations in case PSA crypto is favored, to ensure that we can split the files: - nrf-config.h: Legacy and platform configurations - nrf-psa-crypto-config.h: PSA_WANT_ALG_XXXX etc. - nrf-psa-crypto-user-config: PSA_NEED_XXXX -Changed platform defines generation using the macro kconfig_check_and_set_base_to_one to kconfig_check_and_set_base. This ensures defines are set to be used for cmakedefine without value for standard configurations in Mbed TLS config. PSA_WANT_ALG_XXX etc. are the only ones that need to use kconfig_check_and_set_base_to_one as it is using #define SOME_DEFINE 1 and have #if checks based on the value -Adding nrf_config.cmake used by PSA crypto generation -Removing all legacy TLS/DTLS and and platform defines from psa_crypto_config.cmake. These are moved to nrf_config.cmake NOTE: This will be renamed to psa_crypto_user_config.cmake in a later commit as this will have PSA_NEED_XXXX configurations only! -Minor adjustments to comments in psa_crypto_want_config.cmake -Auto-enable MBEDTLS_PSA_CRYPTO_CONFIG to legacy_crypto_config.h.template to favor using MBEDTLS_PSA_CRYPTO_CONFIG_FILE and MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE -Fix include-guards for psa_crypto_want_config.h so it fits for the coming rename of this file. We are now using the standardized definition PSA_CRYPTO_CONFIG_H found in Mbed TLS code and TF-M -Simplified the content of nrf-config.h.template. This now contains Platform, _ALT and TLS/DTS and X.509 and cipher-suites. Note: This addition adds a guard against enabling TLS/DTLS and X.509 in TF-M SPM and ARoT builds -The include guard in nrf-config.h.template is changed from MBEDTLS_CONFIG_PSA_H to MBEDTLS_CONFIG_FILE_H to reuse the guard found in Mbed TLS and TF-M -Removing legacy, platform and TLS/DTLS and X.509 configurations from psa_crypto_config.h.template. This is now provided by the generated nrf-config.h file -Changed the include-guard for psa_crypto_config.h.template to the standardized PSA_CRYPTO_USER_CONFIG_H used in TF-M and Mbed TLS. This file has PSA_NEED_XXXX and will be renamed to state that this is a PSA crypto user config file in a later commit Signed-off-by: Frank Audun Kvamtrø --- .../cmake/legacy_crypto_config.cmake | 21 +- subsys/nrf_security/cmake/nrf_config.cmake | 163 ++++++++ .../cmake/psa_crypto_config.cmake | 154 +------- .../cmake/psa_crypto_want_config.cmake | 5 +- .../configs/legacy_crypto_config.h.template | 2 +- .../configs/nrf-config.h.template | 354 ++++++++---------- .../configs/psa_crypto_config.h.template | 139 +------ .../configs/psa_crypto_want_config.h.template | 11 +- 8 files changed, 339 insertions(+), 510 deletions(-) create mode 100644 subsys/nrf_security/cmake/nrf_config.cmake diff --git a/subsys/nrf_security/cmake/legacy_crypto_config.cmake b/subsys/nrf_security/cmake/legacy_crypto_config.cmake index 192c8569d2f3..fa60dbce9694 100644 --- a/subsys/nrf_security/cmake/legacy_crypto_config.cmake +++ b/subsys/nrf_security/cmake/legacy_crypto_config.cmake @@ -102,18 +102,19 @@ kconfig_check_and_set_base(MBEDTLS_MEMORY_DEBUG) kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_SPM) +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CLIENT) kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_C) kconfig_check_and_set_base(MBEDTLS_USE_PSA_CRYPTO) -kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CLIENT) - -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_EXIT_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_FPRINTF_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_PRINTF_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_SNPRINTF_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ENTROPY_HARDWARE_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_ZEROIZE_ALT) +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + +kconfig_check_and_set_base(MBEDTLS_PLATFORM_EXIT_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_FPRINTF_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_PRINTF_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_SNPRINTF_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) +kconfig_check_and_set_base(MBEDTLS_ENTROPY_HARDWARE_ALT) +kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_ZEROIZE_ALT) kconfig_check_and_set_base(MBEDTLS_X509_USE_C) kconfig_check_and_set_base(MBEDTLS_X509_CHECK_KEY_USAGE) diff --git a/subsys/nrf_security/cmake/nrf_config.cmake b/subsys/nrf_security/cmake/nrf_config.cmake new file mode 100644 index 000000000000..78e7da10bccf --- /dev/null +++ b/subsys/nrf_security/cmake/nrf_config.cmake @@ -0,0 +1,163 @@ +# +# Copyright (c) 2024 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# +# Convert all platform and TLS/DTLS and X.509 Kconfig variables for Mbed TLS +# (strip CONFIG_) + +# TF-M +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_SPM) + +# PSA core configurations +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CLIENT) +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_C) +kconfig_check_and_set_base(MBEDTLS_USE_PSA_CRYPTO) +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + +# Platform +kconfig_check_and_set_base(MBEDTLS_PLATFORM_C) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_MEMORY) +kconfig_check_and_set_base(MBEDTLS_NO_PLATFORM_ENTROPY) +kconfig_check_and_set_base(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +kconfig_check_and_set_base(MBEDTLS_DEBUG_C) +kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + +# Threading configurations for CryptoCell and locally built PSA core +kconfig_check_and_set_base(MBEDTLS_THREADING_C) +kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) + +# Platform configurations for _ALT defines +kconfig_check_and_set_base(MBEDTLS_PLATFORM_EXIT_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_FPRINTF_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_PRINTF_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_SNPRINTF_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) +kconfig_check_and_set_base(MBEDTLS_ENTROPY_HARDWARE_ALT) +kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) +kconfig_check_and_set_base(MBEDTLS_PLATFORM_ZEROIZE_ALT) + +# Legacy configurations for _ALT defines +kconfig_check_and_set_base(MBEDTLS_AES_SETKEY_ENC_ALT) +kconfig_check_and_set_base(MBEDTLS_AES_SETKEY_DEC_ALT) +kconfig_check_and_set_base(MBEDTLS_AES_ENCRYPT_ALT) +kconfig_check_and_set_base(MBEDTLS_AES_DECRYPT_ALT) +kconfig_check_and_set_base(MBEDTLS_AES_ALT) +kconfig_check_and_set_base(MBEDTLS_CMAC_ALT) +kconfig_check_and_set_base(MBEDTLS_CCM_ALT) +kconfig_check_and_set_base(MBEDTLS_GCM_ALT) +kconfig_check_and_set_base(MBEDTLS_CHACHA20_ALT) +kconfig_check_and_set_base(MBEDTLS_POLY1305_ALT) +kconfig_check_and_set_base(MBEDTLS_CHACHAPOLY_ALT) +kconfig_check_and_set_base(MBEDTLS_DHM_ALT) +kconfig_check_and_set_base(MBEDTLS_ECP_ALT) +kconfig_check_and_set_base(MBEDTLS_ECDH_GEN_PUBLIC_ALT) +kconfig_check_and_set_base(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) +kconfig_check_and_set_base(MBEDTLS_ECDSA_GENKEY_ALT) +kconfig_check_and_set_base(MBEDTLS_ECDSA_SIGN_ALT) +kconfig_check_and_set_base(MBEDTLS_ECDSA_VERIFY_ALT) +kconfig_check_and_set_base(MBEDTLS_ECJPAKE_ALT) +kconfig_check_and_set_base(MBEDTLS_RSA_ALT) +kconfig_check_and_set_base(MBEDTLS_SHA1_ALT) +kconfig_check_and_set_base(MBEDTLS_SHA224_ALT) +kconfig_check_and_set_base(MBEDTLS_SHA256_ALT) +kconfig_check_and_set_base(MBEDTLS_SHA384_ALT) +kconfig_check_and_set_base(MBEDTLS_SHA512_ALT) + +# Legacy configurations for RNG +kconfig_check_and_set_base(MBEDTLS_ENTROPY_FORCE_SHA256) +kconfig_check_and_set_base(MBEDTLS_NO_PLATFORM_ENTROPY) +kconfig_check_and_set_base_int(MBEDTLS_ENTROPY_MAX_SOURCES) + +# Nordic defines for library support. +kconfig_check_and_set_base(MBEDTLS_LEGACY_CRYPTO_C) +kconfig_check_and_set_base(MBEDTLS_TLS_LIBRARY) +kconfig_check_and_set_base(MBEDTLS_X509_LIBRARY) + +# Still required for some things in psa_util? +kconfig_check_and_set_base(MBEDTLS_MD_C) + +# Guard against setting legacy configurations in TF-M image +if (NOT MBEDTLS_PSA_CRYPTO_SPM) + # Platform configuration + kconfig_check_and_set_base(MBEDTLS_ASN1_PARSE_C) + kconfig_check_and_set_base(MBEDTLS_ASN1_WRITE_C) + kconfig_check_and_set_base(MBEDTLS_BASE64_C) + kconfig_check_and_set_base(MBEDTLS_OID_C) + + # PKI configurations + kconfig_check_and_set_base(MBEDTLS_CIPHER_C) + kconfig_check_and_set_base(MBEDTLS_PK_C) + kconfig_check_and_set_base(MBEDTLS_PKCS5_C) + kconfig_check_and_set_base(MBEDTLS_PK_PARSE_C) + kconfig_check_and_set_base(MBEDTLS_PK_WRITE_C) + kconfig_check_and_set_base(MBEDTLS_PEM_PARSE_C) + kconfig_check_and_set_base(MBEDTLS_PEM_WRITE_C) + + # TLS/DTLS configurations + kconfig_check_and_set_base(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + kconfig_check_and_set_base(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_CONNECTION_ID) + kconfig_check_and_set_base(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + kconfig_check_and_set_base(MBEDTLS_SSL_DEBUG_ALL) + kconfig_check_and_set_base(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + kconfig_check_and_set_base(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + kconfig_check_and_set_base(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + kconfig_check_and_set_base(MBEDTLS_SSL_RENEGOTIATION) + kconfig_check_and_set_base(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + kconfig_check_and_set_base(MBEDTLS_SSL_PROTO_TLS1_2) + kconfig_check_and_set_base(MBEDTLS_SSL_PROTO_DTLS) + kconfig_check_and_set_base(MBEDTLS_SSL_ALPN) + kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_SRTP) + kconfig_check_and_set_base(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + kconfig_check_and_set_base(MBEDTLS_SSL_SESSION_TICKETS) + kconfig_check_and_set_base(MBEDTLS_SSL_EXPORT_KEYS) + kconfig_check_and_set_base(MBEDTLS_SSL_SERVER_NAME_INDICATION) + kconfig_check_and_set_base(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + kconfig_check_and_set_base(MBEDTLS_SSL_CACHE_C) + kconfig_check_and_set_base(MBEDTLS_SSL_TICKET_C) + kconfig_check_and_set_base(MBEDTLS_SSL_CLI_C) + kconfig_check_and_set_base(MBEDTLS_SSL_SRV_C) + kconfig_check_and_set_base(MBEDTLS_SSL_TLS_C) + kconfig_check_and_set_base(MBEDTLS_SSL_COOKIE_C) + + kconfig_check_and_set_base_int(MBEDTLS_SSL_IN_CONTENT_LEN) + kconfig_check_and_set_base_int(MBEDTLS_SSL_OUT_CONTENT_LEN) + kconfig_check_and_set_base(MBEDTLS_SSL_CIPHERSUITES) + kconfig_check_and_set_base(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + + kconfig_check_and_set_base_int(MBEDTLS_MPI_WINDOW_SIZE) + kconfig_check_and_set_base_int(MBEDTLS_MPI_MAX_SIZE) + + # x509 configurations + kconfig_check_and_set_base(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + kconfig_check_and_set_base(MBEDTLS_X509_USE_C) + kconfig_check_and_set_base(MBEDTLS_X509_CRT_PARSE_C) + kconfig_check_and_set_base(MBEDTLS_X509_CRL_PARSE_C) + kconfig_check_and_set_base(MBEDTLS_X509_CSR_PARSE_C) + kconfig_check_and_set_base(MBEDTLS_X509_CREATE_C) + kconfig_check_and_set_base(MBEDTLS_X509_CRT_WRITE_C) + kconfig_check_and_set_base(MBEDTLS_X509_CSR_WRITE_C) + + # TLS key exchange + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +endif() + +kconfig_check_and_set_base(MBEDTLS_PSA_CRYPTO_CONFIG) + +# Generate the Mbed TLS config file (default nrf-config.h) +configure_file(${NRF_SECURITY_ROOT}/configs/nrf-config.h.template + ${generated_include_path}/${CONFIG_MBEDTLS_CFG_FILE} +) diff --git a/subsys/nrf_security/cmake/psa_crypto_config.cmake b/subsys/nrf_security/cmake/psa_crypto_config.cmake index 2dd446377b3e..145fcac89953 100644 --- a/subsys/nrf_security/cmake/psa_crypto_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_config.cmake @@ -447,157 +447,11 @@ kconfig_check_and_set_base_to_one(PSA_NEED_NRF_RNG_ENTROPY_DRIVER) kconfig_check_and_set_base_to_one(PSA_CRYPTO_DRIVER_ALG_PRNG_TEST) # PSA and Drivers -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_C) -kconfig_check_and_set_base_to_one(MBEDTLS_USE_PSA_CRYPTO) kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_STORAGE_C) kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_DRIVERS) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_CLIENT) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) kconfig_check_and_set_base_int(MBEDTLS_PSA_KEY_SLOT_COUNT) -# TF-M -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_SPM) -kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - -# Platform -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_C) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_MEMORY) -kconfig_check_and_set_base_to_one(MBEDTLS_NO_PLATFORM_ENTROPY) -kconfig_check_and_set_base_to_one(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -kconfig_check_and_set_base_to_one(MBEDTLS_DEBUG_C) - -# Platform configurations for _ALT defines -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_EXIT_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_FPRINTF_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_PRINTF_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_SNPRINTF_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ENTROPY_HARDWARE_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_PLATFORM_ZEROIZE_ALT) - -# Legacy configurations for _ALT defines -kconfig_check_and_set_base_to_one(MBEDTLS_AES_SETKEY_ENC_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_AES_SETKEY_DEC_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_AES_ENCRYPT_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_AES_DECRYPT_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_AES_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_CMAC_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_CCM_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_GCM_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_CHACHA20_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_POLY1305_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_CHACHAPOLY_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_DHM_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECP_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECDH_GEN_PUBLIC_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECDSA_GENKEY_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECDSA_SIGN_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECDSA_VERIFY_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_ECJPAKE_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_RSA_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_SHA1_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_SHA224_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_SHA256_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_SHA384_ALT) -kconfig_check_and_set_base_to_one(MBEDTLS_SHA512_ALT) - -# Legacy configurations for RNG -kconfig_check_and_set_base_to_one(MBEDTLS_ENTROPY_FORCE_SHA256) -kconfig_check_and_set_base_to_one(MBEDTLS_NO_PLATFORM_ENTROPY) -kconfig_check_and_set_base_int(MBEDTLS_ENTROPY_MAX_SOURCES) - -# Legacy configurations for mbed TLS APIs -kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_C) -kconfig_check_and_set_base_to_one(MBEDTLS_THREADING_ALT) - -if (NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) - # Platform configuration - kconfig_check_and_set_base_to_one(MBEDTLS_ASN1_PARSE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_ASN1_WRITE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_BASE64_C) - kconfig_check_and_set_base_to_one(MBEDTLS_OID_C) - - # PKI configurations - kconfig_check_and_set_base_to_one(MBEDTLS_CIPHER_C) - kconfig_check_and_set_base_to_one(MBEDTLS_MD_C) - kconfig_check_and_set_base_to_one(MBEDTLS_PK_C) - kconfig_check_and_set_base_to_one(MBEDTLS_PKCS5_C) - kconfig_check_and_set_base_to_one(MBEDTLS_PK_PARSE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_PK_WRITE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_PEM_PARSE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_PEM_WRITE_C) - - # TLS/DTLS configurations - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_DTLS_CONNECTION_ID) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_DEBUG_ALL) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_RENEGOTIATION) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_PROTO_TLS1_2) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_PROTO_DTLS) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_ALPN) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_DTLS_SRTP) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_SESSION_TICKETS) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_EXPORT_KEYS) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_SERVER_NAME_INDICATION) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_CACHE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_TICKET_C) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_CLI_C) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_SRV_C) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_TLS_C) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_COOKIE_C) - - kconfig_check_and_set_base_int(MBEDTLS_SSL_IN_CONTENT_LEN) - kconfig_check_and_set_base_int(MBEDTLS_SSL_OUT_CONTENT_LEN) - kconfig_check_and_set_base(MBEDTLS_SSL_CIPHERSUITES) - kconfig_check_and_set_base_to_one(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - - kconfig_check_and_set_base_int(MBEDTLS_MPI_WINDOW_SIZE) - kconfig_check_and_set_base_int(MBEDTLS_MPI_MAX_SIZE) - - # x509 configurations - kconfig_check_and_set_base_to_one(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_USE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRT_PARSE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRL_PARSE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_CSR_PARSE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_CREATE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_CRT_WRITE_C) - kconfig_check_and_set_base_to_one(MBEDTLS_X509_CSR_WRITE_C) - - # TLS key exchange - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - kconfig_check_and_set_base_to_one(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -endif() - -if(CONFIG_GENERATE_MBEDTLS_CFG_FILE) - # Copy the mbed TLS config file (default: nrf-config.h) - configure_file(${NRF_SECURITY_ROOT}/configs/nrf-config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_CFG_FILE} - ) - - # Generate the PSA config file (default nrf-psa-crypto-config.h) - configure_file(${NRF_SECURITY_ROOT}/configs/psa_crypto_config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE} - ) -endif() +# Generate the PSA config file (default nrf-psa-crypto-config.h) +configure_file(${NRF_SECURITY_ROOT}/configs/psa_crypto_config.h.template + ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE} +) diff --git a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake index 070211ad4116..d7924073730a 100644 --- a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake @@ -3,10 +3,9 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# Convert all standard Kconfig variables for mbed TLS (strip CONFIG_) +# Convert all PSA_WANT_XXXX Kconfig variables for Mbed TLS (strip CONFIG_) - -# All PSA_WANT_ symbols in alphabetical order */ +# All PSA_WANT_XXXX symbols in alphabetical order */ kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_128) kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_192) kconfig_check_and_set_base_to_one(PSA_WANT_AES_KEY_SIZE_256) diff --git a/subsys/nrf_security/configs/legacy_crypto_config.h.template b/subsys/nrf_security/configs/legacy_crypto_config.h.template index 256fcf02ef63..9e3c3c5378c1 100644 --- a/subsys/nrf_security/configs/legacy_crypto_config.h.template +++ b/subsys/nrf_security/configs/legacy_crypto_config.h.template @@ -1756,7 +1756,7 @@ * This feature is still experimental and is not ready for production since * it is not completed. */ -//#define MBEDTLS_PSA_CRYPTO_CONFIG +#define MBEDTLS_PSA_CRYPTO_CONFIG /** * \def MBEDTLS_VERSION_FEATURES diff --git a/subsys/nrf_security/configs/nrf-config.h.template b/subsys/nrf_security/configs/nrf-config.h.template index 7b93fb791a93..37321aee405d 100644 --- a/subsys/nrf_security/configs/nrf-config.h.template +++ b/subsys/nrf_security/configs/nrf-config.h.template @@ -1,222 +1,172 @@ /* - * Copyright (c) 2021 Nordic Semiconductor + * Copyright (c) 2024 Nordic Semiconductor * * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause * */ - -#ifndef MBEDTLS_CONFIG_PSA_H -#define MBEDTLS_CONFIG_PSA_H - -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) -#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE -#else -#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE expected to be set" -#endif - - -#ifdef __cplusplus -extern "C" { -#endif - -/****************************************************************/ -/* Require built-in implementations based on CRACEN PSA requirements - * - * NOTE: Required by the CRACEN driver still, which is checking for - * MBEDTLS crypto definitions. - */ -/****************************************************************/ -#if defined(CONFIG_PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER) -#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS -#endif - -/****************************************************************/ -/* Require built-in implementations based on PSA requirements - * - * NOTE: Required by the TLS stack still, which is checking for MBEDTLS crypto definitions. +/* The include guards used here ensures that a different Mbed TLS config is not + * added to the build and used by accident. Hence, this guard is not + * equivalent to naming of this file. */ -/****************************************************************/ - -/* Required for MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_ECDH) -#define MBEDTLS_ECDH_C -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C -#endif - -/* Required for MBEDTLS_HAS_ECDSA_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_ECDSA) -#define MBEDTLS_ECDSA_C -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#endif +#ifndef MBEDTLS_CONFIG_FILE_H +#define MBEDTLS_CONFIG_FILE_H -/* Required for MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS - * - * The requirements should all be met on MBEDTLS configurations already. +/* This file includes configurations for Mbed TLS for platform and TLS/DTLS and X.509 + * and it should be used inside TF-M build and when CONFIG_MBEDTLS_LEGACY_CRYPTO_C is + * not used */ -#if defined(PSA_WANT_ALG_SHA_1) -/* TLS/DTLS 1.2 requires SHA-1 support using legacy API for now. - * Revert this when resolving NCSDK-20975. - */ -#if defined(CONFIG_MBEDTLS_TLS_LIBRARY) -#define MBEDTLS_SHA1_C -#endif -#endif +/* TF-M */ +#cmakedefine MBEDTLS_PSA_CRYPTO_SPM + +/* PSA core configurations */ +#cmakedefine MBEDTLS_PSA_CRYPTO_CLIENT +#cmakedefine MBEDTLS_PSA_CRYPTO_C +#cmakedefine MBEDTLS_USE_PSA_CRYPTO +/* Avoid redefinition as TF-M defines this on the command line */ +#ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +#cmakedefine MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +#endif + +/* Platform */ +#cmakedefine MBEDTLS_PLATFORM_C +#cmakedefine MBEDTLS_PLATFORM_MEMORY +#cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY +#cmakedefine MBEDTLS_MEMORY_BUFFER_ALLOC_C +#cmakedefine MBEDTLS_DEBUG_C +#cmakedefine MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG + +/* Platform configurations for _ALT defines */ +#cmakedefine MBEDTLS_PLATFORM_EXIT_ALT +#cmakedefine MBEDTLS_PLATFORM_FPRINTF_ALT +#cmakedefine MBEDTLS_PLATFORM_PRINTF_ALT +#cmakedefine MBEDTLS_PLATFORM_SNPRINTF_ALT +#cmakedefine MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT +#cmakedefine MBEDTLS_ENTROPY_HARDWARE_ALT + +/* Threading configurations */ +#cmakedefine MBEDTLS_THREADING_C +#cmakedefine MBEDTLS_THREADING_ALT + +/* Legacy configurations for _ALT defines */ +#cmakedefine MBEDTLS_AES_SETKEY_ENC_ALT +#cmakedefine MBEDTLS_AES_SETKEY_DEC_ALT +#cmakedefine MBEDTLS_AES_ENCRYPT_ALT +#cmakedefine MBEDTLS_AES_DECRYPT_ALT +#cmakedefine MBEDTLS_AES_ALT +#cmakedefine MBEDTLS_CMAC_ALT +#cmakedefine MBEDTLS_CCM_ALT +#cmakedefine MBEDTLS_GCM_ALT +#cmakedefine MBEDTLS_CHACHA20_ALT +#cmakedefine MBEDTLS_POLY1305_ALT +#cmakedefine MBEDTLS_CHACHAPOLY_ALT +#cmakedefine MBEDTLS_DHM_ALT +#cmakedefine MBEDTLS_ECP_ALT +#cmakedefine MBEDTLS_ECDH_GEN_PUBLIC_ALT +#cmakedefine MBEDTLS_ECDH_COMPUTE_SHARED_ALT +#cmakedefine MBEDTLS_ECDSA_GENKEY_ALT +#cmakedefine MBEDTLS_ECDSA_SIGN_ALT +#cmakedefine MBEDTLS_ECDSA_VERIFY_ALT +#cmakedefine MBEDTLS_ECJPAKE_ALT +#cmakedefine MBEDTLS_RSA_ALT +#cmakedefine MBEDTLS_SHA1_ALT +#cmakedefine MBEDTLS_SHA224_ALT +#cmakedefine MBEDTLS_SHA256_ALT +#cmakedefine MBEDTLS_SHA384_ALT +#cmakedefine MBEDTLS_SHA512_ALT + +/* Legacy configuration for RNG */ +#cmakedefine MBEDTLS_ENTROPY_FORCE_SHA256 +#cmakedefine MBEDTLS_ENTROPY_MAX_SOURCES @MBEDTLS_ENTROPY_MAX_SOURCES@ +#cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY + +/* Nordic defines for library support. Note that these configurations are used by the PSA interface */ +#cmakedefine MBEDTLS_LEGACY_CRYPTO_C +#cmakedefine MBEDTLS_TLS_LIBRARY +#cmakedefine MBEDTLS_X509_LIBRARY + +/* Platform configurations for Mbed TLS APIs*/ +#cmakedefine MBEDTLS_BASE64_C +#cmakedefine MBEDTLS_OID_C +#cmakedefine MBEDTLS_ASN1_PARSE_C +#cmakedefine MBEDTLS_ASN1_WRITE_C + +/* Ensure these are not enabled internal in NS build */ +#if !defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(INSIDE_TFM_BUILD) + +/* Legacy configurations for Mbed TLS APIs */ +#cmakedefine MBEDTLS_CIPHER_C +#cmakedefine MBEDTLS_MD_C +#cmakedefine MBEDTLS_PK_C +#cmakedefine MBEDTLS_PK_WRITE_C +#cmakedefine MBEDTLS_PK_PARSE_C +#cmakedefine MBEDTLS_PEM_PARSE_C +#cmakedefine MBEDTLS_PEM_WRITE_C + +/* TLS/DTLS configurations */ +#cmakedefine MBEDTLS_SSL_ALL_ALERT_MESSAGES +#cmakedefine MBEDTLS_SSL_DTLS_CONNECTION_ID +#cmakedefine MBEDTLS_SSL_CONTEXT_SERIALIZATION +#cmakedefine MBEDTLS_SSL_DEBUG_ALL +#cmakedefine MBEDTLS_SSL_ENCRYPT_THEN_MAC +#cmakedefine MBEDTLS_SSL_EXTENDED_MASTER_SECRET +#cmakedefine MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +#cmakedefine MBEDTLS_SSL_RENEGOTIATION +#cmakedefine MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#cmakedefine MBEDTLS_SSL_PROTO_TLS1_2 +#cmakedefine MBEDTLS_SSL_PROTO_DTLS +#cmakedefine MBEDTLS_SSL_ALPN +#cmakedefine MBEDTLS_SSL_DTLS_ANTI_REPLAY +#cmakedefine MBEDTLS_SSL_DTLS_HELLO_VERIFY +#cmakedefine MBEDTLS_SSL_DTLS_SRTP +#cmakedefine MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE +#cmakedefine MBEDTLS_SSL_SESSION_TICKETS +#cmakedefine MBEDTLS_SSL_EXPORT_KEYS +#cmakedefine MBEDTLS_SSL_SERVER_NAME_INDICATION +#cmakedefine MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH +#cmakedefine MBEDTLS_SSL_CACHE_C +#cmakedefine MBEDTLS_SSL_TICKET_C +#cmakedefine MBEDTLS_SSL_CLI_C +#cmakedefine MBEDTLS_SSL_COOKIE_C +#cmakedefine MBEDTLS_SSL_SRV_C +#cmakedefine MBEDTLS_SSL_TLS_C +#cmakedefine MBEDTLS_SSL_IN_CONTENT_LEN @MBEDTLS_SSL_IN_CONTENT_LEN@ +#cmakedefine MBEDTLS_SSL_OUT_CONTENT_LEN @MBEDTLS_SSL_OUT_CONTENT_LEN@ +#cmakedefine MBEDTLS_SSL_CIPHERSUITES @MBEDTLS_SSL_CIPHERSUITES@ + +#cmakedefine MBEDTLS_X509_RSASSA_PSS_SUPPORT +#cmakedefine MBEDTLS_X509_USE_C +#cmakedefine MBEDTLS_X509_CRT_PARSE_C +#cmakedefine MBEDTLS_X509_CRL_PARSE_C +#cmakedefine MBEDTLS_X509_CSR_PARSE_C +#cmakedefine MBEDTLS_X509_CREATE_C +#cmakedefine MBEDTLS_X509_CRT_WRITE_C +#cmakedefine MBEDTLS_X509_CSR_WRITE_C +#cmakedefine MBEDTLS_X509_REMOVE_INFO -/* Required for MBEDTLS_HAS_ECJPAKE_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_SHA_256) -#define MBEDTLS_SHA224_C -#define MBEDTLS_SHA256_C -#endif - -/* Required for MBEDTLS_HAS_CBC_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_CBC_PKCS7) -/* NB: check_config does not do any checks for CBC. */ -#define MBEDTLS_CIPHER_MODE_CBC -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_AES_C -#endif - -/* Required for MBEDTLS_HAS_CCM_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_CCM) -#define MBEDTLS_CCM_C -#define MBEDTLS_AES_C -#endif - -/* Required for MBEDTLS_HAS_GCM_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_GCM) -#define MBEDTLS_GCM_C -#define MBEDTLS_AES_C -#endif - -/* Required for MBEDTLS_HAS_CHACHAPOLY_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) -#if defined(PSA_WANT_KEY_TYPE_CHACHA20) -#define MBEDTLS_CHACHA20_C -#define MBEDTLS_POLY1305_C -#define MBEDTLS_CHACHAPOLY_C -#endif -#endif - -/* Because we have enabled MBEDTLS_ECP_C we need atleast one ECC curve type. */ -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_MONTGOMERY_255) -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#endif - -#if defined(PSA_WANT_ECC_MONTGOMERY_448) -#define MBEDTLS_ECP_DP_CURVE448_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_192) -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_224) -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_256) -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_384) -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_521) -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_K1_192) -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_K1_224) -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#endif - -#if defined(PSA_WANT_ECC_SECP_K1_256) -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#endif - -/* Required for MBEDTLS_HAS_ECJPAKE_CIPHERSUITE_REQUIREMENTS */ -#if defined(PSA_WANT_ALG_JPAKE) -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_ECP_C -#define MBEDTLS_ECJPAKE_C -#endif - -/* Nordic added */ -#if defined(MBEDTLS_PK_PARSE_C) -#define MBEDTLS_ASN1_PARSE_C -#endif - -#if defined(MBEDTLS_PK_WRITE_C) -#define MBEDTLS_ASN1_WRITE_C -#endif - -/* TLS/DTLS additions */ -#if !defined(MBEDTLS_PSA_CRYPTO_SPM) -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_PSK_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_ENABLED #cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +#cmakedefine MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#define MBEDTLS_X509_USE_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_PK_WRITE_C -#define MBEDTLS_PK_C -#define MBEDTLS_OID_C -#define MBEDTLS_DHM_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_BASE64_C -#define MBEDTLS_PEM_PARSE_C -#endif +#endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(INSIDE_TFM_BUILD) */ -#endif /* MBEDTLS_PSA_CRYPTO_SPM */ +#cmakedefine MBEDTLS_PSA_CRYPTO_CONFIG -#if defined(CONFIG_MBEDTLS_DEBUG) -#define MBEDTLS_ERROR_C -#define MBEDTLS_DEBUG_C -#define MBEDTLS_SSL_DEBUG_ALL -#endif +/* Controlling some MPI sizes */ +#cmakedefine MBEDTLS_MPI_WINDOW_SIZE @MBEDTLS_MPI_WINDOW_SIZE@ /**< Maximum window size used. */ +#cmakedefine MBEDTLS_MPI_MAX_SIZE @MBEDTLS_MPI_MAX_SIZE@ /**< Maximum number of bytes for usable MPIs. */ -#ifdef __cplusplus -} +#if CONFIG_MBEDTLS_CMAC_ALT +/* NCSDK-24838 */ +#define MBEDTLS_CIPHER_MODE_CBC #endif -#endif /* MBEDTLS_CONFIG_PSA_H */ +#endif /* MBEDTLS_CONFIG_FILE_H */ diff --git a/subsys/nrf_security/configs/psa_crypto_config.h.template b/subsys/nrf_security/configs/psa_crypto_config.h.template index cd76a59c0f1b..91866f9958dc 100644 --- a/subsys/nrf_security/configs/psa_crypto_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_config.h.template @@ -5,8 +5,8 @@ * */ -#ifndef PSA_CRYPTO_CONFIG_H -#define PSA_CRYPTO_CONFIG_H +#ifndef PSA_CRYPTO_USER_CONFIG_H +#define PSA_CRYPTO_USER_CONFIG_H /* PSA Core implementation */ #cmakedefine PSA_CORE_OBERON @PSA_CORE_OBERON@ @@ -439,7 +439,6 @@ /* PSA and drivers */ #cmakedefine MBEDTLS_PSA_CRYPTO_C -#cmakedefine MBEDTLS_USE_PSA_CRYPTO #cmakedefine MBEDTLS_PSA_CRYPTO_STORAGE_C /* MBEDTLS_PSA_CRYPTO_DRIVERS is defined to 1 by TF-M's build system. */ #cmakedefine MBEDTLS_PSA_CRYPTO_DRIVERS @MBEDTLS_PSA_CRYPTO_DRIVERS@ @@ -447,140 +446,8 @@ #cmakedefine MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG #cmakedefine MBEDTLS_PSA_KEY_SLOT_COUNT @MBEDTLS_PSA_KEY_SLOT_COUNT@ -/* TF-M */ -#cmakedefine MBEDTLS_PSA_CRYPTO_SPM -/* Avoid redefinition as TF-M defines this on the command line */ -#ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER -#cmakedefine MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER -#endif - -/* Platform */ -#cmakedefine MBEDTLS_PLATFORM_C -#cmakedefine MBEDTLS_PLATFORM_MEMORY -#cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY -#cmakedefine MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/* Platform configurations for _ALT defines */ -#cmakedefine MBEDTLS_PLATFORM_EXIT_ALT -#cmakedefine MBEDTLS_PLATFORM_FPRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_PRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_SNPRINTF_ALT -#cmakedefine MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT -#cmakedefine MBEDTLS_ENTROPY_HARDWARE_ALT -#cmakedefine MBEDTLS_THREADING_C -#cmakedefine MBEDTLS_THREADING_ALT - -/* Legacy configurations for _ALT defines */ -#cmakedefine MBEDTLS_AES_SETKEY_ENC_ALT -#cmakedefine MBEDTLS_AES_SETKEY_DEC_ALT -#cmakedefine MBEDTLS_AES_ENCRYPT_ALT -#cmakedefine MBEDTLS_AES_DECRYPT_ALT -#cmakedefine MBEDTLS_AES_ALT -#cmakedefine MBEDTLS_CMAC_ALT -#cmakedefine MBEDTLS_CCM_ALT -#cmakedefine MBEDTLS_GCM_ALT -#cmakedefine MBEDTLS_CHACHA20_ALT -#cmakedefine MBEDTLS_POLY1305_ALT -#cmakedefine MBEDTLS_CHACHAPOLY_ALT -#cmakedefine MBEDTLS_DHM_ALT -#cmakedefine MBEDTLS_ECP_ALT -#cmakedefine MBEDTLS_ECDH_GEN_PUBLIC_ALT -#cmakedefine MBEDTLS_ECDH_COMPUTE_SHARED_ALT -#cmakedefine MBEDTLS_ECDSA_GENKEY_ALT -#cmakedefine MBEDTLS_ECDSA_SIGN_ALT -#cmakedefine MBEDTLS_ECDSA_VERIFY_ALT -#cmakedefine MBEDTLS_ECJPAKE_ALT -#cmakedefine MBEDTLS_RSA_ALT -#cmakedefine MBEDTLS_SHA1_ALT -#cmakedefine MBEDTLS_SHA224_ALT -#cmakedefine MBEDTLS_SHA256_ALT -#cmakedefine MBEDTLS_SHA384_ALT -#cmakedefine MBEDTLS_SHA512_ALT - -/* Legacy configuration for RNG */ -#cmakedefine MBEDTLS_ENTROPY_FORCE_SHA256 -#cmakedefine MBEDTLS_ENTROPY_MAX_SOURCES @MBEDTLS_ENTROPY_MAX_SOURCES@ -#cmakedefine MBEDTLS_NO_PLATFORM_ENTROPY - -/* Platform configurations for Mbed TLS APIs*/ -#cmakedefine MBEDTLS_BASE64_C -#cmakedefine MBEDTLS_OID_C -#cmakedefine MBEDTLS_ASN1_PARSE_C -#cmakedefine MBEDTLS_ASN1_WRITE_C - -/* Legacy configurations for Mbed TLS APIs */ -#cmakedefine MBEDTLS_CIPHER_C -#cmakedefine MBEDTLS_MD_C -#cmakedefine MBEDTLS_PK_C -#cmakedefine MBEDTLS_PK_WRITE_C -#cmakedefine MBEDTLS_PK_PARSE_C -#cmakedefine MBEDTLS_PEM_PARSE_C -#cmakedefine MBEDTLS_PEM_WRITE_C - -/* TLS/DTLS configurations */ -#cmakedefine MBEDTLS_SSL_ALL_ALERT_MESSAGES -#cmakedefine MBEDTLS_SSL_DTLS_CONNECTION_ID -#cmakedefine MBEDTLS_SSL_CONTEXT_SERIALIZATION -#cmakedefine MBEDTLS_SSL_DEBUG_ALL -#cmakedefine MBEDTLS_SSL_ENCRYPT_THEN_MAC -#cmakedefine MBEDTLS_SSL_EXTENDED_MASTER_SECRET -#cmakedefine MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -#cmakedefine MBEDTLS_SSL_RENEGOTIATION -#cmakedefine MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -#cmakedefine MBEDTLS_SSL_PROTO_TLS1_2 -#cmakedefine MBEDTLS_SSL_PROTO_DTLS -#cmakedefine MBEDTLS_SSL_ALPN -#cmakedefine MBEDTLS_SSL_DTLS_ANTI_REPLAY -#cmakedefine MBEDTLS_SSL_DTLS_HELLO_VERIFY -#cmakedefine MBEDTLS_SSL_DTLS_SRTP -#cmakedefine MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE -#cmakedefine MBEDTLS_SSL_SESSION_TICKETS -#cmakedefine MBEDTLS_SSL_EXPORT_KEYS -#cmakedefine MBEDTLS_SSL_SERVER_NAME_INDICATION -#cmakedefine MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH -#cmakedefine MBEDTLS_SSL_CACHE_C -#cmakedefine MBEDTLS_SSL_TICKET_C -#cmakedefine MBEDTLS_SSL_CLI_C -#cmakedefine MBEDTLS_SSL_COOKIE_C -#cmakedefine MBEDTLS_SSL_SRV_C -#cmakedefine MBEDTLS_SSL_TLS_C -#cmakedefine MBEDTLS_SSL_IN_CONTENT_LEN @MBEDTLS_SSL_IN_CONTENT_LEN@ -#cmakedefine MBEDTLS_SSL_OUT_CONTENT_LEN @MBEDTLS_SSL_OUT_CONTENT_LEN@ -#cmakedefine MBEDTLS_SSL_CIPHERSUITES @MBEDTLS_SSL_CIPHERSUITES@ - -#cmakedefine MBEDTLS_X509_RSASSA_PSS_SUPPORT -#cmakedefine MBEDTLS_X509_USE_C -#cmakedefine MBEDTLS_X509_CRT_PARSE_C -#cmakedefine MBEDTLS_X509_CRL_PARSE_C -#cmakedefine MBEDTLS_X509_CSR_PARSE_C -#cmakedefine MBEDTLS_X509_CREATE_C -#cmakedefine MBEDTLS_X509_CRT_WRITE_C -#cmakedefine MBEDTLS_X509_CSR_WRITE_C -#cmakedefine MBEDTLS_X509_REMOVE_INFO - -#cmakedefine MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED -#cmakedefine MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/* Controlling some MPI sizes */ -#cmakedefine MBEDTLS_MPI_WINDOW_SIZE @MBEDTLS_MPI_WINDOW_SIZE@ /**< Maximum window size used. */ -#cmakedefine MBEDTLS_MPI_MAX_SIZE @MBEDTLS_MPI_MAX_SIZE@ /**< Maximum number of bytes for usable MPIs. */ - -#if CONFIG_MBEDTLS_CMAC_ALT -/* NCSDK-24838 */ -#define MBEDTLS_CIPHER_MODE_CBC -#endif - #include #include -#endif /* PSA_CRYPTO_CONFIG_H */ +#endif /* PSA_CRYPTO_USER_CONFIG_H */ diff --git a/subsys/nrf_security/configs/psa_crypto_want_config.h.template b/subsys/nrf_security/configs/psa_crypto_want_config.h.template index 625b52f9ab37..e4c74944ec89 100644 --- a/subsys/nrf_security/configs/psa_crypto_want_config.h.template +++ b/subsys/nrf_security/configs/psa_crypto_want_config.h.template @@ -5,13 +5,8 @@ * */ -#ifndef PSA_CRYPTO_WANT_CONFIG_H -#define PSA_CRYPTO_WANT_CONFIG_H - -/* TODO make sure this required */ -#ifndef MBEDTLS_PSA_CRYPTO_CONFIG -#define MBEDTLS_PSA_CRYPTO_CONFIG -#endif +#ifndef PSA_CRYPTO_CONFIG_H +#define PSA_CRYPTO_CONFIG_H /* * All PSA_WANT_ symbols in alphabetical order @@ -150,4 +145,4 @@ /* The Adjusting is done in this file */ #define PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H -#endif /* PSA_CRYPTO_WANT_CONFIG_H */ +#endif /* PSA_CRYPTO_CONFIG_H */ From f5108545e974bc23a274605483a952191e168858 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 09:58:17 +0200 Subject: [PATCH 016/217] tf-m: Adding config_extra.cmake generation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit introduces using a standardized construct in TF-M to add configurations that gets loaded through a CMake file that is passed to TF-M build. -The configurations passed to TF-M is generated from config_extra.cmake.in which is passed with configure_file from Zephyr to inject static configurations that is necessary for building with/without TF-M and within TF-M's code as well as being compatible with nrf_security -config_extra.cmake will be generated with the following: -Static paths for folders relevant for TF-M and non TF-M build -nrfxlib folder -nrf_security root folder -Oberon PSA core module directory -Arm Mbed TLS module directory -PSA_CRYPTO_EXTERNAL_CORE, which is a signal that a PSA core external to TF-M is intended to be built -Static names to Mbed TLS (and PSA crypto) configurations, without full path that is used both inside and outside of TF-M -MBEDTLS_CONFIG_FILE -MBEDTLS_PSA_CRYPTO_CONFIG_FILE -MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE -Paths to generated folders for configurations in two sets according to what is the usage: -PSA_CRYPTO_CONFIG_INTERFACE_PATH: Interface configurations used by ARoTs in TF-M image, and in Zephyr NS image in a TF-M enabled builds -PSA_CRYPTO_CONFIG_LIBRARY_PATH: Library configurations used by the actual build of crypto (TF-M crypto services in PRoT) or Mbed TLS and PSA core build in secure-only builds (no TF-M) -Additional state configurations relevant for external core build Signed-off-by: Frank Audun Kvamtrø --- .../configs/config_extra.cmake.in | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 subsys/nrf_security/configs/config_extra.cmake.in diff --git a/subsys/nrf_security/configs/config_extra.cmake.in b/subsys/nrf_security/configs/config_extra.cmake.in new file mode 100644 index 000000000000..e17bf0021c64 --- /dev/null +++ b/subsys/nrf_security/configs/config_extra.cmake.in @@ -0,0 +1,36 @@ +# +# Copyright (c) 2024 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +# This file is populated with custom configuration for TF-M to state that the PSA core is built externally +# This can be rewritten when solving NCSDK-XXXXX +set(PSA_CRYPTO_EXTERNAL_CORE ON CACHE BOOL "Enable building PSA core externally") + +# This file is populated with paths needed building nrf_security with and without TF-M +# It is added to circumvent issues with install-targets inside TF-M and to unify the +# CMake code with Zephyr builds +set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR} CACHE STRING "nrfxlib folder") +set(NRF_SECURITY_ROOT ${NRF_DIR}/subsys/nrf_security CACHE STRING "nrf_security root folder") +set(OBERON_PSA_CORE_PATH ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR} CACHE STRING "oberon-psa-core folder") +set(ARM_MBEDTLS_PATH ${ZEPHYR_MBEDTLS_MODULE_DIR} CACHE STRING "Mbed TLS folder") + +# This file is populated with the Mbed TLS config file names +set(MBEDTLS_CONFIG_FILE ${CONFIG_MBEDTLS_CFG_FILE} CACHE STRING "Mbed TLS Config file") +set(MBEDTLS_PSA_CRYPTO_CONFIG_FILE ${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE} CACHE STRING "PSA crypto config file (PSA_WANT)") +set(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE ${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE} CACHE STRING "PSA crypto config file (PSA_NEED)") + +# This file is populated with the generated include-folders for PSA interface (for main app, ns-services) as +# well as the include-folder for library build of the crypto toolbo with or without TF-M +set(PSA_CRYPTO_CONFIG_INTERFACE_PATH ${CMAKE_BINARY_DIR}/generated/interface_seeme CACHE STRING "Path used for generated PSA crypto configuratiosn for the interface") +set(PSA_CRYPTO_CONFIG_LIBRARY_PATH ${CMAKE_BINARY_DIR}/generated/library_seeme CACHE STRING "Path used for generated PSA crypto for library builds") + +# Defines used by including external_core.cmake multiple times (to clean up for CMake trace) +# This definitely needs to be reworked in upstream TF-M +set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_API_NS False CACHE BOOL "Use to ensure we add links only once") +set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_INTERFACE False CACHE BOOL "Use to ensure we add links only once") +set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_CRYPTO_CONFIG False CACHE BOOL "Use to ensure we add links only once") +set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_CRYPTO_LIBRARY_CONFIG False CACHE BOOL "Use to ensure we add links only once") +set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_PSA_ROT_PARTITION_CRYPTO False CACHE BOOL "Use to ensure we add links only once") +set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_SPRT False CACHE BOOL "Use to ensure we add links only once") From 060dbeab47d0c5f51614ac1bb382035f546318bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 12:00:33 +0200 Subject: [PATCH 017/217] tf-m: Add use of generated crypto_extra.cmake file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This adds use of the generated crypto_extra.cmake file used to pass -This is added both in TF-M and in Zephyr builds as it simplifies path-handling for both cases in nrf_security. -This commit removes versions of CMake variables for paths in both entry points to building nrf_security (nrf_security/CMakeLists.txt and nrf_security/tfm/CMakeLists.txt) Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/CMakeLists.txt | 8 ++++++++ subsys/nrf_security/CMakeLists.txt | 12 ++++++++---- subsys/nrf_security/src/CMakeLists.txt | 1 - 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/modules/trusted-firmware-m/CMakeLists.txt b/modules/trusted-firmware-m/CMakeLists.txt index 782dff48c90d..f437f63a378b 100644 --- a/modules/trusted-firmware-m/CMakeLists.txt +++ b/modules/trusted-firmware-m/CMakeLists.txt @@ -311,6 +311,14 @@ set_property(TARGET zephyr_property_target -DPROJECT_CONFIG_HEADER_FILE=${CMAKE_CURRENT_BINARY_DIR}/tfm_config.h ) +configure_file(${NRF_DIR}/subsys/nrf_security/configs/config_extra.cmake.in + ${CMAKE_CURRENT_BINARY_DIR}/config_extra.cmake +) + +set_property(TARGET zephyr_property_target + APPEND PROPERTY TFM_CMAKE_OPTIONS -DTFM_EXTRA_CONFIG_PATH="${CMAKE_CURRENT_BINARY_DIR}/config_extra.cmake" +) + if(SYSBUILD) set(BYPRODUCT_KERNEL_SIGNED_HEX_NAME "${CMAKE_BINARY_DIR}/zephyr/tfm_merged.hex" CACHE FILEPATH "Kernel hex file" FORCE diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index 969ade9ac3b5..046e3190aa4a 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -7,8 +7,6 @@ # This file is nrf_security's entry-point for the NCS build system set(BUILD_INSIDE_TFM False) -set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR}) -set(NRF_SECURITY_ROOT ${CMAKE_CURRENT_LIST_DIR}) # Include generic macros include(cmake/extensions.cmake) @@ -17,8 +15,14 @@ set(mbedcrypto_target mbedcrypto) set(mbedx509_target mbedx509) set(mbedtls_target mbedtls) -# Populate ARM_MBEDTLS_PATH with the value of ZEPHYR_MBEDTLS_MODULE_DIR -set(ARM_MBEDTLS_PATH ${ZEPHYR_MBEDTLS_MODULE_DIR}) +# Generate the file containing all static paths and configurations used both in +# TF-M and non TF-M builds +configure_file(${CMAKE_CURRENT_LIST_DIR}/configs/config_extra.cmake.in + ${CMAKE_CURRENT_BINARY_DIR}/cmake/config_extra.cmake +) + +# Include files with standard paths like oberon-psa-core and nrf_security root +include(${CMAKE_CURRENT_BINARY_DIR}/cmake/config_extra.cmake) if(CONFIG_SSF_SERVER_PSA_CRYPTO_SERVICE_ENABLED) # Inside the SSF server, when the PSA crypto service is enabled we need to diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 8d39762a9d19..c04b3d843f61 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -16,7 +16,6 @@ # For NCS the nrf_security/CMakeLists.txt file will execute this file. BUILD_INSIDE_TFM=False # -set(OBERON_PSA_PATH ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}) # Library for mbedcrypto includes and configurations add_library(mbedcrypto_common INTERFACE) From aa89b7e1b1297b6dc22a2dd6b67dc11ef2fa5c1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 12:17:30 +0200 Subject: [PATCH 018/217] tf-m: crypto keys: Update platform HUK APIs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -tfm_plat_get_huk and tfm_plat_get_iak APIs have changed a parameter from size_t to psa_key_bits_t. This commit aligns the APIs with TF-M 2.1 Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/tfm_boards/common/crypto_keys.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/trusted-firmware-m/tfm_boards/common/crypto_keys.c b/modules/trusted-firmware-m/tfm_boards/common/crypto_keys.c index 3e015a350aa0..e3d5119778f8 100644 --- a/modules/trusted-firmware-m/tfm_boards/common/crypto_keys.c +++ b/modules/trusted-firmware-m/tfm_boards/common/crypto_keys.c @@ -23,7 +23,7 @@ #ifdef CONFIG_HW_UNIQUE_KEY static enum tfm_plat_err_t tfm_plat_get_huk(uint8_t *buf, size_t buf_len, size_t *key_len, - size_t *key_bits, psa_algorithm_t *algorithm, + psa_key_bits_t *key_bits, psa_algorithm_t *algorithm, psa_key_type_t *type) { if (buf_len < HUK_SIZE_BYTES) { @@ -52,7 +52,7 @@ static enum tfm_plat_err_t tfm_plat_get_huk(uint8_t *buf, size_t buf_len, size_t #ifdef TFM_PARTITION_INITIAL_ATTESTATION static enum tfm_plat_err_t tfm_plat_get_iak(uint8_t *buf, size_t buf_len, size_t *key_len, - size_t *key_bits, psa_algorithm_t *algorithm, + psa_key_bits_t *key_bits, psa_algorithm_t *algorithm, psa_key_type_t *type) { int err; From df5e679bd1d3a45b2edd878e235ea54b570a969b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 12:21:55 +0200 Subject: [PATCH 019/217] tf-m: Remove nordic-internal configuration for PSA attestation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Removing the Nordic-internal configuratio PSA_WANT_GENERATE_RANDOM for TFM_PARTITION_INITIAL_ATTESTATION, under the assumption that random generator is a default-enabled feature in a standard system Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/Kconfig.tfm.defconfig | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/trusted-firmware-m/Kconfig.tfm.defconfig b/modules/trusted-firmware-m/Kconfig.tfm.defconfig index 2f63af7d9ef2..b652be73cde2 100644 --- a/modules/trusted-firmware-m/Kconfig.tfm.defconfig +++ b/modules/trusted-firmware-m/Kconfig.tfm.defconfig @@ -66,7 +66,6 @@ config TFM_PARTITION_INITIAL_ATTESTATION select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT select PSA_WANT_ALG_ECDSA select PSA_WANT_ECC_SECP_R1_256 - select PSA_WANT_GENERATE_RANDOM select SECURE_BOOT_STORAGE config TFM_PARTITION_PROTECTED_STORAGE From ce3d43cc02a2a6cd7f38c3a844ed9bec2c06f8ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 11:52:59 +0200 Subject: [PATCH 020/217] tf-m: Add support for building PSA core externally MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -TF-M has no active support for out-of-tree builds of PSA core, and they have decided to place every PSA core (and interface file) in a common folder that we will have problem to use directly, as it conflicts with changed files on our end or files provided by the Oberon PSA core. This commit likely will be adjusted at some later point, but it tries to control include-order towards our replacement files and our strategy of handling generated crypto configurations for the build of the PSA interface and the library containing crypto support -This commit relies on the CMake variable PSA_CRYPTO_EXTERNAL_CORE which is added as a [nrf noup] in TF-M -This commit adds external_core.cmake which handles the following: - Ensure includes happen right after TF-M creates library targets to ensure that include-order dependency is resolved for taking in out-of-tree include folder from nrf_security, generated config file folder, Oberon PSA core include folders and out-of-tree addition of Arm Mbed TLS distribution (include and library folder) - Ensure that the generated config files (configured in NCS) are propagated to the TF-M build and is used for every library that depends on either PSA interface or library version of these -This commit adds external_core_install.cmake which will be used instead of the TF-M install target for specific PSA interface files. -Adding lots of files from TF-M tree into nrf_security include folder. nrf_security/include is added early in the include order to override equivalently named files from Arm Mbed TLS distribution in the PSA interface usage Note: It is frustrating that TF-M is include order dependent, and parts of the work to fix this will go towards ensuring that this is not in effect in upstream TF-M code. The files copied here are unfortunate and is only done to accelerate TF-M 2.1 integration... Please see NCSDK-XXXXX for details on how to fix this in upstream TF-M ref: NCSDK-XXXXX Signed-off-by: Frank Audun Kvamtrø --- .../tfm_boards/external_core.cmake | 126 +++++ .../tfm_boards/external_core_install.cmake | 35 ++ subsys/nrf_security/include/crypto_compat.h | 231 +++++++++ subsys/nrf_security/include/psa/client.h | 197 ++++++++ subsys/nrf_security/include/psa/error.h | 60 +++ .../include/psa/internal_trusted_storage.h | 164 +++++++ subsys/nrf_security/include/psa/lifecycle.h | 40 ++ .../include/psa/protected_storage.h | 282 +++++++++++ subsys/nrf_security/include/psa/service.h | 445 ++++++++++++++++++ .../nrf_security/include/psa/storage_common.h | 49 ++ subsys/nrf_security/include/psa_util.h | 188 ++++++++ subsys/nrf_security/include/tfm_attest_defs.h | 23 + .../include/tfm_attest_iat_defs.h | 86 ++++ subsys/nrf_security/include/tfm_crypto_defs.h | 229 +++++++++ subsys/nrf_security/include/tfm_fwu_defs.h | 30 ++ subsys/nrf_security/include/tfm_its_defs.h | 28 ++ .../nrf_security/include/tfm_ns_client_ext.h | 109 +++++ .../nrf_security/include/tfm_ns_interface.h | 66 +++ .../nrf_security/include/tfm_platform_api.h | 100 ++++ subsys/nrf_security/include/tfm_ps_defs.h | 29 ++ .../nrf_security/include/tfm_psa_call_pack.h | 80 ++++ subsys/nrf_security/include/tfm_veneers.h | 75 +++ 22 files changed, 2672 insertions(+) create mode 100644 modules/trusted-firmware-m/tfm_boards/external_core.cmake create mode 100644 modules/trusted-firmware-m/tfm_boards/external_core_install.cmake create mode 100644 subsys/nrf_security/include/crypto_compat.h create mode 100644 subsys/nrf_security/include/psa/client.h create mode 100644 subsys/nrf_security/include/psa/error.h create mode 100644 subsys/nrf_security/include/psa/internal_trusted_storage.h create mode 100644 subsys/nrf_security/include/psa/lifecycle.h create mode 100644 subsys/nrf_security/include/psa/protected_storage.h create mode 100644 subsys/nrf_security/include/psa/service.h create mode 100644 subsys/nrf_security/include/psa/storage_common.h create mode 100644 subsys/nrf_security/include/psa_util.h create mode 100644 subsys/nrf_security/include/tfm_attest_defs.h create mode 100644 subsys/nrf_security/include/tfm_attest_iat_defs.h create mode 100644 subsys/nrf_security/include/tfm_crypto_defs.h create mode 100644 subsys/nrf_security/include/tfm_fwu_defs.h create mode 100644 subsys/nrf_security/include/tfm_its_defs.h create mode 100644 subsys/nrf_security/include/tfm_ns_client_ext.h create mode 100644 subsys/nrf_security/include/tfm_ns_interface.h create mode 100644 subsys/nrf_security/include/tfm_platform_api.h create mode 100644 subsys/nrf_security/include/tfm_ps_defs.h create mode 100644 subsys/nrf_security/include/tfm_psa_call_pack.h create mode 100644 subsys/nrf_security/include/tfm_veneers.h diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake new file mode 100644 index 000000000000..08db5fd8c86f --- /dev/null +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -0,0 +1,126 @@ +#------------------------------------------------------------------------------- +# Copyright (c) 2024, Arm Limited. All rights reserved. +# Copyright (c) 2024, Nordic Semiconductor ASA. +# +# SPDX-License-Identifier: BSD-3-Clause +# +#------------------------------------------------------------------------------- + +#=================== Build logic for external PSA core build ==================# + +# Break out of this if PSA_CRYPTO_EXTERNAL_CORE is not set +if(NOT PSA_CRYPTO_EXTERNAL_CORE) + return() +endif() + +# Note that + +# Adjusting includes from spe-CMakeLists.txt which has the following heading: +# +# This CMake script is prepard by TF-M for building the non-secure side +# application and not used in secure build a tree being for export only. +# This file is renamed to spe/CMakeList.txt during installation phase +# +if(TARGET tfm_api_ns) + set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_API_NS True) + target_include_directories(tfm_api_ns + PUBLIC + ${OBERON_PSA_CORE_PATH}/include + ${INTERFACE_INC_DIR}/crypto_keys + ) +endif() + +# Duplicates that can be removed +#set(TFM_MBEDCRYPTO_CONFIG_PATH ${MBEDTLS_CFG_FILE}) +#set(TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH ${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}) +#set(TFM_MBEDCRYPTO_PSA_CRYPTO_USER_CONFIG_PATH ${MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}) + +# Note: This is a duplicate from nrf_security/CMakeLists.txt +# with additions of the install-target for Oberon-psa-core includes +if(TARGET psa_interface) + set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_INTERFACE True) + target_include_directories(psa_interface + INTERFACE + $ + # Oberon library + ${OBERON_PSA_CORE_PATH}/library + # Mbed TLS (mbedcrypto) PSA headers + ${ARM_MBEDTLS_PATH}/library + ${ARM_MBEDTLS_PATH}/include + ${ARM_MBEDTLS_PATH}/include/library + ) +endif() + +# Constructing config libraries in partition/crypto/CMakeLists.txt + +# Configurations files for the users of the client interface +if(TARGET psa_crypto_config) + set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_CRYPTO_CONFIG True) + target_compile_definitions(psa_crypto_config + INTERFACE + MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" + MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + # Give a signal that we are inside TF-M build to prevent check_config.h + # complaining about lacking legacy features for Mbed TLS wrapper APIs, TLS/DTLS and X.509. + INSIDE_TFM_BUILD + ) + + target_include_directories(psa_crypto_config + INTERFACE + ${PSA_CRYPTO_CONFIG_INTERFACE_PATH} + ${NRF_SECURITY_ROOT}/include + ${OBERON_PSA_CORE_PATH}/include/ + ) +endif() + +# This defines the configuration files for the users of the library directly +if(TARGET psa_crypto_library_config) + set(EXTERNAL_CRYPTO_CORE_HANDLED_PSA_CRYPTO_LIBRARY_CONFIG True) + target_compile_definitions(psa_crypto_library_config + INTERFACE + MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" + MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}" + ) + + target_include_directories(psa_crypto_library_config + INTERFACE + ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} + ${NRF_SECURITY_ROOT}/include + ${OBERON_PSA_CORE_PATH}/include/ + ) +endif() + +if(TARGET tfm_psa_rot_partition_crypto) + set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_PSA_ROT_PARTITION_CRYPTO True) + target_link_libraries(tfm_psa_rot_partition_crypto + PRIVATE + psa_crypto_library_config + psa_interface + ) +endif() + +if(TARGET ${MBEDTLS_TARGET_PREFIX}mbedcrypto) + # Can't store the state as there might be multiple calls depending on MBEDTLS_TARGET_PREFIX + target_include_directories(${MBEDTLS_TARGET_PREFIX}mbedcrypto + PUBLIC + # The following is required for psa/error.h + $ + ) +endif() + +if(TARGET tfm_sprt) + set(EXTERNAL_CRYPTO_CORE_HANDLED_TFM_SPRT True) + target_compile_definitions(tfm_sprt + PRIVATE + MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}" + MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + INSIDE_TFM_BUILD + ) + + target_link_libraries(tfm_sprt + PRIVATE + psa_crypto_config + psa_interface + ) +endif() diff --git a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake new file mode 100644 index 000000000000..57c5bd09e309 --- /dev/null +++ b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake @@ -0,0 +1,35 @@ + +if(NOT PSA_CRYPTO_EXTERNAL_CORE) + return() +endif() + +install( + FILES + ${OBERON_PSA_CORE_PATH}/include/psa/build_info.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_adjust_auto_enabled.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_adjust_config_key_pair_types.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_adjust_config_synonyms.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_compat.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_driver_common.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_driver_contexts_composites.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_driver_contexts_key_derivation.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_driver_contexts_primitives.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_extra.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_legacy.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_platform.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_se_driver.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_sizes.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_struct.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_types.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto_values.h + ${OBERON_PSA_CORE_PATH}/include/psa/crypto.h + DESTINATION ${INSTALL_INTERFACE_INC_DIR}/psa +) + +install( + FILES + ${OBERON_PSA_CORE_PATH}/include/mbedtls/build_info.h + ${OBERON_PSA_CORE_PATH}/include/mbedtls/config_psa.h + DESTINATION + ${INSTALL_INTERFACE_INC_DIR}/mbedtls +) \ No newline at end of file diff --git a/subsys/nrf_security/include/crypto_compat.h b/subsys/nrf_security/include/crypto_compat.h new file mode 100644 index 000000000000..3bca941f0927 --- /dev/null +++ b/subsys/nrf_security/include/crypto_compat.h @@ -0,0 +1,231 @@ +/** + * \file psa/crypto_compat.h + * + * \brief PSA cryptography module: Backward compatibility aliases + * + * This header declares alternative names for macro and functions. + * New application code should not use these names. + * These names may be removed in a future version of Mbed TLS. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef PSA_CRYPTO_COMPAT_H +#define PSA_CRYPTO_COMPAT_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * To support both openless APIs and psa_open_key() temporarily, define + * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the + * type and its utility macros and functions deprecated yet. This will be done + * in a subsequent phase. + */ +typedef mbedtls_svc_key_id_t psa_key_handle_t; + +#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT + +/** Check whether a handle is null. + * + * \param handle Handle + * + * \return Non-zero if the handle is null, zero otherwise. + */ +static inline int psa_key_handle_is_null(psa_key_handle_t handle) +{ + return mbedtls_svc_key_id_is_null(handle); +} + +/** Open a handle to an existing persistent key. + * + * Open a handle to a persistent key. A key is persistent if it was created + * with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key + * always has a nonzero key identifier, set with psa_set_key_id() when + * creating the key. Implementations may provide additional pre-provisioned + * keys that can be opened with psa_open_key(). Such keys have an application + * key identifier in the vendor range, as documented in the description of + * #psa_key_id_t. + * + * The application must eventually close the handle with psa_close_key() or + * psa_destroy_key() to release associated resources. If the application dies + * without calling one of these functions, the implementation should perform + * the equivalent of a call to psa_close_key(). + * + * Some implementations permit an application to open the same key multiple + * times. If this is successful, each call to psa_open_key() will return a + * different key handle. + * + * \note This API is not part of the PSA Cryptography API Release 1.0.0 + * specification. It was defined in the 1.0 Beta 3 version of the + * specification but was removed in the 1.0.0 released version. This API is + * kept for the time being to not break applications relying on it. It is not + * deprecated yet but will be in the near future. + * + * \note Applications that rely on opening a key multiple times will not be + * portable to implementations that only permit a single key handle to be + * opened. See also :ref:\`key-handles\`. + * + * + * \param key The persistent identifier of the key. + * \param[out] handle On success, a handle to the key. + * + * \retval #PSA_SUCCESS + * Success. The application can now use the value of `*handle` + * to access the key. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * The implementation does not have sufficient resources to open the + * key. This can be due to reaching an implementation limit on the + * number of open keys, the number of open key handles, or available + * memory. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * There is no persistent key with key identifier \p key. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key is not a valid persistent key identifier. + * \retval #PSA_ERROR_NOT_PERMITTED + * The specified key exists, but the application does not have the + * permission to access it. Note that this specification does not + * define any way to create such a key, but it may be possible + * through implementation-specific means. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_open_key(mbedtls_svc_key_id_t key, + psa_key_handle_t *handle); + +/** Close a key handle. + * + * If the handle designates a volatile key, this will destroy the key material + * and free all associated resources, just like psa_destroy_key(). + * + * If this is the last open handle to a persistent key, then closing the handle + * will free all resources associated with the key in volatile memory. The key + * data in persistent storage is not affected and can be opened again later + * with a call to psa_open_key(). + * + * Closing the key handle makes the handle invalid, and the key handle + * must not be used again by the application. + * + * \note This API is not part of the PSA Cryptography API Release 1.0.0 + * specification. It was defined in the 1.0 Beta 3 version of the + * specification but was removed in the 1.0.0 released version. This API is + * kept for the time being to not break applications relying on it. It is not + * deprecated yet but will be in the near future. + * + * \note If the key handle was used to set up an active + * :ref:\`multipart operation \`, then closing the + * key handle can cause the multipart operation to fail. Applications should + * maintain the key handle until after the multipart operation has finished. + * + * \param handle The key handle to close. + * If this is \c 0, do nothing and return \c PSA_SUCCESS. + * + * \retval #PSA_SUCCESS + * \p handle was a valid handle or \c 0. It is now closed. + * \retval #PSA_ERROR_INVALID_HANDLE + * \p handle is not a valid handle nor \c 0. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_close_key(psa_key_handle_t handle); + +/** \addtogroup attributes + * @{ + */ + +#define MBEDTLS_DEPRECATED_REMOVED +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +/** Custom Diffie-Hellman group. + * + * Mbed TLS does not support custom DH groups. + * + * \deprecated This value is not useful, so this macro will be removed in + * a future version of the library. + */ +#define PSA_DH_FAMILY_CUSTOM \ + ((psa_dh_family_t) MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0x7e)) + +/** + * \brief Set domain parameters for a key. + * + * \deprecated Mbed TLS no longer supports any domain parameters. + * This function only does the equivalent of + * psa_set_key_type() and will be removed in a future version + * of the library. + * + * \param[in,out] attributes Attribute structure where \p type will be set. + * \param type Key type (a \c PSA_KEY_TYPE_XXX value). + * \param[in] data Ignored. + * \param data_length Must be 0. + * + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + */ +static inline psa_status_t MBEDTLS_DEPRECATED psa_set_key_domain_parameters( + psa_key_attributes_t *attributes, + psa_key_type_t type, const uint8_t *data, size_t data_length) +{ + (void) data; + if (data_length != 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + psa_set_key_type(attributes, type); + return PSA_SUCCESS; +} + +/** + * \brief Get domain parameters for a key. + * + * \deprecated Mbed TLS no longer supports any domain parameters. + * This function alwaya has an empty output and will be + * removed in a future version of the library. + + * \param[in] attributes Ignored. + * \param[out] data Ignored. + * \param data_size Ignored. + * \param[out] data_length Set to 0. + * + * \retval #PSA_SUCCESS \emptydescription + */ +static inline psa_status_t MBEDTLS_DEPRECATED psa_get_key_domain_parameters( + const psa_key_attributes_t *attributes, + uint8_t *data, size_t data_size, size_t *data_length) +{ + (void) attributes; + (void) data; + (void) data_size; + *data_length = 0; + return PSA_SUCCESS; +} + +/** Safe output buffer size for psa_get_key_domain_parameters(). + * + */ +#define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1u) +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +/**@}*/ + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_CRYPTO_COMPAT_H */ diff --git a/subsys/nrf_security/include/psa/client.h b/subsys/nrf_security/include/psa/client.h new file mode 100644 index 000000000000..b4e8b0970875 --- /dev/null +++ b/subsys/nrf_security/include/psa/client.h @@ -0,0 +1,197 @@ +/* + * Copyright (c) 2018-2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __PSA_CLIENT_H__ +#define __PSA_CLIENT_H__ + +#include +#include + +#include "psa/error.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef IOVEC_LEN +#define IOVEC_LEN(arr) ((uint32_t)(sizeof(arr)/sizeof(arr[0]))) +#endif + +/*********************** PSA Client Macros and Types *************************/ + +/** + * The version of the PSA Framework API that is being used to build the calling + * firmware. Only part of features of FF-M v1.1 have been implemented. FF-M v1.1 + * is compatible with v1.0. + */ +#define PSA_FRAMEWORK_VERSION (0x0101u) + +/** + * Return value from psa_version() if the requested RoT Service is not present + * in the system. + */ +#define PSA_VERSION_NONE (0u) + +/** + * The zero-value null handle can be assigned to variables used in clients and + * RoT Services, indicating that there is no current connection or message. + */ +#define PSA_NULL_HANDLE ((psa_handle_t)0) + +/** + * Tests whether a handle value returned by psa_connect() is valid. + */ +#define PSA_HANDLE_IS_VALID(handle) ((psa_handle_t)(handle) > 0) + +/** + * Converts the handle value returned from a failed call psa_connect() into + * an error code. + */ +#define PSA_HANDLE_TO_ERROR(handle) ((psa_status_t)(handle)) + +/** + * Maximum number of input and output vectors for a request to psa_call(). + */ +#define PSA_MAX_IOVEC (4u) + + +/** + * The minimum and maximum value in THIS implementation that can be passed + * as the type parameter in a call to psa_call(). + */ + +#define PSA_CALL_TYPE_MIN (0) +#define PSA_CALL_TYPE_MAX (INT16_MAX) + +/** + * An IPC message type that indicates a generic client request. + */ +#define PSA_IPC_CALL (0) + +typedef int32_t psa_handle_t; + +/** + * A read-only input memory region provided to an RoT Service. + */ +typedef struct psa_invec { + const void *base; /*!< the start address of the memory buffer */ + size_t len; /*!< the size in bytes */ +} psa_invec; + +/** + * A writable output memory region provided to an RoT Service. + */ +typedef struct psa_outvec { + void *base; /*!< the start address of the memory buffer */ + size_t len; /*!< the size in bytes */ +} psa_outvec; + +/*************************** PSA Client API **********************************/ + +/** + * \brief Retrieve the version of the PSA Framework API that is implemented. + * + * \return version The version of the PSA Framework implementation + * that is providing the runtime services to the + * caller. The major and minor version are encoded + * as follows: + * \arg version[15:8] -- major version number. + * \arg version[7:0] -- minor version number. + */ +uint32_t psa_framework_version(void); + +/** + * \brief Retrieve the version of an RoT Service or indicate that it is not + * present on this system. + * + * \param[in] sid ID of the RoT Service to query. + * + * \retval PSA_VERSION_NONE The RoT Service is not implemented, or the + * caller is not permitted to access the service. + * \retval > 0 The version of the implemented RoT Service. + */ +uint32_t psa_version(uint32_t sid); + +/** + * \brief Connect to an RoT Service by its SID. + * + * \param[in] sid ID of the RoT Service to connect to. + * \param[in] version Requested version of the RoT Service. + * + * \retval > 0 A handle for the connection. + * \retval PSA_ERROR_CONNECTION_REFUSED The SPM or RoT Service has refused the + * connection. + * \retval PSA_ERROR_CONNECTION_BUSY The SPM or RoT Service cannot make the + * connection at the moment. + * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more + * of the following are true: + * \arg The RoT Service ID is not present. + * \arg The RoT Service version is not supported. + * \arg The caller is not allowed to access the RoT + * service. + */ +psa_handle_t psa_connect(uint32_t sid, uint32_t version); + +/** + * \brief Call an RoT Service on an established connection. + * + * \note FF-M 1.0 proposes 6 parameters for psa_call but the secure gateway ABI + * support at most 4 parameters. TF-M chooses to encode 'in_len', + * 'out_len', and 'type' into a 32-bit integer to improve efficiency. + * Compared with struct-based encoding, this method saves extra memory + * check and memory copy operation. The disadvantage is that the 'type' + * range has to be reduced into a 16-bit integer. So with this encoding, + * the valid range for 'type' is 0-32767. + * + * \param[in] handle A handle to an established connection. + * \param[in] type The request type. + * Must be zero( \ref PSA_IPC_CALL) or positive. + * \param[in] in_vec Array of input \ref psa_invec structures. + * \param[in] in_len Number of input \ref psa_invec structures. + * \param[in,out] out_vec Array of output \ref psa_outvec structures. + * \param[in] out_len Number of output \ref psa_outvec structures. + * + * \retval >=0 RoT Service-specific status value. + * \retval <0 RoT Service-specific error code. + * \retval PSA_ERROR_PROGRAMMER_ERROR The connection has been terminated by the + * RoT Service. The call is a PROGRAMMER ERROR if + * one or more of the following are true: + * \arg An invalid handle was passed. + * \arg The connection is already handling a request. + * \arg type < 0. + * \arg An invalid memory reference was provided. + * \arg in_len + out_len > PSA_MAX_IOVEC. + * \arg The message is unrecognized by the RoT + * Service or incorrectly formatted. + */ +psa_status_t psa_call(psa_handle_t handle, int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len); + +/** + * \brief Close a connection to an RoT Service. + * + * \param[in] handle A handle to an established connection, or the + * null handle. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" The call is a PROGRAMMER ERROR if one or more + * of the following are true: + * \arg An invalid handle was provided that is not + * the null handle. + * \arg The connection is currently handling a + * request. + */ +void psa_close(psa_handle_t handle); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_CLIENT_H__ */ diff --git a/subsys/nrf_security/include/psa/error.h b/subsys/nrf_security/include/psa/error.h new file mode 100644 index 000000000000..fee8c99215e8 --- /dev/null +++ b/subsys/nrf_security/include/psa/error.h @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2019-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** + * \file psa/error.h + * \brief Standard error codes for the SPM and RoT Services + */ + +#ifndef __PSA_ERROR_H__ +#define __PSA_ERROR_H__ + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* If #PSA_SUCCESS is already defined, it means that #psa_status_t + * is also defined in an external header, so prevent its multiple + * definition. + */ +#ifndef PSA_SUCCESS +typedef int32_t psa_status_t; +#endif + +#define PSA_SUCCESS ((psa_status_t)0) + +#define PSA_ERROR_PROGRAMMER_ERROR ((psa_status_t)-129) +#define PSA_ERROR_CONNECTION_REFUSED ((psa_status_t)-130) +#define PSA_ERROR_CONNECTION_BUSY ((psa_status_t)-131) +#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132) +#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133) +#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134) +#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135) +#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) +#define PSA_ERROR_BAD_STATE ((psa_status_t)-137) +#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138) +#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139) +#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140) +#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141) +#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142) +#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) +#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144) +#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145) +#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146) +#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147) +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DEPENDENCY_NEEDED ((psa_status_t)-156) +#define PSA_ERROR_FLASH_ABUSE ((psa_status_t)-160) +#define PSA_ERROR_INSUFFICIENT_POWER ((psa_status_t)-161) + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_ERROR_H__ */ diff --git a/subsys/nrf_security/include/psa/internal_trusted_storage.h b/subsys/nrf_security/include/psa/internal_trusted_storage.h new file mode 100644 index 000000000000..3920bc982590 --- /dev/null +++ b/subsys/nrf_security/include/psa/internal_trusted_storage.h @@ -0,0 +1,164 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/** This file describes the PSA Internal Trusted Storage API +*/ + +#ifndef PSA_INTERNAL_TRUSTED_STORAGE_H +#define PSA_INTERNAL_TRUSTED_STORAGE_H + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif +#define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the + * PSA ITS API + */ +#define PSA_ITS_API_VERSION_MINOR 0 /**< The minor version number of the + * PSA ITS API + */ +// This version of the header file is associated with 1.0 final release. + +/** + * \brief Create a new, or modify an existing, uid/value pair + * + * Stores data in the internal storage. + * + * \param[in] uid The identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the + * provided `uid` value was already + * created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or + * more of the flags provided in + * `create_flags` is not supported or is + * not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there + * was insufficient space on the + * storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one + * of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + */ +psa_status_t psa_its_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve data associated with a provided UID + * + * Retrieves up to `data_size` bytes of the data associated with `uid`, starting + * at `data_offset` bytes from the beginning of the data. Upon successful + * completion, the data will be placed in the `p_data` buffer, which must be at + * least `data_size` bytes in size. The length of the data returned will be in + * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will + * be set to zero. + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_size The amount of data requested + * \param[out] p_data On success, the buffer where the data will + * be placed + * \param[out] p_data_length On success, this will contain size of the data + * placed in `p_data` + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the + * provided `uid` value was not found in + * the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided arguments (`p_data`, + * `p_data_length`) is invalid, for example + * is `NULL` or references memory the + * caller cannot access. In addition, this + * can also happen if `data_offset` is + * larger than the size of the data + * associated with `uid` + */ +psa_status_t psa_its_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * \brief Retrieve the metadata about the provided uid + * + * Retrieves the metadata stored for a given `uid` as a `psa_storage_info_t` + * structure. + * + * \param[in] uid The `uid` value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will + * be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided pointers(`p_info`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + */ +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided uid and its associated data from the storage + * + * Deletes the data from internal storage. + * + * \param[in] uid The `uid` value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the given arguments were invalid (null + * pointer, wrong flags and so on) + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided + * uid value was created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + */ +psa_status_t psa_its_remove(psa_storage_uid_t uid); + +#ifdef __cplusplus +} +#endif + +#endif // PSA_INTERNAL_TRUSTED_STORAGE_H diff --git a/subsys/nrf_security/include/psa/lifecycle.h b/subsys/nrf_security/include/psa/lifecycle.h new file mode 100644 index 000000000000..a892c4921d79 --- /dev/null +++ b/subsys/nrf_security/include/psa/lifecycle.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __PSA_LIFECYCLE_H__ +#define __PSA_LIFECYCLE_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#define PSA_LIFECYCLE_PSA_STATE_MASK (0xff00u) +#define PSA_LIFECYCLE_IMP_STATE_MASK (0x00ffu) +#define PSA_LIFECYCLE_UNKNOWN (0x0000u) +#define PSA_LIFECYCLE_ASSEMBLY_AND_TEST (0x1000u) +#define PSA_LIFECYCLE_PSA_ROT_PROVISIONING (0x2000u) +#define PSA_LIFECYCLE_SECURED (0x3000u) +#define PSA_LIFECYCLE_NON_PSA_ROT_DEBUG (0x4000u) +#define PSA_LIFECYCLE_RECOVERABLE_PSA_ROT_DEBUG (0x5000u) +#define PSA_LIFECYCLE_DECOMMISSIONED (0x6000u) + +/* + * \brief This function retrieves the current PSA RoT lifecycle state. + * + * \return state The current security lifecycle state of the PSA + * RoT. The PSA state and implementation state are + * encoded as follows: + * \arg state[15:8] – PSA lifecycle state + * \arg state[7:0] – IMPLEMENTATION DEFINED state + */ +uint32_t psa_rot_lifecycle_state(void); + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_LIFECYCLE_H__ */ diff --git a/subsys/nrf_security/include/psa/protected_storage.h b/subsys/nrf_security/include/psa/protected_storage.h new file mode 100644 index 000000000000..e76205c4f14f --- /dev/null +++ b/subsys/nrf_security/include/psa/protected_storage.h @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* This file describes the PSA Protected Storage API */ + +#ifndef PSA_PROTECTED_STORAGE_H +#define PSA_PROTECTED_STORAGE_H + +#include +#include + +#include "psa/error.h" +#include "psa/storage_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PSA_PS_API_VERSION version + * + * Major and minor PSA_PS_API_VERSION numbers + */ +#define PSA_PS_API_VERSION_MAJOR 1 +#define PSA_PS_API_VERSION_MINOR 0 + +// This version of the header file is associated with 1.0 final release + +/** + * \brief Create a new, or modify an existing, uid/value pair + * + * Stores data in the protected storage. + * + * \param[in] uid The identifier for the data + * \param[in] data_length The size in bytes of the data in `p_data` + * \param[in] p_data A buffer containing the data + * \param[in] create_flags The flags that the data will be stored with + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the + * provided `uid` value was already + * created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one + * of the provided pointers(`p_data`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because one or + * more of the flags provided in + * `create_flags` is not supported or is + * not valid + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there + * was insufficient space on the + * storage medium + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + */ +psa_status_t psa_ps_set(psa_storage_uid_t uid, + size_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags); + +/** + * \brief Retrieve data associated with a provided uid + * + * Retrieves up to `data_size` bytes of the data associated with `uid`, starting + * at `data_offset` bytes from the beginning of the data. Upon successful + * completion, the data will be placed in the `p_data` buffer, which must be at + * least `data_size` bytes in size. The length of the data returned will be in + * `p_data_length`. If `data_size` is 0, the contents of `p_data_length` will + * be set to zero. + * + * \param[in] uid The uid value + * \param[in] data_offset The starting offset of the data requested + * \param[in] data_size The amount of data requested + * \param[out] p_data On success, the buffer where the data will + * be placed + * \param[out] p_data_length On success, this will contain size of the data + * placed in `p_data` + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided arguments (`p_data`, + * `p_data_length`) is invalid, for example + * is `NULL` or references memory the + * caller cannot access. In addition, this + * can also happen if `data_offset` is + * larger than the size of the data + * associated with `uid` + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the + * provided `uid` value was not found in + * the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed (Fatal + * error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data + * associated with the UID was corrupt + * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the data + * associated with the UID failed + * authentication + */ +psa_status_t psa_ps_get(psa_storage_uid_t uid, + size_t data_offset, + size_t data_size, + void *p_data, + size_t *p_data_length); + +/** + * \brief Retrieve the metadata about the provided uid + * + * Retrieves the metadata stored for a given `uid` + * + * \param[in] uid The `uid` value + * \param[out] p_info A pointer to the `psa_storage_info_t` struct that will + * be populated with the metadata + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one of the + * provided pointers(`p_info`) + * is invalid, for example is `NULL` or + * references memory the caller cannot + * access + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the data + * associated with the UID was corrupt + */ +psa_status_t psa_ps_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info); + +/** + * \brief Remove the provided uid and its associated data from the storage + * + * Removes previously stored data and any associated metadata, + * including rollback protection data. + * + * \param[in] uid The `uid` value + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the given arguments were invalid (null + * pointer, wrong flags and so on) + * \retval PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided + * uid value was not found in the storage + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because the provided + * uid value was created with + * PSA_STORAGE_FLAG_WRITE_ONCE + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the physical + * storage has failed (Fatal error) + * \retval PSA_ERROR_GENERIC_ERROR The operation failed because of an + * unspecified internal failure + */ +psa_status_t psa_ps_remove(psa_storage_uid_t uid); + +/** + * \brief Reserves storage for the specified uid + * + * Upon success, the capacity of the storage will be capacity, and the size + * will be 0. It is only necessary to call this function for assets that will + * be written with the psa_ps_set_extended function. If only the psa_ps_set + * function is needed, calls to this function are redundant. + * + * \param[in] uid The `uid` value + * \param[in] capacity The capacity to be allocated in bytes + * \param[in] create_flags Flags indicating properties of storage + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The operation completed successfully + * \retval PSA_ERROR_STORAGE_FAILURE The operation failed because the + * physical storage has failed + * (Fatal error) + * \retval PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because the + * capacity is bigger than the current + * available space + * \retval PSA_ERROR_NOT_SUPPORTED The operation failed because the + * function is not implemented or one + * or more create_flags are not + * supported. + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because uid was + * 0 or create_flags specified flags + * that are not defined in the API. + * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an + * unspecified error + * \retval PSA_ERROR_ALREADY_EXISTS Storage for the specified uid + * already exists + */ +psa_status_t psa_ps_create(psa_storage_uid_t uid, + size_t capacity, + psa_storage_create_flags_t create_flags); + +/** + * \brief Sets partial data into an asset + * + * Before calling this function, the storage must have been reserved with a call + * to psa_ps_create. It can also be used to overwrite data in an asset that was + * created with a call to psa_ps_set. Calling this function with data_length = 0 + * is permitted, which will make no change to the stored data.This function can + * overwrite existing data and/or extend it up to the capacity for the uid + * specified in psa_ps_create, but cannot create gaps. + * + * That is, it has preconditions: + * - data_offset <= size + * - data_offset + data_length <= capacity + * and postconditions: + * - size = max(size, data_offset + data_length) + * - capacity unchanged. + * + * \param[in] uid The `uid` value + * \param[in] data_offset Offset within the asset to start the write + * \param[in] data_length The size in bytes of the data in p_data to write + * \param[in] p_data Pointer to a buffer which contains the data to write + * + * \return A status indicating the success/failure of the operation + * + * \retval PSA_SUCCESS The asset exists, the input parameters + * are correct and the data is correctly + * written in the physical storage. + * \retval PSA_ERROR_STORAGE_FAILURE The data was not written correctly in + * the physical storage + * \retval PSA_ERROR_INVALID_ARGUMENT The operation failed because one or more + * of the preconditions listed above + * regarding data_offset, size, or + * data_length was violated. + * \retval PSA_ERROR_DOES_NOT_EXIST The specified uid was not found + * \retval PSA_ERROR_NOT_SUPPORTED The implementation of the API does not + * support this function + * \retval PSA_ERROR_GENERIC_ERROR The operation failed due to an + * unspecified error + * \retval PSA_ERROR_DATA_CORRUPT The operation failed because the + * existing data has been corrupted. + * \retval PSA_ERROR_INVALID_SIGNATURE The operation failed because the + * existing data failed authentication + * (MAC check failed). + * \retval PSA_ERROR_NOT_PERMITTED The operation failed because it was + * attempted on an asset which was written + * with the flag + * PSA_STORAGE_FLAG_WRITE_ONCE + */ +psa_status_t psa_ps_set_extended(psa_storage_uid_t uid, + size_t data_offset, + size_t data_length, + const void *p_data); + +/** + * \brief Lists optional features. + * + * \return A bitmask with flags set for all of + * the optional features supported by the + * implementation.Currently defined flags + * are limited to + * PSA_STORAGE_SUPPORT_SET_EXTENDED + */ +uint32_t psa_ps_get_support(void); + +#ifdef __cplusplus +} +#endif + +#endif /* PSA_PROTECTED_STORAGE_H */ diff --git a/subsys/nrf_security/include/psa/service.h b/subsys/nrf_security/include/psa/service.h new file mode 100644 index 000000000000..39fde10ab331 --- /dev/null +++ b/subsys/nrf_security/include/psa/service.h @@ -0,0 +1,445 @@ +/* + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. + * Copyright (c) 2023 Cypress Semiconductor Corporation (an Infineon company) + * or an affiliate of Cypress Semiconductor Corporation. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __PSA_SERVICE_H__ +#define __PSA_SERVICE_H__ + +#include +#include + +#include "config_impl.h" + +#include "psa/client.h" +#include "psa/error.h" +#include "psa/framework_feature.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/********************** PSA Secure Partition Macros and Types ****************/ + +/** + * A timeout value that requests a polling wait operation. + */ +#define PSA_POLL (0x00000000u) + +/** + * A timeout value that requests a blocking wait operation. + */ +#define PSA_BLOCK (0x80000000u) + +/** + * A mask value that includes all Secure Partition signals. + */ +#define PSA_WAIT_ANY (0xFFFFFFFFu) + +/** + * The signal number for the Secure Partition doorbell. + */ +#define PSA_DOORBELL (0x00000008u) + +/* PSA message types */ +/* An IPC message type that indicates a new connection. */ +#define PSA_IPC_CONNECT (-1) +/* An IPC message type that indicates the end of a connection. */ +#define PSA_IPC_DISCONNECT (-2) + +/* FLIH return types */ +#define PSA_FLIH_NO_SIGNAL ((psa_flih_result_t) 0) +#define PSA_FLIH_SIGNAL ((psa_flih_result_t) 1) + +/* Store a set of one or more Secure Partition signals */ +typedef uint32_t psa_signal_t; + +/* A type used to temporarily store a previous interrupt state. */ +typedef uint32_t psa_irq_status_t; + +/* The type of the return value from an FLIH function */ +typedef uint32_t psa_flih_result_t; + +/** + * Describe a message received by an RoT Service after calling \ref psa_get(). + */ +typedef struct psa_msg_t { + int32_t type; /* One of the following values: + * \ref PSA_IPC_CONNECT + * >= 0 + * \ref PSA_IPC_DISCONNECT + */ + psa_handle_t handle; /* A reference generated by the SPM to the + * message returned by psa_get(). + */ + int32_t client_id; /* + * Partition ID of the sender of the + * message: + * - secure partition id; + * - non secure client endpoint id. + */ + void *rhandle; /* Be useful for binding a connection to some + * application-specific data or function + * pointer within the RoT Service + * implementation. + */ + size_t in_size[PSA_MAX_IOVEC]; /* Provide the size of each client input + * vector in bytes. + */ + size_t out_size[PSA_MAX_IOVEC];/* Provide the size of each client output + * vector in bytes. + */ +} psa_msg_t; + +/************************* PSA Secure Partition API **************************/ + +/** + * \brief Return the Secure Partition interrupt signals that have been asserted + * from a subset of signals provided by the caller. + * + * \param[in] signal_mask A set of signals to query. Signals that are not + * in this set will be ignored. + * \param[in] timeout Specify either blocking \ref PSA_BLOCK or + * polling \ref PSA_POLL operation. + * + * \retval >0 At least one signal is asserted. + * \retval 0 No signals are asserted. This is only seen when + * a polling timeout is used. + */ +psa_signal_t psa_wait(psa_signal_t signal_mask, uint32_t timeout); + +/** + * \brief Retrieve the message which corresponds to a given RoT Service signal + * and remove the message from the RoT Service queue. + * + * \param[in] signal The signal value for an asserted RoT Service. + * \param[out] msg Pointer to \ref psa_msg_t object for receiving + * the message. + * + * \retval PSA_SUCCESS Success, *msg will contain the delivered + * message. + * \retval PSA_ERROR_DOES_NOT_EXIST Message could not be delivered. + * \retval "PROGRAMMER ERROR" The call is invalid because one or more of the + * following are true: + * \arg signal has more than a single bit set. + * \arg signal does not correspond to an RoT Service. + * \arg The RoT Service signal is not currently + * asserted. + * \arg The msg pointer provided is not a valid memory + * reference. + */ +psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg); + +/** + * \brief Associate some RoT Service private data with a client connection. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] rhandle Reverse handle allocated by the RoT Service. + * + * \retval void Success, rhandle will be provided with all + * subsequent messages delivered on this + * connection. + * \retval "PROGRAMMER ERROR" msg_handle is invalid. + */ +void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle); + +/** + * \brief Read a message parameter or part of a message parameter from a client + * input vector. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] invec_idx Index of the input vector to read from. Must be + * less than \ref PSA_MAX_IOVEC. + * \param[out] buffer Buffer in the Secure Partition to copy the + * requested data to. + * \param[in] num_bytes Maximum number of bytes to be read from the + * client input vector. + * + * \retval >0 Number of bytes copied. + * \retval 0 There was no remaining data in this input + * vector. + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a + * \ref PSA_IPC_CALL message. + * \arg invec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + * \arg the memory reference for buffer is invalid or + * not writable. + */ +size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx, + void *buffer, size_t num_bytes); + +/** + * \brief Skip over part of a client input vector. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] invec_idx Index of input vector to skip from. Must be + * less than \ref PSA_MAX_IOVEC. + * \param[in] num_bytes Maximum number of bytes to skip in the client + * input vector. + * + * \retval >0 Number of bytes skipped. + * \retval 0 There was no remaining data in this input + * vector. + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a request + * message. + * \arg invec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + */ +size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx, size_t num_bytes); + +/** + * \brief Write a message response to a client output vector. + * + * \param[in] msg_handle Handle for the client's message. + * \param[out] outvec_idx Index of output vector in message to write to. + * Must be less than \ref PSA_MAX_IOVEC. + * \param[in] buffer Buffer with the data to write. + * \param[in] num_bytes Number of bytes to write to the client output + * vector. + * + * \retval void Success + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a request + * message. + * \arg outvec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + * \arg The memory reference for buffer is invalid. + * \arg The call attempts to write data past the end + * of the client output vector. + */ +void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx, + const void *buffer, size_t num_bytes); + +/** + * \brief Complete handling of a specific message and unblock the client. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] status Message result value to be reported to the + * client. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg msg_handle is invalid. + * \arg An invalid status code is specified for the + * type of message. + */ +void psa_reply(psa_handle_t msg_handle, psa_status_t status); + +/** + * \brief Send a PSA_DOORBELL signal to a specific Secure Partition. + * + * \param[in] partition_id Secure Partition ID of the target partition. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" partition_id does not correspond to a Secure + * Partition. + */ +void psa_notify(int32_t partition_id); + +/** + * \brief Clear the PSA_DOORBELL signal. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" The Secure Partition's doorbell signal is not + * currently asserted. + */ +void psa_clear(void); + +/** + * \brief Inform the SPM that an interrupt has been handled (end of interrupt). + * + * \param[in] irq_signal The interrupt signal that has been processed. + * + * \retval void Success. + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg irq_signal is not an interrupt signal. + * \arg irq_signal indicates more than one signal. + * \arg irq_signal is not currently asserted. + * \arg The interrupt is not using SLIH. + */ +void psa_eoi(psa_signal_t irq_signal); + +/** + * \brief Terminate execution within the calling Secure Partition and will not + * return. + * + * \retval "Does not return" + */ +void psa_panic(void); + +/** + * \brief Enable an interrupt. + * + * \param[in] irq_signal The signal for the interrupt to be enabled. + * This must have a single bit set, which must be the + * signal value for an interrupt in the calling Secure + * Partition. + * + * \retval void + * \retval "PROGRAMMER ERROR" If one or more of the following are true: + * \arg \a irq_signal is not an interrupt signal. + * \arg \a irq_signal indicates more than one signal. + */ +void psa_irq_enable(psa_signal_t irq_signal); + +/** + * \brief Disable an interrupt and return the status of the interrupt prior to + * being disabled by this call. + * + * \param[in] irq_signal The signal for the interrupt to be disabled. + * This must have a single bit set, which must be the + * signal value for an interrupt in the calling Secure + * Partition. + * + * \retval 0 The interrupt was disabled prior to this call. + * 1 The interrupt was enabled prior to this call. + * \retval "PROGRAMMER ERROR" If one or more of the following are true: + * \arg \a irq_signal is not an interrupt signal. + * \arg \a irq_signal indicates more than one signal. + * + * \note The current implementation always return 1. Do not use the return. + */ +psa_irq_status_t psa_irq_disable(psa_signal_t irq_signal); + +/** + * \brief Reset the signal for an interrupt that is using FLIH handling. + * + * \param[in] irq_signal The interrupt signal to be reset. + * This must have a single bit set, corresponding to a + * currently asserted signal for an interrupt that is + * defined to use FLIH handling. + * + * \retval void + * \retval "Programmer Error" if one or more of the following are true: + * \arg \a irq_signal is not a signal for an interrupt + * that is specified with FLIH handling in the Secure + * Partition manifest. + * \arg \a irq_signal indicates more than one signal. + * \arg \a irq_signal is not currently asserted. + */ +void psa_reset_signal(psa_signal_t irq_signal); + +#if PSA_FRAMEWORK_HAS_MM_IOVEC + +/** + * \brief Map a client input vector for direct access by a Secure Partition RoT + * Service. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] invec_idx Index of input vector to map. Must be + * less than \ref PSA_MAX_IOVEC. + * + * \retval A pointer to the input vector data. + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg MM-IOVEC has not been enabled for the RoT + * Service that received the message. + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a request + * message. + * \arg invec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + * \arg The input vector has length zero. + * \arg The input vector has already been mapped using + * psa_map_invec(). + * \arg The input vector has already been accessed + * using psa_read() or psa_skip(). + */ +const void *psa_map_invec(psa_handle_t msg_handle, uint32_t invec_idx); + +/** + * \brief Unmap a previously mapped client input vector from a Secure Partition + * RoT Service. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] invec_idx Index of input vector to map. Must be + * less than \ref PSA_MAX_IOVEC. + * + * \retval void + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a request + * message. + * \arg invec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + * \arg The input vector has not been mapped by a call + * to psa_map_invec(). + * \arg The input vector has already been unmapped by + * a call to psa_unmap_invec(). + */ +void psa_unmap_invec(psa_handle_t msg_handle, uint32_t invec_idx); + +/** + * \brief Map a client output vector for direct access by a Secure Partition RoT + * Service. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] outvec_idx Index of output vector to map. Must be + * less than \ref PSA_MAX_IOVEC. + * + * \retval A pointer to the output vector data. + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg MM-IOVEC has not been enabled for the RoT + * Service that received the message. + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a request + * message. + * \arg outvec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + * \arg The output vector has length zero. + * \arg The output vector has already been mapped + * using psa_map_outvec(). + * \arg The output vector has already been accessed + * using psa_write(). + */ +void *psa_map_outvec(psa_handle_t msg_handle, uint32_t outvec_idx); + +/** + * \brief Unmap a previously mapped client output vector from a Secure Partition + * RoT Service. + * + * \param[in] msg_handle Handle for the client's message. + * \param[in] outvec_idx Index of output vector to map. Must be + * less than \ref PSA_MAX_IOVEC. + * \param[in] len The number of bytes written to the output + * vector. This must be less than or equal to the + * size of the output vector. + * + * \retval void + * \retval "PROGRAMMER ERROR" The call is invalid, one or more of the + * following are true: + * \arg msg_handle is invalid. + * \arg msg_handle does not refer to a request + * message. + * \arg outvec_idx is equal to or greater than + * \ref PSA_MAX_IOVEC. + * \arg The output vector has not been mapped by a + * call to psa_map_outvec(). + * \arg The output vector has already been unmapped by + * a call to psa_unmap_outvec(). + */ +void psa_unmap_outvec(psa_handle_t msg_handle, uint32_t outvec_idx, size_t len); + +#endif /* PSA_FRAMEWORK_HAS_MM_IOVEC */ + +#ifdef __cplusplus +} +#endif + +#endif /* __PSA_SERVICE_H__ */ diff --git a/subsys/nrf_security/include/psa/storage_common.h b/subsys/nrf_security/include/psa/storage_common.h new file mode 100644 index 000000000000..3f901c5bf912 --- /dev/null +++ b/subsys/nrf_security/include/psa/storage_common.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2019, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +/* This file includes common definitions for PSA storage +*/ + +#ifndef PSA_STORAGE_COMMON_H +#define PSA_STORAGE_COMMON_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +typedef uint32_t psa_storage_create_flags_t; + +typedef uint64_t psa_storage_uid_t; + +/* Flags */ + +#define PSA_STORAGE_FLAG_NONE 0u +#define PSA_STORAGE_FLAG_WRITE_ONCE (1u << 0) +#define PSA_STORAGE_FLAG_NO_CONFIDENTIALITY (1u << 1) +#define PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION (1u << 2) + +/* A container for metadata associated with a specific uid */ + +struct psa_storage_info_t { + size_t capacity; + size_t size; + psa_storage_create_flags_t flags; +}; + +#define PSA_STORAGE_SUPPORT_SET_EXTENDED (1u << 0) + +#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) +#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) + +#ifdef __cplusplus +} +#endif + +#endif // PSA_STORAGE_COMMON_H diff --git a/subsys/nrf_security/include/psa_util.h b/subsys/nrf_security/include/psa_util.h new file mode 100644 index 000000000000..c78cc2333359 --- /dev/null +++ b/subsys/nrf_security/include/psa_util.h @@ -0,0 +1,188 @@ +/** + * \file psa_util.h + * + * \brief Utility functions for the use of the PSA Crypto library. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef MBEDTLS_PSA_UTIL_H +#define MBEDTLS_PSA_UTIL_H +#include "mbedtls/private_access.h" + +#include "mbedtls/build_info.h" + +#include "psa/crypto.h" + +/* ASN1 defines used in the ECDSA conversion functions. + * Note: intentionally not adding MBEDTLS_ASN1_[PARSE|WRITE]_C guards here + * otherwise error codes would be unknown in test_suite_psa_crypto_util.data.*/ +#include + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + +/** The random generator function for the PSA subsystem. + * + * This function is suitable as the `f_rng` random generator function + * parameter of many `mbedtls_xxx` functions. + * + * The implementation of this function depends on the configuration of the + * library. + * + * \note This function may only be used if the PSA crypto subsystem is active. + * This means that you must call psa_crypto_init() before any call to + * this function, and you must not call this function after calling + * mbedtls_psa_crypto_free(). + * + * \param p_rng This parameter is only kept for backward compatibility + * reasons with legacy `f_rng` functions and it's ignored. + * Set to #MBEDTLS_PSA_RANDOM_STATE or NULL. + * \param output The buffer to fill. It must have room for + * \c output_size bytes. + * \param output_size The number of bytes to write to \p output. + * This function may fail if \p output_size is too + * large. It is guaranteed to accept any output size + * requested by Mbed TLS library functions. The + * maximum request size depends on the library + * configuration. + * + * \return \c 0 on success. + * \return An `MBEDTLS_ERR_ENTROPY_xxx`, + * `MBEDTLS_ERR_PLATFORM_xxx, + * `MBEDTLS_ERR_CTR_DRBG_xxx` or + * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error. + */ +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size); + +/** The random generator state for the PSA subsystem. + * + * This macro always expands to NULL because the `p_rng` parameter is unused + * in mbedtls_psa_get_random(), but it's kept for interface's backward + * compatibility. + */ +#define MBEDTLS_PSA_RANDOM_STATE NULL + +/** \defgroup psa_tls_helpers TLS helper functions + * @{ + */ +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#include + +/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA. + * + * \param grpid An Mbed TLS elliptic curve identifier + * (`MBEDTLS_ECP_DP_xxx`). + * \param[out] bits On success the bit size of the curve; 0 on failure. + * + * \return If the curve is supported in the PSA API, this function + * returns the proper PSA curve identifier + * (`PSA_ECC_FAMILY_xxx`). This holds even if the curve is + * not supported by the ECP module. + * \return \c 0 if the curve is not supported in the PSA API. + */ +psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits); + +/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. + * + * \param family A PSA elliptic curve family identifier + * (`PSA_ECC_FAMILY_xxx`). + * \param bits The bit-length of a private key on \p curve. + * + * \return If the curve is supported in the PSA API, this function + * returns the corresponding Mbed TLS elliptic curve + * identifier (`MBEDTLS_ECP_DP_xxx`). + * \return #MBEDTLS_ECP_DP_NONE if the combination of \c curve + * and \p bits is not supported. + */ +mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, + size_t bits); +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ + +/** + * \brief This function returns the PSA algorithm identifier + * associated with the given digest type. + * + * \param md_type The type of digest to search for. Must not be NONE. + * + * \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will + * not return \c PSA_ALG_NONE, but an invalid algorithm. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The PSA algorithm identifier associated with \p md_type, + * regardless of whether it is supported or not. + */ +static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) +{ + return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; +} + +/** + * \brief This function returns the given digest type + * associated with the PSA algorithm identifier. + * + * \param psa_alg The PSA algorithm identifier to search for. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The MD type associated with \p psa_alg, + * regardless of whether it is supported or not. + */ +static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) +{ + return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); +} +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ + +#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + +/** Convert an ECDSA signature from raw format to DER ASN.1 format. + * + * \param bits Size of each coordinate in bits. + * \param raw Buffer that contains the signature in raw format. + * \param raw_len Length of \p raw in bytes. This must be + * PSA_BITS_TO_BYTES(bits) bytes. + * \param[out] der Buffer that will be filled with the converted DER + * output. It can overlap with raw buffer. + * \param der_size Size of \p der in bytes. It is enough if \p der_size + * is at least the size of the actual output. (The size + * of the output can vary depending on the presence of + * leading zeros in the data.) You can use + * #MBEDTLS_ECDSA_MAX_SIG_LEN(\p bits) to determine a + * size that is large enough for all signatures for a + * given value of \p bits. + * \param[out] der_len On success it contains the amount of valid data + * (in bytes) written to \p der. It's undefined + * in case of failure. + */ +int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len); + +/** Convert an ECDSA signature from DER ASN.1 format to raw format. + * + * \param bits Size of each coordinate in bits. + * \param der Buffer that contains the signature in DER format. + * \param der_len Size of \p der in bytes. + * \param[out] raw Buffer that will be filled with the converted raw + * signature. It can overlap with der buffer. + * \param raw_size Size of \p raw in bytes. Must be at least + * 2 * PSA_BITS_TO_BYTES(bits) bytes. + * \param[out] raw_len On success it is updated with the amount of valid + * data (in bytes) written to \p raw. It's undefined + * in case of failure. + */ +int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len); + +#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ + +/**@}*/ + +#endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/subsys/nrf_security/include/tfm_attest_defs.h b/subsys/nrf_security/include/tfm_attest_defs.h new file mode 100644 index 000000000000..dad7769353f3 --- /dev/null +++ b/subsys/nrf_security/include/tfm_attest_defs.h @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_ATTEST_DEFS_H__ +#define __TFM_ATTEST_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/* Initial Attestation message types that distinguish Attest services. */ +#define TFM_ATTEST_GET_TOKEN 1001 +#define TFM_ATTEST_GET_TOKEN_SIZE 1002 + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_ATTEST_DEFS_H__ */ diff --git a/subsys/nrf_security/include/tfm_attest_iat_defs.h b/subsys/nrf_security/include/tfm_attest_iat_defs.h new file mode 100644 index 000000000000..2e628e13c171 --- /dev/null +++ b/subsys/nrf_security/include/tfm_attest_iat_defs.h @@ -0,0 +1,86 @@ +/* + * Copyright (c) 2019-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_ATTEST_IAT_DEFS_H__ +#define __TFM_ATTEST_IAT_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include "config_tfm.h" + +#if ATTEST_TOKEN_PROFILE_PSA_IOT_1 + +/* In case of the original PSA_IOT_PROFILE_1 */ +#define IAT_ARM_RANGE_BASE (-75000) +#define IAT_PROFILE_DEFINITION (IAT_ARM_RANGE_BASE - 0) +#define IAT_CLIENT_ID (IAT_ARM_RANGE_BASE - 1) +#define IAT_SECURITY_LIFECYCLE (IAT_ARM_RANGE_BASE - 2) +#define IAT_IMPLEMENTATION_ID (IAT_ARM_RANGE_BASE - 3) +#define IAT_BOOT_SEED (IAT_ARM_RANGE_BASE - 4) +#define IAT_CERTIFICATION_REFERENCE (IAT_ARM_RANGE_BASE - 5) +#define IAT_SW_COMPONENTS (IAT_ARM_RANGE_BASE - 6) +#define IAT_NO_SW_COMPONENTS (IAT_ARM_RANGE_BASE - 7) +#define IAT_NONCE (IAT_ARM_RANGE_BASE - 8) +#define IAT_INSTANCE_ID (IAT_ARM_RANGE_BASE - 9) +#define IAT_VERIFICATION_SERVICE (IAT_ARM_RANGE_BASE - 10) + +/* Indicates that the boot status intentionally (i.e. the bootloader is not + * capable of producing it) does not contain any SW components' measurement. + * Required integer value for claim labeled IAT_NO_SW_COMPONENTS. + */ +#define NO_SW_COMPONENT_FIXED_VALUE 1 + +#elif ATTEST_TOKEN_PROFILE_PSA_2_0_0 + +/* In case of PSA_2_0_0 (updated PSA profile ) */ +#define IAT_NONCE 10 /* EAT nonce */ +#define IAT_INSTANCE_ID 256 /* EAT ueid */ +#define IAT_PROFILE_DEFINITION 265 /* EAT eat_profile */ +#define IAT_ARM_RANGE_BASE (2393) +#define IAT_CLIENT_ID (IAT_ARM_RANGE_BASE + 1) +#define IAT_SECURITY_LIFECYCLE (IAT_ARM_RANGE_BASE + 2) +#define IAT_IMPLEMENTATION_ID (IAT_ARM_RANGE_BASE + 3) +#define IAT_BOOT_SEED (IAT_ARM_RANGE_BASE + 4) +#define IAT_CERTIFICATION_REFERENCE (IAT_ARM_RANGE_BASE + 5) +#define IAT_SW_COMPONENTS (IAT_ARM_RANGE_BASE + 6) +#define IAT_VERIFICATION_SERVICE (IAT_ARM_RANGE_BASE + 7) + +#elif ATTEST_TOKEN_PROFILE_ARM_CCA + +/* In case of ARM_CCA profile */ +#define IAT_NONCE 10 /* EAT nonce*/ +#define IAT_INSTANCE_ID 256 /* EAT ueid */ +#define IAT_PROFILE_DEFINITION 265 /* EAT eat_profile */ +#define IAT_ARM_RANGE_BASE (2393) +#define IAT_CLIENT_ID (IAT_ARM_RANGE_BASE + 1) +#define IAT_SECURITY_LIFECYCLE (IAT_ARM_RANGE_BASE + 2) +#define IAT_IMPLEMENTATION_ID (IAT_ARM_RANGE_BASE + 3) +#define IAT_BOOT_SEED (IAT_ARM_RANGE_BASE + 4) +#define IAT_CERTIFICATION_REFERENCE (IAT_ARM_RANGE_BASE + 5) +#define IAT_SW_COMPONENTS (IAT_ARM_RANGE_BASE + 6) +#define IAT_VERIFICATION_SERVICE (IAT_ARM_RANGE_BASE + 7) +#define IAT_PLATFORM_CONFIG (IAT_ARM_RANGE_BASE + 8) +#define IAT_PLATFORM_HASH_ALGO_ID (IAT_ARM_RANGE_BASE + 9) + +#else +#error "Attestation token profile is incorrect" +#endif + +#define IAT_SW_COMPONENT_MEASUREMENT_TYPE (1) +#define IAT_SW_COMPONENT_MEASUREMENT_VALUE (2) +/* Reserved (3) */ +#define IAT_SW_COMPONENT_VERSION (4) +#define IAT_SW_COMPONENT_SIGNER_ID (5) +#define IAT_SW_COMPONENT_MEASUREMENT_DESC (6) + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_ATTEST_IAT_DEFS_H__ */ diff --git a/subsys/nrf_security/include/tfm_crypto_defs.h b/subsys/nrf_security/include/tfm_crypto_defs.h new file mode 100644 index 000000000000..52357cb6add9 --- /dev/null +++ b/subsys/nrf_security/include/tfm_crypto_defs.h @@ -0,0 +1,229 @@ +/* + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_CRYPTO_DEFS_H__ +#define __TFM_CRYPTO_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include "psa/crypto.h" +#ifdef PLATFORM_DEFAULT_CRYPTO_KEYS +#include "crypto_keys/tfm_builtin_key_ids.h" +#else +#include "tfm_builtin_key_ids.h" +#endif /* PLATFORM_DEFAULT_CRYPTO_KEYS */ + +/** + * \brief The maximum supported length of a nonce through the TF-M + * interfaces + */ +#define TFM_CRYPTO_MAX_NONCE_LENGTH (16u) + +/** + * \brief This type is used to overcome a limitation in the number of maximum + * IOVECs that can be used especially in psa_aead_encrypt and + * psa_aead_decrypt. By using this type we pack the nonce and the actual + * nonce_length at part of the same structure + */ +struct tfm_crypto_aead_pack_input { + uint8_t nonce[TFM_CRYPTO_MAX_NONCE_LENGTH]; + uint32_t nonce_length; +}; + +/** + * \brief Structure used to pack non-pointer types in a call to PSA Crypto APIs + * + */ +struct tfm_crypto_pack_iovec { + psa_key_id_t key_id; /*!< Key id */ + psa_algorithm_t alg; /*!< Algorithm */ + uint32_t op_handle; /*!< Client context handle associated to a + * multipart operation + */ + size_t ad_length; /*!< Additional Data length for multipart AEAD */ + size_t plaintext_length; /*!< Plaintext length for multipart AEAD */ + + struct tfm_crypto_aead_pack_input aead_in; /*!< Packs AEAD-related inputs */ + + uint16_t function_id; /*!< Used to identify the function in the + * API dispatcher to the service backend + * See tfm_crypto_func_sid for detail + */ + uint16_t step; /*!< Key derivation step */ + union { + size_t capacity; /*!< Key derivation capacity */ + uint64_t value; /*!< Key derivation integer for update*/ + }; + psa_pake_role_t role; /*!< PAKE role */ +}; + +/** + * \brief Type associated to the group of a function encoding. There can be + * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD, + * Asym sign, Asym encrypt, Key derivation). + */ +enum tfm_crypto_group_id_t { + TFM_CRYPTO_GROUP_ID_RANDOM = UINT8_C(1), + TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT = UINT8_C(2), + TFM_CRYPTO_GROUP_ID_HASH = UINT8_C(3), + TFM_CRYPTO_GROUP_ID_MAC = UINT8_C(4), + TFM_CRYPTO_GROUP_ID_CIPHER = UINT8_C(5), + TFM_CRYPTO_GROUP_ID_AEAD = UINT8_C(6), + TFM_CRYPTO_GROUP_ID_ASYM_SIGN = UINT8_C(7), + TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT = UINT8_C(8), + TFM_CRYPTO_GROUP_ID_KEY_DERIVATION = UINT8_C(9), + TFM_CRYPTO_GROUP_ID_PAKE = UINT8_C(10) +}; + +/* Set of X macros describing each of the available PSA Crypto APIs */ +#define RANDOM_FUNCS \ + X(TFM_CRYPTO_GENERATE_RANDOM) + +#define KEY_MANAGEMENT_FUNCS \ + X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \ + X(TFM_CRYPTO_OPEN_KEY) \ + X(TFM_CRYPTO_CLOSE_KEY) \ + X(TFM_CRYPTO_IMPORT_KEY) \ + X(TFM_CRYPTO_DESTROY_KEY) \ + X(TFM_CRYPTO_EXPORT_KEY) \ + X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \ + X(TFM_CRYPTO_PURGE_KEY) \ + X(TFM_CRYPTO_COPY_KEY) \ + X(TFM_CRYPTO_GENERATE_KEY) + +#define HASH_FUNCS \ + X(TFM_CRYPTO_HASH_COMPUTE) \ + X(TFM_CRYPTO_HASH_COMPARE) \ + X(TFM_CRYPTO_HASH_SETUP) \ + X(TFM_CRYPTO_HASH_UPDATE) \ + X(TFM_CRYPTO_HASH_CLONE) \ + X(TFM_CRYPTO_HASH_FINISH) \ + X(TFM_CRYPTO_HASH_VERIFY) \ + X(TFM_CRYPTO_HASH_ABORT) + +#define MAC_FUNCS \ + X(TFM_CRYPTO_MAC_COMPUTE) \ + X(TFM_CRYPTO_MAC_VERIFY) \ + X(TFM_CRYPTO_MAC_SIGN_SETUP) \ + X(TFM_CRYPTO_MAC_VERIFY_SETUP) \ + X(TFM_CRYPTO_MAC_UPDATE) \ + X(TFM_CRYPTO_MAC_SIGN_FINISH) \ + X(TFM_CRYPTO_MAC_VERIFY_FINISH) \ + X(TFM_CRYPTO_MAC_ABORT) + +#define CIPHER_FUNCS \ + X(TFM_CRYPTO_CIPHER_ENCRYPT) \ + X(TFM_CRYPTO_CIPHER_DECRYPT) \ + X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \ + X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \ + X(TFM_CRYPTO_CIPHER_GENERATE_IV) \ + X(TFM_CRYPTO_CIPHER_SET_IV) \ + X(TFM_CRYPTO_CIPHER_UPDATE) \ + X(TFM_CRYPTO_CIPHER_FINISH) \ + X(TFM_CRYPTO_CIPHER_ABORT) + +#define AEAD_FUNCS \ + X(TFM_CRYPTO_AEAD_ENCRYPT) \ + X(TFM_CRYPTO_AEAD_DECRYPT) \ + X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \ + X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \ + X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \ + X(TFM_CRYPTO_AEAD_SET_NONCE) \ + X(TFM_CRYPTO_AEAD_SET_LENGTHS) \ + X(TFM_CRYPTO_AEAD_UPDATE_AD) \ + X(TFM_CRYPTO_AEAD_UPDATE) \ + X(TFM_CRYPTO_AEAD_FINISH) \ + X(TFM_CRYPTO_AEAD_VERIFY) \ + X(TFM_CRYPTO_AEAD_ABORT) + +#define ASYM_SIGN_FUNCS \ + X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \ + X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \ + X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \ + X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH) + +#define ASYM_ENCRYPT_FUNCS \ + X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \ + X(TFM_CRYPTO_ASYMMETRIC_DECRYPT) + +#define KEY_DERIVATION_FUNCS \ + X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \ + X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \ + X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \ + X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \ + X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \ + X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \ + X(TFM_CRYPTO_KEY_DERIVATION_INPUT_INTEGER) \ + X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \ + X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \ + X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \ + X(TFM_CRYPTO_KEY_DERIVATION_ABORT) + +#define BASE__VALUE(x) ((uint16_t)((((uint16_t)(x)) << 8) & 0xFF00)) + +#define PAKE_FUNCS \ + X(TFM_CRYPTO_PAKE_SETUP) \ + X(TFM_CRYPTO_PAKE_SET_ROLE) \ + X(TFM_CRYPTO_PAKE_SET_USER) \ + X(TFM_CRYPTO_PAKE_SET_PEER) \ + X(TFM_CRYPTO_PAKE_SET_CONTEXT) \ + X(TFM_CRYPTO_PAKE_OUTPUT) \ + X(TFM_CRYPTO_PAKE_INPUT) \ + X(TFM_CRYPTO_PAKE_GET_SHARED_KEY) \ + X(TFM_CRYPTO_PAKE_ABORT) + +/** + * \brief This type defines numerical progressive values identifying a function API + * exposed through the interfaces (S or NS). It's used to dispatch the requests + * from S/NS to the corresponding API implementation in the Crypto service backend. + * + * \note Each function SID is encoded as uint16_t. + * +------------+------------+ + * | Group ID | Func ID | + * +------------+------------+ + * (MSB)15 8 7 0(LSB) + * + */ +enum tfm_crypto_func_sid_t { +#define X(FUNCTION_NAME) FUNCTION_NAME ## _SID, + BASE__RANDOM = BASE__VALUE(TFM_CRYPTO_GROUP_ID_RANDOM) - 1, + RANDOM_FUNCS + BASE__KEY_MANAGEMENT = BASE__VALUE(TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT) - 1, + KEY_MANAGEMENT_FUNCS + BASE__HASH = BASE__VALUE(TFM_CRYPTO_GROUP_ID_HASH) - 1, + HASH_FUNCS + BASE__MAC = BASE__VALUE(TFM_CRYPTO_GROUP_ID_MAC) - 1, + MAC_FUNCS + BASE__CIPHER = BASE__VALUE(TFM_CRYPTO_GROUP_ID_CIPHER) - 1, + CIPHER_FUNCS + BASE__AEAD = BASE__VALUE(TFM_CRYPTO_GROUP_ID_AEAD) - 1, + AEAD_FUNCS + BASE__ASYM_SIGN = BASE__VALUE(TFM_CRYPTO_GROUP_ID_ASYM_SIGN) - 1, + ASYM_SIGN_FUNCS + BASE__ASYM_ENCRYPT = BASE__VALUE(TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT) - 1, + ASYM_ENCRYPT_FUNCS + BASE__KEY_DERIVATION = BASE__VALUE(TFM_CRYPTO_GROUP_ID_KEY_DERIVATION) - 1, + KEY_DERIVATION_FUNCS + BASE__PAKE = BASE__VALUE(TFM_CRYPTO_GROUP_ID_PAKE) - 1, + PAKE_FUNCS +#undef X +}; + +/** + * \brief This macro is used to extract the group_id from an encoded function id + * by accessing the upper 8 bits. A \a _function_id is uint16_t type + */ +#define TFM_CRYPTO_GET_GROUP_ID(_function_id) \ + ((enum tfm_crypto_group_id_t)(((uint16_t)(_function_id) >> 8) & 0xFF)) + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_CRYPTO_DEFS_H__ */ diff --git a/subsys/nrf_security/include/tfm_fwu_defs.h b/subsys/nrf_security/include/tfm_fwu_defs.h new file mode 100644 index 000000000000..a940d1f43870 --- /dev/null +++ b/subsys/nrf_security/include/tfm_fwu_defs.h @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2021-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef TFM_FWU_BOOTLOADER_DEFS_H +#define TFM_FWU_BOOTLOADER_DEFS_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* FWU message types that distinguish FWU services. */ +#define TFM_FWU_START 1001 +#define TFM_FWU_WRITE 1002 +#define TFM_FWU_FINISH 1003 +#define TFM_FWU_CANCEL 1004 +#define TFM_FWU_INSTALL 1005 +#define TFM_FWU_CLEAN 1006 +#define TFM_FWU_REJECT 1007 +#define TFM_FWU_REQUEST_REBOOT 1008 +#define TFM_FWU_ACCEPT 1009 +#define TFM_FWU_QUERY 1010 + +#ifdef __cplusplus +} +#endif +#endif /* TFM_FWU_BOOTLOADER_DEFS_H */ diff --git a/subsys/nrf_security/include/tfm_its_defs.h b/subsys/nrf_security/include/tfm_its_defs.h new file mode 100644 index 000000000000..a6591b1383cc --- /dev/null +++ b/subsys/nrf_security/include/tfm_its_defs.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2019-2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_ITS_DEFS_H__ +#define __TFM_ITS_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/* Invalid UID */ +#define TFM_ITS_INVALID_UID 0 + +/* ITS message types that distinguish ITS services. */ +#define TFM_ITS_SET 1001 +#define TFM_ITS_GET 1002 +#define TFM_ITS_GET_INFO 1003 +#define TFM_ITS_REMOVE 1004 + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_ITS_DEFS_H__ */ diff --git a/subsys/nrf_security/include/tfm_ns_client_ext.h b/subsys/nrf_security/include/tfm_ns_client_ext.h new file mode 100644 index 000000000000..b6e944cf2245 --- /dev/null +++ b/subsys/nrf_security/include/tfm_ns_client_ext.h @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_NS_CLIENT_EXT_H__ +#define __TFM_NS_CLIENT_EXT_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +#define TFM_NS_CLIENT_INVALID_TOKEN 0xFFFFFFFF + +/* TF-M NSID Error code */ +#define TFM_NS_CLIENT_ERR_SUCCESS 0x0 +#define TFM_NS_CLIENT_ERR_INVALID_TOKEN 0x1 +#define TFM_NS_CLIENT_ERR_INVALID_NSID 0x2 +#define TFM_NS_CLIENT_ERR_INVALID_ACCESS 0x3 + +/** + * \brief Initialize the non-secure client extension + * + * \details This function should be called before any other non-secure client + * APIs. It gives NSPE the opportunity to initialize the non-secure + * client extension in TF-M. Also, NSPE can get the number of allocated + * non-secure client context slots in the return value. That is useful + * if NSPE wants to decide the group (context) assignment at runtime. + * + * \param[in] ctx_requested The number of non-secure context requested from the + * NS entity. If request maximum available context, then set it to 0. + * + * \return Returns the number of non-secure context allocated to the NS entity. + * The allocated context number <= maximum supported context number. + * If the initialization is failed, then 0 is returned. + */ +uint32_t tfm_nsce_init(uint32_t ctx_requested); + +/** + * \brief Acquire the context for a non-secure client + * + * \details This function should be called before a non-secure client calling + * the PSA API into TF-M. It is to request the allocation of the + * context for the upcoming service call from that non-secure client. + * The non-secure clients in one group share the same context. + * The thread ID is used to identify the different non-secure clients. + * + * \param[in] group_id The group ID of the non-secure client + * \param[in] thread_id The thread ID of the non-secure client + * + * \return Returns the token of the allocated context. 0xFFFFFFFF means the + * allocation failed and the token is invalid. + */ +uint32_t tfm_nsce_acquire_ctx(uint8_t group_id, uint8_t thread_id); + +/** + * \brief Release the context for the non-secure client + * + * \details This function should be called when a non-secure client is going to + * be terminated or will not call TF-M secure services in the future. + * It is to release the context allocated for the calling non-secure + * client. If the calling non-secure client is the only thread in the + * group, then the context will be deallocated. Otherwise, the context + * will still be taken for the other threads in the group. + * + * \param[in] token The token returned by tfm_nsce_acquire_ctx + * + * \return Returns the error code. + */ +uint32_t tfm_nsce_release_ctx(uint32_t token); + +/** + * \brief Load the context for the non-secure client + * + * \details This function should be called when a non-secure client is going to + * be scheduled in at the non-secure side. + * The caller is usually the scheduler of the RTOS. + * The non-secure client ID is managed by the non-secure world and + * passed to TF-M as the input parameter of TF-M. + * + * \param[in] token The token returned by tfm_nsce_acquire_ctx + * \param[in] nsid The non-secure client ID for this client + * + * \return Returns the error code. + */ +uint32_t tfm_nsce_load_ctx(uint32_t token, int32_t nsid); + +/** + * \brief Save the context for the non-secure client + * + * \details This function should be called when a non-secure client is going to + * be scheduled out at the non-secure side. + * The caller is usually the scheduler of the RTOS. + * + * \param[in] token The token returned by tfm_nsce_acquire_ctx + * + * \return Returns the error code. + */ +uint32_t tfm_nsce_save_ctx(uint32_t token); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_CLIENT_EXT_H__ */ diff --git a/subsys/nrf_security/include/tfm_ns_interface.h b/subsys/nrf_security/include/tfm_ns_interface.h new file mode 100644 index 000000000000..32a04c5e73f1 --- /dev/null +++ b/subsys/nrf_security/include/tfm_ns_interface.h @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2017-2021, Arm Limited. All rights reserved. + * Copyright (c) 2023 Cypress Semiconductor Corporation (an Infineon company) + * or an affiliate of Cypress Semiconductor Corporation. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#ifndef __TFM_NS_INTERFACE_H__ +#define __TFM_NS_INTERFACE_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include "tfm_veneers.h" + +typedef int32_t (*veneer_fn) (uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3); + +/** + * \brief NS interface, veneer function dispatcher + * + * \details This function implements the dispatching mechanism for the + * desired veneer function, to be called with the parameters + * described from arg0 to arg3. + * + * \note NSPE can use default implementation of this function or implement + * this function according to NS specific implementation and actual + * usage scenario. + * + * \param[in] fn Function pointer to the veneer function desired + * \param[in] arg0 Argument 0 of fn + * \param[in] arg1 Argument 1 of fn + * \param[in] arg2 Argument 2 of fn + * \param[in] arg3 Argument 3 of fn + * + * \return Returns the same return value of the requested veneer function + * + * \note This API must ensure the return value is from the veneer function. + * Other unrecoverable errors must be considered as fatal error and should + * not return. + */ +int32_t tfm_ns_interface_dispatch(veneer_fn fn, + uint32_t arg0, uint32_t arg1, + uint32_t arg2, uint32_t arg3); + +/** + * \brief NS interface initialization function + * + * \details This function initializes TF-M NS interface. + * + * \note NSPE can use default implementation of this function or implement + * this function according to NS specific implementation and actual + * usage scenario. + * + * \return \ref OS_WRAPPER_SUCCESS on success or \ref OS_WRAPPER_ERROR on error + */ +uint32_t tfm_ns_interface_init(void); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_NS_INTERFACE_H__ */ diff --git a/subsys/nrf_security/include/tfm_platform_api.h b/subsys/nrf_security/include/tfm_platform_api.h new file mode 100644 index 000000000000..e92550394388 --- /dev/null +++ b/subsys/nrf_security/include/tfm_platform_api.h @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PLATFORM_API__ +#define __TFM_PLATFORM_API__ + +#include +#include +#include +#include "psa/client.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief TFM secure partition platform API version + */ +#define TFM_PLATFORM_API_VERSION_MAJOR (0) +#define TFM_PLATFORM_API_VERSION_MINOR (3) + +#define TFM_PLATFORM_API_ID_NV_READ (1010) +#define TFM_PLATFORM_API_ID_NV_INCREMENT (1011) +#define TFM_PLATFORM_API_ID_SYSTEM_RESET (1012) +#define TFM_PLATFORM_API_ID_IOCTL (1013) + +/*! + * \enum tfm_platform_err_t + * + * \brief Platform service error types + * + */ +enum tfm_platform_err_t { + TFM_PLATFORM_ERR_SUCCESS = 0, + TFM_PLATFORM_ERR_SYSTEM_ERROR, + TFM_PLATFORM_ERR_INVALID_PARAM, + TFM_PLATFORM_ERR_NOT_SUPPORTED, + + /* Following entry is only to ensure the error code of int size */ + TFM_PLATFORM_ERR_FORCE_INT_SIZE = INT_MAX +}; + +typedef int32_t tfm_platform_ioctl_req_t; + +/*! + * \brief Resets the system. + * + * \return Returns values as specified by the \ref tfm_platform_err_t + */ +enum tfm_platform_err_t tfm_platform_system_reset(void); + +/*! + * \brief Performs a platform-specific service + * + * \param[in] request Request identifier (valid values vary + * based on the platform) + * \param[in] input Input buffer to the requested service (or NULL) + * \param[in,out] output Output buffer to the requested service (or NULL) + * + * \return Returns values as specified by the \ref tfm_platform_err_t + */ +enum tfm_platform_err_t tfm_platform_ioctl(tfm_platform_ioctl_req_t request, + psa_invec *input, + psa_outvec *output); + +/*! + * \brief Increments the given non-volatile (NV) counter by one + * + * \param[in] counter_id NV counter ID. + * + * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, + * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. + */ +enum tfm_platform_err_t +tfm_platform_nv_counter_increment(uint32_t counter_id); + +/*! + * \brief Reads the given non-volatile (NV) counter + * + * \param[in] counter_id NV counter ID. + * \param[in] size Size of the buffer to store NV counter value + * in bytes. + * \param[out] val Pointer to store the current NV counter value. + * + * \return TFM_PLATFORM_ERR_SUCCESS if the value is read correctly. Otherwise, + * it returns TFM_PLATFORM_ERR_SYSTEM_ERROR. + */ +enum tfm_platform_err_t +tfm_platform_nv_counter_read(uint32_t counter_id, + uint32_t size, uint8_t *val); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_PLATFORM_API__ */ diff --git a/subsys/nrf_security/include/tfm_ps_defs.h b/subsys/nrf_security/include/tfm_ps_defs.h new file mode 100644 index 000000000000..aac231690e8c --- /dev/null +++ b/subsys/nrf_security/include/tfm_ps_defs.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2017-2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PS_DEFS_H__ +#define __TFM_PS_DEFS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/* Invalid UID */ +#define TFM_PS_INVALID_UID 0 + +/* PS message types that distinguish PS services. */ +#define TFM_PS_SET 1001 +#define TFM_PS_GET 1002 +#define TFM_PS_GET_INFO 1003 +#define TFM_PS_REMOVE 1004 +#define TFM_PS_GET_SUPPORT 1005 + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_PS_DEFS_H__ */ diff --git a/subsys/nrf_security/include/tfm_psa_call_pack.h b/subsys/nrf_security/include/tfm_psa_call_pack.h new file mode 100644 index 000000000000..7cf62f8b51ae --- /dev/null +++ b/subsys/nrf_security/include/tfm_psa_call_pack.h @@ -0,0 +1,80 @@ +/* + * Copyright (c) 2021-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_PSA_CALL_PACK_H__ +#define __TFM_PSA_CALL_PACK_H__ + +#include "psa/client.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * 31 30-28 27 26-24 23-20 19 18-16 15-0 + * +------------+-----+------+-------+-----+-------+-------+------+ + * | NS vector | | NS | invec | | NS | outvec| type | + * | descriptor | Res | invec| number| Res | outvec| number| | + * +------------+-----+------+-------+-----+-------+-------+------+ + * + * Res: Reserved. + */ +#define TYPE_MASK 0xFFFFUL + +#define IN_LEN_OFFSET 24 +#define IN_LEN_MASK (0x7UL << IN_LEN_OFFSET) + +#define OUT_LEN_OFFSET 16 +#define OUT_LEN_MASK (0x7UL << OUT_LEN_OFFSET) + +/* + * NS_VEC_DESC_BIT is referenced by inline assembly, which does not + * support composited bit operations. So NS_VEC_DESC_BIT must be + * defined as a number. + */ +#define NS_VEC_DESC_BIT 0x80000000UL + +#define NS_INVEC_OFFSET 27 +#define NS_INVEC_BIT (1UL << NS_INVEC_OFFSET) +#define NS_OUTVEC_OFFSET 19 +#define NS_OUTVEC_BIT (1UL << NS_OUTVEC_OFFSET) + +#define PARAM_PACK(type, in_len, out_len) \ + ((((uint32_t)(type)) & TYPE_MASK) | \ + ((((uint32_t)(in_len)) << IN_LEN_OFFSET) & IN_LEN_MASK) | \ + ((((uint32_t)(out_len)) << OUT_LEN_OFFSET) & OUT_LEN_MASK)) + +#define PARAM_UNPACK_TYPE(ctrl_param) \ + ((int32_t)(int16_t)((ctrl_param) & TYPE_MASK)) + +#define PARAM_UNPACK_IN_LEN(ctrl_param) \ + ((size_t)(((ctrl_param) & IN_LEN_MASK) >> IN_LEN_OFFSET)) + +#define PARAM_UNPACK_OUT_LEN(ctrl_param) \ + ((size_t)(((ctrl_param) & OUT_LEN_MASK) >> OUT_LEN_OFFSET)) + +#define PARAM_SET_NS_VEC(ctrl_param) ((ctrl_param) | NS_VEC_DESC_BIT) +#define PARAM_IS_NS_VEC(ctrl_param) ((ctrl_param) & NS_VEC_DESC_BIT) + +#define PARAM_SET_NS_INVEC(ctrl_param) ((ctrl_param) | NS_INVEC_BIT) +#define PARAM_IS_NS_INVEC(ctrl_param) ((ctrl_param) & NS_INVEC_BIT) +#define PARAM_SET_NS_OUTVEC(ctrl_param) ((ctrl_param) | NS_OUTVEC_BIT) +#define PARAM_IS_NS_OUTVEC(ctrl_param) ((ctrl_param) & NS_OUTVEC_BIT) + +#define PARAM_HAS_IOVEC(ctrl_param) \ + ((ctrl_param) != (uint32_t)PARAM_UNPACK_TYPE(ctrl_param)) + +psa_status_t tfm_psa_call_pack(psa_handle_t handle, + uint32_t ctrl_param, + const psa_invec *in_vec, + psa_outvec *out_vec); + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_PSA_CALL_PACK_H__ */ diff --git a/subsys/nrf_security/include/tfm_veneers.h b/subsys/nrf_security/include/tfm_veneers.h new file mode 100644 index 000000000000..24c4036f4dea --- /dev/null +++ b/subsys/nrf_security/include/tfm_veneers.h @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2017-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __TFM_VENEERS_H__ +#define __TFM_VENEERS_H__ + +#include +#include "psa/client.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/********************* Secure function declarations ***************************/ + +/** + * \brief Retrieve the version of the PSA Framework API that is implemented. + * + * \return The version of the PSA Framework. + */ +uint32_t tfm_psa_framework_version_veneer(void); + +/** + * \brief Return version of secure function provided by secure binary. + * + * \param[in] sid ID of secure service. + * + * \return Version number of secure function. + */ +uint32_t tfm_psa_version_veneer(uint32_t sid); + +/** + * \brief Connect to secure function. + * + * \param[in] sid ID of secure service. + * \param[in] version Version of SF requested by client. + * + * \return Returns handle to connection. + */ +psa_handle_t tfm_psa_connect_veneer(uint32_t sid, uint32_t version); + +/** + * \brief Call a secure function referenced by a connection handle. + * + * \param[in] handle Handle to connection. + * \param[in] ctrl_param Parameters combined in uint32_t, + * includes request type, in_num and out_num. + * \param[in] in_vec Array of input \ref psa_invec structures. + * \param[in,out] out_vec Array of output \ref psa_outvec structures. + * + * \return Returns \ref psa_status_t status code. + */ +psa_status_t tfm_psa_call_veneer(psa_handle_t handle, + uint32_t ctrl_param, + const psa_invec *in_vec, + psa_outvec *out_vec); + +/** + * \brief Close connection to secure function referenced by a connection handle. + * + * \param[in] handle Handle to connection + */ +void tfm_psa_close_veneer(psa_handle_t handle); + +/***************** End Secure function declarations ***************************/ + +#ifdef __cplusplus +} +#endif + +#endif /* __TFM_VENEERS_H__ */ From 939a25721dac56c20efe80c6ad889e3447805eb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 09:26:35 +0200 Subject: [PATCH 021/217] tf-m: Updated out-of-tree crypto_spe.h to aling with TF-M 2.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This adjusts the out-of-tree file used for TF-M builds to adjust the PSA crypto APIs symbol names for crypto service build (prefixed with e.g. mbedcrypto__ to not collide with the PSA crypto APIs calls made from any other service and/or testing done from inside TF-M image. -This includes additions for PAKE APIs currently not supported in TF-M Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/include/crypto_spe.h | 219 +++++++++++++++++------ 1 file changed, 163 insertions(+), 56 deletions(-) diff --git a/subsys/nrf_security/include/crypto_spe.h b/subsys/nrf_security/include/crypto_spe.h index 4628ecc83dfc..4c1f1a931fd8 100644 --- a/subsys/nrf_security/include/crypto_spe.h +++ b/subsys/nrf_security/include/crypto_spe.h @@ -19,62 +19,169 @@ #ifndef CRYPTO_SPE_H #define CRYPTO_SPE_H -#define PSA_FUNCTION_NAME(x) mbedcrypto__##x +#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x -#define psa_crypto_init PSA_FUNCTION_NAME(psa_crypto_init) -#define psa_key_derivation_get_capacity PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) -#define psa_key_derivation_set_capacity PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) -#define psa_key_derivation_input_bytes PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) -#define psa_key_derivation_output_bytes PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) -#define psa_key_derivation_input_key PSA_FUNCTION_NAME(psa_key_derivation_input_key) -#define psa_key_derivation_output_key PSA_FUNCTION_NAME(psa_key_derivation_output_key) -#define psa_key_derivation_setup PSA_FUNCTION_NAME(psa_key_derivation_setup) -#define psa_key_derivation_abort PSA_FUNCTION_NAME(psa_key_derivation_abort) -#define psa_key_derivation_key_agreement PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) -#define psa_raw_key_agreement PSA_FUNCTION_NAME(psa_raw_key_agreement) -#define psa_generate_random PSA_FUNCTION_NAME(psa_generate_random) -#define psa_aead_encrypt PSA_FUNCTION_NAME(psa_aead_encrypt) -#define psa_aead_decrypt PSA_FUNCTION_NAME(psa_aead_decrypt) -#define psa_open_key PSA_FUNCTION_NAME(psa_open_key) -#define psa_close_key PSA_FUNCTION_NAME(psa_close_key) -#define psa_import_key PSA_FUNCTION_NAME(psa_import_key) -#define psa_destroy_key PSA_FUNCTION_NAME(psa_destroy_key) -#define psa_get_key_attributes PSA_FUNCTION_NAME(psa_get_key_attributes) -#define psa_reset_key_attributes PSA_FUNCTION_NAME(psa_reset_key_attributes) -#define psa_export_key PSA_FUNCTION_NAME(psa_export_key) -#define psa_export_public_key PSA_FUNCTION_NAME(psa_export_public_key) -#define psa_purge_key PSA_FUNCTION_NAME(psa_purge_key) -#define psa_copy_key PSA_FUNCTION_NAME(psa_copy_key) -#define psa_cipher_operation_init PSA_FUNCTION_NAME(psa_cipher_operation_init) -#define psa_cipher_generate_iv PSA_FUNCTION_NAME(psa_cipher_generate_iv) -#define psa_cipher_set_iv PSA_FUNCTION_NAME(psa_cipher_set_iv) -#define psa_cipher_encrypt_setup PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) -#define psa_cipher_decrypt_setup PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) -#define psa_cipher_update PSA_FUNCTION_NAME(psa_cipher_update) -#define psa_cipher_finish PSA_FUNCTION_NAME(psa_cipher_finish) -#define psa_cipher_abort PSA_FUNCTION_NAME(psa_cipher_abort) -#define psa_hash_operation_init PSA_FUNCTION_NAME(psa_hash_operation_init) -#define psa_hash_setup PSA_FUNCTION_NAME(psa_hash_setup) -#define psa_hash_update PSA_FUNCTION_NAME(psa_hash_update) -#define psa_hash_finish PSA_FUNCTION_NAME(psa_hash_finish) -#define psa_hash_verify PSA_FUNCTION_NAME(psa_hash_verify) -#define psa_hash_abort PSA_FUNCTION_NAME(psa_hash_abort) -#define psa_hash_clone PSA_FUNCTION_NAME(psa_hash_clone) -#define psa_hash_compute PSA_FUNCTION_NAME(psa_hash_compute) -#define psa_hash_compare PSA_FUNCTION_NAME(psa_hash_compare) -#define psa_mac_operation_init PSA_FUNCTION_NAME(psa_mac_operation_init) -#define psa_mac_sign_setup PSA_FUNCTION_NAME(psa_mac_sign_setup) -#define psa_mac_verify_setup PSA_FUNCTION_NAME(psa_mac_verify_setup) -#define psa_mac_update PSA_FUNCTION_NAME(psa_mac_update) -#define psa_mac_sign_finish PSA_FUNCTION_NAME(psa_mac_sign_finish) -#define psa_mac_verify_finish PSA_FUNCTION_NAME(psa_mac_verify_finish) -#define psa_mac_abort PSA_FUNCTION_NAME(psa_mac_abort) -#define psa_sign_hash PSA_FUNCTION_NAME(psa_sign_hash) -#define psa_verify_hash PSA_FUNCTION_NAME(psa_verify_hash) -#define psa_asymmetric_encrypt PSA_FUNCTION_NAME(psa_asymmetric_encrypt) -#define psa_asymmetric_decrypt PSA_FUNCTION_NAME(psa_asymmetric_decrypt) -#define psa_generate_key PSA_FUNCTION_NAME(psa_generate_key) -#define psa_set_key_domain_parameters PSA_FUNCTION_NAME(psa_set_key_domain_parameters) -#define psa_get_key_domain_parameters PSA_FUNCTION_NAME(psa_get_key_domain_parameters) +#define psa_crypto_init \ + PSA_FUNCTION_NAME(psa_crypto_init) +#define psa_key_derivation_get_capacity \ + PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) +#define psa_key_derivation_set_capacity \ + PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) +#define psa_key_derivation_input_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) +#define psa_key_derivation_input_integer \ + PSA_FUNCTION_NAME(psa_key_derivation_input_integer) +#define psa_key_derivation_output_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) +#define psa_key_derivation_input_key \ + PSA_FUNCTION_NAME(psa_key_derivation_input_key) +#define psa_key_derivation_output_key \ + PSA_FUNCTION_NAME(psa_key_derivation_output_key) +#define psa_key_derivation_setup \ + PSA_FUNCTION_NAME(psa_key_derivation_setup) +#define psa_key_derivation_abort \ + PSA_FUNCTION_NAME(psa_key_derivation_abort) +#define psa_key_derivation_key_agreement \ + PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) +#define psa_key_derivation_verify_bytes \ + PSA_FUNCTION_NAME(psa_key_derivation_verify_bytes) +#define psa_key_derivation_verify_key \ + PSA_FUNCTION_NAME(psa_key_derivation_verify_key) +#define psa_raw_key_agreement \ + PSA_FUNCTION_NAME(psa_raw_key_agreement) +#define psa_generate_random \ + PSA_FUNCTION_NAME(psa_generate_random) +#define psa_aead_encrypt \ + PSA_FUNCTION_NAME(psa_aead_encrypt) +#define psa_aead_decrypt \ + PSA_FUNCTION_NAME(psa_aead_decrypt) +#define psa_aead_encrypt_setup \ + PSA_FUNCTION_NAME(psa_aead_encrypt_setup) +#define psa_aead_decrypt_setup \ + PSA_FUNCTION_NAME(psa_aead_decrypt_setup) +#define psa_aead_generate_nonce \ + PSA_FUNCTION_NAME(psa_aead_generate_nonce) +#define psa_aead_set_nonce \ + PSA_FUNCTION_NAME(psa_aead_set_nonce) +#define psa_aead_set_lengths \ + PSA_FUNCTION_NAME(psa_aead_set_lengths) +#define psa_aead_update_ad \ + PSA_FUNCTION_NAME(psa_aead_update_ad) +#define psa_aead_update \ + PSA_FUNCTION_NAME(psa_aead_update) +#define psa_aead_finish \ + PSA_FUNCTION_NAME(psa_aead_finish) +#define psa_aead_verify \ + PSA_FUNCTION_NAME(psa_aead_verify) +#define psa_aead_abort \ + PSA_FUNCTION_NAME(psa_aead_abort) +#define psa_open_key \ + PSA_FUNCTION_NAME(psa_open_key) +#define psa_close_key \ + PSA_FUNCTION_NAME(psa_close_key) +#define psa_import_key \ + PSA_FUNCTION_NAME(psa_import_key) +#define psa_destroy_key \ + PSA_FUNCTION_NAME(psa_destroy_key) +#define psa_get_key_attributes \ + PSA_FUNCTION_NAME(psa_get_key_attributes) +#define psa_reset_key_attributes \ + PSA_FUNCTION_NAME(psa_reset_key_attributes) +#define psa_export_key \ + PSA_FUNCTION_NAME(psa_export_key) +#define psa_export_public_key \ + PSA_FUNCTION_NAME(psa_export_public_key) +#define psa_purge_key \ + PSA_FUNCTION_NAME(psa_purge_key) +#define psa_copy_key \ + PSA_FUNCTION_NAME(psa_copy_key) +#define psa_cipher_operation_init \ + PSA_FUNCTION_NAME(psa_cipher_operation_init) +#define psa_cipher_generate_iv \ + PSA_FUNCTION_NAME(psa_cipher_generate_iv) +#define psa_cipher_set_iv \ + PSA_FUNCTION_NAME(psa_cipher_set_iv) +#define psa_cipher_encrypt_setup \ + PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) +#define psa_cipher_decrypt_setup \ + PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) +#define psa_cipher_update \ + PSA_FUNCTION_NAME(psa_cipher_update) +#define psa_cipher_encrypt \ + PSA_FUNCTION_NAME(psa_cipher_encrypt) +#define psa_cipher_decrypt \ + PSA_FUNCTION_NAME(psa_cipher_decrypt) +#define psa_cipher_finish \ + PSA_FUNCTION_NAME(psa_cipher_finish) +#define psa_cipher_abort \ + PSA_FUNCTION_NAME(psa_cipher_abort) +#define psa_hash_operation_init \ + PSA_FUNCTION_NAME(psa_hash_operation_init) +#define psa_hash_setup \ + PSA_FUNCTION_NAME(psa_hash_setup) +#define psa_hash_update \ + PSA_FUNCTION_NAME(psa_hash_update) +#define psa_hash_finish \ + PSA_FUNCTION_NAME(psa_hash_finish) +#define psa_hash_verify \ + PSA_FUNCTION_NAME(psa_hash_verify) +#define psa_hash_abort \ + PSA_FUNCTION_NAME(psa_hash_abort) +#define psa_hash_clone \ + PSA_FUNCTION_NAME(psa_hash_clone) +#define psa_hash_compute \ + PSA_FUNCTION_NAME(psa_hash_compute) +#define psa_hash_compare \ + PSA_FUNCTION_NAME(psa_hash_compare) +#define psa_mac_operation_init \ + PSA_FUNCTION_NAME(psa_mac_operation_init) +#define psa_mac_sign_setup \ + PSA_FUNCTION_NAME(psa_mac_sign_setup) +#define psa_mac_verify_setup \ + PSA_FUNCTION_NAME(psa_mac_verify_setup) +#define psa_mac_update \ + PSA_FUNCTION_NAME(psa_mac_update) +#define psa_mac_sign_finish \ + PSA_FUNCTION_NAME(psa_mac_sign_finish) +#define psa_mac_verify_finish \ + PSA_FUNCTION_NAME(psa_mac_verify_finish) +#define psa_mac_compute \ + PSA_FUNCTION_NAME(psa_mac_compute) +#define psa_mac_verify \ + PSA_FUNCTION_NAME(psa_mac_verify) +#define psa_mac_abort \ + PSA_FUNCTION_NAME(psa_mac_abort) +#define psa_sign_message \ + PSA_FUNCTION_NAME(psa_sign_message) +#define psa_verify_message \ + PSA_FUNCTION_NAME(psa_verify_message) +#define psa_sign_hash \ + PSA_FUNCTION_NAME(psa_sign_hash) +#define psa_verify_hash \ + PSA_FUNCTION_NAME(psa_verify_hash) +#define psa_asymmetric_encrypt \ + PSA_FUNCTION_NAME(psa_asymmetric_encrypt) +#define psa_asymmetric_decrypt \ + PSA_FUNCTION_NAME(psa_asymmetric_decrypt) +#define psa_generate_key \ + PSA_FUNCTION_NAME(psa_generate_key) +#define psa_pake_setup \ + PSA_FUNCTION_NAME(psa_pake_setup) +#define psa_pake_set_role \ + PSA_FUNCTION_NAME(psa_pake_set_role) +#define psa_pake_set_user \ + PSA_FUNCTION_NAME(psa_pake_set_user) +#define psa_pake_set_peer \ + PSA_FUNCTION_NAME(psa_pake_set_peer) +#define psa_pake_set_context \ + PSA_FUNCTION_NAME(psa_pake_set_context) +#define psa_pake_output \ + PSA_FUNCTION_NAME(psa_pake_output) +#define psa_pake_input \ + PSA_FUNCTION_NAME(psa_pake_input) +#define psa_pake_get_shared_key \ + PSA_FUNCTION_NAME(psa_pake_get_shared_key) +#define psa_pake_abort \ + PSA_FUNCTION_NAME(psa_pake_abort) #endif /* CRYPTO_SPE_H */ From 48f481edb0bb4a17ee77fc4f501e9da6df538388 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 09:35:21 +0200 Subject: [PATCH 022/217] tf-m: Add TF-M compiler flags to TF-M config libraries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This resolves an issue transferring compiler-flags and linker-options aggregated from TF-M build into all libraries built by nrf_security. The libraries psa_crypto_config and psa_crypto_library_config was chosen as this would previously be used by the now removed mbedcrypto_common, but this has been erased. By setting the compiler- flags and linker-options to these targets we ensure that the right floating-point configurations are used when building and linking with crypto-libraries Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index c04b3d843f61..bacee7bbf3e8 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -141,6 +141,34 @@ target_link_libraries(mbedcrypto_base mbedcrypto_common ) +# Misusing the psa_crypto_config and psa_crypto_library_config awareness to +# set compiler-flags to ensure right floating-point types are set +if(COMPILER_CP_FLAG) + target_compile_options(psa_crypto_config + INTERFACE + ${COMPILER_CP_FLAG} + ) + + target_compile_options(psa_crypto_library_config + INTERFACE + ${COMPILER_CP_FLAG} + ) +endif() + +# Misusing the psa_crypto_config and psa_crypto_library_config awareness to +# set linker-options to ensure right floating-point types are set +if(LINKER_CP_OPTION) + target_link_options(psa_crypto_config + INTERFACE + ${LINKER_CP_OPTION} + ) + + target_link_options(psa_crypto_library_config + INTERFACE + ${LINKER_CP_OPTION} +) +endif() + target_link_libraries(${mbedcrypto_target} PRIVATE mbedcrypto_base From 88e3a498dea2e64bdac11251a3f670b69fa88f4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 13:39:18 +0200 Subject: [PATCH 023/217] crypto: PSA core: Add psa_crypto_config + _library_config MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit adds usage of psa_crypto_config and psa_crypto_config_library and it is a major refactoring on the PSA core in build -Previously we have made choices on whether or not to build specific features dependent on CMake variables constructed by nrf_security (BUILD_INSIDE_TFM and/or COMPILE_PSA_APIS). These have been removed in favor of the standard signals that exists in Mbed TLS and TF-M (MBEDTLS_PSA_CRYPTO_SPM and MBEDTLS_PSA_CRYPTO_C). This commit tries to fix a technical debt issue of using multiple competing signals for the same meaning. From this commit on, the standard signals will be used in all cases. -Added early exit in PSA crypto core build in case MBEDTLS_PSA_CRYPTO_C is not set (meaning it doesn't need to be built) -Added an early exit in all PSA driver build in case MBEDTLS_PSA_CRYPTO_C is not set (meaning it doesn't build the PSA core and no drivers are needed) -Adding cmake/generate_configs.cmake that includes macros generate_mbedcrypto_interface_configs and generate_mbedcrypto_library_configs which is used to ensure -Adding macros to store/restore specific configurations that needs to be changed depending on whether you have an interface build or a library build (generated in two sets) -Removing Kconfig GENERATE_MBEDTLS_CFG_FILE as it is unsupported -Removing MBEDTLS_USER_CONFIG_FILE as we are now using MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE -Changing the default names for Mbed TLS config files according to the generated files named earlier in this commit-message -Removed all references to mbedcrypto_common which was used to transfer information both to PSA crypto interface and library build. This is now handled by psa_crypto_config and psa_crypto_library_config Signed-off-by: Frank Audun Kvamtrø --- .../tfm_boards/CMakeLists.txt | 3 - subsys/nrf_security/CMakeLists.txt | 64 ++++++-- subsys/nrf_security/Kconfig | 31 +--- .../nrf_security/cmake/config_to_tf-m.cmake | 16 -- subsys/nrf_security/cmake/extensions.cmake | 30 +++- .../nrf_security/cmake/generate_configs.cmake | 145 ++++++++++++++++++ .../cmake/legacy_crypto_config.cmake | 35 +---- .../cmake/psa_crypto_want_config.cmake | 11 +- subsys/nrf_security/src/CMakeLists.txt | 138 +++++++---------- subsys/nrf_security/src/core/CMakeLists.txt | 2 +- .../nrf_security/src/drivers/CMakeLists.txt | 11 ++ .../src/drivers/nrf_oberon/CMakeLists.txt | 20 +-- subsys/nrf_security/src/legacy/CMakeLists.txt | 99 ++++-------- .../src/ssf_secdom/CMakeLists.txt | 25 --- subsys/nrf_security/src/zephyr/CMakeLists.txt | 19 +-- 15 files changed, 348 insertions(+), 301 deletions(-) create mode 100644 subsys/nrf_security/cmake/generate_configs.cmake diff --git a/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt b/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt index 0d027e40eac7..488c248614b1 100644 --- a/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt +++ b/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt @@ -82,9 +82,6 @@ if (${TFM_PARTITION_CRYPTO}) target_link_libraries(platform_crypto_keys PUBLIC platform_s - # Link with mbedcrypto_common to get Oberon PSA headers instead of - # TF-M PSA headers - mbedcrypto_common # Link with tfm_sprt to get the include path for tfm_sp_log.h tfm_sprt ) diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index 046e3190aa4a..d364a38579b9 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -5,8 +5,8 @@ # # This file is nrf_security's entry-point for the NCS build system -set(BUILD_INSIDE_TFM False) - +# Set SPM to false as we are not in a secure image build +set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM False) # Include generic macros include(cmake/extensions.cmake) @@ -45,10 +45,6 @@ if(CONFIG_BUILD_WITH_TFM OR CONFIG_PSA_SSF_CRYPTO_CLIENT) # We enable either TF-M or the SSF client PSA crypto interface but we are # not in the secure image build - # NS-build: PSA APIs are already compiled in the secure image and is - # exposed as a service - set(COMPILE_PSA_APIS False) - # Add replacement platform.c for NS build list(APPEND src_zephyr ${ARM_MBEDTLS_PATH}/library/platform.c @@ -90,22 +86,58 @@ if(CONFIG_BUILD_WITH_TFM OR CONFIG_PSA_SSF_CRYPTO_CLIENT) # 5. Special case: Handle platform specific configurations set(CONFIG_MBEDTLS_PLATFORM_EXIT_ALT False) set(CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT False) - - # 6. Threading is not used for TF-M NS build - # Force this to false to disable it. - set(CONFIG_MBEDTLS_THREADING_ALT False) - set(CONFIG_MBEDTLS_THREADING_C False) else() nrf_security_debug("Building for pure Zephyr") - - if(CONFIG_MBEDTLS_PSA_CRYPTO_C) - # Build PSA APIs if requested - set(COMPILE_PSA_APIS True) - endif() endif() set(CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG True) +# Add library for crypto configs (NS/S-only build) +# The name and intent of this comes from TF-M distribution +add_library(psa_crypto_config INTERFACE) + +# Add config files required for PSA crypto interface +target_compile_definitions(psa_crypto_config + INTERFACE + -DMBEDTLS_CONFIG_FILE="${CONFIG_MBEDTLS_CFG_FILE}" + -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" +) + +# Add library for crypto configs (S-only or Secure image build) +# The name and intent of this comes from TF-M distribution +add_library(psa_crypto_library_config INTERFACE) + +# Add config files required for PSA core +target_compile_definitions(psa_crypto_library_config + INTERFACE + -DMBEDTLS_CONFIG_FILE="${CONFIG_MBEDTLS_CFG_FILE}" + -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" + -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}" +) + +target_include_directories(psa_crypto_library_config + INTERFACE + ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} + ${NRF_SECURITY_ROOT}/include +) + +# Add a library for crypto includes for the PSA interface (NS, S-only and TF-M) +# The name and intent of this comes from TF-M distribution +add_library(psa_interface INTERFACE) + +# Add the includes from nrf_security, Oberon PSA core, and Arm Mbed TLS +# to the psa_interface library +target_include_directories(psa_interface + INTERFACE + # Oberon PSA headers + ${OBERON_PSA_CORE_PATH}/include + ${OBERON_PSA_CORE_PATH}/library + # Mbed TLS (mbedcrypto) PSA headers + ${ARM_MBEDTLS_PATH}/library + ${ARM_MBEDTLS_PATH}/include + ${ARM_MBEDTLS_PATH}/include/library +) + # Finally adding the crypto lib add_subdirectory(${NRFXLIB_DIR}/crypto crypto_copy) diff --git a/subsys/nrf_security/Kconfig b/subsys/nrf_security/Kconfig index a258570130ae..4819440e4611 100644 --- a/subsys/nrf_security/Kconfig +++ b/subsys/nrf_security/Kconfig @@ -99,41 +99,26 @@ config MBEDTLS_CFG_FILE Name of the config file for mbed TLS. This configuration file is used in configurations with or without PSA APIs supported. -config MBEDTLS_USER_CONFIG_FILE - string "mbed TLS user configuration file" - default "nrf-config-user-empty.h" - help - Name of the file that will contain additional configurations for mbed TLS. - This file is empty by default. +config MBEDTLS_PSA_CRYPTO_CONFIG + bool + default y config MBEDTLS_PSA_CRYPTO_CONFIG_FILE string "PSA want configuration file" - default "nrf-psa-crypto-want-config.h" + default "nrf-psa-crypto-config.h" help - Name of the config file containins the PSA configuration. - This file may be generated and will contain PSA configurations if PSA APIs - are generated in the system. + Name of the config file for PSA crypto (Containins PSA_WANT_XXXX configurations). + This file is generated and will contain PSA configurations if PSA crypto APIs + are enabled in the system. config MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE string "Additional PSA configuration file" - default "nrf-psa-crypto-config.h" + default "nrf-psa-crypto-user-config.h" help Name of the file containing extra PSA configuration. This file may be generated andd will contain exte PSA configurations like the PSA_NEED defines for different crypto accelerators. -config GENERATE_MBEDTLS_CFG_FILE - bool - prompt "Generate mbed TLS config files" - default y - help - nrf_security will generate mbed TLS configuration file(s) - based on the selection of configuration options in Kconfig. - However, if the generated configuration file needs custom - adjustments, this setting can be used to disable generating the - mbed TLS configuration file. Only disable this setting if you know - what you are doing. - config MBEDTLS_ENABLE_HEAP bool "Enable global heap for mbed TLS" default y if BUILD_WITH_TFM diff --git a/subsys/nrf_security/cmake/config_to_tf-m.cmake b/subsys/nrf_security/cmake/config_to_tf-m.cmake index 1366068cf7e6..c881fa4f9dac 100644 --- a/subsys/nrf_security/cmake/config_to_tf-m.cmake +++ b/subsys/nrf_security/cmake/config_to_tf-m.cmake @@ -20,22 +20,6 @@ set_property(TARGET zephyr_property_target PROPERTY TFM_MBEDCRYPTO_PATH ${CMAKE_CURRENT_LIST_DIR}/../tfm ) -# Set the configuration files -set_property(TARGET zephyr_property_target - APPEND - PROPERTY TFM_CMAKE_OPTIONS - -DTFM_MBEDCRYPTO_CONFIG_PATH:STRING=${CONFIG_MBEDTLS_CFG_FILE} - -DTFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH:STRING=${CMAKE_CURRENT_BINARY_DIR}/src/include/generated/${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE} -) - -if(NOT ${CONFIG_MBEDTLS_USER_CONFIG_FILE} STREQUAL "nrf-config-user-empty.h" ) - set_property(TARGET zephyr_property_target - APPEND - PROPERTY TFM_CMAKE_OPTIONS - -DTFM_MBEDCRYPTO_USER_CONFIG_PATH:STRING=${CMAKE_CURRENT_BINARY_DIR}/src/include/generated/${CONFIG_MBEDTLS_USER_CONFIG_FILE} - ) -endif() - if(CONFIG_PSA_ITS_ENCRYPTED) set_property(TARGET zephyr_property_target APPEND PROPERTY TFM_CMAKE_OPTIONS diff --git a/subsys/nrf_security/cmake/extensions.cmake b/subsys/nrf_security/cmake/extensions.cmake index 29df5dd937b4..8b04c63bac2d 100644 --- a/subsys/nrf_security/cmake/extensions.cmake +++ b/subsys/nrf_security/cmake/extensions.cmake @@ -82,16 +82,32 @@ macro(kconfig_check_and_set_base_to_one_depends base) kconfig_check_and_set_base_to_val_depends(${base} 1 ${ARGN}) endmacro() + # -# Internal macro to configure file if Kconfig config is set +# Internal macro that makes a backup of a given configuration (suffixed by _COPY) +# This stores the current state of a Kconfig (CONFIG_ is expected) # -# This needs some work +macro(kconfig_backup_current_config config) + if(${config}) + message("Backup: ${config}: True") + set(${config}_COPY True}) + else() + message("Backup: ${config}: False") + set(${config}_COPY False) + endif() +endmacro() + +# +# Internal macro that restore a backed up copy of a given configuration (suffixed by _COPY) +# This restores the backed up state of a Kconfig (CONFIG_ is expected) # -macro(nrf_security_configure_file config location file) - if (${mbedtls_config}) - nrf_security_debug("Configure file: ${file}") - get_filename_component(file_name ${file} NAME) - configure_file(${file} ${location}/${file_name} COPYONLY) +macro(kconfig_restore_backup_config config) + if(${config}_COPY) + message("Restore: ${config}: True") + set(${config} True) + else() + message("Restore: ${config}: False") + set(${config} False) endif() endmacro() diff --git a/subsys/nrf_security/cmake/generate_configs.cmake b/subsys/nrf_security/cmake/generate_configs.cmake new file mode 100644 index 000000000000..9bef08da4899 --- /dev/null +++ b/subsys/nrf_security/cmake/generate_configs.cmake @@ -0,0 +1,145 @@ + + +# The term "Secure-only" means a system where TrustZone is unavailable/not enabled + +# This macro is used for the following builds +# - NS interface built by TF-M (Results will will be installed in NCS) +macro(generate_mbedcrypto_interface_configs) + # This must be set TODO:FILLME + if(NOT PSA_CRYPTO_CONFIG_INTERFACE_PATH) + message(FATAL_ERROR "generate_mbedcrypto_interface_configs expects PSA_CRYPTO_CONFIG_INTERFACE_PATH to be set") + endif() + + if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + message("=========== Generating psa_crypto_config ===============") + + # Make a copy of the configurations changed for the PSA interface + kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) + kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + kconfig_backup_current_config(CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) + kconfig_backup_current_config(CONFIG_MBEDTLS_THREADING) + kconfig_backup_current_config(CONFIG_MBEDTLS_THREADING_ALT) + + message("=========== Checkpoint: backup ===============") + + # Set generated_include_path which is used by the config-generation + set(generated_include_path ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}) + + # CONFIG_MBEDTLS_PSA_CRYPTO_SPM must be set to false for interface builds (Relevant for check_config.h) + set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM False) + # CONFIG_MBEDTLS_PSA_CRYPTO_C must be set to false for interface builds (Relevant for check_config.h) + set(CONFIG_MBEDTLS_PSA_CRYPTO_C False) + # CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be turned off because the TF-M interface + # uses psa_key_id_t for the interface and not mbedtls_svc_key_id_t + set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER False) + # CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT must be turned of because the NS world doesn't use it + set(CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT False) + if(CONFIG_BUILD_WITH_TFM) + # Disable threading for the PSA interface used in TF-M build (NS and S image) + set(CONFIG_MBEDTLS_THREADING_C False) + set(CONFIG_MBEDTLS_THREADING_ALT False) + endif() + + # Empty out previous versions of interface config-files + file(REMOVE_RECURSE ${generated_include_path}) + + # Generate MBEDCRYPTO_CONFIG_FILE + if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C) + include(${NRF_SECURITY_ROOT}/cmake/legacy_crypto_config.cmake) + else() + include(${NRF_SECURITY_ROOT}/cmake/nrf_config.cmake) + endif() + + # Generate the PSA_CRYPTO_CONFIG_FILE (PSA_WANT_XXXX configurations) + include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_want_config.cmake) + + # Note: Interface doesn't need PSA_CRYPTO_USER_CONFIG_FILE + + # Restore the backup configurations + kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) + kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + kconfig_restore_backup_config(CONFIG_MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) + kconfig_restore_backup_config(CONFIG_MBEDTLS_THREADING) + kconfig_restore_backup_config(CONFIG_MBEDTLS_THREADING_ALT) + + message("=========== End psa_crypto_config ===============") + endif() +endmacro() + + +# This macro is only used for the following builds +# - TF-M crypto partition builds (inside the secure image) +# - Secure-only builds +macro(generate_mbedcrypto_library_configs) + if(NOT PSA_CRYPTO_CONFIG_LIBRARY_PATH) + message(FATAL_ERROR "generate_mbedcrypto_library_configs expects PSA_CRYPTO_CONFIG_LIBRARY_PATH to be set") + endif() + + if(NOT (CONFIG_MBEDTLS_PSA_CRYPTO_SPM OR CONFIG_PSA_SSF_CRYPTO_CLIENT)) + + message("=========== Generating psa_crypto_library_config ===============") + + # Make a backup of the configurations changed for the PSA library + kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) + kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + kconfig_backup_current_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + kconfig_backup_current_config(CONFIG_MBEDTLS_USE_PSA_CRYPTO) + kconfig_backup_current_config(CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT) + kconfig_backup_current_config(CONFIG_MBEDTLS_THREADING) + kconfig_backup_current_config(CONFIG_MBEDTLS_THREADING_ALT) + + + message("=========== Checkpoint: backup ===============") + + # Set generated_include_path which is used by the config-generation files + set(generated_include_path ${PSA_CRYPTO_CONFIG_LIBRARY_PATH}) + + # Empty out previous versions of library config-files + file(REMOVE_RECURSE ${generated_include_path}) + + # CONFIG_MBEDTLS_PSA_CRYPTO_C must be set as to true for all library builds + set(CONFIG_MBEDTLS_PSA_CRYPTO_C True) + # CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be set to true for the following builds + # -TF-M secure image + # -Secure-only builds which takes in nrf_cc3xx (Requires stable ABI for psa_key_attributes_t) + set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) + # Handle configurations required by library build inside TF-M (NS world doesn't use psa_crypto_library_config) + if(CONFIG_BUILD_WITH_TFM) + # CONFIG_MBEDTLS_PSA_CRYPTO_SPM must be set for the library build in TF-M + set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM True) + # CONFIG_MBEDTLS_USE_PSA_CRYPTO must be unset for library build in TF-M + set(CONFIG_MBEDTLS_USE_PSA_CRYPTO False) + # CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT must be set for the library build in TF-M + set(CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT True) + # Disable threading for the PSA interface used in TF-M build (NS and S image) + set(CONFIG_MBEDTLS_THREADING_C False) + set(CONFIG_MBEDTLS_THREADING_ALT False) + endif() + + # Generate MBEDCRYPTO_CONFIG_FILE + if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C) + include(${NRF_SECURITY_ROOT}/cmake/legacy_crypto_config.cmake) + else() + include(${NRF_SECURITY_ROOT}/cmake/nrf_config.cmake) + endif() + + # Generate the PSA_CRYPTO_CONFIG_FILE (PSA_WANT_XXXX configurations) + include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_want_config.cmake) + + # Generate the PSA_CRYPTO_USER_CONFIG_FILE (PSA_NEED configurations) + include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_config.cmake) + + # Restore the backup configurations + kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) + kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + kconfig_restore_backup_config(CONFIG_MBEDTLS_USE_PSA_CRYPTO) + kconfig_restore_backup_config(CONFIG_MBEDTLS_PLATFORM_PRINTF_ALT) + kconfig_restore_backup_config(CONFIG_MBEDTLS_THREADING) + kconfig_restore_backup_config(CONFIG_MBEDTLS_THREADING_ALT) + + message("=========== End psa_crypto_library_config ===============") + endif() +endmacro() diff --git a/subsys/nrf_security/cmake/legacy_crypto_config.cmake b/subsys/nrf_security/cmake/legacy_crypto_config.cmake index fa60dbce9694..4f135af00f4e 100644 --- a/subsys/nrf_security/cmake/legacy_crypto_config.cmake +++ b/subsys/nrf_security/cmake/legacy_crypto_config.cmake @@ -175,27 +175,9 @@ kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) kconfig_check_and_set_base(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) kconfig_check_and_set_base(MBEDTLS_PK_PARSE_EC_EXTENDED) -# -# CC3XX flags for threading and platform zeroize -# +# Threading configurations for CryptoCell and locally built PSA core kconfig_check_and_set_base(MBEDTLS_THREADING_C) kconfig_check_and_set_base(MBEDTLS_THREADING_ALT) -if (CONFIG_CC3XX_BACKEND) - # TODO: Why don't we use kconfig_check_and_set_base for - # MBEDTLS_PLATFORM_ZEROIZE_ALT ? - set(MBEDTLS_PLATFORM_ZEROIZE_ALT TRUE) - - if(NOT DEFINED MBEDTLS_THREADING_C) - - # TODO: Why do we override these when CONFIG_CC3XX_BACKEND? - # Shouldn't the Kconfig be corrected instead? Now we have Kconfig - # and mbedtls configs saying conlficting things, which is not - # great. - set(MBEDTLS_THREADING_C TRUE) - set(MBEDTLS_THREADING_ALT TRUE) - endif() -endif() - # Convert defines required even in PSA mode kconfig_check_and_set_base_depends(MBEDTLS_SHA1_C @@ -289,15 +271,6 @@ kconfig_check_and_set_base_depends(MBEDTLS_SHA224_C MBEDTLS_SHA256_C ) -if(CONFIG_GENERATE_MBEDTLS_CFG_FILE) - # Generate the mbed TLS config file (default nrf-config.h) - configure_file(${NRF_SECURITY_ROOT}/configs/legacy_crypto_config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_CFG_FILE} - ) - - # Copy an empty PSA user-config, as it is not needed for legacy builds - # Generate an empty file to prevent build issues - configure_file(${NRF_SECURITY_ROOT}/configs/nrf-config-user-empty.h - ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE} - ) -endif() +configure_file(${NRF_SECURITY_ROOT}/configs/legacy_crypto_config.h.template + ${generated_include_path}/${CONFIG_MBEDTLS_CFG_FILE} +) diff --git a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake index d7924073730a..6a4439db0b9c 100644 --- a/subsys/nrf_security/cmake/psa_crypto_want_config.cmake +++ b/subsys/nrf_security/cmake/psa_crypto_want_config.cmake @@ -139,10 +139,7 @@ kconfig_check_and_set_base_to_one(PSA_WANT_ALG_SP800_108_COUNTER_HMAC) kconfig_check_and_set_base_int(PSA_MAX_RSA_KEY_BITS) - -if(CONFIG_GENERATE_MBEDTLS_CFG_FILE) - # Create the mbed TLS PSA config file that contains all the PSA_WANT definitions - configure_file(${NRF_SECURITY_ROOT}/configs/psa_crypto_want_config.h.template - ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE} - ) -endif() +# Create the Mbed TLS PSA crypto config file (Contains all the PSA_WANT definitions) +configure_file(${NRF_SECURITY_ROOT}/configs/psa_crypto_want_config.h.template + ${generated_include_path}/${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE} +) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index bacee7bbf3e8..57d07b8dc08f 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -5,78 +5,52 @@ # # -# File including instructions to build PSA APIs. +# File including instructions to build PSA crypto APIs. # -# Can be executed by both the NCS and TF-M build systems. -# -# The variable BUILD_INSIDE_TFM can be used to distinguish between being -# within the TF-M build system or the NCS build system. -# -# For TF-M the nrf_security/tfm/CMakeLists.txt file will execute this file. BUILD_INSIDE_TFM=True -# For NCS the nrf_security/CMakeLists.txt file will execute this file. BUILD_INSIDE_TFM=False +# This is executed both in NCS (NS, secure only) build of Mbed TLS as +# well as TF-M build # +# The Mbed TLS configuration MBEDTLS_PSA_CRYPTO_SPM used to check if this is +# used inside a TF-M build. +# The interface is only generated in the NS image if TF-M is used +include(${NRF_SECURITY_ROOT}/cmake/generate_configs.cmake) +generate_mbedcrypto_interface_configs() +generate_mbedcrypto_library_configs() -# Library for mbedcrypto includes and configurations -add_library(mbedcrypto_common INTERFACE) -# Add the config-file entry point -target_compile_definitions(mbedcrypto_common +# Add include folders for psa_crypto_config (interface builds) +target_include_directories(psa_crypto_config INTERFACE - -DMBEDTLS_CONFIG_FILE="${CONFIG_MBEDTLS_CFG_FILE}" - -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_CONFIG_FILE}" - -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}" - -DMBEDTLS_PSA_CRYPTO_CONFIG + #$ + ${PSA_CRYPTO_CONFIG_INTERFACE_PATH} + ${NRF_SECURITY_ROOT}/include ) -# Add the user config only if it is set -if(NOT ${CONFIG_MBEDTLS_USER_CONFIG_FILE} STREQUAL "nrf-config-user-empty.h" ) - target_compile_definitions(mbedcrypto_common - INTERFACE - -DMBEDTLS_USER_CONFIG_FILE="${CONFIG_MBEDTLS_USER_CONFIG_FILE}" - ) -endif() - -if(BUILD_INSIDE_TFM) - # In order to support FPU in TF-M the following is documented by the TF-M - # build system: - # - # Secure and non-secure libraries are compiled with COMPILER_CP_FLAG and - # linked with LINKER_CP_OPTION for different FP ABI types. All those - # libraries shall be built with COMPILER_CP_FLAG - target_compile_options(mbedcrypto_common - INTERFACE - ${COMPILER_CP_FLAG} - ) - - target_link_options(mbedcrypto_common - INTERFACE - ${LINKER_CP_OPTION} - ) -endif() - -set(generated_include_path ${CMAKE_CURRENT_BINARY_DIR}/include/generated) - -# Empty out previous versions of config-files -file(REMOVE_RECURSE ${generated_include_path}) - -# Generate PSA WANT configurations -include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_want_config.cmake) - -# Generate mbed TLS configurations -if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR NOT COMPILE_PSA_APIS) - include(${NRF_SECURITY_ROOT}/cmake/legacy_crypto_config.cmake) -else() - include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_config.cmake) -endif() - -if(CONFIG_GENERATE_MBEDTLS_CFG_FILE) - # Add the generated CONFIG_MBEDTLS_CFG_FILE file to the include path - target_include_directories(mbedcrypto_common - INTERFACE - ${generated_include_path} # From cmake/*_crypto_config.cmake +# Add include folders for psa_crypto_library_config (library build in S-only and inside TF-M) +target_include_directories(psa_crypto_library_config + INTERFACE + ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} ) -endif() + +# # Suspect: Write something about NCSDK-YYYYY +# if(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) +# # In order to support FPU in TF-M the following is documented by the TF-M +# # build system: +# # +# # Secure and non-secure libraries are compiled with COMPILER_CP_FLAG and +# # linked with LINKER_CP_OPTION for different FP ABI types. All those +# # libraries shall be built with COMPILER_CP_FLAG +# target_compile_options(tfm_sprt +# INTERFACE +# ${COMPILER_CP_FLAG} +# ) + +# target_link_options(tfm_sprt +# INTERFACE +# ${LINKER_CP_OPTION} +# ) +# endif() if(CONFIG_MBEDTLS_ENABLE_HEAP) if (CONFIG_BUILD_WITH_TFM) @@ -89,21 +63,16 @@ if(CONFIG_MBEDTLS_ENABLE_HEAP) endif() endif() -if (COMPILE_PSA_APIS) - # Add the local version of psa_crypto_driver_wrappers.c - list(APPEND src_crypto - psa_crypto_driver_wrappers.c +if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + append_with_prefix(src_crypto ${ARM_MBEDTLS_PATH}/library + pem.c + pkcs12.c + pkcs5.c + pkparse.c + pkwrite.c ) endif() -append_with_prefix(src_crypto ${ARM_MBEDTLS_PATH}/library - pem.c - pkcs12.c - pkcs5.c - pkparse.c - pkwrite.c -) - # Library for mbed TLS crypto toolbox functionality add_library(${mbedcrypto_target} STATIC @@ -137,8 +106,10 @@ add_library(mbedcrypto_base ) target_link_libraries(mbedcrypto_base - PRIVATE - mbedcrypto_common + PUBLIC + # Enable the PSA crypto (client) interface or the library build + $,psa_crypto_library_config,psa_crypto_config> + psa_interface ) # Misusing the psa_crypto_config and psa_crypto_library_config awareness to @@ -174,10 +145,11 @@ target_link_libraries(${mbedcrypto_target} mbedcrypto_base ) -# Add regular mbedcrypto common includes and configurations +# Add a public version of the configs includes and interface target_link_libraries(${mbedcrypto_target} - PUBLIC - mbedcrypto_common + PRIVATE + $,psa_crypto_library_config,psa_crypto_config> + psa_interface ) target_compile_options(${mbedcrypto_target} PRIVATE @@ -240,8 +212,6 @@ if (CONFIG_MBEDTLS_X509_LIBRARY) PRIVATE ${mbedcrypto_target} mbedcrypto_base - PUBLIC - mbedcrypto_common ) endif() @@ -284,12 +254,10 @@ if (CONFIG_MBEDTLS_TLS_LIBRARY) ${mbedx509_target} ${mbedcrypto_target} mbedcrypto_base - PUBLIC - mbedcrypto_common ) endif() -if (NOT BUILD_INSIDE_TFM) +if (NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) # Add zephyr-specific code add_subdirectory(zephyr) endif() diff --git a/subsys/nrf_security/src/core/CMakeLists.txt b/subsys/nrf_security/src/core/CMakeLists.txt index 8bfa3af7d0ad..d88ec647d14a 100644 --- a/subsys/nrf_security/src/core/CMakeLists.txt +++ b/subsys/nrf_security/src/core/CMakeLists.txt @@ -4,6 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -if (CONFIG_PSA_CORE_OBERON) +if (CONFIG_MBEDTLS_PSA_CRYPTO_C) add_subdirectory(nrf_oberon) endif() diff --git a/subsys/nrf_security/src/drivers/CMakeLists.txt b/subsys/nrf_security/src/drivers/CMakeLists.txt index 6a83df389684..d5361e1a3518 100644 --- a/subsys/nrf_security/src/drivers/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/CMakeLists.txt @@ -1,3 +1,14 @@ +# +# Copyright (c) 2021 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +# If the PSA core is not built, then drivers are not needed +if(NOT (CONFIG_MBEDTLS_PSA_CRYPTO_C)) + return() +endif() + # nrf_cc3xx_platform is not a driver in the old APIs. Once ctr_drbg/hmac_drbg # gets real driver API support then the placement here makes more sense if(TARGET nrf_cc3xx_platform) diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index 0d0f7d6c0384..66c0d58fd9f6 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -26,16 +26,16 @@ endif() if (COMPILE_PSA_APIS OR CONFIG_NRF_SECURITY_LEGACY_AND_PSA) -if (COMPILE_PSA_APIS) - list(APPEND src_crypto_oberon - ${drivers_path}/oberon_helpers.c - ${drivers_path}/oberon_ecdh.c - ${drivers_path}/oberon_ecdsa.c - ${drivers_path}/oberon_ec_keys.c - ${drivers_path}/oberon_jpake.c - ${drivers_path}/oberon_spake2p.c - ${drivers_path}/oberon_srp.c - ) +list(APPEND src_crypto_oberon + ${drivers_path}/oberon_helpers.c + ${drivers_path}/oberon_ecdh.c + ${drivers_path}/oberon_ecdsa.c + ${drivers_path}/oberon_ec_keys.c + ${drivers_path}/oberon_jpake.c + ${drivers_path}/oberon_spake2p.c + ${drivers_path}/oberon_srp.c + ${drivers_path}/oberon_rsa.c +) # This is a workaroudn to avoid a build warning since oberon_rsa.c has an unused variable when RSA is not enabled. if(CONFIG_PSA_NEED_OBERON_RSA_ANY_CRYPT OR CONFIG_PSA_NEED_OBERON_RSA_ANY_SIGN OR CONFIG_PSA_NEED_OBERON_KEY_MANAGEMENT_RSA) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 8443ddbe461d..a68c0823b50b 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -4,7 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -set(is_getting_includes FALSE) +if(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) + return() +endif() # Legacy APIs missing driver support or APIs assumed to be # deprecated with more PSA API awareness. @@ -57,12 +59,10 @@ append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library endif() # Legacy files should only be added in certain configurations -if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) - append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - ctr_drbg.c - entropy.c - ) -endif() +append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library + ctr_drbg.c + entropy.c +) # Legacy Files needed when Oberon is disabled if(NOT CONFIG_OBERON_BACKEND) @@ -104,16 +104,6 @@ if(DEFINED src_crypto_legacy_base) endif() if(TARGET mbedcrypto_oberon_mbedtls_imported) - set(is_getting_includes TRUE) - - # Get the include paths from nrf_oberon libraries - get_target_property(NRF_OBERON_MBEDTLS_INCLUDE_PATH mbedcrypto_oberon_mbedtls_imported - INTERFACE_INCLUDE_DIRECTORIES - ) - get_target_property(NRF_OBERON_INCLUDE_PATH mbedcrypto_oberon_imported - INTERFACE_INCLUDE_DIRECTORIES - ) - # Link to the nrf_oberon mbedcrypto library target_link_libraries(${mbedcrypto_target} PRIVATE @@ -125,73 +115,50 @@ target_link_libraries(mbedcrypto_oberon_mbedtls_imported mbedcrypto_base ) - # Add nrf_oberon includes to mbedcrypto library + # Add nrf_oberon Mbed TLS includes to mbedcrypto library target_include_directories(${mbedcrypto_target} INTERFACE - ${NRF_OBERON_MBEDTLS_INCLUDE_PATH} - ${NRF_OBERON_INCLUDE_PATH} + $ ) endif() +if(TARGET mbedcrypto_oberon_imported) + # Add nrf_oberon includes to mbedcrypto library + target_include_directories(${mbedcrypto_target} + INTERFACE + $ + ) +endif() if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C AND CONFIG_CC3XX_BACKEND) - set(is_getting_includes TRUE) - - # Link directly with cc3xx platform/mbedcrypto libraries - target_link_libraries(${mbedcrypto_target} PRIVATE - nrf_cc3xx_legacy_crypto_imported + # Link legacy nrf_cc3xx library if it is enabled + # This will only be used for secure-only builds + target_link_libraries(${mbedcrypto_target} + PRIVATE + nrf_cc3xx_legacy_crypto_imported ) +endif() +if(TARGET nrf_cc3xx_core_imported) + # nrf_cc3xx needs functionality from mbedcrypto_base target_link_libraries(nrf_cc3xx_core_imported INTERFACE mbedcrypto_base ) +endif() - # Add cc3xx platform/mbedcrypto includes to mbedcrypto library - target_include_directories(mbedcrypto_common +# Add the nrf_cc3xx core include folder to library build (if it exists) +if (TARGET nrf_cc3xx_core_imported) + target_include_directories(psa_crypto_library_config INTERFACE $ ) endif() -if(TARGET nrf_cc3xx_core_imported) - set(is_getting_includes TRUE) - - # The CC3XX needs funcionality which is provided by the inluded source files in src_crypto_legacy - # Link CC3XX with mbedcrypto_target because of link order dependency - target_link_libraries(nrf_cc3xx_core_imported INTERFACE - ${mbedcrypto_target} - ) - - get_target_property(NRF_CC3XX_MBEDCRYPTO_INCLUDE_PATH nrf_cc3xx_core_imported INTERFACE_INCLUDE_DIRECTORIES) - - target_include_directories(mbedcrypto_common +# Add the nrf_cc3xx platform include folder to library build (if it exists) +if (TARGET nrf_cc3xx_platform) + target_include_directories(psa_crypto_library_config INTERFACE - ${NRF_CC3XX_MBEDCRYPTO_INCLUDE_PATH} + $ ) -endif() - -target_include_directories(${mbedcrypto_target} -INTERFACE - $<$:$> -) - -if(NOT is_getting_includes) - if(NOT DEFINED ARM_MBEDTLS_PATH) - message(FATAL_ERROR "misconfiguration") - endif() - - # Add mbedtls legacy include paths to the mbedtls legacy library and - # it's users (users get the headers because we use interface). Also - # since nrf_security only provides some of the headers, add the rest - # from Zephyr. We place nrf_security before ARM_MBEDTLS_PATH so that - # nrf_security takes precedence. - target_include_directories(${mbedcrypto_target} - INTERFACE - ${NRF_SECURITY_ROOT}/include - ${OBERON_PSA_PATH}/include - ${OBERON_PSA_PATH}/library - ${ARM_MBEDTLS_PATH}/include - ${ARM_MBEDTLS_PATH}/library - ) -endif() +endif() \ No newline at end of file diff --git a/subsys/nrf_security/src/ssf_secdom/CMakeLists.txt b/subsys/nrf_security/src/ssf_secdom/CMakeLists.txt index dc7f7737e0bf..d26957d88b2b 100644 --- a/subsys/nrf_security/src/ssf_secdom/CMakeLists.txt +++ b/subsys/nrf_security/src/ssf_secdom/CMakeLists.txt @@ -4,31 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# NOTE that this is added as a duplication to ensure that SSF client gets -# access to the relevant include folders, without PSA core or PSA drivers -# being built. - - -# Add generated path first in list (order dependent) -target_include_directories(mbedcrypto_common - INTERFACE - ${generated_include_path} -) - -# Add regular includes -# Note, the order of include matters -target_include_directories(mbedcrypto_common - INTERFACE - # Nordic PSA headers - ${NRF_SECURITY_ROOT}/include - # Oberon PSA headers - ${OBERON_PSA_PATH}/include - ${OBERON_PSA_PATH}/library - # Mbed TLS (mbedcrypto) PSA headers - ${ARM_MBEDTLS_PATH}/include - ${ARM_MBEDTLS_PATH}/library -) - target_sources(${mbedcrypto_target} PRIVATE ${CMAKE_CURRENT_LIST_DIR}/ssf_crypto.c diff --git a/subsys/nrf_security/src/zephyr/CMakeLists.txt b/subsys/nrf_security/src/zephyr/CMakeLists.txt index eb0911233c34..e078cbe65719 100644 --- a/subsys/nrf_security/src/zephyr/CMakeLists.txt +++ b/subsys/nrf_security/src/zephyr/CMakeLists.txt @@ -6,15 +6,16 @@ # Additional build logic for Zephyr builds -# Add mbedcrypto common includes and definitions to zephyr build -target_link_libraries(zephyr_interface INTERFACE mbedcrypto_common) +# Add the PSA interface to the zephyr_interface for use by the +# main app. Note that this doesn't include psa_crypto_library_config +# to ensure that MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is not set. +target_link_libraries(zephyr_interface + INTERFACE + psa_crypto_config + psa_interface +) if (CONFIG_MBEDTLS_DEBUG) - # Add Zephyr's mbedlts module include path because we need rely on their headers for debug logs. - target_include_directories(mbedcrypto_common - INTERFACE - ${ZEPHYR_BASE}/modules/mbedtls/include - ) zephyr_library_sources(${ZEPHYR_BASE}/modules/mbedtls/debug.c) zephyr_library_sources(debug_init.c) endif() @@ -49,10 +50,6 @@ if(DEFINED src_zephyr) zephyr_library_sources(${src_zephyr}) - zephyr_library_include_directories( - $ - ) - zephyr_library_compile_definitions( $ ) From f25e604f022624c3a9236e520ea1c186104701f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 14:44:02 +0200 Subject: [PATCH 024/217] crypto: Cleaning up PSA driver and core CMake logic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Creating named library: oberon_psa_core -Creating libraries for PSA crypto drivers: -cracen_psa_driver -oberon_psa_driver (nrf_cc3xx and nrf_cc3xx_platform are skipped as these come pre-built and are only linked in to the new oberon_psa_core library) -Make all drivers reference the new target psa_crypto_library_config both for include-folders and for configurations -Make oberon_psa_core link to every PSA crypto driver -Make all warning-disablement private to the relevant drivers -Adding NRF_RNG entropy driver to oberon_psa_core (was ${mbedcrypto_target} -Removing CONFIG_NRF_SECURITY_LEGACY_AND_PSA as it is now possible to configure both PSA crypto and at the same time enable legacy configurations by enabling by setting MBEDTLS_LEGACY_CRYPTO_C -Making PSA crypto driver CMake only relevant for PSA crypto drivers instead of doing this as well as legacy support -Fix coding standard in all driver CMake logic -Move interrupts.c addition for CRACEN internal to the sxsymcrypt runtime -Simplified oberon_psa_driver and cracen_psa_driver CMake logic so it has a unified look-and-feel and don't infer e.g. TF-M builds -Made PSA_CRYPTO_DRIVER_CRACEN default enabled Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig | 39 ------ subsys/nrf_security/src/CMakeLists.txt | 42 ++---- .../src/core/nrf_oberon/CMakeLists.txt | 69 ++++++---- .../nrf_security/src/drivers/CMakeLists.txt | 17 +-- subsys/nrf_security/src/drivers/Kconfig | 4 +- .../src/drivers/cracen/CMakeLists.txt | 85 +++--------- .../cracen/sxsymcrypt/sxsymcrypt.cmake | 4 +- .../src/drivers/nrf_cc3xx/CMakeLists.txt | 24 ++-- .../drivers/nrf_cc3xx_platform/CMakeLists.txt | 14 +- .../src/drivers/nrf_oberon/CMakeLists.txt | 128 ++++++++---------- .../src/drivers/zephyr/CMakeLists.txt | 3 +- 11 files changed, 154 insertions(+), 275 deletions(-) diff --git a/subsys/nrf_security/Kconfig b/subsys/nrf_security/Kconfig index 4819440e4611..d1c3097522b5 100644 --- a/subsys/nrf_security/Kconfig +++ b/subsys/nrf_security/Kconfig @@ -37,8 +37,6 @@ config NRF_SECURITY # entropy is provided by PSA and NRF_SECURITY on NRF54LX default y if ENTROPY_PSA_CRYPTO_RNG && SOC_SERIES_NRF54LX select DISABLE_MBEDTLS_BUILTIN if MBEDTLS - # Generating random requires a CRACEN PSA Crypto driver on nrf54L - select PSA_CRYPTO_DRIVER_CRACEN if (PSA_WANT_GENERATE_RANDOM && SOC_SERIES_NRF54LX) && !NRF_SECURITY_LEGACY_AND_PSA # NCS does not use TF-M's BL2 bootloader, but uses it's own fork # of MCUBoot instead (CONFIG_BOOTLOADER_MCUBOOT). # @@ -50,43 +48,6 @@ config NRF_SECURITY Set this configuration to enable nRF Security. This provides Arm PSA cryptography APIs with RNG support (optionally). -config NRF_SECURITY_LEGACY_AND_PSA - bool - default y - select EXPERIMENTAL - # This configuration will include the CTR_DRBG from CRACEN - # which requires EVENTS to be enabled - select EVENTS if SOC_SERIES_NRF54LX - depends on MBEDTLS_LEGACY_CRYPTO_C && MBEDTLS_PSA_CRYPTO_C - # This configuration doesn't affect TF-M builds since the PSA - # APIs are provided by TF-M. - # When this configuration is enabled we manually enable - # some symbols in the build_config.h file in the Oberon PSA core. - # This requires only the Oberon PSA crypto driver to be enabled, - # it requires the CC3XX platform library to get random data and - # the trusted storage for ITS support. The depenedencies here - # match what we enable in the build_config.h file so if we need to - # modify the dependencies here we also need to modify the build_config.h. - depends on PSA_CRYPTO_DRIVER_OBERON && !PSA_CRYPTO_DRIVER_CC3XX - depends on NRF_CC3XX_PLATFORM || SOC_SERIES_NRF54LX - depends on TRUSTED_STORAGE - # We cannot support the encrypted backend for trusted storage in nRF54L15 - # since it requires KMU support. The KMU driver in nRF54L15 is tightly coupled - # with the CRACEN PSA driver which is incompatible with legacy and PSA option. - depends on TRUSTED_STORAGE_BACKEND_AEAD_KEY_HASH_UID || !SOC_SERIES_NRF54LX - depends on !BUILD_WITH_TFM - help - This is an option to support legacy mbedTLS and PSA crypto APIs - at the same time. This is not recommended as it is not fully - supported in our system. This feature might get changed/removed at - any time in the future. You are advised to use the PSA APIs - for any new developments. - - This option doesn't use the nrf_security for the internal - PSA configuration. It always use the Oberon PSA driver - for all the crypto operations expect for the PRNG which - uses the nrf_cc3xx_platform library. - config PSA_PROMPTLESS bool diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 57d07b8dc08f..e2369643f39b 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -33,25 +33,6 @@ target_include_directories(psa_crypto_library_config ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} ) -# # Suspect: Write something about NCSDK-YYYYY -# if(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) -# # In order to support FPU in TF-M the following is documented by the TF-M -# # build system: -# # -# # Secure and non-secure libraries are compiled with COMPILER_CP_FLAG and -# # linked with LINKER_CP_OPTION for different FP ABI types. All those -# # libraries shall be built with COMPILER_CP_FLAG -# target_compile_options(tfm_sprt -# INTERFACE -# ${COMPILER_CP_FLAG} -# ) - -# target_link_options(tfm_sprt -# INTERFACE -# ${LINKER_CP_OPTION} -# ) -# endif() - if(CONFIG_MBEDTLS_ENABLE_HEAP) if (CONFIG_BUILD_WITH_TFM) # Add replacement for memory_buffer_alloc.c for NS build @@ -152,18 +133,17 @@ target_link_libraries(${mbedcrypto_target} psa_interface ) -target_compile_options(${mbedcrypto_target} PRIVATE - # Don't be too strict with warnings on mbedtls code. This code is not - # ours, so it's not necessary to do too much static analysis on - # it. And any warnings that do pop up are difficult to fix as they - # require changes far upstream. - -Wno-unused-function - -Wno-unused-variable - # Disable warnings showing up in Oberon PSA crypto code. - -Wno-stringop-overflow - -Wno-stringop-overread - -Wno-strict-aliasing - ) + +# Disable compile warnings for Mbed TLS sources for files that are +# added to the build for legacy APIs but are not enabled due to +# configurations not being set. +# +# These can be removed when NCSDK-28901 is addressed. +target_compile_options(${mbedcrypto_target} + PRIVATE + -Wno-unused-function + -Wno-unused-variable +) add_subdirectory(core) diff --git a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt index f5d14b09e577..a4c034cddf88 100644 --- a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt @@ -4,42 +4,51 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# Add generated path first in list (order dependent) -target_include_directories(mbedcrypto_common - INTERFACE - ${generated_include_path} +append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_CORE_PATH}/library/ + platform.c + platform_util.c + ) + +append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_CORE_PATH}/library/ + psa_crypto.c + psa_crypto_client.c + psa_crypto_slot_management.c + psa_crypto_storage.c ) -# Add regular includes -# Note, the order of include matters -target_include_directories(mbedcrypto_common - INTERFACE - # Nordic PSA headers - ${NRF_SECURITY_ROOT}/include - # Oberon PSA headers - ${OBERON_PSA_PATH}/include - ${OBERON_PSA_PATH}/library - # Mbed TLS (mbedcrypto) PSA headers - ${ARM_MBEDTLS_PATH}/library - ${ARM_MBEDTLS_PATH}/include - ${ARM_MBEDTLS_PATH}/include/library +add_library(oberon_psa_core STATIC + ${src_crypto_core_oberon} ) -append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_PATH}/library/ - platform.c - platform_util.c +# Add the nordic version of psa_crypto_driver_wrappers with the core (out of tree) +target_sources(oberon_psa_core + PRIVATE + ${NRF_SECURITY_ROOT}/src/psa_crypto_driver_wrappers.c ) -if (COMPILE_PSA_APIS) - append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_PATH}/library/ - psa_crypto.c - psa_crypto_client.c - psa_crypto_slot_management.c - psa_crypto_storage.c - ) -endif() +target_link_libraries(oberon_psa_core + PRIVATE + psa_crypto_library_config + psa_interface +) -target_sources(${mbedcrypto_target} +# Disable warnings showing up in Oberon PSA crypto code. +target_compile_options(oberon_psa_core PRIVATE - ${src_crypto_core_oberon} + -Wno-stringop-overflow + -Wno-stringop-overread + -Wno-strict-aliasing +) + +target_link_libraries(oberon_psa_core + PRIVATE + mbedcrypto_base ) + +nrf_security_add_zephyr_options(oberon_psa_core) + +target_link_libraries(${mbedcrypto_target} + PRIVATE + oberon_psa_core +) + diff --git a/subsys/nrf_security/src/drivers/CMakeLists.txt b/subsys/nrf_security/src/drivers/CMakeLists.txt index d5361e1a3518..082e488b626f 100644 --- a/subsys/nrf_security/src/drivers/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/CMakeLists.txt @@ -15,21 +15,16 @@ if(TARGET nrf_cc3xx_platform) add_subdirectory(nrf_cc3xx_platform) endif() -if(CONFIG_BUILD_WITH_TFM) - # When TF-M is used the Crypto driver is in the TF-M image so we - # don't need to add the sources from this non-secure image -else() - if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX) - add_subdirectory(nrf_cc3xx) - endif() +if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX) + add_subdirectory(nrf_cc3xx) +endif() - if(CONFIG_PSA_CRYPTO_DRIVER_CRACEN OR (CONFIG_NRF_SECURITY_LEGACY_AND_PSA AND CONFIG_SOC_SERIES_NRF54LX)) - add_subdirectory(cracen) - endif() +if(CONFIG_PSA_CRYPTO_DRIVER_CRACEN) + add_subdirectory(cracen) endif() add_subdirectory(zephyr) -if(CONFIG_PSA_CRYPTO_DRIVER_OBERON OR CONFIG_OBERON_BACKEND) +if(CONFIG_PSA_CRYPTO_DRIVER_OBERON) add_subdirectory(nrf_oberon) endif() diff --git a/subsys/nrf_security/src/drivers/Kconfig b/subsys/nrf_security/src/drivers/Kconfig index f66a266d40b0..5581badb09ae 100644 --- a/subsys/nrf_security/src/drivers/Kconfig +++ b/subsys/nrf_security/src/drivers/Kconfig @@ -27,12 +27,12 @@ config PSA_CRYPTO_DRIVER_CC3XX all supported key sizes are included in the build. config PSA_CRYPTO_DRIVER_CRACEN - bool "Enable the Cracen PSA driver" if !NRF_SECURITY_LEGACY_AND_PSA + bool "Enable the Cracen PSA driver" depends on MBEDTLS_PSA_CRYPTO_C depends on CRACEN_HW_PRESENT # CRACEN uses the k_event_ API select EVENTS if MULTITHREADING - default y if !NRF_SECURITY_LEGACY_AND_PSA + default y help PSA crypto driver for the CRACEN HW peripheral. diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 5716bc685384..588a2d9a03a9 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -4,21 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# This CMakeLists.txt is executed both by the Zephyr build system and -# by the TF-M build system and must thus be portable to both. - -# This CMakeListst.txt will add sources to the pre-existing CMake -# library called ${mbedcrypto_target}. -if(NOT TARGET "${mbedcrypto_target}") - message(FATAL_ERROR "Expected a library named '${mbedcrypto_target}' to exist") -endif() - +# Clear out the cracen_driver_sources before source additions set(cracen_driver_sources) -set(cracen_driver_include_dirs - ${CMAKE_CURRENT_LIST_DIR}/common/include/ -) - # Add more CRACEN sources and include dirs from the ext directory include(${NRF_SECURITY_ROOT}/src/utils/nrf_security_utils.cmake) include(sxsymcrypt/sxsymcrypt.cmake) @@ -26,68 +14,33 @@ include(silexpk/silexpk.cmake) include(sicrypto/sicrypto.cmake) include(cracenpsa/cracenpsa.cmake) -if(BUILD_INSIDE_TFM) -target_sources( - ${mbedcrypto_target} - PRIVATE - ${nrf_security_utils_sources} +# Add include-directories +target_include_directories(psa_crypto_library_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/common/include/ + ${nrf_security_utils_include_dirs} ) -else() - zephyr_library() - zephyr_library_sources(${nrf_security_utils_sources}) -endif() -target_sources( - ${mbedcrypto_target} - PRIVATE +add_library(cracen_psa_driver STATIC ${cracen_driver_sources} -) - -target_include_directories( - ${mbedcrypto_target} - PUBLIC - ${cracen_driver_include_dirs} - ${nrf_security_utils_include_dirs} + ${nrf_security_utils_sources} ) # The CRACEN sources have not been written to comply with this gcc # warning -target_compile_options( - ${mbedcrypto_target} +target_compile_options(cracen_psa_driver PRIVATE - -Wno-pointer-sign + -Wno-pointer-sign ) -if(BUILD_INSIDE_TFM) - # Add an empty interface library called zephyr_interface so that we - # can use the zephyr_library_* API's in both the TF-M and Zephyr - # build. - add_library(zephyr_interface INTERFACE) - - target_compile_options( - mbedcrypto_base - PUBLIC - -imacros ${ZEPHYR_AUTOCONF} - ) - - target_link_libraries(${mbedcrypto_target} - PUBLIC - tfm_sprt - - # The CRACEN sources in mbedcrypto_target use functions from the - # cracen_interrupts library. - # - # cracen_interrupts is not in the mbedcrypto_target library itself - # like the other CRACEN sources because use of the Zephyr syscall - # k_event would not work from the mbedcrypto_target library for - # some reason. - cracen_interrupts - ) -endif() +target_link_libraries(cracen_psa_driver + PRIVATE + psa_crypto_library_config + psa_interface +) -zephyr_library_named(cracen_interrupts) -zephyr_library_sources(sxsymcrypt/src/platform/baremetal/interrupts.c) -target_link_libraries(cracen_interrupts +# Link oberon_psa_core with this PSA crypto driver +target_link_libraries(oberon_psa_core PRIVATE - ${mbedcrypto_target} - ) + cracen_psa_driver +) diff --git a/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake b/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake index a0297eab121a..774dd1e15d56 100644 --- a/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake +++ b/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/sxsymcrypt.cmake @@ -12,9 +12,9 @@ list(APPEND cracen_driver_sources ${CMAKE_CURRENT_LIST_DIR}/src/mac.c ${CMAKE_CURRENT_LIST_DIR}/src/sha3.c ${CMAKE_CURRENT_LIST_DIR}/src/trng.c - ${CMAKE_CURRENT_LIST_DIR}/src/platform/baremetal/cmdma_hw.c - ) + ${CMAKE_CURRENT_LIST_DIR}/src/platform/baremetal/interrupts.c +) list(APPEND cracen_driver_include_dirs ${CMAKE_CURRENT_LIST_DIR}/include diff --git a/subsys/nrf_security/src/drivers/nrf_cc3xx/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_cc3xx/CMakeLists.txt index 32caa12f85e6..7f7e588faf06 100644 --- a/subsys/nrf_security/src/drivers/nrf_cc3xx/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_cc3xx/CMakeLists.txt @@ -3,19 +3,21 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -get_target_property(NRF_CC3XX_MBEDCRYPTO_INCLUDE_PATH nrf_cc3xx_core_imported INTERFACE_INCLUDE_DIRECTORIES) -# Link to library containing PSA Crypto Driver -target_link_libraries(${mbedcrypto_target} - INTERFACE - nrf_cc3xx_psa_crypto_imported - nrf_cc3xx_core_imported - c -) +# Get the include-folders from the imported CC3XX library +get_target_property(NRF_CC3XX_MBEDCRYPTO_INCLUDE_PATH + nrf_cc3xx_core_imported INTERFACE_INCLUDE_DIRECTORIES) -# Add nrf_cc3xx PSA Crypto Driver includes to mbedcrypto_common -target_include_directories(mbedcrypto_common +# Add nrf_cc3xx PSA Crypto Driver includes to psa_crypto_library_config +target_include_directories(psa_crypto_library_config INTERFACE - ${CMAKE_CURRENT_LIST_DIR}/include ${NRF_CC3XX_MBEDCRYPTO_INCLUDE_PATH} ) + +# Link oberon_psa_core with the imported libraries +target_link_libraries(oberon_psa_core + INTERFACE + nrf_cc3xx_psa_crypto_imported + nrf_cc3xx_core_imported + c +) \ No newline at end of file diff --git a/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt index c734940a564d..32eece9192ce 100644 --- a/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt @@ -9,14 +9,14 @@ get_target_property(NRF_CC3XX_PLATFORM_INCLUDE_DIRECTORIES nrf_cc3xx_platform INTERFACE_INCLUDE_DIRECTORIES ) -# Link with nrf_cc3xx_platform for driver usage -target_link_libraries(${mbedcrypto_target} - PRIVATE - nrf_cc3xx_platform -) - # Add nrf_cc3xx_platform includes for mbedcrypto -target_include_directories(${mbedcrypto_target} +target_include_directories(psa_crypto_library_config INTERFACE ${NRF_CC3XX_PLATFORM_INCLUDE_DIRECTORIES} ) + +# Link the Oberon PSA core with nrf_cc3xx_platform +target_link_libraries(oberon_psa_core + PRIVATE + nrf_cc3xx_platform +) diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index 66c0d58fd9f6..3e2dcebe539c 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -4,27 +4,19 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -set(drivers_path ${OBERON_PSA_PATH}/oberon/drivers) +# Build Oberon PSA crypto driver +set(drivers_path ${OBERON_PSA_CORE_PATH}/oberon/drivers) -# Link to libraries -if(CONFIG_MBEDTLS_PSA_CRYPTO_C) - target_link_libraries(${mbedcrypto_target} PRIVATE - mbedcrypto_oberon_mbedtls_imported - mbedcrypto_oberon_imported - ) - - target_include_directories(mbedcrypto_common - INTERFACE - # Add nrf_oberon includes - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls - - # Add Oberon PSA Crypto Driver includes - ${drivers_path} - ) -endif() +# Add includes relevant for library build (not PSA crypto interface) +target_include_directories(psa_crypto_library_config + INTERFACE + # Add nrf_oberon includes + ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ + ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls -if (COMPILE_PSA_APIS OR CONFIG_NRF_SECURITY_LEGACY_AND_PSA) + # Add Oberon PSA Crypto Driver includes + ${drivers_path} +) list(APPEND src_crypto_oberon ${drivers_path}/oberon_helpers.c @@ -37,65 +29,51 @@ list(APPEND src_crypto_oberon ${drivers_path}/oberon_rsa.c ) - # This is a workaroudn to avoid a build warning since oberon_rsa.c has an unused variable when RSA is not enabled. - if(CONFIG_PSA_NEED_OBERON_RSA_ANY_CRYPT OR CONFIG_PSA_NEED_OBERON_RSA_ANY_SIGN OR CONFIG_PSA_NEED_OBERON_KEY_MANAGEMENT_RSA) - list(APPEND src_crypto_oberon - ${drivers_path}/oberon_rsa.c - ) - endif() - - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_KEY_MANAGEMENT_DRIVER src_crypto_oberon ${drivers_path} oberon_key_management.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_AEAD_DRIVER src_crypto_oberon ${drivers_path} oberon_aead.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_KEY_DERIVATION_DRIVER src_crypto_oberon ${drivers_path} oberon_key_derivation.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_MAC_DRIVER src_crypto_oberon ${drivers_path} oberon_mac.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_CIPHER_DRIVER src_crypto_oberon ${drivers_path} oberon_cipher.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_HASH_DRIVER src_crypto_oberon ${drivers_path} oberon_hash.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_KEY_AGREEMENT_DRIVER src_crypto_oberon ${drivers_path} oberon_key_agreement.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_PAKE_DRIVER src_crypto_oberon ${drivers_path} oberon_pake.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_ASYMMETRIC_SIGNATURE_DRIVER src_crypto_oberon ${drivers_path} oberon_asymmetric_signature.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_ASYMMETRIC_ENCRYPTION_DRIVER src_crypto_oberon ${drivers_path} oberon_asymmetric_encrypt.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_CTR_DRBG_DRIVER src_crypto_oberon ${drivers_path} oberon_ctr_drbg.c) - append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_HMAC_DRBG_DRIVER src_crypto_oberon ${drivers_path} oberon_hmac_drbg.c) - +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_KEY_MANAGEMENT_DRIVER src_crypto_oberon ${drivers_path} oberon_key_management.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_AEAD_DRIVER src_crypto_oberon ${drivers_path} oberon_aead.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_KEY_DERIVATION_DRIVER src_crypto_oberon ${drivers_path} oberon_key_derivation.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_MAC_DRIVER src_crypto_oberon ${drivers_path} oberon_mac.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_CIPHER_DRIVER src_crypto_oberon ${drivers_path} oberon_cipher.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_HASH_DRIVER src_crypto_oberon ${drivers_path} oberon_hash.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_KEY_AGREEMENT_DRIVER src_crypto_oberon ${drivers_path} oberon_key_agreement.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_PAKE_DRIVER src_crypto_oberon ${drivers_path} oberon_pake.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_ASYMMETRIC_SIGNATURE_DRIVER src_crypto_oberon ${drivers_path} oberon_asymmetric_signature.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_ASYMMETRIC_ENCRYPTION_DRIVER src_crypto_oberon ${drivers_path} oberon_asymmetric_encrypt.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_CTR_DRBG_DRIVER src_crypto_oberon ${drivers_path} oberon_ctr_drbg.c) +append_with_prefix_ifdef(CONFIG_PSA_NEED_OBERON_HMAC_DRBG_DRIVER src_crypto_oberon ${drivers_path} oberon_hmac_drbg.c) -elseif(CONFIG_NRF_SECURITY_LEGACY_AND_PSA) - # When legacy and PSA are enabled, we need to include all the oberon drivers - # since we don't have PSA_NEED_* symbols in Kconfig. - list(APPEND src_crypto_oberon - ${drivers_path}/oberon_helpers.c - ${drivers_path}/oberon_ecdh.c - ${drivers_path}/oberon_ecdsa.c - ${drivers_path}/oberon_ec_keys.c - ${drivers_path}/oberon_jpake.c - ${drivers_path}/oberon_spake2p.c - ${drivers_path}/oberon_srp.c - ${drivers_path}/oberon_rsa.c - ${drivers_path}/oberon_key_management.c - ${drivers_path}/oberon_aead.c - ${drivers_path}/oberon_key_derivation.c - ${drivers_path}/oberon_mac.c - ${drivers_path}/oberon_cipher.c - ${drivers_path}/oberon_hash.c - ${drivers_path}/oberon_key_agreement.c - ${drivers_path}/oberon_pake.c - ${drivers_path}/oberon_asymmetric_signature.c - ${drivers_path}/oberon_asymmetric_encrypt.c - ${drivers_path}/oberon_ctr_drbg.c - ${drivers_path}/oberon_hmac_drbg.c) +add_library(oberon_psa_driver STATIC + ${src_crypto_oberon} +) +# Turn off warnings that Oberon are systematically +# triggering. Oberon is testing this deliverable before we get it so +# we don't need to re-test it with gcc warnings. +target_compile_options(oberon_psa_driver + PRIVATE + -Wno-uninitialized + -Wno-maybe-uninitialized + -Wno-unused-variable +) -endif() +# Link to the PSA interface and library PSA crypto configurations +target_link_libraries(oberon_psa_driver + PRIVATE + psa_crypto_library_config + psa_interface +) - target_sources(${mbedcrypto_target} PRIVATE ${src_crypto_oberon}) +# Link to imported libraries for Oberon APIs. +target_link_libraries(oberon_psa_driver + PRIVATE + mbedcrypto_oberon_mbedtls_imported + mbedcrypto_oberon_imported +) - # Turn off warnings that Oberon are systematically - # triggering. Oberon is testing this deliverable before we get it so - # we don't need to re-test it with gcc warnings. - target_compile_options( - ${mbedcrypto_target} - PRIVATE - -Wno-uninitialized - -Wno-maybe-uninitialized - ) +# Link oberon_psa_core with this driver +target_link_libraries(oberon_psa_core + PRIVATE + oberon_psa_driver +) -endif() +nrf_security_add_zephyr_options(oberon_psa_driver) diff --git a/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt b/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt index 177d9b7afc24..e1eccf3ba247 100644 --- a/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt @@ -4,8 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +# Add the RNG driver to the Oberon PSA core (if needed) if (PSA_NEED_NRF_RNG_ENTROPY_DRIVER) - target_sources(${mbedcrypto_target} + target_sources(${oberon_psa_core} PRIVATE nrf_rng_entropy.c ) From 6108b7583d0b44d217d3082fa941a5006ebd4c26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 09:30:49 +0200 Subject: [PATCH 025/217] crypto: tls: Don't depend on MBEDTLS_CIPHER_C for TLS use-cases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This removes a dependency for MBEDTLS_CIPHER_C if TLS is enabled Now only MBEDTLS_MD_C is a legacy dependency for this module Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.tls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/Kconfig.tls b/subsys/nrf_security/Kconfig.tls index eb82abe85151..e761919c797f 100644 --- a/subsys/nrf_security/Kconfig.tls +++ b/subsys/nrf_security/Kconfig.tls @@ -101,7 +101,7 @@ config MBEDTLS_SSL_SRV_C config MBEDTLS_SSL_TLS_C bool default y - depends on MBEDTLS_CIPHER_C && MBEDTLS_MD_C + depends on MBEDTLS_MD_C help Corresponds to MBEDTLS_SSL_TLS_C in mbed TLS config file From 68c9547775ae0c835925ab7a97b405b29c242194 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 10:12:05 +0200 Subject: [PATCH 026/217] crypto: Removal of unused out-of-tree files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Some out-of-tree files from Mbed TLS have been kept in nrf_security to get around issues with compiler warnings for unused functions and symbols and to remove unnecessary code when nrf_oberon is in use and is providing the Mbed TLS legacy support. This commit removes unused files (changed earlier) as well as finally removing aes.c and aes_oberon.c from the build as these are no longer needed. We now use Mbed TLS sources for most use-cases... Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 4 +- subsys/nrf_security/src/legacy/aes.c | 2232 --------------- subsys/nrf_security/src/legacy/aes_oberon.c | 116 - subsys/nrf_security/src/legacy/cipher_wrap.c | 2288 ---------------- subsys/nrf_security/src/legacy/ecp_oberon.c | 158 -- subsys/nrf_security/src/legacy/entropy.c | 722 ----- subsys/nrf_security/src/legacy/pem.c | 496 ---- .../src/legacy/ssl_ciphersuites.c | 2409 ----------------- 8 files changed, 1 insertion(+), 8424 deletions(-) delete mode 100644 subsys/nrf_security/src/legacy/aes.c delete mode 100644 subsys/nrf_security/src/legacy/aes_oberon.c delete mode 100644 subsys/nrf_security/src/legacy/cipher_wrap.c delete mode 100644 subsys/nrf_security/src/legacy/ecp_oberon.c delete mode 100644 subsys/nrf_security/src/legacy/entropy.c delete mode 100644 subsys/nrf_security/src/legacy/pem.c delete mode 100644 subsys/nrf_security/src/legacy/ssl_ciphersuites.c diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index a68c0823b50b..7f4529e24415 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -36,6 +36,7 @@ if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR CONFIG_PSA_CRYPTO_DRIVER_OBERON OR CONFIG_PSA_CRYPTO_DRIVER_CRACEN) append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library + aes.c cmac.c ccm.c chachapoly.c @@ -77,13 +78,10 @@ endif() # Add oberon-specific replacement files if (CONFIG_OBERON_ONLY_ENABLED) list(APPEND src_crypto_legacy - ${CMAKE_CURRENT_LIST_DIR}/aes.c - ${CMAKE_CURRENT_LIST_DIR}/aes_oberon.c ${CMAKE_CURRENT_LIST_DIR}/ecjpake_oberon.c ) else() list(APPEND src_crypto_legacy - ${ARM_MBEDTLS_PATH}/library/aes.c ${CMAKE_CURRENT_LIST_DIR}/dhm_ext.c ) endif() diff --git a/subsys/nrf_security/src/legacy/aes.c b/subsys/nrf_security/src/legacy/aes.c deleted file mode 100644 index c8cee8d6b128..000000000000 --- a/subsys/nrf_security/src/legacy/aes.c +++ /dev/null @@ -1,2232 +0,0 @@ -/* - * FIPS-197 compliant AES implementation - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. - * - * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf - * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf - */ - -#include "common.h" - -#if defined(MBEDTLS_AES_C) - -#include - -#include "mbedtls/aes.h" -#include "mbedtls/platform.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" -#if defined(MBEDTLS_PADLOCK_C) -#include "mbedtls/padlock.h" -#endif -#if defined(MBEDTLS_AESNI_C) -#include "mbedtls/aesni.h" -#endif - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#if !defined(MBEDTLS_AES_ALT) - -/* Parameter validation macros based on platform_util.h */ -#define AES_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA ) -#define AES_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - -/* - * 32-bit integer manipulation macros (little endian) - */ -#ifndef GET_UINT32_LE -#define GET_UINT32_LE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] ) \ - | ( (uint32_t) (b)[(i) + 1] << 8 ) \ - | ( (uint32_t) (b)[(i) + 2] << 16 ) \ - | ( (uint32_t) (b)[(i) + 3] << 24 ); \ -} -#endif - -#ifndef PUT_UINT32_LE -#define PUT_UINT32_LE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \ - (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \ - (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \ - (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \ -} -#endif - -#if defined(MBEDTLS_PADLOCK_C) && \ - ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) -static int aes_padlock_ace = -1; -#endif - -#if !(defined(MBEDTLS_AES_ENCRYPT_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) -#if defined(MBEDTLS_AES_ROM_TABLES) -/* - * Forward S-box - */ -static const unsigned char FSb[256] = -{ - 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, - 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, - 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, - 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, - 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, - 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, - 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, - 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, - 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, - 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, - 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, - 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, - 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, - 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, - 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, - 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, - 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, - 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, - 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, - 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, - 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, - 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, - 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, - 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, - 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, - 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, - 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, - 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, - 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, - 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, - 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, - 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 -}; - -/* - * Forward tables - */ -#define FT \ -\ - V(A5,63,63,C6), V(84,7C,7C,F8), V(99,77,77,EE), V(8D,7B,7B,F6), \ - V(0D,F2,F2,FF), V(BD,6B,6B,D6), V(B1,6F,6F,DE), V(54,C5,C5,91), \ - V(50,30,30,60), V(03,01,01,02), V(A9,67,67,CE), V(7D,2B,2B,56), \ - V(19,FE,FE,E7), V(62,D7,D7,B5), V(E6,AB,AB,4D), V(9A,76,76,EC), \ - V(45,CA,CA,8F), V(9D,82,82,1F), V(40,C9,C9,89), V(87,7D,7D,FA), \ - V(15,FA,FA,EF), V(EB,59,59,B2), V(C9,47,47,8E), V(0B,F0,F0,FB), \ - V(EC,AD,AD,41), V(67,D4,D4,B3), V(FD,A2,A2,5F), V(EA,AF,AF,45), \ - V(BF,9C,9C,23), V(F7,A4,A4,53), V(96,72,72,E4), V(5B,C0,C0,9B), \ - V(C2,B7,B7,75), V(1C,FD,FD,E1), V(AE,93,93,3D), V(6A,26,26,4C), \ - V(5A,36,36,6C), V(41,3F,3F,7E), V(02,F7,F7,F5), V(4F,CC,CC,83), \ - V(5C,34,34,68), V(F4,A5,A5,51), V(34,E5,E5,D1), V(08,F1,F1,F9), \ - V(93,71,71,E2), V(73,D8,D8,AB), V(53,31,31,62), V(3F,15,15,2A), \ - V(0C,04,04,08), V(52,C7,C7,95), V(65,23,23,46), V(5E,C3,C3,9D), \ - V(28,18,18,30), V(A1,96,96,37), V(0F,05,05,0A), V(B5,9A,9A,2F), \ - V(09,07,07,0E), V(36,12,12,24), V(9B,80,80,1B), V(3D,E2,E2,DF), \ - V(26,EB,EB,CD), V(69,27,27,4E), V(CD,B2,B2,7F), V(9F,75,75,EA), \ - V(1B,09,09,12), V(9E,83,83,1D), V(74,2C,2C,58), V(2E,1A,1A,34), \ - V(2D,1B,1B,36), V(B2,6E,6E,DC), V(EE,5A,5A,B4), V(FB,A0,A0,5B), \ - V(F6,52,52,A4), V(4D,3B,3B,76), V(61,D6,D6,B7), V(CE,B3,B3,7D), \ - V(7B,29,29,52), V(3E,E3,E3,DD), V(71,2F,2F,5E), V(97,84,84,13), \ - V(F5,53,53,A6), V(68,D1,D1,B9), V(00,00,00,00), V(2C,ED,ED,C1), \ - V(60,20,20,40), V(1F,FC,FC,E3), V(C8,B1,B1,79), V(ED,5B,5B,B6), \ - V(BE,6A,6A,D4), V(46,CB,CB,8D), V(D9,BE,BE,67), V(4B,39,39,72), \ - V(DE,4A,4A,94), V(D4,4C,4C,98), V(E8,58,58,B0), V(4A,CF,CF,85), \ - V(6B,D0,D0,BB), V(2A,EF,EF,C5), V(E5,AA,AA,4F), V(16,FB,FB,ED), \ - V(C5,43,43,86), V(D7,4D,4D,9A), V(55,33,33,66), V(94,85,85,11), \ - V(CF,45,45,8A), V(10,F9,F9,E9), V(06,02,02,04), V(81,7F,7F,FE), \ - V(F0,50,50,A0), V(44,3C,3C,78), V(BA,9F,9F,25), V(E3,A8,A8,4B), \ - V(F3,51,51,A2), V(FE,A3,A3,5D), V(C0,40,40,80), V(8A,8F,8F,05), \ - V(AD,92,92,3F), V(BC,9D,9D,21), V(48,38,38,70), V(04,F5,F5,F1), \ - V(DF,BC,BC,63), V(C1,B6,B6,77), V(75,DA,DA,AF), V(63,21,21,42), \ - V(30,10,10,20), V(1A,FF,FF,E5), V(0E,F3,F3,FD), V(6D,D2,D2,BF), \ - V(4C,CD,CD,81), V(14,0C,0C,18), V(35,13,13,26), V(2F,EC,EC,C3), \ - V(E1,5F,5F,BE), V(A2,97,97,35), V(CC,44,44,88), V(39,17,17,2E), \ - V(57,C4,C4,93), V(F2,A7,A7,55), V(82,7E,7E,FC), V(47,3D,3D,7A), \ - V(AC,64,64,C8), V(E7,5D,5D,BA), V(2B,19,19,32), V(95,73,73,E6), \ - V(A0,60,60,C0), V(98,81,81,19), V(D1,4F,4F,9E), V(7F,DC,DC,A3), \ - V(66,22,22,44), V(7E,2A,2A,54), V(AB,90,90,3B), V(83,88,88,0B), \ - V(CA,46,46,8C), V(29,EE,EE,C7), V(D3,B8,B8,6B), V(3C,14,14,28), \ - V(79,DE,DE,A7), V(E2,5E,5E,BC), V(1D,0B,0B,16), V(76,DB,DB,AD), \ - V(3B,E0,E0,DB), V(56,32,32,64), V(4E,3A,3A,74), V(1E,0A,0A,14), \ - V(DB,49,49,92), V(0A,06,06,0C), V(6C,24,24,48), V(E4,5C,5C,B8), \ - V(5D,C2,C2,9F), V(6E,D3,D3,BD), V(EF,AC,AC,43), V(A6,62,62,C4), \ - V(A8,91,91,39), V(A4,95,95,31), V(37,E4,E4,D3), V(8B,79,79,F2), \ - V(32,E7,E7,D5), V(43,C8,C8,8B), V(59,37,37,6E), V(B7,6D,6D,DA), \ - V(8C,8D,8D,01), V(64,D5,D5,B1), V(D2,4E,4E,9C), V(E0,A9,A9,49), \ - V(B4,6C,6C,D8), V(FA,56,56,AC), V(07,F4,F4,F3), V(25,EA,EA,CF), \ - V(AF,65,65,CA), V(8E,7A,7A,F4), V(E9,AE,AE,47), V(18,08,08,10), \ - V(D5,BA,BA,6F), V(88,78,78,F0), V(6F,25,25,4A), V(72,2E,2E,5C), \ - V(24,1C,1C,38), V(F1,A6,A6,57), V(C7,B4,B4,73), V(51,C6,C6,97), \ - V(23,E8,E8,CB), V(7C,DD,DD,A1), V(9C,74,74,E8), V(21,1F,1F,3E), \ - V(DD,4B,4B,96), V(DC,BD,BD,61), V(86,8B,8B,0D), V(85,8A,8A,0F), \ - V(90,70,70,E0), V(42,3E,3E,7C), V(C4,B5,B5,71), V(AA,66,66,CC), \ - V(D8,48,48,90), V(05,03,03,06), V(01,F6,F6,F7), V(12,0E,0E,1C), \ - V(A3,61,61,C2), V(5F,35,35,6A), V(F9,57,57,AE), V(D0,B9,B9,69), \ - V(91,86,86,17), V(58,C1,C1,99), V(27,1D,1D,3A), V(B9,9E,9E,27), \ - V(38,E1,E1,D9), V(13,F8,F8,EB), V(B3,98,98,2B), V(33,11,11,22), \ - V(BB,69,69,D2), V(70,D9,D9,A9), V(89,8E,8E,07), V(A7,94,94,33), \ - V(B6,9B,9B,2D), V(22,1E,1E,3C), V(92,87,87,15), V(20,E9,E9,C9), \ - V(49,CE,CE,87), V(FF,55,55,AA), V(78,28,28,50), V(7A,DF,DF,A5), \ - V(8F,8C,8C,03), V(F8,A1,A1,59), V(80,89,89,09), V(17,0D,0D,1A), \ - V(DA,BF,BF,65), V(31,E6,E6,D7), V(C6,42,42,84), V(B8,68,68,D0), \ - V(C3,41,41,82), V(B0,99,99,29), V(77,2D,2D,5A), V(11,0F,0F,1E), \ - V(CB,B0,B0,7B), V(FC,54,54,A8), V(D6,BB,BB,6D), V(3A,16,16,2C) - -#define V(a,b,c,d) 0x##a##b##c##d -static const uint32_t FT0[256] = { FT }; -#undef V - -#if !defined(MBEDTLS_AES_FEWER_TABLES) - -#define V(a,b,c,d) 0x##b##c##d##a -static const uint32_t FT1[256] = { FT }; -#undef V - -#define V(a,b,c,d) 0x##c##d##a##b -static const uint32_t FT2[256] = { FT }; -#undef V - -#define V(a,b,c,d) 0x##d##a##b##c -static const uint32_t FT3[256] = { FT }; -#undef V - -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#undef FT - -/* - * Reverse S-box - */ -static const unsigned char RSb[256] = -{ - 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, - 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, - 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, - 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, - 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, - 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, - 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, - 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, - 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, - 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, - 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, - 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, - 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, - 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, - 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, - 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, - 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, - 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, - 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, - 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, - 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, - 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, - 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, - 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, - 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, - 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, - 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, - 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, - 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, - 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, - 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, - 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D -}; - -/* - * Reverse tables - */ -#define RT \ -\ - V(50,A7,F4,51), V(53,65,41,7E), V(C3,A4,17,1A), V(96,5E,27,3A), \ - V(CB,6B,AB,3B), V(F1,45,9D,1F), V(AB,58,FA,AC), V(93,03,E3,4B), \ - V(55,FA,30,20), V(F6,6D,76,AD), V(91,76,CC,88), V(25,4C,02,F5), \ - V(FC,D7,E5,4F), V(D7,CB,2A,C5), V(80,44,35,26), V(8F,A3,62,B5), \ - V(49,5A,B1,DE), V(67,1B,BA,25), V(98,0E,EA,45), V(E1,C0,FE,5D), \ - V(02,75,2F,C3), V(12,F0,4C,81), V(A3,97,46,8D), V(C6,F9,D3,6B), \ - V(E7,5F,8F,03), V(95,9C,92,15), V(EB,7A,6D,BF), V(DA,59,52,95), \ - V(2D,83,BE,D4), V(D3,21,74,58), V(29,69,E0,49), V(44,C8,C9,8E), \ - V(6A,89,C2,75), V(78,79,8E,F4), V(6B,3E,58,99), V(DD,71,B9,27), \ - V(B6,4F,E1,BE), V(17,AD,88,F0), V(66,AC,20,C9), V(B4,3A,CE,7D), \ - V(18,4A,DF,63), V(82,31,1A,E5), V(60,33,51,97), V(45,7F,53,62), \ - V(E0,77,64,B1), V(84,AE,6B,BB), V(1C,A0,81,FE), V(94,2B,08,F9), \ - V(58,68,48,70), V(19,FD,45,8F), V(87,6C,DE,94), V(B7,F8,7B,52), \ - V(23,D3,73,AB), V(E2,02,4B,72), V(57,8F,1F,E3), V(2A,AB,55,66), \ - V(07,28,EB,B2), V(03,C2,B5,2F), V(9A,7B,C5,86), V(A5,08,37,D3), \ - V(F2,87,28,30), V(B2,A5,BF,23), V(BA,6A,03,02), V(5C,82,16,ED), \ - V(2B,1C,CF,8A), V(92,B4,79,A7), V(F0,F2,07,F3), V(A1,E2,69,4E), \ - V(CD,F4,DA,65), V(D5,BE,05,06), V(1F,62,34,D1), V(8A,FE,A6,C4), \ - V(9D,53,2E,34), V(A0,55,F3,A2), V(32,E1,8A,05), V(75,EB,F6,A4), \ - V(39,EC,83,0B), V(AA,EF,60,40), V(06,9F,71,5E), V(51,10,6E,BD), \ - V(F9,8A,21,3E), V(3D,06,DD,96), V(AE,05,3E,DD), V(46,BD,E6,4D), \ - V(B5,8D,54,91), V(05,5D,C4,71), V(6F,D4,06,04), V(FF,15,50,60), \ - V(24,FB,98,19), V(97,E9,BD,D6), V(CC,43,40,89), V(77,9E,D9,67), \ - V(BD,42,E8,B0), V(88,8B,89,07), V(38,5B,19,E7), V(DB,EE,C8,79), \ - V(47,0A,7C,A1), V(E9,0F,42,7C), V(C9,1E,84,F8), V(00,00,00,00), \ - V(83,86,80,09), V(48,ED,2B,32), V(AC,70,11,1E), V(4E,72,5A,6C), \ - V(FB,FF,0E,FD), V(56,38,85,0F), V(1E,D5,AE,3D), V(27,39,2D,36), \ - V(64,D9,0F,0A), V(21,A6,5C,68), V(D1,54,5B,9B), V(3A,2E,36,24), \ - V(B1,67,0A,0C), V(0F,E7,57,93), V(D2,96,EE,B4), V(9E,91,9B,1B), \ - V(4F,C5,C0,80), V(A2,20,DC,61), V(69,4B,77,5A), V(16,1A,12,1C), \ - V(0A,BA,93,E2), V(E5,2A,A0,C0), V(43,E0,22,3C), V(1D,17,1B,12), \ - V(0B,0D,09,0E), V(AD,C7,8B,F2), V(B9,A8,B6,2D), V(C8,A9,1E,14), \ - V(85,19,F1,57), V(4C,07,75,AF), V(BB,DD,99,EE), V(FD,60,7F,A3), \ - V(9F,26,01,F7), V(BC,F5,72,5C), V(C5,3B,66,44), V(34,7E,FB,5B), \ - V(76,29,43,8B), V(DC,C6,23,CB), V(68,FC,ED,B6), V(63,F1,E4,B8), \ - V(CA,DC,31,D7), V(10,85,63,42), V(40,22,97,13), V(20,11,C6,84), \ - V(7D,24,4A,85), V(F8,3D,BB,D2), V(11,32,F9,AE), V(6D,A1,29,C7), \ - V(4B,2F,9E,1D), V(F3,30,B2,DC), V(EC,52,86,0D), V(D0,E3,C1,77), \ - V(6C,16,B3,2B), V(99,B9,70,A9), V(FA,48,94,11), V(22,64,E9,47), \ - V(C4,8C,FC,A8), V(1A,3F,F0,A0), V(D8,2C,7D,56), V(EF,90,33,22), \ - V(C7,4E,49,87), V(C1,D1,38,D9), V(FE,A2,CA,8C), V(36,0B,D4,98), \ - V(CF,81,F5,A6), V(28,DE,7A,A5), V(26,8E,B7,DA), V(A4,BF,AD,3F), \ - V(E4,9D,3A,2C), V(0D,92,78,50), V(9B,CC,5F,6A), V(62,46,7E,54), \ - V(C2,13,8D,F6), V(E8,B8,D8,90), V(5E,F7,39,2E), V(F5,AF,C3,82), \ - V(BE,80,5D,9F), V(7C,93,D0,69), V(A9,2D,D5,6F), V(B3,12,25,CF), \ - V(3B,99,AC,C8), V(A7,7D,18,10), V(6E,63,9C,E8), V(7B,BB,3B,DB), \ - V(09,78,26,CD), V(F4,18,59,6E), V(01,B7,9A,EC), V(A8,9A,4F,83), \ - V(65,6E,95,E6), V(7E,E6,FF,AA), V(08,CF,BC,21), V(E6,E8,15,EF), \ - V(D9,9B,E7,BA), V(CE,36,6F,4A), V(D4,09,9F,EA), V(D6,7C,B0,29), \ - V(AF,B2,A4,31), V(31,23,3F,2A), V(30,94,A5,C6), V(C0,66,A2,35), \ - V(37,BC,4E,74), V(A6,CA,82,FC), V(B0,D0,90,E0), V(15,D8,A7,33), \ - V(4A,98,04,F1), V(F7,DA,EC,41), V(0E,50,CD,7F), V(2F,F6,91,17), \ - V(8D,D6,4D,76), V(4D,B0,EF,43), V(54,4D,AA,CC), V(DF,04,96,E4), \ - V(E3,B5,D1,9E), V(1B,88,6A,4C), V(B8,1F,2C,C1), V(7F,51,65,46), \ - V(04,EA,5E,9D), V(5D,35,8C,01), V(73,74,87,FA), V(2E,41,0B,FB), \ - V(5A,1D,67,B3), V(52,D2,DB,92), V(33,56,10,E9), V(13,47,D6,6D), \ - V(8C,61,D7,9A), V(7A,0C,A1,37), V(8E,14,F8,59), V(89,3C,13,EB), \ - V(EE,27,A9,CE), V(35,C9,61,B7), V(ED,E5,1C,E1), V(3C,B1,47,7A), \ - V(59,DF,D2,9C), V(3F,73,F2,55), V(79,CE,14,18), V(BF,37,C7,73), \ - V(EA,CD,F7,53), V(5B,AA,FD,5F), V(14,6F,3D,DF), V(86,DB,44,78), \ - V(81,F3,AF,CA), V(3E,C4,68,B9), V(2C,34,24,38), V(5F,40,A3,C2), \ - V(72,C3,1D,16), V(0C,25,E2,BC), V(8B,49,3C,28), V(41,95,0D,FF), \ - V(71,01,A8,39), V(DE,B3,0C,08), V(9C,E4,B4,D8), V(90,C1,56,64), \ - V(61,84,CB,7B), V(70,B6,32,D5), V(74,5C,6C,48), V(42,57,B8,D0) - -#define V(a,b,c,d) 0x##a##b##c##d -static const uint32_t RT0[256] = { RT }; -#undef V - -#if !defined(MBEDTLS_AES_FEWER_TABLES) - -#define V(a,b,c,d) 0x##b##c##d##a -static const uint32_t RT1[256] = { RT }; -#undef V - -#define V(a,b,c,d) 0x##c##d##a##b -static const uint32_t RT2[256] = { RT }; -#undef V - -#define V(a,b,c,d) 0x##d##a##b##c -static const uint32_t RT3[256] = { RT }; -#undef V - -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#undef RT - -/* - * Round constants - */ -static const uint32_t RCON[10] = -{ - 0x00000001, 0x00000002, 0x00000004, 0x00000008, - 0x00000010, 0x00000020, 0x00000040, 0x00000080, - 0x0000001B, 0x00000036 -}; - -#else /* MBEDTLS_AES_ROM_TABLES */ - -/* - * Forward S-box & tables - */ -static unsigned char FSb[256]; -static uint32_t FT0[256]; -#if !defined(MBEDTLS_AES_FEWER_TABLES) -static uint32_t FT1[256]; -static uint32_t FT2[256]; -static uint32_t FT3[256]; -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -/* - * Reverse S-box & tables - */ -static unsigned char RSb[256]; -static uint32_t RT0[256]; -#if !defined(MBEDTLS_AES_FEWER_TABLES) -static uint32_t RT1[256]; -static uint32_t RT2[256]; -static uint32_t RT3[256]; -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -/* - * Round constants - */ -static uint32_t RCON[10]; - -/* - * Tables generation code - */ -#define ROTL8(x) ( ( (x) << 8 ) & 0xFFFFFFFF ) | ( (x) >> 24 ) -#define XTIME(x) ( ( (x) << 1 ) ^ ( ( (x) & 0x80 ) ? 0x1B : 0x00 ) ) -#define MUL(x,y) ( ( (x) && (y) ) ? pow[(log[(x)]+log[(y)]) % 255] : 0 ) - - -static int aes_init_done = 0; - -static void aes_gen_tables( void ) -{ - int i, x, y, z; - int pow[256]; - int log[256]; - - /* - * compute pow and log tables over GF(2^8) - */ - for( i = 0, x = 1; i < 256; i++ ) - { - pow[i] = x; - log[x] = i; - x = ( x ^ XTIME( x ) ) & 0xFF; - } - - /* - * calculate the round constants - */ - for( i = 0, x = 1; i < 10; i++ ) - { - RCON[i] = (uint32_t) x; - x = XTIME( x ) & 0xFF; - } - - /* - * generate the forward and reverse S-boxes - */ - FSb[0x00] = 0x63; - RSb[0x63] = 0x00; - - for( i = 1; i < 256; i++ ) - { - x = pow[255 - log[i]]; - - y = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF; - x ^= y ^ 0x63; - - FSb[i] = (unsigned char) x; - RSb[x] = (unsigned char) i; - } - - /* - * generate the forward and reverse tables - */ - for( i = 0; i < 256; i++ ) - { - x = FSb[i]; - y = XTIME( x ) & 0xFF; - z = ( y ^ x ) & 0xFF; - - FT0[i] = ( (uint32_t) y ) ^ - ( (uint32_t) x << 8 ) ^ - ( (uint32_t) x << 16 ) ^ - ( (uint32_t) z << 24 ); - -#if !defined(MBEDTLS_AES_FEWER_TABLES) - FT1[i] = ROTL8( FT0[i] ); - FT2[i] = ROTL8( FT1[i] ); - FT3[i] = ROTL8( FT2[i] ); -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - - x = RSb[i]; - - RT0[i] = ( (uint32_t) MUL( 0x0E, x ) ) ^ - ( (uint32_t) MUL( 0x09, x ) << 8 ) ^ - ( (uint32_t) MUL( 0x0D, x ) << 16 ) ^ - ( (uint32_t) MUL( 0x0B, x ) << 24 ); - -#if !defined(MBEDTLS_AES_FEWER_TABLES) - RT1[i] = ROTL8( RT0[i] ); - RT2[i] = ROTL8( RT1[i] ); - RT3[i] = ROTL8( RT2[i] ); -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - } -} - -#endif /* MBEDTLS_AES_ENCRYPT/MBEDTLS_AES_DECRYPT_ALT */ - -#undef ROTL8 - -#endif /* MBEDTLS_AES_ROM_TABLES */ - -#if defined(MBEDTLS_AES_FEWER_TABLES) - -#define ROTL8(x) ( (uint32_t)( ( x ) << 8 ) + (uint32_t)( ( x ) >> 24 ) ) -#define ROTL16(x) ( (uint32_t)( ( x ) << 16 ) + (uint32_t)( ( x ) >> 16 ) ) -#define ROTL24(x) ( (uint32_t)( ( x ) << 24 ) + (uint32_t)( ( x ) >> 8 ) ) - -#define AES_RT0(idx) RT0[idx] -#define AES_RT1(idx) ROTL8( RT0[idx] ) -#define AES_RT2(idx) ROTL16( RT0[idx] ) -#define AES_RT3(idx) ROTL24( RT0[idx] ) - -#define AES_FT0(idx) FT0[idx] -#define AES_FT1(idx) ROTL8( FT0[idx] ) -#define AES_FT2(idx) ROTL16( FT0[idx] ) -#define AES_FT3(idx) ROTL24( FT0[idx] ) - -#else /* MBEDTLS_AES_FEWER_TABLES */ - -#define AES_RT0(idx) RT0[idx] -#define AES_RT1(idx) RT1[idx] -#define AES_RT2(idx) RT2[idx] -#define AES_RT3(idx) RT3[idx] - -#define AES_FT0(idx) FT0[idx] -#define AES_FT1(idx) FT1[idx] -#define AES_FT2(idx) FT2[idx] -#define AES_FT3(idx) FT3[idx] - -#endif /* MBEDTLS_AES_FEWER_TABLES */ - -void mbedtls_aes_init( mbedtls_aes_context *ctx ) -{ - AES_VALIDATE( ctx != NULL ); - - memset( ctx, 0, sizeof( mbedtls_aes_context ) ); -} - -void mbedtls_aes_free( mbedtls_aes_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) ); -} - -#if defined(MBEDTLS_CIPHER_MODE_XTS) -void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ) -{ - AES_VALIDATE( ctx != NULL ); - - mbedtls_aes_init( &ctx->crypt ); - mbedtls_aes_init( &ctx->tweak ); -} - -void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_aes_free( &ctx->crypt ); - mbedtls_aes_free( &ctx->tweak ); -} -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -/* - * AES key schedule (encryption) - */ -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) -{ - unsigned int i; - uint32_t *RK; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - switch( keybits ) - { - case 128: ctx->nr = 10; break; - case 192: ctx->nr = 12; break; - case 256: ctx->nr = 14; break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); - } - -#if !defined(MBEDTLS_AES_ROM_TABLES) - if( aes_init_done == 0 ) - { - aes_gen_tables(); - aes_init_done = 1; - } -#endif - -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if( aes_padlock_ace == -1 ) - aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); - - if( aes_padlock_ace ) - ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); - else -#endif - ctx->rk = RK = ctx->buf; - -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keybits ) ); -#endif - - for( i = 0; i < ( keybits >> 5 ); i++ ) - { - GET_UINT32_LE( RK[i], key, i << 2 ); - } - - switch( ctx->nr ) - { - case 10: - - for( i = 0; i < 10; i++, RK += 4 ) - { - RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 ); - - RK[5] = RK[1] ^ RK[4]; - RK[6] = RK[2] ^ RK[5]; - RK[7] = RK[3] ^ RK[6]; - } - break; - - case 12: - - for( i = 0; i < 8; i++, RK += 6 ) - { - RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 ); - - RK[7] = RK[1] ^ RK[6]; - RK[8] = RK[2] ^ RK[7]; - RK[9] = RK[3] ^ RK[8]; - RK[10] = RK[4] ^ RK[9]; - RK[11] = RK[5] ^ RK[10]; - } - break; - - case 14: - - for( i = 0; i < 7; i++, RK += 8 ) - { - RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 ); - - RK[9] = RK[1] ^ RK[8]; - RK[10] = RK[2] ^ RK[9]; - RK[11] = RK[3] ^ RK[10]; - - RK[12] = RK[4] ^ - ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 ); - - RK[13] = RK[5] ^ RK[12]; - RK[14] = RK[6] ^ RK[13]; - RK[15] = RK[7] ^ RK[14]; - } - break; - } - - return( 0 ); -} -#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ - -/* - * AES key schedule (decryption) - */ -#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) -int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) -{ - int i, j, ret; - mbedtls_aes_context cty; - uint32_t *RK; - uint32_t *SK; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - mbedtls_aes_init( &cty ); - -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if( aes_padlock_ace == -1 ) - aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); - - if( aes_padlock_ace ) - ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); - else -#endif - ctx->rk = RK = ctx->buf; - - /* Also checks keybits */ - if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keybits ) ) != 0 ) - goto exit; - - ctx->nr = cty.nr; - -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - { - mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk, - (const unsigned char *) cty.rk, ctx->nr ); - goto exit; - } -#endif - - SK = cty.rk + cty.nr * 4; - - *RK++ = *SK++; - *RK++ = *SK++; - *RK++ = *SK++; - *RK++ = *SK++; - - for( i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8 ) - { - for( j = 0; j < 4; j++, SK++ ) - { - *RK++ = AES_RT0( FSb[ ( *SK ) & 0xFF ] ) ^ - AES_RT1( FSb[ ( *SK >> 8 ) & 0xFF ] ) ^ - AES_RT2( FSb[ ( *SK >> 16 ) & 0xFF ] ) ^ - AES_RT3( FSb[ ( *SK >> 24 ) & 0xFF ] ); - } - } - - *RK++ = *SK++; - *RK++ = *SK++; - *RK++ = *SK++; - *RK++ = *SK++; - -exit: - mbedtls_aes_free( &cty ); - - return( ret ); -} - -#if defined(MBEDTLS_CIPHER_MODE_XTS) -static int mbedtls_aes_xts_decode_keys( const unsigned char *key, - unsigned int keybits, - const unsigned char **key1, - unsigned int *key1bits, - const unsigned char **key2, - unsigned int *key2bits ) -{ - const unsigned int half_keybits = keybits / 2; - const unsigned int half_keybytes = half_keybits / 8; - - switch( keybits ) - { - case 256: break; - case 512: break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); - } - - *key1bits = half_keybits; - *key2bits = half_keybits; - *key1 = &key[0]; - *key2 = &key[half_keybytes]; - - return 0; -} - -int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const unsigned char *key1, *key2; - unsigned int key1bits, key2bits; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set the tweak key. Always set tweak key for the encryption mode. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set crypt key for encryption. */ - return mbedtls_aes_setkey_enc( &ctx->crypt, key1, key1bits ); -} - -int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const unsigned char *key1, *key2; - unsigned int key1bits, key2bits; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set the tweak key. Always set tweak key for encryption. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set crypt key for decryption. */ - return mbedtls_aes_setkey_dec( &ctx->crypt, key1, key1bits ); -} -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */ - -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ - do \ - { \ - (X0) = *RK++ ^ AES_FT0( ( (Y0) ) & 0xFF ) ^ \ - AES_FT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y3) >> 24 ) & 0xFF ); \ - \ - (X1) = *RK++ ^ AES_FT0( ( (Y1) ) & 0xFF ) ^ \ - AES_FT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y0) >> 24 ) & 0xFF ); \ - \ - (X2) = *RK++ ^ AES_FT0( ( (Y2) ) & 0xFF ) ^ \ - AES_FT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y1) >> 24 ) & 0xFF ); \ - \ - (X3) = *RK++ ^ AES_FT0( ( (Y3) ) & 0xFF ) ^ \ - AES_FT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_FT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_FT3( ( (Y2) >> 24 ) & 0xFF ); \ - } while( 0 ) - -#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ - do \ - { \ - (X0) = *RK++ ^ AES_RT0( ( (Y0) ) & 0xFF ) ^ \ - AES_RT1( ( (Y3) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y2) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y1) >> 24 ) & 0xFF ); \ - \ - (X1) = *RK++ ^ AES_RT0( ( (Y1) ) & 0xFF ) ^ \ - AES_RT1( ( (Y0) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y3) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y2) >> 24 ) & 0xFF ); \ - \ - (X2) = *RK++ ^ AES_RT0( ( (Y2) ) & 0xFF ) ^ \ - AES_RT1( ( (Y1) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y0) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y3) >> 24 ) & 0xFF ); \ - \ - (X3) = *RK++ ^ AES_RT0( ( (Y3) ) & 0xFF ) ^ \ - AES_RT1( ( (Y2) >> 8 ) & 0xFF ) ^ \ - AES_RT2( ( (Y1) >> 16 ) & 0xFF ) ^ \ - AES_RT3( ( (Y0) >> 24 ) & 0xFF ); \ - } while( 0 ) - -/* - * AES-ECB block encryption - */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) -int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - int i; - uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; - - RK = ctx->rk; - - GET_UINT32_LE( X0, input, 0 ); X0 ^= *RK++; - GET_UINT32_LE( X1, input, 4 ); X1 ^= *RK++; - GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++; - GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++; - - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); - } - - AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - - X0 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y0 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); - - X1 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y1 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); - - X2 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y2 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); - - X3 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y3 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); - - PUT_UINT32_LE( X0, output, 0 ); - PUT_UINT32_LE( X1, output, 4 ); - PUT_UINT32_LE( X2, output, 8 ); - PUT_UINT32_LE( X3, output, 12 ); - - mbedtls_platform_zeroize( &X0, sizeof( X0 ) ); - mbedtls_platform_zeroize( &X1, sizeof( X1 ) ); - mbedtls_platform_zeroize( &X2, sizeof( X2 ) ); - mbedtls_platform_zeroize( &X3, sizeof( X3 ) ); - - mbedtls_platform_zeroize( &Y0, sizeof( Y0 ) ); - mbedtls_platform_zeroize( &Y1, sizeof( Y1 ) ); - mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) ); - mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) ); - - mbedtls_platform_zeroize( &RK, sizeof( RK ) ); - - return( 0 ); -} -#endif /* !MBEDTLS_AES_ENCRYPT_ALT */ - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - mbedtls_internal_aes_encrypt( ctx, input, output ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - -/* - * AES-ECB block decryption - */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) -int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - int i; - uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; - - RK = ctx->rk; - - GET_UINT32_LE( X0, input, 0 ); X0 ^= *RK++; - GET_UINT32_LE( X1, input, 4 ); X1 ^= *RK++; - GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++; - GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++; - - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); - } - - AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - - X0 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y0 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); - - X1 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y1 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); - - X2 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y2 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); - - X3 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y3 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); - - PUT_UINT32_LE( X0, output, 0 ); - PUT_UINT32_LE( X1, output, 4 ); - PUT_UINT32_LE( X2, output, 8 ); - PUT_UINT32_LE( X3, output, 12 ); - - mbedtls_platform_zeroize( &X0, sizeof( X0 ) ); - mbedtls_platform_zeroize( &X1, sizeof( X1 ) ); - mbedtls_platform_zeroize( &X2, sizeof( X2 ) ); - mbedtls_platform_zeroize( &X3, sizeof( X3 ) ); - - mbedtls_platform_zeroize( &Y0, sizeof( Y0 ) ); - mbedtls_platform_zeroize( &Y1, sizeof( Y1 ) ); - mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) ); - mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) ); - - mbedtls_platform_zeroize( &RK, sizeof( RK ) ); - - return( 0 ); -} -#endif /* !MBEDTLS_AES_DECRYPT_ALT */ - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - mbedtls_internal_aes_decrypt( ctx, input, output ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - -/* - * AES-ECB block encryption/decryption - */ -int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) -{ - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) ); -#endif - -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) - { - if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 ) - return( 0 ); - - // If padlock data misaligned, we just fall back to - // unaccelerated mode - // - } -#endif - - if( mode == MBEDTLS_AES_ENCRYPT ) - return( mbedtls_internal_aes_encrypt( ctx, input, output ) ); - else - return( mbedtls_internal_aes_decrypt( ctx, input, output ) ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -/* - * AES-CBC buffer encryption/decryption - */ -int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - int i; - unsigned char temp[16]; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - - if( length % 16 ) - return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); - -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) - { - if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) - return( 0 ); - - // If padlock data misaligned, we just fall back to - // unaccelerated mode - // - } -#endif - - if( mode == MBEDTLS_AES_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 16 ); - mbedtls_aes_crypt_ecb( ctx, mode, input, output ); - - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); - - memcpy( iv, temp, 16 ); - - input += 16; - output += 16; - length -= 16; - } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); - - mbedtls_aes_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, 16 ); - - input += 16; - output += 16; - length -= 16; - } - } - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) - -/* Endianess with 64 bits values */ -#ifndef GET_UINT64_LE -#define GET_UINT64_LE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \ - | ( (uint64_t) (b)[(i) + 6] << 48 ) \ - | ( (uint64_t) (b)[(i) + 5] << 40 ) \ - | ( (uint64_t) (b)[(i) + 4] << 32 ) \ - | ( (uint64_t) (b)[(i) + 3] << 24 ) \ - | ( (uint64_t) (b)[(i) + 2] << 16 ) \ - | ( (uint64_t) (b)[(i) + 1] << 8 ) \ - | ( (uint64_t) (b)[(i) ] ); \ -} -#endif - -#ifndef PUT_UINT64_LE -#define PUT_UINT64_LE(n,b,i) \ -{ \ - (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) ] = (unsigned char) ( (n) ); \ -} -#endif - -typedef unsigned char mbedtls_be128[16]; - -/* - * GF(2^128) multiplication function - * - * This function multiplies a field element by x in the polynomial field - * representation. It uses 64-bit word operations to gain speed but compensates - * for machine endianess and hence works correctly on both big and little - * endian machines. - */ -static void mbedtls_gf128mul_x_ble( unsigned char r[16], - const unsigned char x[16] ) -{ - uint64_t a, b, ra, rb; - - GET_UINT64_LE( a, x, 0 ); - GET_UINT64_LE( b, x, 8 ); - - ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); - rb = ( a >> 63 ) | ( b << 1 ); - - PUT_UINT64_LE( ra, r, 0 ); - PUT_UINT64_LE( rb, r, 8 ); -} - -/* - * AES-XTS buffer encryption/decryption - */ -int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, - int mode, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t blocks = length / 16; - size_t leftover = length % 16; - unsigned char tweak[16]; - unsigned char prev_tweak[16]; - unsigned char tmp[16]; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( data_unit != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - - /* Data units must be at least 16 bytes long. */ - if( length < 16 ) - return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; - - /* NIST SP 800-38E disallows data units larger than 2**20 blocks. */ - if( length > ( 1 << 20 ) * 16 ) - return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; - - /* Compute the tweak. */ - ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, - data_unit, tweak ); - if( ret != 0 ) - return( ret ); - - while( blocks-- ) - { - size_t i; - - if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 ) - { - /* We are on the last block in a decrypt operation that has - * leftover bytes, so we need to use the next tweak for this block, - * and this tweak for the lefover bytes. Save the current tweak for - * the leftovers and then update the current tweak for use on this, - * the last full block. */ - memcpy( prev_tweak, tweak, sizeof( tweak ) ); - mbedtls_gf128mul_x_ble( tweak, tweak ); - } - - for( i = 0; i < 16; i++ ) - tmp[i] = input[i] ^ tweak[i]; - - ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) - return( ret ); - - for( i = 0; i < 16; i++ ) - output[i] = tmp[i] ^ tweak[i]; - - /* Update the tweak for the next block. */ - mbedtls_gf128mul_x_ble( tweak, tweak ); - - output += 16; - input += 16; - } - - if( leftover ) - { - /* If we are on the leftover bytes in a decrypt operation, we need to - * use the previous tweak for these bytes (as saved in prev_tweak). */ - unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak; - - /* We are now on the final part of the data unit, which doesn't divide - * evenly by 16. It's time for ciphertext stealing. */ - size_t i; - unsigned char *prev_output = output - 16; - - /* Copy ciphertext bytes from the previous block to our output for each - * byte of cyphertext we won't steal. At the same time, copy the - * remainder of the input for this final round (since the loop bounds - * are the same). */ - for( i = 0; i < leftover; i++ ) - { - output[i] = prev_output[i]; - tmp[i] = input[i] ^ t[i]; - } - - /* Copy ciphertext bytes from the previous block for input in this - * round. */ - for( ; i < 16; i++ ) - tmp[i] = prev_output[i] ^ t[i]; - - ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) - return ret; - - /* Write the result back to the previous block, overriding the previous - * output we copied. */ - for( i = 0; i < 16; i++ ) - prev_output[i] = tmp[i] ^ t[i]; - } - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -/* - * AES-CFB128 buffer encryption/decryption - */ -int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - int c; - size_t n; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv_off != NULL ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - - n = *iv_off; - - if( n > 15 ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); - - if( mode == MBEDTLS_AES_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - - c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); - iv[n] = (unsigned char) c; - - n = ( n + 1 ) & 0x0F; - } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); - - n = ( n + 1 ) & 0x0F; - } - } - - *iv_off = n; - - return( 0 ); -} - -/* - * AES-CFB8 buffer encryption/decryption - */ -int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - unsigned char c; - unsigned char ov[17]; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - while( length-- ) - { - memcpy( ov, iv, 16 ); - mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - - if( mode == MBEDTLS_AES_DECRYPT ) - ov[16] = *input; - - c = *output++ = (unsigned char)( iv[0] ^ *input++ ); - - if( mode == MBEDTLS_AES_ENCRYPT ) - ov[16] = c; - - memcpy( iv, ov + 1, 16 ); - } - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) -/* - * AES-OFB (Output Feedback Mode) buffer encryption/decryption - */ -int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - int ret = 0; - size_t n; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( iv_off != NULL ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - - n = *iv_off; - - if( n > 15 ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); - - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) - goto exit; - } - *output++ = *input++ ^ iv[n]; - - n = ( n + 1 ) & 0x0F; - } - - *iv_off = n; - -exit: - return( ret ); -} -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -/* - * AES-CTR buffer encryption/decryption - */ -int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) -{ - int c, i; - size_t n; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( nc_off != NULL ); - AES_VALIDATE_RET( nonce_counter != NULL ); - AES_VALIDATE_RET( stream_block != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - - n = *nc_off; - - if ( n > 0x0F ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); - - while( length-- ) - { - if( n == 0 ) { - mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ); - - for( i = 16; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) - break; - } - c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); - - n = ( n + 1 ) & 0x0F; - } - - *nc_off = n; - - return( 0 ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#endif /* !MBEDTLS_AES_ALT */ - -#if defined(MBEDTLS_SELF_TEST) -/* - * AES test vectors from: - * - * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip - */ -static const unsigned char aes_test_ecb_dec[3][16] = -{ - { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58, - 0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 }, - { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2, - 0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 }, - { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D, - 0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE } -}; - -static const unsigned char aes_test_ecb_enc[3][16] = -{ - { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73, - 0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F }, - { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11, - 0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 }, - { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D, - 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 } -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const unsigned char aes_test_cbc_dec[3][16] = -{ - { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73, - 0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 }, - { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75, - 0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B }, - { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75, - 0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 } -}; - -static const unsigned char aes_test_cbc_enc[3][16] = -{ - { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84, - 0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D }, - { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB, - 0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 }, - { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5, - 0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 } -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -/* - * AES-CFB128 test vectors from: - * - * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf - */ -static const unsigned char aes_test_cfb128_key[3][32] = -{ - { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, - 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, - { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, - 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, - 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, - { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, - 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, - 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } -}; - -static const unsigned char aes_test_cfb128_iv[16] = -{ - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F -}; - -static const unsigned char aes_test_cfb128_pt[64] = -{ - 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, - 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A, - 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C, - 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51, - 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11, - 0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF, - 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17, - 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 -}; - -static const unsigned char aes_test_cfb128_ct[3][64] = -{ - { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, - 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, - 0xC8, 0xA6, 0x45, 0x37, 0xA0, 0xB3, 0xA9, 0x3F, - 0xCD, 0xE3, 0xCD, 0xAD, 0x9F, 0x1C, 0xE5, 0x8B, - 0x26, 0x75, 0x1F, 0x67, 0xA3, 0xCB, 0xB1, 0x40, - 0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF, - 0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E, - 0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 }, - { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, - 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, - 0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21, - 0x96, 0x1A, 0x2B, 0x70, 0x17, 0x1D, 0x3D, 0x7A, - 0x2E, 0x1E, 0x8A, 0x1D, 0xD5, 0x9B, 0x88, 0xB1, - 0xC8, 0xE6, 0x0F, 0xED, 0x1E, 0xFA, 0xC4, 0xC9, - 0xC0, 0x5F, 0x9F, 0x9C, 0xA9, 0x83, 0x4F, 0xA0, - 0x42, 0xAE, 0x8F, 0xBA, 0x58, 0x4B, 0x09, 0xFF }, - { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B, - 0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60, - 0x39, 0xFF, 0xED, 0x14, 0x3B, 0x28, 0xB1, 0xC8, - 0x32, 0x11, 0x3C, 0x63, 0x31, 0xE5, 0x40, 0x7B, - 0xDF, 0x10, 0x13, 0x24, 0x15, 0xE5, 0x4B, 0x92, - 0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9, - 0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8, - 0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 } -}; -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) -/* - * AES-OFB test vectors from: - * - * https://csrc.nist.gov/publications/detail/sp/800-38a/final - */ -static const unsigned char aes_test_ofb_key[3][32] = -{ - { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, - 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, - { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, - 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, - 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, - { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, - 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, - 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } -}; - -static const unsigned char aes_test_ofb_iv[16] = -{ - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F -}; - -static const unsigned char aes_test_ofb_pt[64] = -{ - 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, - 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A, - 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C, - 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51, - 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11, - 0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF, - 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17, - 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 -}; - -static const unsigned char aes_test_ofb_ct[3][64] = -{ - { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, - 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, - 0x77, 0x89, 0x50, 0x8d, 0x16, 0x91, 0x8f, 0x03, - 0xf5, 0x3c, 0x52, 0xda, 0xc5, 0x4e, 0xd8, 0x25, - 0x97, 0x40, 0x05, 0x1e, 0x9c, 0x5f, 0xec, 0xf6, - 0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc, - 0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78, - 0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e }, - { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, - 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, - 0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c, - 0x09, 0xe8, 0x17, 0x00, 0xc1, 0x10, 0x04, 0x01, - 0x8d, 0x9a, 0x9a, 0xea, 0xc0, 0xf6, 0x59, 0x6f, - 0x55, 0x9c, 0x6d, 0x4d, 0xaf, 0x59, 0xa5, 0xf2, - 0x6d, 0x9f, 0x20, 0x08, 0x57, 0xca, 0x6c, 0x3e, - 0x9c, 0xac, 0x52, 0x4b, 0xd9, 0xac, 0xc9, 0x2a }, - { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B, - 0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60, - 0x4f, 0xeb, 0xdc, 0x67, 0x40, 0xd2, 0x0b, 0x3a, - 0xc8, 0x8f, 0x6a, 0xd8, 0x2a, 0x4f, 0xb0, 0x8d, - 0x71, 0xab, 0x47, 0xa0, 0x86, 0xe8, 0x6e, 0xed, - 0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08, - 0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8, - 0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84 } -}; -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -/* - * AES-CTR test vectors from: - * - * http://www.faqs.org/rfcs/rfc3686.html - */ - -static const unsigned char aes_test_ctr_key[3][16] = -{ - { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, - 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E }, - { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7, - 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 }, - { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8, - 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC } -}; - -static const unsigned char aes_test_ctr_nonce_counter[3][16] = -{ - { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, - { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59, - 0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 }, - { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F, - 0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 } -}; - -static const unsigned char aes_test_ctr_pt[3][48] = -{ - { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, - 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, - - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, - - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, - 0x20, 0x21, 0x22, 0x23 } -}; - -static const unsigned char aes_test_ctr_ct[3][48] = -{ - { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79, - 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 }, - { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9, - 0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88, - 0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8, - 0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 }, - { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9, - 0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7, - 0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36, - 0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53, - 0x25, 0xB2, 0x07, 0x2F } -}; - -static const int aes_test_ctr_len[3] = - { 16, 32, 36 }; -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) -/* - * AES-XTS test vectors from: - * - * IEEE P1619/D16 Annex B - * https://web.archive.org/web/20150629024421/http://grouper.ieee.org/groups/1619/email/pdf00086.pdf - * (Archived from original at http://grouper.ieee.org/groups/1619/email/pdf00086.pdf) - */ -static const unsigned char aes_test_xts_key[][32] = -{ - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, - 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, - 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, - 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 }, - { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8, - 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0, - 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, - 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 }, -}; - -static const unsigned char aes_test_xts_pt32[][32] = -{ - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, - 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, - 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, - 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 }, - { 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, - 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, - 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, - 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44 }, -}; - -static const unsigned char aes_test_xts_ct32[][32] = -{ - { 0x91, 0x7c, 0xf6, 0x9e, 0xbd, 0x68, 0xb2, 0xec, - 0x9b, 0x9f, 0xe9, 0xa3, 0xea, 0xdd, 0xa6, 0x92, - 0xcd, 0x43, 0xd2, 0xf5, 0x95, 0x98, 0xed, 0x85, - 0x8c, 0x02, 0xc2, 0x65, 0x2f, 0xbf, 0x92, 0x2e }, - { 0xc4, 0x54, 0x18, 0x5e, 0x6a, 0x16, 0x93, 0x6e, - 0x39, 0x33, 0x40, 0x38, 0xac, 0xef, 0x83, 0x8b, - 0xfb, 0x18, 0x6f, 0xff, 0x74, 0x80, 0xad, 0xc4, - 0x28, 0x93, 0x82, 0xec, 0xd6, 0xd3, 0x94, 0xf0 }, - { 0xaf, 0x85, 0x33, 0x6b, 0x59, 0x7a, 0xfc, 0x1a, - 0x90, 0x0b, 0x2e, 0xb2, 0x1e, 0xc9, 0x49, 0xd2, - 0x92, 0xdf, 0x4c, 0x04, 0x7e, 0x0b, 0x21, 0x53, - 0x21, 0x86, 0xa5, 0x97, 0x1a, 0x22, 0x7a, 0x89 }, -}; - -static const unsigned char aes_test_xts_data_unit[][16] = -{ - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, -}; - -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -/* - * Checkup routine - */ -int mbedtls_aes_self_test( int verbose ) -{ - int ret = 0, i, j, u, mode; - unsigned int keybits; - unsigned char key[32]; - unsigned char buf[64]; - const unsigned char *aes_tests; -#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) - unsigned char iv[16]; -#endif -#if defined(MBEDTLS_CIPHER_MODE_CBC) - unsigned char prv[16]; -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB) || \ - defined(MBEDTLS_CIPHER_MODE_OFB) - size_t offset; -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_XTS) - int len; -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - unsigned char nonce_counter[16]; - unsigned char stream_block[16]; -#endif - mbedtls_aes_context ctx; - - memset( key, 0, 32 ); - mbedtls_aes_init( &ctx ); - - /* - * ECB mode - */ - for( i = 0; i < 6; i++ ) - { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; - - if( verbose != 0 ) - mbedtls_printf( " AES-ECB-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - - memset( buf, 0, 16 ); - - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_setkey_dec( &ctx, key, keybits ); - aes_tests = aes_test_ecb_dec[u]; - } - else - { - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); - aes_tests = aes_test_ecb_enc[u]; - } - - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); - continue; - } - else if( ret != 0 ) - { - goto exit; - } - - for( j = 0; j < 10000; j++ ) - { - ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf ); - if( ret != 0 ) - goto exit; - } - - if( memcmp( buf, aes_tests, 16 ) != 0 ) - { - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - /* - * CBC mode - */ - for( i = 0; i < 6; i++ ) - { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; - - if( verbose != 0 ) - mbedtls_printf( " AES-CBC-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - - memset( iv , 0, 16 ); - memset( prv, 0, 16 ); - memset( buf, 0, 16 ); - - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_setkey_dec( &ctx, key, keybits ); - aes_tests = aes_test_cbc_dec[u]; - } - else - { - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); - aes_tests = aes_test_cbc_enc[u]; - } - - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); - continue; - } - else if( ret != 0 ) - { - goto exit; - } - - for( j = 0; j < 10000; j++ ) - { - if( mode == MBEDTLS_AES_ENCRYPT ) - { - unsigned char tmp[16]; - - memcpy( tmp, prv, 16 ); - memcpy( prv, buf, 16 ); - memcpy( buf, tmp, 16 ); - } - - ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf ); - if( ret != 0 ) - goto exit; - - } - - if( memcmp( buf, aes_tests, 16 ) != 0 ) - { - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) - /* - * CFB128 mode - */ - for( i = 0; i < 6; i++ ) - { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; - - if( verbose != 0 ) - mbedtls_printf( " AES-CFB128-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - - memcpy( iv, aes_test_cfb128_iv, 16 ); - memcpy( key, aes_test_cfb128_key[u], keybits / 8 ); - - offset = 0; - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); - continue; - } - else if( ret != 0 ) - { - goto exit; - } - - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_cfb128_ct[u], 64 ); - aes_tests = aes_test_cfb128_pt; - } - else - { - memcpy( buf, aes_test_cfb128_pt, 64 ); - aes_tests = aes_test_cfb128_ct[u]; - } - - ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf ); - if( ret != 0 ) - goto exit; - - if( memcmp( buf, aes_tests, 64 ) != 0 ) - { - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) - /* - * OFB mode - */ - for( i = 0; i < 6; i++ ) - { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; - - if( verbose != 0 ) - mbedtls_printf( " AES-OFB-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - - memcpy( iv, aes_test_ofb_iv, 16 ); - memcpy( key, aes_test_ofb_key[u], keybits / 8 ); - - offset = 0; - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); - continue; - } - else if( ret != 0 ) - { - goto exit; - } - - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_ofb_ct[u], 64 ); - aes_tests = aes_test_ofb_pt; - } - else - { - memcpy( buf, aes_test_ofb_pt, 64 ); - aes_tests = aes_test_ofb_ct[u]; - } - - ret = mbedtls_aes_crypt_ofb( &ctx, 64, &offset, iv, buf, buf ); - if( ret != 0 ) - goto exit; - - if( memcmp( buf, aes_tests, 64 ) != 0 ) - { - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) - /* - * CTR mode - */ - for( i = 0; i < 6; i++ ) - { - u = i >> 1; - mode = i & 1; - - if( verbose != 0 ) - mbedtls_printf( " AES-CTR-128 (%s): ", - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - - memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); - memcpy( key, aes_test_ctr_key[u], 16 ); - - offset = 0; - if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 ) - goto exit; - - len = aes_test_ctr_len[u]; - - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_ctr_ct[u], len ); - aes_tests = aes_test_ctr_pt[u]; - } - else - { - memcpy( buf, aes_test_ctr_pt[u], len ); - aes_tests = aes_test_ctr_ct[u]; - } - - ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, - stream_block, buf, buf ); - if( ret != 0 ) - goto exit; - - if( memcmp( buf, aes_tests, len ) != 0 ) - { - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) - { - static const int num_tests = - sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key); - mbedtls_aes_xts_context ctx_xts; - - /* - * XTS mode - */ - mbedtls_aes_xts_init( &ctx_xts ); - - for( i = 0; i < num_tests << 1; i++ ) - { - const unsigned char *data_unit; - u = i >> 1; - mode = i & 1; - - if( verbose != 0 ) - mbedtls_printf( " AES-XTS-128 (%s): ", - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - - memset( key, 0, sizeof( key ) ); - memcpy( key, aes_test_xts_key[u], 32 ); - data_unit = aes_test_xts_data_unit[u]; - - len = sizeof( *aes_test_xts_ct32 ); - - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_xts_setkey_dec( &ctx_xts, key, 256 ); - if( ret != 0) - goto exit; - memcpy( buf, aes_test_xts_ct32[u], len ); - aes_tests = aes_test_xts_pt32[u]; - } - else - { - ret = mbedtls_aes_xts_setkey_enc( &ctx_xts, key, 256 ); - if( ret != 0) - goto exit; - memcpy( buf, aes_test_xts_pt32[u], len ); - aes_tests = aes_test_xts_ct32[u]; - } - - - ret = mbedtls_aes_crypt_xts( &ctx_xts, mode, len, data_unit, - buf, buf ); - if( ret != 0 ) - goto exit; - - if( memcmp( buf, aes_tests, len ) != 0 ) - { - ret = 1; - goto exit; - } - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - - mbedtls_aes_xts_free( &ctx_xts ); - } -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - - ret = 0; - -exit: - if( ret != 0 && verbose != 0 ) - mbedtls_printf( "failed\n" ); - - mbedtls_aes_free( &ctx ); - - return( ret ); -} - -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_AES_C */ diff --git a/subsys/nrf_security/src/legacy/aes_oberon.c b/subsys/nrf_security/src/legacy/aes_oberon.c deleted file mode 100644 index f864a20a55f1..000000000000 --- a/subsys/nrf_security/src/legacy/aes_oberon.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * FIPS-197 compliant AES implementation - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. - * - * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf - * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf - */ -#include "common.h" - -#include - -#include "mbedtls/aes.h" -#include "mbedtls/platform.h" -#include "mbedtls/platform_util.h" - -#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_CIPHER_MODE_XTS) -/* Parameter validation macros based on platform_util.h */ -#define AES_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA ) -#define AES_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - - -static int mbedtls_aes_xts_decode_keys( const unsigned char *key, - unsigned int keybits, - const unsigned char **key1, - unsigned int *key1bits, - const unsigned char **key2, - unsigned int *key2bits ) -{ - const unsigned int half_keybits = keybits / 2; - const unsigned int half_keybytes = half_keybits / 8; - - switch( keybits ) - { - case 256: break; - case 512: break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); - } - - *key1bits = half_keybits; - *key2bits = half_keybits; - *key1 = &key[0]; - *key2 = &key[half_keybytes]; - - return 0; -} - -int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) -{ - int ret; - const unsigned char *key1, *key2; - unsigned int key1bits, key2bits; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set the tweak key. Always set tweak key for the encryption mode. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set crypt key for encryption. */ - return mbedtls_aes_setkey_enc( &ctx->crypt, key1, key1bits ); -} - -int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) -{ - int ret; - const unsigned char *key1, *key2; - unsigned int key1bits, key2bits; - - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set the tweak key. Always set tweak key for encryption. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set crypt key for decryption. */ - return mbedtls_aes_setkey_dec( &ctx->crypt, key1, key1bits ); -} - -#endif /* defined(MBEDTLS_AES_C) && defined(MBEDTLS_CIPHER_MODE_XTS) */ diff --git a/subsys/nrf_security/src/legacy/cipher_wrap.c b/subsys/nrf_security/src/legacy/cipher_wrap.c deleted file mode 100644 index 61c5ad0a78ff..000000000000 --- a/subsys/nrf_security/src/legacy/cipher_wrap.c +++ /dev/null @@ -1,2288 +0,0 @@ -/** - * \file cipher_wrap.c - * - * \brief Generic cipher wrapper for mbed TLS - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_CIPHER_C) - -#include "mbedtls/cipher_internal.h" - -#if defined(MBEDTLS_CHACHAPOLY_C) -#include "mbedtls/chachapoly.h" -#endif - -#if defined(MBEDTLS_AES_C) -#include "mbedtls/aes.h" -#endif - -#if defined(MBEDTLS_ARC4_C) -#include "mbedtls/arc4.h" -#endif - -#if defined(MBEDTLS_CAMELLIA_C) -#include "mbedtls/camellia.h" -#endif - -#if defined(MBEDTLS_ARIA_C) -#include "mbedtls/aria.h" -#endif - -#if defined(MBEDTLS_DES_C) -#include "mbedtls/des.h" -#endif - -#if defined(MBEDTLS_BLOWFISH_C) -#include "mbedtls/blowfish.h" -#endif - -#if defined(MBEDTLS_CHACHA20_C) -#include "mbedtls/chacha20.h" -#endif - -#if defined(MBEDTLS_GCM_C) -#include "mbedtls/gcm.h" -#endif - -#if defined(MBEDTLS_CCM_C) -#include "mbedtls/ccm.h" -#endif - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#include -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#if defined(MBEDTLS_GCM_C) -/* shared by all GCM ciphers */ -static void *gcm_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) ); - - if( ctx != NULL ) - mbedtls_gcm_init( (mbedtls_gcm_context *) ctx ); - - return( ctx ); -} - -static void gcm_ctx_free( void *ctx ) -{ - mbedtls_gcm_free( ctx ); - mbedtls_free( ctx ); -} -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CCM_C) -/* shared by all CCM ciphers */ -static void *ccm_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) ); - - if( ctx != NULL ) - mbedtls_ccm_init( (mbedtls_ccm_context *) ctx ); - - return( ctx ); -} - -static void ccm_ctx_free( void *ctx ) -{ - mbedtls_ccm_free( ctx ); - mbedtls_free( ctx ); -} -#endif /* MBEDTLS_CCM_C */ - -#if defined(MBEDTLS_AES_C) - -static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input, - output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv, - input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) -static int aes_crypt_ofb_wrap( void *ctx, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aes_crypt_ofb( (mbedtls_aes_context *) ctx, length, iv_off, - iv, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, - stream_block, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) -static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) -{ - mbedtls_aes_xts_context *xts_ctx = ctx; - int mode; - - switch( operation ) - { - case MBEDTLS_ENCRYPT: - mode = MBEDTLS_AES_ENCRYPT; - break; - case MBEDTLS_DECRYPT: - mode = MBEDTLS_AES_DECRYPT; - break; - default: - return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; - } - - return mbedtls_aes_crypt_xts( xts_ctx, mode, length, - data_unit, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen ); -} - -static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen ); -} - -static void * aes_ctx_alloc( void ) -{ - mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) ); - - if( aes == NULL ) - return( NULL ); - - mbedtls_aes_init( aes ); - - return( aes ); -} - -static void aes_ctx_free( void *ctx ) -{ - mbedtls_aes_free( (mbedtls_aes_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t aes_info = { - MBEDTLS_CIPHER_ID_AES, - aes_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - aes_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - aes_crypt_cfb128_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - aes_crypt_ofb_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - aes_crypt_ctr_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - aes_setkey_enc_wrap, - aes_setkey_dec_wrap, - aes_ctx_alloc, - aes_ctx_free -}; - -static const mbedtls_cipher_info_t aes_128_ecb_info = { - MBEDTLS_CIPHER_AES_128_ECB, - MBEDTLS_MODE_ECB, - 128, - "AES-128-ECB", - 16, - 0, - 16, - &aes_info -}; - -#if defined(MBEDTLS_CIPHER_AES_256_ECB_C) -static const mbedtls_cipher_info_t aes_192_ecb_info = { - MBEDTLS_CIPHER_AES_192_ECB, - MBEDTLS_MODE_ECB, - 192, - "AES-192-ECB", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_256_ecb_info = { - MBEDTLS_CIPHER_AES_256_ECB, - MBEDTLS_MODE_ECB, - 256, - "AES-256-ECB", - 16, - 0, - 16, - &aes_info -}; -#endif /* MBEDTLS_CIPHER_AES_256_ECB_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t aes_128_cbc_info = { - MBEDTLS_CIPHER_AES_128_CBC, - MBEDTLS_MODE_CBC, - 128, - "AES-128-CBC", - 16, - 0, - 16, - &aes_info -}; - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) -static const mbedtls_cipher_info_t aes_192_cbc_info = { - MBEDTLS_CIPHER_AES_192_CBC, - MBEDTLS_MODE_CBC, - 192, - "AES-192-CBC", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_256_cbc_info = { - MBEDTLS_CIPHER_AES_256_CBC, - MBEDTLS_MODE_CBC, - 256, - "AES-256-CBC", - 16, - 0, - 16, - &aes_info -}; -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static const mbedtls_cipher_info_t aes_128_cfb128_info = { - MBEDTLS_CIPHER_AES_128_CFB128, - MBEDTLS_MODE_CFB, - 128, - "AES-128-CFB128", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_192_cfb128_info = { - MBEDTLS_CIPHER_AES_192_CFB128, - MBEDTLS_MODE_CFB, - 192, - "AES-192-CFB128", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_256_cfb128_info = { - MBEDTLS_CIPHER_AES_256_CFB128, - MBEDTLS_MODE_CFB, - 256, - "AES-256-CFB128", - 16, - 0, - 16, - &aes_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) -static const mbedtls_cipher_info_t aes_128_ofb_info = { - MBEDTLS_CIPHER_AES_128_OFB, - MBEDTLS_MODE_OFB, - 128, - "AES-128-OFB", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_192_ofb_info = { - MBEDTLS_CIPHER_AES_192_OFB, - MBEDTLS_MODE_OFB, - 192, - "AES-192-OFB", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_256_ofb_info = { - MBEDTLS_CIPHER_AES_256_OFB, - MBEDTLS_MODE_OFB, - 256, - "AES-256-OFB", - 16, - 0, - 16, - &aes_info -}; -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static const mbedtls_cipher_info_t aes_128_ctr_info = { - MBEDTLS_CIPHER_AES_128_CTR, - MBEDTLS_MODE_CTR, - 128, - "AES-128-CTR", - 16, - 0, - 16, - &aes_info -}; - -#if defined(MBEDTLS_CIPHER_AES_256_CTR_C) -static const mbedtls_cipher_info_t aes_192_ctr_info = { - MBEDTLS_CIPHER_AES_192_CTR, - MBEDTLS_MODE_CTR, - 192, - "AES-192-CTR", - 16, - 0, - 16, - &aes_info -}; - -static const mbedtls_cipher_info_t aes_256_ctr_info = { - MBEDTLS_CIPHER_AES_256_CTR, - MBEDTLS_MODE_CTR, - 256, - "AES-256-CTR", - 16, - 0, - 16, - &aes_info -}; -#endif /* MBEDTLS_CIPHER_AES_256_CTR_C */ -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) -static int xts_aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - mbedtls_aes_xts_context *xts_ctx = ctx; - return( mbedtls_aes_xts_setkey_enc( xts_ctx, key, key_bitlen ) ); -} - -static int xts_aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - mbedtls_aes_xts_context *xts_ctx = ctx; - return( mbedtls_aes_xts_setkey_dec( xts_ctx, key, key_bitlen ) ); -} - -static void *xts_aes_ctx_alloc( void ) -{ - mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc( 1, sizeof( *xts_ctx ) ); - - if( xts_ctx != NULL ) - mbedtls_aes_xts_init( xts_ctx ); - - return( xts_ctx ); -} - -static void xts_aes_ctx_free( void *ctx ) -{ - mbedtls_aes_xts_context *xts_ctx = ctx; - - if( xts_ctx == NULL ) - return; - - mbedtls_aes_xts_free( xts_ctx ); - mbedtls_free( xts_ctx ); -} - -static const mbedtls_cipher_base_t xts_aes_info = { - MBEDTLS_CIPHER_ID_AES, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - aes_crypt_xts_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - xts_aes_setkey_enc_wrap, - xts_aes_setkey_dec_wrap, - xts_aes_ctx_alloc, - xts_aes_ctx_free -}; - -static const mbedtls_cipher_info_t aes_128_xts_info = { - MBEDTLS_CIPHER_AES_128_XTS, - MBEDTLS_MODE_XTS, - 256, - "AES-128-XTS", - 16, - 0, - 16, - &xts_aes_info -}; - -static const mbedtls_cipher_info_t aes_256_xts_info = { - MBEDTLS_CIPHER_AES_256_XTS, - MBEDTLS_MODE_XTS, - 512, - "AES-256-XTS", - 16, - 0, - 16, - &xts_aes_info -}; -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -#if defined(MBEDTLS_GCM_C) -static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, - key, key_bitlen ); -} - -static const mbedtls_cipher_base_t gcm_aes_info = { - MBEDTLS_CIPHER_ID_AES, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - gcm_aes_setkey_wrap, - gcm_aes_setkey_wrap, - gcm_ctx_alloc, - gcm_ctx_free, -}; - -static const mbedtls_cipher_info_t aes_128_gcm_info = { - MBEDTLS_CIPHER_AES_128_GCM, - MBEDTLS_MODE_GCM, - 128, - "AES-128-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aes_info -}; - -static const mbedtls_cipher_info_t aes_192_gcm_info = { - MBEDTLS_CIPHER_AES_192_GCM, - MBEDTLS_MODE_GCM, - 192, - "AES-192-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aes_info -}; - -static const mbedtls_cipher_info_t aes_256_gcm_info = { - MBEDTLS_CIPHER_AES_256_GCM, - MBEDTLS_MODE_GCM, - 256, - "AES-256-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aes_info -}; -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CCM_C) -static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, - key, key_bitlen ); -} - -static const mbedtls_cipher_base_t ccm_aes_info = { - MBEDTLS_CIPHER_ID_AES, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - ccm_aes_setkey_wrap, - ccm_aes_setkey_wrap, - ccm_ctx_alloc, - ccm_ctx_free, -}; - -static const mbedtls_cipher_info_t aes_128_ccm_info = { - MBEDTLS_CIPHER_AES_128_CCM, - MBEDTLS_MODE_CCM, - 128, - "AES-128-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info -}; - -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) -static const mbedtls_cipher_info_t aes_192_ccm_info = { - MBEDTLS_CIPHER_AES_192_CCM, - MBEDTLS_MODE_CCM, - 192, - "AES-192-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info -}; - -static const mbedtls_cipher_info_t aes_256_ccm_info = { - MBEDTLS_CIPHER_AES_256_CCM, - MBEDTLS_MODE_CCM, - 256, - "AES-256-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aes_info -}; -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ -#endif /* MBEDTLS_CCM_C */ - -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) - -static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input, - output ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv, - input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length, - iv_off, iv, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen ); -} - -static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen ); -} - -static void * camellia_ctx_alloc( void ) -{ - mbedtls_camellia_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_camellia_init( ctx ); - - return( ctx ); -} - -static void camellia_ctx_free( void *ctx ) -{ - mbedtls_camellia_free( (mbedtls_camellia_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t camellia_info = { - MBEDTLS_CIPHER_ID_CAMELLIA, - camellia_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - camellia_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - camellia_crypt_cfb128_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - camellia_crypt_ctr_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - camellia_setkey_enc_wrap, - camellia_setkey_dec_wrap, - camellia_ctx_alloc, - camellia_ctx_free -}; - -static const mbedtls_cipher_info_t camellia_128_ecb_info = { - MBEDTLS_CIPHER_CAMELLIA_128_ECB, - MBEDTLS_MODE_ECB, - 128, - "CAMELLIA-128-ECB", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_192_ecb_info = { - MBEDTLS_CIPHER_CAMELLIA_192_ECB, - MBEDTLS_MODE_ECB, - 192, - "CAMELLIA-192-ECB", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_256_ecb_info = { - MBEDTLS_CIPHER_CAMELLIA_256_ECB, - MBEDTLS_MODE_ECB, - 256, - "CAMELLIA-256-ECB", - 16, - 0, - 16, - &camellia_info -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t camellia_128_cbc_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CBC, - MBEDTLS_MODE_CBC, - 128, - "CAMELLIA-128-CBC", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_192_cbc_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CBC, - MBEDTLS_MODE_CBC, - 192, - "CAMELLIA-192-CBC", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_256_cbc_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CBC, - MBEDTLS_MODE_CBC, - 256, - "CAMELLIA-256-CBC", - 16, - 0, - 16, - &camellia_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static const mbedtls_cipher_info_t camellia_128_cfb128_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CFB128, - MBEDTLS_MODE_CFB, - 128, - "CAMELLIA-128-CFB128", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_192_cfb128_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CFB128, - MBEDTLS_MODE_CFB, - 192, - "CAMELLIA-192-CFB128", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_256_cfb128_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CFB128, - MBEDTLS_MODE_CFB, - 256, - "CAMELLIA-256-CFB128", - 16, - 0, - 16, - &camellia_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static const mbedtls_cipher_info_t camellia_128_ctr_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CTR, - MBEDTLS_MODE_CTR, - 128, - "CAMELLIA-128-CTR", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_192_ctr_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CTR, - MBEDTLS_MODE_CTR, - 192, - "CAMELLIA-192-CTR", - 16, - 0, - 16, - &camellia_info -}; - -static const mbedtls_cipher_info_t camellia_256_ctr_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CTR, - MBEDTLS_MODE_CTR, - 256, - "CAMELLIA-256-CTR", - 16, - 0, - 16, - &camellia_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_GCM_C) -static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, - key, key_bitlen ); -} - -static const mbedtls_cipher_base_t gcm_camellia_info = { - MBEDTLS_CIPHER_ID_CAMELLIA, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - gcm_camellia_setkey_wrap, - gcm_camellia_setkey_wrap, - gcm_ctx_alloc, - gcm_ctx_free, -}; - -static const mbedtls_cipher_info_t camellia_128_gcm_info = { - MBEDTLS_CIPHER_CAMELLIA_128_GCM, - MBEDTLS_MODE_GCM, - 128, - "CAMELLIA-128-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_camellia_info -}; - -static const mbedtls_cipher_info_t camellia_192_gcm_info = { - MBEDTLS_CIPHER_CAMELLIA_192_GCM, - MBEDTLS_MODE_GCM, - 192, - "CAMELLIA-192-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_camellia_info -}; - -static const mbedtls_cipher_info_t camellia_256_gcm_info = { - MBEDTLS_CIPHER_CAMELLIA_256_GCM, - MBEDTLS_MODE_GCM, - 256, - "CAMELLIA-256-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_camellia_info -}; -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CCM_C) -static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, - key, key_bitlen ); -} - -static const mbedtls_cipher_base_t ccm_camellia_info = { - MBEDTLS_CIPHER_ID_CAMELLIA, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - ccm_camellia_setkey_wrap, - ccm_camellia_setkey_wrap, - ccm_ctx_alloc, - ccm_ctx_free, -}; - -static const mbedtls_cipher_info_t camellia_128_ccm_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CCM, - MBEDTLS_MODE_CCM, - 128, - "CAMELLIA-128-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info -}; - -static const mbedtls_cipher_info_t camellia_192_ccm_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CCM, - MBEDTLS_MODE_CCM, - 192, - "CAMELLIA-192-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info -}; - -static const mbedtls_cipher_info_t camellia_256_ccm_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CCM, - MBEDTLS_MODE_CCM, - 256, - "CAMELLIA-256-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_camellia_info -}; -#endif /* MBEDTLS_CCM_C */ - -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_ARIA_C) - -static int aria_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - (void) operation; - return mbedtls_aria_crypt_ecb( (mbedtls_aria_context *) ctx, input, - output ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int aria_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aria_crypt_cbc( (mbedtls_aria_context *) ctx, operation, length, iv, - input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static int aria_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aria_crypt_cfb128( (mbedtls_aria_context *) ctx, operation, length, - iv_off, iv, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static int aria_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_aria_crypt_ctr( (mbedtls_aria_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -static int aria_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_aria_setkey_dec( (mbedtls_aria_context *) ctx, key, key_bitlen ); -} - -static int aria_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_aria_setkey_enc( (mbedtls_aria_context *) ctx, key, key_bitlen ); -} - -static void * aria_ctx_alloc( void ) -{ - mbedtls_aria_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_aria_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_aria_init( ctx ); - - return( ctx ); -} - -static void aria_ctx_free( void *ctx ) -{ - mbedtls_aria_free( (mbedtls_aria_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t aria_info = { - MBEDTLS_CIPHER_ID_ARIA, - aria_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - aria_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - aria_crypt_cfb128_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - aria_crypt_ctr_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - aria_setkey_enc_wrap, - aria_setkey_dec_wrap, - aria_ctx_alloc, - aria_ctx_free -}; - -static const mbedtls_cipher_info_t aria_128_ecb_info = { - MBEDTLS_CIPHER_ARIA_128_ECB, - MBEDTLS_MODE_ECB, - 128, - "ARIA-128-ECB", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_192_ecb_info = { - MBEDTLS_CIPHER_ARIA_192_ECB, - MBEDTLS_MODE_ECB, - 192, - "ARIA-192-ECB", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_256_ecb_info = { - MBEDTLS_CIPHER_ARIA_256_ECB, - MBEDTLS_MODE_ECB, - 256, - "ARIA-256-ECB", - 16, - 0, - 16, - &aria_info -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t aria_128_cbc_info = { - MBEDTLS_CIPHER_ARIA_128_CBC, - MBEDTLS_MODE_CBC, - 128, - "ARIA-128-CBC", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_192_cbc_info = { - MBEDTLS_CIPHER_ARIA_192_CBC, - MBEDTLS_MODE_CBC, - 192, - "ARIA-192-CBC", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_256_cbc_info = { - MBEDTLS_CIPHER_ARIA_256_CBC, - MBEDTLS_MODE_CBC, - 256, - "ARIA-256-CBC", - 16, - 0, - 16, - &aria_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static const mbedtls_cipher_info_t aria_128_cfb128_info = { - MBEDTLS_CIPHER_ARIA_128_CFB128, - MBEDTLS_MODE_CFB, - 128, - "ARIA-128-CFB128", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_192_cfb128_info = { - MBEDTLS_CIPHER_ARIA_192_CFB128, - MBEDTLS_MODE_CFB, - 192, - "ARIA-192-CFB128", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_256_cfb128_info = { - MBEDTLS_CIPHER_ARIA_256_CFB128, - MBEDTLS_MODE_CFB, - 256, - "ARIA-256-CFB128", - 16, - 0, - 16, - &aria_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static const mbedtls_cipher_info_t aria_128_ctr_info = { - MBEDTLS_CIPHER_ARIA_128_CTR, - MBEDTLS_MODE_CTR, - 128, - "ARIA-128-CTR", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_192_ctr_info = { - MBEDTLS_CIPHER_ARIA_192_CTR, - MBEDTLS_MODE_CTR, - 192, - "ARIA-192-CTR", - 16, - 0, - 16, - &aria_info -}; - -static const mbedtls_cipher_info_t aria_256_ctr_info = { - MBEDTLS_CIPHER_ARIA_256_CTR, - MBEDTLS_MODE_CTR, - 256, - "ARIA-256-CTR", - 16, - 0, - 16, - &aria_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_GCM_C) -static int gcm_aria_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, - key, key_bitlen ); -} - -static const mbedtls_cipher_base_t gcm_aria_info = { - MBEDTLS_CIPHER_ID_ARIA, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - gcm_aria_setkey_wrap, - gcm_aria_setkey_wrap, - gcm_ctx_alloc, - gcm_ctx_free, -}; - -static const mbedtls_cipher_info_t aria_128_gcm_info = { - MBEDTLS_CIPHER_ARIA_128_GCM, - MBEDTLS_MODE_GCM, - 128, - "ARIA-128-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aria_info -}; - -static const mbedtls_cipher_info_t aria_192_gcm_info = { - MBEDTLS_CIPHER_ARIA_192_GCM, - MBEDTLS_MODE_GCM, - 192, - "ARIA-192-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aria_info -}; - -static const mbedtls_cipher_info_t aria_256_gcm_info = { - MBEDTLS_CIPHER_ARIA_256_GCM, - MBEDTLS_MODE_GCM, - 256, - "ARIA-256-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &gcm_aria_info -}; -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CCM_C) -static int ccm_aria_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, - key, key_bitlen ); -} - -static const mbedtls_cipher_base_t ccm_aria_info = { - MBEDTLS_CIPHER_ID_ARIA, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - ccm_aria_setkey_wrap, - ccm_aria_setkey_wrap, - ccm_ctx_alloc, - ccm_ctx_free, -}; - -static const mbedtls_cipher_info_t aria_128_ccm_info = { - MBEDTLS_CIPHER_ARIA_128_CCM, - MBEDTLS_MODE_CCM, - 128, - "ARIA-128-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info -}; - -static const mbedtls_cipher_info_t aria_192_ccm_info = { - MBEDTLS_CIPHER_ARIA_192_CCM, - MBEDTLS_MODE_CCM, - 192, - "ARIA-192-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info -}; - -static const mbedtls_cipher_info_t aria_256_ccm_info = { - MBEDTLS_CIPHER_ARIA_256_CCM, - MBEDTLS_MODE_CCM, - 256, - "ARIA-256-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, - 16, - &ccm_aria_info -}; -#endif /* MBEDTLS_CCM_C */ - -#endif /* MBEDTLS_ARIA_C */ - -#if defined(MBEDTLS_DES_C) - -static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - ((void) operation); - return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output ); -} - -static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - ((void) operation); - return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) -{ - return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input, - output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) -{ - return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input, - output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -static int des_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) key_bitlen); - - return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key ); -} - -static int des_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) key_bitlen); - - return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key ); -} - -static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) key_bitlen); - - return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key ); -} - -static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) key_bitlen); - - return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key ); -} - -static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) key_bitlen); - - return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key ); -} - -static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) key_bitlen); - - return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key ); -} - -static void * des_ctx_alloc( void ) -{ - mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) ); - - if( des == NULL ) - return( NULL ); - - mbedtls_des_init( des ); - - return( des ); -} - -static void des_ctx_free( void *ctx ) -{ - mbedtls_des_free( (mbedtls_des_context *) ctx ); - mbedtls_free( ctx ); -} - -static void * des3_ctx_alloc( void ) -{ - mbedtls_des3_context *des3; - des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) ); - - if( des3 == NULL ) - return( NULL ); - - mbedtls_des3_init( des3 ); - - return( des3 ); -} - -static void des3_ctx_free( void *ctx ) -{ - mbedtls_des3_free( (mbedtls_des3_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t des_info = { - MBEDTLS_CIPHER_ID_DES, - des_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - des_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - des_setkey_enc_wrap, - des_setkey_dec_wrap, - des_ctx_alloc, - des_ctx_free -}; - -static const mbedtls_cipher_info_t des_ecb_info = { - MBEDTLS_CIPHER_DES_ECB, - MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES, - "DES-ECB", - 8, - 0, - 8, - &des_info -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t des_cbc_info = { - MBEDTLS_CIPHER_DES_CBC, - MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES, - "DES-CBC", - 8, - 0, - 8, - &des_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -static const mbedtls_cipher_base_t des_ede_info = { - MBEDTLS_CIPHER_ID_DES, - des3_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - des3_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - des3_set2key_enc_wrap, - des3_set2key_dec_wrap, - des3_ctx_alloc, - des3_ctx_free -}; - -static const mbedtls_cipher_info_t des_ede_ecb_info = { - MBEDTLS_CIPHER_DES_EDE_ECB, - MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES_EDE, - "DES-EDE-ECB", - 8, - 0, - 8, - &des_ede_info -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t des_ede_cbc_info = { - MBEDTLS_CIPHER_DES_EDE_CBC, - MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES_EDE, - "DES-EDE-CBC", - 8, - 0, - 8, - &des_ede_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -static const mbedtls_cipher_base_t des_ede3_info = { - MBEDTLS_CIPHER_ID_3DES, - des3_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - des3_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - des3_set3key_enc_wrap, - des3_set3key_dec_wrap, - des3_ctx_alloc, - des3_ctx_free -}; - -static const mbedtls_cipher_info_t des_ede3_ecb_info = { - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES_EDE3, - "DES-EDE3-ECB", - 8, - 0, - 8, - &des_ede3_info -}; -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t des_ede3_cbc_info = { - MBEDTLS_CIPHER_DES_EDE3_CBC, - MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES_EDE3, - "DES-EDE3-CBC", - 8, - 0, - 8, - &des_ede3_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_BLOWFISH_C) - -static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input, - output ); -} - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, const unsigned char *input, - unsigned char *output ) -{ - return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv, - input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length, - iv_off, iv, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) -{ - return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); -} -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen ); -} - -static void * blowfish_ctx_alloc( void ) -{ - mbedtls_blowfish_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_blowfish_init( ctx ); - - return( ctx ); -} - -static void blowfish_ctx_free( void *ctx ) -{ - mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t blowfish_info = { - MBEDTLS_CIPHER_ID_BLOWFISH, - blowfish_crypt_ecb_wrap, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - blowfish_crypt_cbc_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - blowfish_crypt_cfb64_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - blowfish_crypt_ctr_wrap, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - blowfish_setkey_wrap, - blowfish_setkey_wrap, - blowfish_ctx_alloc, - blowfish_ctx_free -}; - -static const mbedtls_cipher_info_t blowfish_ecb_info = { - MBEDTLS_CIPHER_BLOWFISH_ECB, - MBEDTLS_MODE_ECB, - 128, - "BLOWFISH-ECB", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -static const mbedtls_cipher_info_t blowfish_cbc_info = { - MBEDTLS_CIPHER_BLOWFISH_CBC, - MBEDTLS_MODE_CBC, - 128, - "BLOWFISH-CBC", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -static const mbedtls_cipher_info_t blowfish_cfb64_info = { - MBEDTLS_CIPHER_BLOWFISH_CFB64, - MBEDTLS_MODE_CFB, - 128, - "BLOWFISH-CFB64", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -static const mbedtls_cipher_info_t blowfish_ctr_info = { - MBEDTLS_CIPHER_BLOWFISH_CTR, - MBEDTLS_MODE_CTR, - 128, - "BLOWFISH-CTR", - 8, - MBEDTLS_CIPHER_VARIABLE_KEY_LEN, - 8, - &blowfish_info -}; -#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#endif /* MBEDTLS_BLOWFISH_C */ - -#if defined(MBEDTLS_ARC4_C) -static int arc4_crypt_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) -{ - return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) ); -} - -static int arc4_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - /* we get key_bitlen in bits, arc4 expects it in bytes */ - if( key_bitlen % 8 != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 ); - return( 0 ); -} - -static void * arc4_ctx_alloc( void ) -{ - mbedtls_arc4_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_arc4_init( ctx ); - - return( ctx ); -} - -static void arc4_ctx_free( void *ctx ) -{ - mbedtls_arc4_free( (mbedtls_arc4_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t arc4_base_info = { - MBEDTLS_CIPHER_ID_ARC4, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - arc4_crypt_stream_wrap, -#endif - arc4_setkey_wrap, - arc4_setkey_wrap, - arc4_ctx_alloc, - arc4_ctx_free -}; - -static const mbedtls_cipher_info_t arc4_128_info = { - MBEDTLS_CIPHER_ARC4_128, - MBEDTLS_MODE_STREAM, - 128, - "ARC4-128", - 0, - 0, - 1, - &arc4_base_info -}; -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CHACHA20_C) - -static int chacha20_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - if( key_bitlen != 256U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - if ( 0 != mbedtls_chacha20_setkey( (mbedtls_chacha20_context*)ctx, key ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - return( 0 ); -} - -static int chacha20_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) -{ - int ret; - - ret = mbedtls_chacha20_update( ctx, length, input, output ); - if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - return( ret ); -} - -static void * chacha20_ctx_alloc( void ) -{ - mbedtls_chacha20_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_chacha20_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_chacha20_init( ctx ); - - return( ctx ); -} - -static void chacha20_ctx_free( void *ctx ) -{ - mbedtls_chacha20_free( (mbedtls_chacha20_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t chacha20_base_info = { - MBEDTLS_CIPHER_ID_CHACHA20, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - chacha20_stream_wrap, -#endif - chacha20_setkey_wrap, - chacha20_setkey_wrap, - chacha20_ctx_alloc, - chacha20_ctx_free -}; -static const mbedtls_cipher_info_t chacha20_info = { - MBEDTLS_CIPHER_CHACHA20, - MBEDTLS_MODE_STREAM, - 256, - "CHACHA20", - 12, - 0, - 1, - &chacha20_base_info -}; -#endif /* MBEDTLS_CHACHA20_C */ - -#if defined(MBEDTLS_CHACHAPOLY_C) - -static int chachapoly_setkey_wrap( void *ctx, - const unsigned char *key, - unsigned int key_bitlen ) -{ - if( key_bitlen != 256U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - return( 0 ); -} - -static void * chachapoly_ctx_alloc( void ) -{ - mbedtls_chachapoly_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) ); - - if( ctx == NULL ) - return( NULL ); - - mbedtls_chachapoly_init( ctx ); - - return( ctx ); -} - -static void chachapoly_ctx_free( void *ctx ) -{ - mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx ); - mbedtls_free( ctx ); -} - -static const mbedtls_cipher_base_t chachapoly_base_info = { - MBEDTLS_CIPHER_ID_CHACHA20, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - NULL, -#endif - chachapoly_setkey_wrap, - chachapoly_setkey_wrap, - chachapoly_ctx_alloc, - chachapoly_ctx_free -}; -static const mbedtls_cipher_info_t chachapoly_info = { - MBEDTLS_CIPHER_CHACHA20_POLY1305, - MBEDTLS_MODE_CHACHAPOLY, - 256, - "CHACHA20-POLY1305", - 12, - 0, - 1, - &chachapoly_base_info -}; -#endif /* MBEDTLS_CHACHAPOLY_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -static int null_crypt_stream( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) -{ - ((void) ctx); - memmove( output, input, length ); - return( 0 ); -} - -static int null_setkey( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) -{ - ((void) ctx); - ((void) key); - ((void) key_bitlen); - - return( 0 ); -} - -static void * null_ctx_alloc( void ) -{ - return( (void *) 1 ); -} - -static void null_ctx_free( void *ctx ) -{ - ((void) ctx); -} - -static const mbedtls_cipher_base_t null_base_info = { - MBEDTLS_CIPHER_ID_NULL, - NULL, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - NULL, -#endif -#if defined(MBEDTLS_CIPHER_MODE_STREAM) - null_crypt_stream, -#endif - null_setkey, - null_setkey, - null_ctx_alloc, - null_ctx_free -}; - -static const mbedtls_cipher_info_t null_cipher_info = { - MBEDTLS_CIPHER_NULL, - MBEDTLS_MODE_STREAM, - 0, - "NULL", - 0, - 0, - 1, - &null_base_info -}; -#endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ - -const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = -{ -#if defined(MBEDTLS_AES_C) - { MBEDTLS_CIPHER_AES_128_ECB, &aes_128_ecb_info }, -#if defined(MBEDTLS_CIPHER_AES_256_ECB_C) - { MBEDTLS_CIPHER_AES_192_ECB, &aes_192_ecb_info }, - { MBEDTLS_CIPHER_AES_256_ECB, &aes_256_ecb_info }, -#endif /* MBEDTLS_CIPHER_AES_256_ECB_C */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_CIPHER_AES_128_CBC, &aes_128_cbc_info }, -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_CIPHER_AES_192_CBC, &aes_192_cbc_info }, - { MBEDTLS_CIPHER_AES_256_CBC, &aes_256_cbc_info }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - { MBEDTLS_CIPHER_AES_128_CFB128, &aes_128_cfb128_info }, - { MBEDTLS_CIPHER_AES_192_CFB128, &aes_192_cfb128_info }, - { MBEDTLS_CIPHER_AES_256_CFB128, &aes_256_cfb128_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_OFB) - { MBEDTLS_CIPHER_AES_128_OFB, &aes_128_ofb_info }, - { MBEDTLS_CIPHER_AES_192_OFB, &aes_192_ofb_info }, - { MBEDTLS_CIPHER_AES_256_OFB, &aes_256_ofb_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - { MBEDTLS_CIPHER_AES_128_CTR, &aes_128_ctr_info }, -#if defined(MBEDTLS_CIPHER_AES_256_CTR_C) - { MBEDTLS_CIPHER_AES_192_CTR, &aes_192_ctr_info }, - { MBEDTLS_CIPHER_AES_256_CTR, &aes_256_ctr_info }, -#endif /* MBEDTLS_CIPHER_AES_256_CTR_C */ -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) - { MBEDTLS_CIPHER_AES_128_XTS, &aes_128_xts_info }, - { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, -#endif -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, - { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, - { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, -#endif -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, - { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ -#endif -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_ARC4_C) - { MBEDTLS_CIPHER_ARC4_128, &arc4_128_info }, -#endif - -#if defined(MBEDTLS_BLOWFISH_C) - { MBEDTLS_CIPHER_BLOWFISH_ECB, &blowfish_ecb_info }, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_CIPHER_BLOWFISH_CBC, &blowfish_cbc_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - { MBEDTLS_CIPHER_BLOWFISH_CFB64, &blowfish_cfb64_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - { MBEDTLS_CIPHER_BLOWFISH_CTR, &blowfish_ctr_info }, -#endif -#endif /* MBEDTLS_BLOWFISH_C */ - -#if defined(MBEDTLS_CAMELLIA_C) - { MBEDTLS_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info }, - { MBEDTLS_CIPHER_CAMELLIA_192_ECB, &camellia_192_ecb_info }, - { MBEDTLS_CIPHER_CAMELLIA_256_ECB, &camellia_256_ecb_info }, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_CIPHER_CAMELLIA_128_CBC, &camellia_128_cbc_info }, - { MBEDTLS_CIPHER_CAMELLIA_192_CBC, &camellia_192_cbc_info }, - { MBEDTLS_CIPHER_CAMELLIA_256_CBC, &camellia_256_cbc_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - { MBEDTLS_CIPHER_CAMELLIA_128_CFB128, &camellia_128_cfb128_info }, - { MBEDTLS_CIPHER_CAMELLIA_192_CFB128, &camellia_192_cfb128_info }, - { MBEDTLS_CIPHER_CAMELLIA_256_CFB128, &camellia_256_cfb128_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - { MBEDTLS_CIPHER_CAMELLIA_128_CTR, &camellia_128_ctr_info }, - { MBEDTLS_CIPHER_CAMELLIA_192_CTR, &camellia_192_ctr_info }, - { MBEDTLS_CIPHER_CAMELLIA_256_CTR, &camellia_256_ctr_info }, -#endif -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_CIPHER_CAMELLIA_128_GCM, &camellia_128_gcm_info }, - { MBEDTLS_CIPHER_CAMELLIA_192_GCM, &camellia_192_gcm_info }, - { MBEDTLS_CIPHER_CAMELLIA_256_GCM, &camellia_256_gcm_info }, -#endif -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_CIPHER_CAMELLIA_128_CCM, &camellia_128_ccm_info }, - { MBEDTLS_CIPHER_CAMELLIA_192_CCM, &camellia_192_ccm_info }, - { MBEDTLS_CIPHER_CAMELLIA_256_CCM, &camellia_256_ccm_info }, -#endif -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_ARIA_C) - { MBEDTLS_CIPHER_ARIA_128_ECB, &aria_128_ecb_info }, - { MBEDTLS_CIPHER_ARIA_192_ECB, &aria_192_ecb_info }, - { MBEDTLS_CIPHER_ARIA_256_ECB, &aria_256_ecb_info }, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_CIPHER_ARIA_128_CBC, &aria_128_cbc_info }, - { MBEDTLS_CIPHER_ARIA_192_CBC, &aria_192_cbc_info }, - { MBEDTLS_CIPHER_ARIA_256_CBC, &aria_256_cbc_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) - { MBEDTLS_CIPHER_ARIA_128_CFB128, &aria_128_cfb128_info }, - { MBEDTLS_CIPHER_ARIA_192_CFB128, &aria_192_cfb128_info }, - { MBEDTLS_CIPHER_ARIA_256_CFB128, &aria_256_cfb128_info }, -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) - { MBEDTLS_CIPHER_ARIA_128_CTR, &aria_128_ctr_info }, - { MBEDTLS_CIPHER_ARIA_192_CTR, &aria_192_ctr_info }, - { MBEDTLS_CIPHER_ARIA_256_CTR, &aria_256_ctr_info }, -#endif -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_CIPHER_ARIA_128_GCM, &aria_128_gcm_info }, - { MBEDTLS_CIPHER_ARIA_192_GCM, &aria_192_gcm_info }, - { MBEDTLS_CIPHER_ARIA_256_GCM, &aria_256_gcm_info }, -#endif -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_CIPHER_ARIA_128_CCM, &aria_128_ccm_info }, - { MBEDTLS_CIPHER_ARIA_192_CCM, &aria_192_ccm_info }, - { MBEDTLS_CIPHER_ARIA_256_CCM, &aria_256_ccm_info }, -#endif -#endif /* MBEDTLS_ARIA_C */ - -#if defined(MBEDTLS_DES_C) - { MBEDTLS_CIPHER_DES_ECB, &des_ecb_info }, - { MBEDTLS_CIPHER_DES_EDE_ECB, &des_ede_ecb_info }, - { MBEDTLS_CIPHER_DES_EDE3_ECB, &des_ede3_ecb_info }, -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_CIPHER_DES_CBC, &des_cbc_info }, - { MBEDTLS_CIPHER_DES_EDE_CBC, &des_ede_cbc_info }, - { MBEDTLS_CIPHER_DES_EDE3_CBC, &des_ede3_cbc_info }, -#endif -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_CHACHA20_C) - { MBEDTLS_CIPHER_CHACHA20, &chacha20_info }, -#endif - -#if defined(MBEDTLS_CHACHAPOLY_C) - { MBEDTLS_CIPHER_CHACHA20_POLY1305, &chachapoly_info }, -#endif - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) - { MBEDTLS_CIPHER_NULL, &null_cipher_info }, -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ - - { MBEDTLS_CIPHER_NONE, NULL } -}; - -#define NUM_CIPHERS sizeof mbedtls_cipher_definitions / sizeof mbedtls_cipher_definitions[0] -int mbedtls_cipher_supported[NUM_CIPHERS]; - -#endif /* MBEDTLS_CIPHER_C */ diff --git a/subsys/nrf_security/src/legacy/ecp_oberon.c b/subsys/nrf_security/src/legacy/ecp_oberon.c deleted file mode 100644 index 6ab612a373a0..000000000000 --- a/subsys/nrf_security/src/legacy/ecp_oberon.c +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Multi-precision integer library - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -/* - * The following sources were referenced in the design of this Multi-precision - * Integer library: - * - * [1] Handbook of Applied Cryptography - 1997 - * Menezes, van Oorschot and Vanstone - * - * [2] Multi-Precision Math - * Tom St Denis - * https://github.com/libtom/libtommath/blob/develop/tommath.pdf - * - * [3] GNU Multi-Precision Arithmetic Library - * https://gmplib.org/manual/index.html - * - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_BIGNUM_C) - -#include "mbedtls/bignum.h" -#include "mbedtls/bn_mul.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/error.h" - -#include - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - - -/* Get a specific byte, without range checks. */ -#define GET_BYTE( X, i ) \ - ( ( ( X )->p[( i ) / ciL] >> ( ( ( i ) % ciL ) * 8 ) ) & 0xff ) - -#define MPI_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) -#define MPI_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - -#define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ -#define biL (ciL << 3) /* bits in limb */ -#define biH (ciL << 2) /* half limb size */ - -#define MPI_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ -#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ -/* - * Convert between bits/chars and number of limbs - * Divide first in order to avoid potential overflows - */ -#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) ) -#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) ) - -/* - * Import X from unsigned binary data, little endian - */ -int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, - const unsigned char *buf, size_t buflen ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i; - size_t const limbs = CHARS_TO_LIMBS( buflen ); - - /* Ensure that target MPI has exactly the necessary number of limbs */ - if( X->n != limbs ) - { - mbedtls_mpi_free( X ); - mbedtls_mpi_init( X ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) ); - } - - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); - - for( i = 0; i < buflen; i++ ) - X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3); - -cleanup: - - /* - * This function is also used to import keys. However, wiping the buffers - * upon failure is not necessary because failure only can happen before any - * input is copied. - */ - return( ret ); -} - -/* - * Export X into unsigned binary data, little endian - */ -int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ) -{ - size_t stored_bytes = X->n * ciL; - size_t bytes_to_copy; - size_t i; - - if( stored_bytes < buflen ) - { - bytes_to_copy = stored_bytes; - } - else - { - bytes_to_copy = buflen; - - /* The output buffer is smaller than the allocated size of X. - * However X may fit if its leading bytes are zero. */ - for( i = bytes_to_copy; i < stored_bytes; i++ ) - { - if( GET_BYTE( X, i ) != 0 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); - } - } - - for( i = 0; i < bytes_to_copy; i++ ) - buf[i] = GET_BYTE( X, i ); - - if( stored_bytes < buflen ) - { - /* Write trailing 0 bytes */ - memset( buf + stored_bytes, 0, buflen - stored_bytes ); - } - - return( 0 ); -} - -#endif diff --git a/subsys/nrf_security/src/legacy/entropy.c b/subsys/nrf_security/src/legacy/entropy.c deleted file mode 100644 index f394d30312ef..000000000000 --- a/subsys/nrf_security/src/legacy/entropy.c +++ /dev/null @@ -1,722 +0,0 @@ -/* - * Entropy accumulator implementation - * - * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_ENTROPY_C) - -#if defined(MBEDTLS_TEST_NULL_ENTROPY) -#warning "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! " -#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES " -#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE " -#endif - -#include "mbedtls/entropy.h" -#include "mbedtls/entropy_poll.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_FS_IO) -#include -#endif - -#if defined(MBEDTLS_ENTROPY_NV_SEED) -#include "mbedtls/platform.h" -#endif - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#if defined(MBEDTLS_HAVEGE_C) -#include "mbedtls/havege.h" -#endif - -#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ - -void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) -{ - ctx->source_count = 0; - memset( ctx->source, 0, sizeof( ctx->source ) ); - -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); -#endif - - ctx->accumulator_started = 0; -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init( &ctx->accumulator ); -#else - mbedtls_sha256_init( &ctx->accumulator ); -#endif -#if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_init( &ctx->havege_data ); -#endif - - /* Reminder: Update ENTROPY_HAVE_STRONG in the test files - * when adding more strong entropy sources here. */ - -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL, - 1, MBEDTLS_ENTROPY_SOURCE_STRONG ); -#endif - -#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) -#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, - MBEDTLS_ENTROPY_MIN_PLATFORM, - MBEDTLS_ENTROPY_SOURCE_STRONG ); -#endif -#if defined(MBEDTLS_TIMING_C) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); -#endif -#if defined(MBEDTLS_HAVEGE_C) - mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, - MBEDTLS_ENTROPY_MIN_HAVEGE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); -#endif -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - /* CC310: Adding ctx as third argument instead of NULL */ - mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, ctx, - MBEDTLS_ENTROPY_MIN_HARDWARE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); -#endif -#if defined(MBEDTLS_ENTROPY_NV_SEED) - mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); - ctx->initial_entropy_run = 0; -#endif -#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ -} - -void mbedtls_entropy_free( mbedtls_entropy_context *ctx ) -{ -#if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_free( &ctx->havege_data ); -#endif -#if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); -#endif -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_free( &ctx->accumulator ); -#else - mbedtls_sha256_free( &ctx->accumulator ); -#endif -#if defined(MBEDTLS_ENTROPY_NV_SEED) - ctx->initial_entropy_run = 0; -#endif - ctx->source_count = 0; - mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) ); - ctx->accumulator_started = 0; -} - -int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, - mbedtls_entropy_f_source_ptr f_source, void *p_source, - size_t threshold, int strong ) -{ - int idx, ret = 0; - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); -#endif - - idx = ctx->source_count; - if( idx >= MBEDTLS_ENTROPY_MAX_SOURCES ) - { - ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES; - goto exit; - } - - ctx->source[idx].f_source = f_source; - ctx->source[idx].p_source = p_source; - ctx->source[idx].threshold = threshold; - ctx->source[idx].strong = strong; - - ctx->source_count++; - -exit: -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -/* - * Entropy accumulator update - */ -static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id, - const unsigned char *data, size_t len ) -{ - unsigned char header[2]; - unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE]; - size_t use_len = len; - const unsigned char *p = data; - int ret = 0; - - if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE ) - { -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 ) - goto cleanup; -#else - if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 ) - goto cleanup; -#endif - p = tmp; - use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; - } - - header[0] = source_id; - header[1] = use_len & 0xFF; - - /* - * Start the accumulator if this has not already happened. Note that - * it is sufficient to start the accumulator here only because all calls to - * gather entropy eventually execute this code. - */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) - goto cleanup; - else - ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) - goto cleanup; - ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len ); -#else - if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) - goto cleanup; - else - ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) - goto cleanup; - ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len ); -#endif - -cleanup: - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - - return( ret ); -} - -int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, - const unsigned char *data, size_t len ) -{ - int ret; - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); -#endif - - ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len ); - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -/* - * Run through the different sources to add entropy to our accumulator - */ -static int entropy_gather_internal( mbedtls_entropy_context *ctx ) -{ - int ret, i, have_one_strong = 0; - unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; - size_t olen; - - if( ctx->source_count == 0 ) - return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); - - /* - * Run through our entropy sources - */ - for( i = 0; i < ctx->source_count; i++ ) - { - if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) - have_one_strong = 1; - - olen = 0; - if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source, - buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 ) - { - goto cleanup; - } - - /* - * Add if we actually gathered something - */ - if( olen > 0 ) - { - if( ( ret = entropy_update( ctx, (unsigned char) i, - buf, olen ) ) != 0 ) - return( ret ); - ctx->source[i].size += olen; - } - } - - if( have_one_strong == 0 ) - ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE; - -cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - - return( ret ); -} - -/* - * Thread-safe wrapper for entropy_gather_internal() - */ -int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) -{ - int ret; - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); -#endif - - ret = entropy_gather_internal( ctx ); - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) -{ - int ret, count = 0, i, done; - mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data; - unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - - if( len > MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - -#if defined(MBEDTLS_ENTROPY_NV_SEED) - /* Update the NV entropy seed before generating any entropy for outside - * use. - */ - if( ctx->initial_entropy_run == 0 ) - { - ctx->initial_entropy_run = 1; - if( ( ret = mbedtls_entropy_update_nv_seed( ctx ) ) != 0 ) - return( ret ); - } -#endif - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); -#endif - - /* - * Always gather extra entropy before a call - */ - do - { - if( count++ > ENTROPY_MAX_LOOP ) - { - ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - goto exit; - } - - if( ( ret = entropy_gather_internal( ctx ) ) != 0 ) - goto exit; - - done = 1; - for( i = 0; i < ctx->source_count; i++ ) - if( ctx->source[i].size < ctx->source[i].threshold ) - done = 0; - } - while( ! done ); - - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - /* - * Note that at this stage it is assumed that the accumulator was started - * in a previous call to entropy_update(). If this is not guaranteed, the - * code below will fail. - */ - if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 ) - goto exit; - - /* - * Reset accumulator and counters and recycle existing entropy - */ - mbedtls_sha512_free( &ctx->accumulator ); - mbedtls_sha512_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - goto exit; - - /* - * Perform second SHA-512 on entropy - */ - if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0 ) ) != 0 ) - goto exit; -#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 ) - goto exit; - - /* - * Reset accumulator and counters and recycle existing entropy - */ - mbedtls_sha256_free( &ctx->accumulator ); - mbedtls_sha256_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - goto exit; - - /* - * Perform second SHA-256 on entropy - */ - if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0 ) ) != 0 ) - goto exit; -#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - - for( i = 0; i < ctx->source_count; i++ ) - ctx->source[i].size = 0; - - memcpy( output, buf, len ); - - ret = 0; - -exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - -#if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); -#endif - - return( ret ); -} - -#if defined(MBEDTLS_ENTROPY_NV_SEED) -int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ) -{ - int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; - unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - - /* Read new seed and write it to NV */ - if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - return( ret ); - - if( mbedtls_nv_seed_write( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); - - /* Manually update the remaining stream with a separator value to diverge */ - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); - - return( ret ); -} -#endif /* MBEDTLS_ENTROPY_NV_SEED */ - -#if defined(MBEDTLS_FS_IO) -int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ) -{ - int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; - FILE *f; - unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); - - if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - goto exit; - - if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE ) - { - ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; - goto exit; - } - - ret = 0; - -exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - - fclose( f ); - return( ret ); -} - -int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ) -{ - int ret = 0; - FILE *f; - size_t n; - unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); - - fseek( f, 0, SEEK_END ); - n = (size_t) ftell( f ); - fseek( f, 0, SEEK_SET ); - - if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) - n = MBEDTLS_ENTROPY_MAX_SEED_SIZE; - - if( fread( buf, 1, n, f ) != n ) - ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; - else - ret = mbedtls_entropy_update_manual( ctx, buf, n ); - - fclose( f ); - - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - - if( ret != 0 ) - return( ret ); - - return( mbedtls_entropy_write_seed_file( ctx, path ) ); -} -#endif /* MBEDTLS_FS_IO */ - -#if defined(MBEDTLS_SELF_TEST) -#if !defined(MBEDTLS_TEST_NULL_ENTROPY) -/* - * Dummy source function - */ -static int entropy_dummy_source( void *data, unsigned char *output, - size_t len, size_t *olen ) -{ - ((void) data); - - memset( output, 0x2a, len ); - *olen = len; - - return( 0 ); -} -#endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - -static int mbedtls_entropy_source_self_test_gather( unsigned char *buf, size_t buf_len ) -{ - int ret = 0; - size_t entropy_len = 0; - size_t olen = 0; - size_t attempts = buf_len; - - while( attempts > 0 && entropy_len < buf_len ) - { - if( ( ret = mbedtls_hardware_poll( NULL, buf + entropy_len, - buf_len - entropy_len, &olen ) ) != 0 ) - return( ret ); - - entropy_len += olen; - attempts--; - } - - if( entropy_len < buf_len ) - { - ret = 1; - } - - return( ret ); -} - - -static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf, - size_t buf_len ) -{ - unsigned char set= 0xFF; - unsigned char unset = 0x00; - size_t i; - - for( i = 0; i < buf_len; i++ ) - { - set &= buf[i]; - unset |= buf[i]; - } - - return( set == 0xFF || unset == 0x00 ); -} - -/* - * A test to ensure hat the entropy sources are functioning correctly - * and there is no obvious failure. The test performs the following checks: - * - The entropy source is not providing only 0s (all bits unset) or 1s (all - * bits set). - * - The entropy source is not providing values in a pattern. Because the - * hardware could be providing data in an arbitrary length, this check polls - * the hardware entropy source twice and compares the result to ensure they - * are not equal. - * - The error code returned by the entropy source is not an error. - */ -int mbedtls_entropy_source_self_test( int verbose ) -{ - int ret = 0; - unsigned char buf0[2 * sizeof( unsigned long long int )]; - unsigned char buf1[2 * sizeof( unsigned long long int )]; - - if( verbose != 0 ) - mbedtls_printf( " ENTROPY_BIAS test: " ); - - memset( buf0, 0x00, sizeof( buf0 ) ); - memset( buf1, 0x00, sizeof( buf1 ) ); - - if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 ) - goto cleanup; - if( ( ret = mbedtls_entropy_source_self_test_gather( buf1, sizeof( buf1 ) ) ) != 0 ) - goto cleanup; - - /* Make sure that the returned values are not all 0 or 1 */ - if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf0, sizeof( buf0 ) ) ) != 0 ) - goto cleanup; - if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf1, sizeof( buf1 ) ) ) != 0 ) - goto cleanup; - - /* Make sure that the entropy source is not returning values in a - * pattern */ - ret = memcmp( buf0, buf1, sizeof( buf0 ) ) == 0; - -cleanup: - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed\n" ); - else - mbedtls_printf( "passed\n" ); - - mbedtls_printf( "\n" ); - } - - return( ret != 0 ); -} - -#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ - -/* - * The actual entropy quality is hard to test, but we can at least - * test that the functions don't cause errors and write the correct - * amount of data to buffers. - */ -int mbedtls_entropy_self_test( int verbose ) -{ - int ret = 1; -#if !defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_context ctx; - unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; - unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; - size_t i, j; -#endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - - if( verbose != 0 ) - mbedtls_printf( " ENTROPY test: " ); - -#if !defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_init( &ctx ); - - /* First do a gather to make sure we have default sources */ - if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 ) - goto cleanup; - - ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16, - MBEDTLS_ENTROPY_SOURCE_WEAK ); - if( ret != 0 ) - goto cleanup; - - if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) - goto cleanup; - - /* - * To test that mbedtls_entropy_func writes correct number of bytes: - * - use the whole buffer and rely on ASan to detect overruns - * - collect entropy 8 times and OR the result in an accumulator: - * any byte should then be 0 with probably 2^(-64), so requiring - * each of the 32 or 64 bytes to be non-zero has a false failure rate - * of at most 2^(-58) which is acceptable. - */ - for( i = 0; i < 8; i++ ) - { - if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) - goto cleanup; - - for( j = 0; j < sizeof( buf ); j++ ) - acc[j] |= buf[j]; - } - - for( j = 0; j < sizeof( buf ); j++ ) - { - if( acc[j] == 0 ) - { - ret = 1; - goto cleanup; - } - } - -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( ( ret = mbedtls_entropy_source_self_test( 0 ) ) != 0 ) - goto cleanup; -#endif - -cleanup: - mbedtls_entropy_free( &ctx ); -#endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed\n" ); - else - mbedtls_printf( "passed\n" ); - - mbedtls_printf( "\n" ); - } - - return( ret != 0 ); -} -#endif /* MBEDTLS_SELF_TEST */ - -#endif /* MBEDTLS_ENTROPY_C */ diff --git a/subsys/nrf_security/src/legacy/pem.c b/subsys/nrf_security/src/legacy/pem.c deleted file mode 100644 index d69762d810ff..000000000000 --- a/subsys/nrf_security/src/legacy/pem.c +++ /dev/null @@ -1,496 +0,0 @@ -/* - * Privacy Enhanced Mail (PEM) decoding - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) - -#include "mbedtls/pem.h" -#include "mbedtls/base64.h" -#include "mbedtls/des.h" -#include "mbedtls/aes.h" -#include "mbedtls/md5.h" -#include "mbedtls/cipher.h" -#include "mbedtls/platform_util.h" - -#include - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) -void mbedtls_pem_init( mbedtls_pem_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_pem_context ) ); -} - -#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) -/* - * Read a 16-byte hex string and convert it to binary - */ -static int pem_get_iv( const unsigned char *s, unsigned char *iv, - size_t iv_len ) -{ - size_t i, j, k; - - memset( iv, 0, iv_len ); - - for( i = 0; i < iv_len * 2; i++, s++ ) - { - if( *s >= '0' && *s <= '9' ) j = *s - '0'; else - if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else - if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); - - k = ( ( i & 1 ) != 0 ) ? j : j << 4; - - iv[i >> 1] = (unsigned char)( iv[i >> 1] | k ); - } - - return( 0 ); -} - -static int pem_pbkdf1( unsigned char *key, size_t keylen, - unsigned char *iv, - const unsigned char *pwd, size_t pwdlen ) -{ - mbedtls_md5_context md5_ctx; - unsigned char md5sum[16]; - size_t use_len; - int ret; - - mbedtls_md5_init( &md5_ctx ); - - /* - * key[ 0..15] = MD5(pwd || IV) - */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) - goto exit; - - if( keylen <= 16 ) - { - memcpy( key, md5sum, keylen ); - goto exit; - } - - memcpy( key, md5sum, 16 ); - - /* - * key[16..23] = MD5(key[ 0..15] || pwd || IV]) - */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) - goto exit; - - use_len = 16; - if( keylen < 32 ) - use_len = keylen - 16; - - memcpy( key + 16, md5sum, use_len ); - -exit: - mbedtls_md5_free( &md5_ctx ); - mbedtls_platform_zeroize( md5sum, 16 ); - - return( ret ); -} - -#if defined(MBEDTLS_DES_C) -/* - * Decrypt with DES-CBC, using PBKDF1 for key derivation - */ -static int pem_des_decrypt( unsigned char des_iv[8], - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) -{ - mbedtls_des_context des_ctx; - unsigned char des_key[8]; - int ret; - - mbedtls_des_init( &des_ctx ); - - if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 ) - goto exit; - ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen, - des_iv, buf, buf ); - -exit: - mbedtls_des_free( &des_ctx ); - mbedtls_platform_zeroize( des_key, 8 ); - - return( ret ); -} - -/* - * Decrypt with 3DES-CBC, using PBKDF1 for key derivation - */ -static int pem_des3_decrypt( unsigned char des3_iv[8], - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) -{ - mbedtls_des3_context des3_ctx; - unsigned char des3_key[24]; - int ret; - - mbedtls_des3_init( &des3_ctx ); - - if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 ) - goto exit; - ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen, - des3_iv, buf, buf ); - -exit: - mbedtls_des3_free( &des3_ctx ); - mbedtls_platform_zeroize( des3_key, 24 ); - - return( ret ); -} -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_AES_C) -/* - * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation - */ -static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) -{ - mbedtls_aes_context aes_ctx; - unsigned char aes_key[32]; - int ret; - - mbedtls_aes_init( &aes_ctx ); - - if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 ) - goto exit; - ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen, - aes_iv, buf, buf ); - -exit: - mbedtls_aes_free( &aes_ctx ); - mbedtls_platform_zeroize( aes_key, keylen ); - - return( ret ); -} -#endif /* MBEDTLS_AES_C */ - -#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && - ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ - -int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, - const unsigned char *data, const unsigned char *pwd, - size_t pwdlen, size_t *use_len ) -{ - int ret, enc; - size_t len; - unsigned char *buf; - const unsigned char *s1, *s2, *end; -#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) - unsigned char pem_iv[16]; - mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE; -#else - ((void) pwd); - ((void) pwdlen); -#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && - ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ - - if( ctx == NULL ) - return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA ); - - s1 = (unsigned char *) strstr( (const char *) data, header ); - - if( s1 == NULL ) - return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); - - s2 = (unsigned char *) strstr( (const char *) data, footer ); - - if( s2 == NULL || s2 <= s1 ) - return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); - - s1 += strlen( header ); - if( *s1 == ' ' ) s1++; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); - - end = s2; - end += strlen( footer ); - if( *end == ' ' ) end++; - if( *end == '\r' ) end++; - if( *end == '\n' ) end++; - *use_len = end - data; - - enc = 0; - - if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) - { -#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) - enc++; - - s1 += 22; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_INVALID_DATA ); - - -#if defined(MBEDTLS_DES_C) - if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) - { - enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC; - - s1 += 23; - if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); - - s1 += 16; - } - else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) - { - enc_alg = MBEDTLS_CIPHER_DES_CBC; - - s1 += 18; - if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); - - s1 += 16; - } -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_AES_C) - if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) - { - if( s2 - s1 < 22 ) - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); - else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) - enc_alg = MBEDTLS_CIPHER_AES_128_CBC; -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 ) - enc_alg = MBEDTLS_CIPHER_AES_192_CBC; - else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 ) - enc_alg = MBEDTLS_CIPHER_AES_256_CBC; -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ - else - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); - - s1 += 22; - if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); - - s1 += 32; - } -#endif /* MBEDTLS_AES_C */ - - if( enc_alg == MBEDTLS_CIPHER_NONE ) - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); - - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_INVALID_DATA ); -#else - return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); -#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && - ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ - } - - if( s1 >= s2 ) - return( MBEDTLS_ERR_PEM_INVALID_DATA ); - - ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); - - if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); - - if( ( buf = mbedtls_calloc( 1, len ) ) == NULL ) - return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); - - if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); - } - - if( enc != 0 ) - { -#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) - if( pwd == NULL ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ); - } - - ret = 0; - -#if defined(MBEDTLS_DES_C) - if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC ) - ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_DES_CBC ) - ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen ); -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_AES_C) - if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC ) - ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen ); -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC ) - ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC ) - ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen ); -#else - else - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ - -#endif /* MBEDTLS_AES_C */ - - if( ret != 0 ) - { - mbedtls_free( buf ); - return( ret ); - } - - /* - * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3 - * length bytes (allow 4 to be sure) in all known use cases. - * - * Use that as a heuristic to try to detect password mismatches. - */ - if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ); - } -#else - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); -#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && - ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ - } - - ctx->buf = buf; - ctx->buflen = len; - - return( 0 ); -} - -void mbedtls_pem_free( mbedtls_pem_context *ctx ) -{ - if( ctx->buf != NULL ) - mbedtls_platform_zeroize( ctx->buf, ctx->buflen ); - mbedtls_free( ctx->buf ); - mbedtls_free( ctx->info ); - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pem_context ) ); -} -#endif /* MBEDTLS_PEM_PARSE_C */ - -#if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_pem_write_buffer( const char *header, const char *footer, - const unsigned char *der_data, size_t der_len, - unsigned char *buf, size_t buf_len, size_t *olen ) -{ - int ret; - unsigned char *encode_buf = NULL, *c, *p = buf; - size_t len = 0, use_len, add_len = 0; - - mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len ); - add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1; - - if( use_len + add_len > buf_len ) - { - *olen = use_len + add_len; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); - } - - if( use_len != 0 && - ( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) ) - return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); - - if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data, - der_len ) ) != 0 ) - { - mbedtls_free( encode_buf ); - return( ret ); - } - - memcpy( p, header, strlen( header ) ); - p += strlen( header ); - c = encode_buf; - - while( use_len ) - { - len = ( use_len > 64 ) ? 64 : use_len; - memcpy( p, c, len ); - use_len -= len; - p += len; - c += len; - *p++ = '\n'; - } - - memcpy( p, footer, strlen( footer ) ); - p += strlen( footer ); - - *p++ = '\0'; - *olen = p - buf; - - mbedtls_free( encode_buf ); - return( 0 ); -} -#endif /* MBEDTLS_PEM_WRITE_C */ -#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ diff --git a/subsys/nrf_security/src/legacy/ssl_ciphersuites.c b/subsys/nrf_security/src/legacy/ssl_ciphersuites.c deleted file mode 100644 index 4614e1aa0f7e..000000000000 --- a/subsys/nrf_security/src/legacy/ssl_ciphersuites.c +++ /dev/null @@ -1,2409 +0,0 @@ -/** - * \file ssl_ciphersuites.c - * - * \brief SSL ciphersuites for mbed TLS - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SSL_TLS_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#endif - -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl.h" - -#include - -/* - * Ordered from most preferred to least preferred in terms of security. - * - * Current rule (except rc4, weak and null which come last): - * 1. By key exchange: - * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK - * 2. By key length and cipher: - * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES - * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 - * 4. By hash function used when relevant - * 5. By key exchange/auth again: EC > non-EC - */ -static const int ciphersuite_preference[] = -{ -#if defined(MBEDTLS_SSL_CIPHERSUITES) - MBEDTLS_SSL_CIPHERSUITES, -#else - /* Chacha-Poly ephemeral suites */ - MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - - /* All AES-256 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, - MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, - - /* All CAMELLIA-256 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, - - /* All ARIA-256 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, - - /* All AES-128 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, - MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, - - /* All CAMELLIA-128 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, - - /* All ARIA-128 ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, - - /* All remaining >= 128-bit ephemeral suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, - - /* The PSK ephemeral suites */ - MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, - - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, - - MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, - - /* The ECJPAKE suite */ - MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, - - /* All AES-256 suites */ - MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_RSA_WITH_AES_256_CCM, - MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, - - /* All CAMELLIA-256 suites */ - MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, - - /* All ARIA-256 suites */ - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, - MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, - - /* All AES-128 suites */ - MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_RSA_WITH_AES_128_CCM, - MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, - - /* All CAMELLIA-128 suites */ - MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, - - /* All ARIA-128 suites */ - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, - MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, - - /* All remaining >= 128-bit suites */ - MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, - - /* The RSA PSK suites */ - MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, - - MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, - - MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, - - /* The PSK suites */ - MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, - MBEDTLS_TLS_PSK_WITH_AES_256_CCM, - MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, - MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, - MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, - MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, - MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, - - MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_128_CCM, - MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, - MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, - MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, - MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, - MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - - MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, - - /* RC4 suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, - MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, - MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, - MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, - - /* Weak suites */ - MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, - MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, - - /* NULL suites */ - MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, - MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, - MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, - MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, - - MBEDTLS_TLS_RSA_WITH_NULL_SHA256, - MBEDTLS_TLS_RSA_WITH_NULL_SHA, - MBEDTLS_TLS_RSA_WITH_NULL_MD5, - MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, - MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, - MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, - MBEDTLS_TLS_PSK_WITH_NULL_SHA384, - MBEDTLS_TLS_PSK_WITH_NULL_SHA256, - MBEDTLS_TLS_PSK_WITH_NULL_SHA, - -#endif /* MBEDTLS_SSL_CIPHERSUITES */ - 0 -}; - -static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = -{ -#if defined(MBEDTLS_CHACHAPOLY_C) && \ - defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, - "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256", - MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, - MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#endif /* MBEDTLS_CHACHAPOLY_C && - MBEDTLS_SHA256_C && - MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_CCM_C) -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_CCM_C) -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ - { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_MD5_C) - { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA1_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, - { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ - { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) -#if defined(MBEDTLS_CIPHER_AES_256_CCM_C) - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", - MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CIPHER_AES_256_CCM_C */ - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", - MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", - MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", - MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, - -#if defined(MBEDTLS_CIPHER_AES_256_CBC_C) - { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", - MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_CIPHER_AES_256_CBC_C */ -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", - MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", - MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", - MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ARC4_C) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", - MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_NODTLS }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_ARC4_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CCM_C) - { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, -#endif /* MBEDTLS_CCM_C */ -#endif /* MBEDTLS_AES_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_MD5_C) - { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif - -#if defined(MBEDTLS_SHA512_C) - { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", - MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ - -#if defined(MBEDTLS_DES_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", - MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_SHA1_C) - { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", - MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_WEAK }, -#endif /* MBEDTLS_SHA1_C */ -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_DES_C */ -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - -#if defined(MBEDTLS_ARIA_C) - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-PSK-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", - MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", - MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) - { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", - MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - 0 }, -#endif - -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#endif /* MBEDTLS_ARIA_C */ - - - { 0, "", - MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, - 0, 0, 0, 0, 0 } -}; - -#if defined(MBEDTLS_SSL_CIPHERSUITES) -const int *mbedtls_ssl_list_ciphersuites( void ) -{ - return( ciphersuite_preference ); -} -#else -#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ - sizeof( ciphersuite_definitions[0] ) -static int supported_ciphersuites[MAX_CIPHERSUITES]; -static int supported_init = 0; - -const int *mbedtls_ssl_list_ciphersuites( void ) -{ - /* - * On initial call filter out all ciphersuites not supported by current - * build based on presence in the ciphersuite_definitions. - */ - if( supported_init == 0 ) - { - const int *p; - int *q; - - for( p = ciphersuite_preference, q = supported_ciphersuites; - *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; - p++ ) - { -#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - const mbedtls_ssl_ciphersuite_t *cs_info; - if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && - cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 ) -#else - if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL ) -#endif - *(q++) = *p; - } - *q = 0; - - supported_init = 1; - } - - return( supported_ciphersuites ); -} -#endif /* MBEDTLS_SSL_CIPHERSUITES */ - -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( - const char *ciphersuite_name ) -{ - const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - - if( NULL == ciphersuite_name ) - return( NULL ); - - while( cur->id != 0 ) - { - if( 0 == strcmp( cur->name, ciphersuite_name ) ) - return( cur ); - - cur++; - } - - return( NULL ); -} - -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) -{ - const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - - while( cur->id != 0 ) - { - if( cur->id == ciphersuite ) - return( cur ); - - cur++; - } - - return( NULL ); -} - -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) -{ - const mbedtls_ssl_ciphersuite_t *cur; - - cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); - - if( cur == NULL ) - return( "unknown" ); - - return( cur->name ); -} - -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) -{ - const mbedtls_ssl_ciphersuite_t *cur; - - cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); - - if( cur == NULL ) - return( 0 ); - - return( cur->id ); -} - -#if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( MBEDTLS_PK_RSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( MBEDTLS_PK_ECKEY ); - - default: - return( MBEDTLS_PK_NONE ); - } -} - -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - return( MBEDTLS_PK_RSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); - - default: - return( MBEDTLS_PK_NONE ); - } -} - -#endif /* MBEDTLS_PK_C */ - -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ - -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) -{ - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); - - default: - return( 0 ); - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ - -#endif /* MBEDTLS_SSL_TLS_C */ From f24ba847acf68b793b0cf662a6fed1dfca211804 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 08:54:37 +0200 Subject: [PATCH 027/217] crypto: Adding threading support for PSA core MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Add support for threading in PSA core to align with Mbed TLS 3.6.0 Mbed TLS 3.6.0 requires 3 mutex-symbols being globally accessible: - mbedtls_threading_key_slot_mutex - mbedtls_threading_psa_globaldata_mutex - mbedtls_threading_psa_rngdata_mutex Note: This is not used when CryptoCell is enabled, which has a different solution for threading support available in platform integration files found in nrfxlib. Note: This commit will likely be replaced with a implementation upstream, but is added here temporarily Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 3 + .../nrf_security/src/threading/CMakeLists.txt | 36 +++++++++ .../src/threading/include/threading_alt.h | 15 ++++ .../src/threading/threading_alt.c | 73 +++++++++++++++++++ 4 files changed, 127 insertions(+) create mode 100644 subsys/nrf_security/src/threading/CMakeLists.txt create mode 100644 subsys/nrf_security/src/threading/include/threading_alt.h create mode 100644 subsys/nrf_security/src/threading/threading_alt.c diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index e2369643f39b..230375c61f5e 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -121,6 +121,9 @@ if(LINKER_CP_OPTION) ) endif() +# Add threading support for PSA core (if enabled) +add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/threading) + target_link_libraries(${mbedcrypto_target} PRIVATE mbedcrypto_base diff --git a/subsys/nrf_security/src/threading/CMakeLists.txt b/subsys/nrf_security/src/threading/CMakeLists.txt new file mode 100644 index 000000000000..1630bf9a88eb --- /dev/null +++ b/subsys/nrf_security/src/threading/CMakeLists.txt @@ -0,0 +1,36 @@ +# +# Copyright (c) 2024 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +# This file includes threading support required by the PSA crypto core +# Which was added in Mbed TLS 3.6.0. + +# Return if threading is not enabled at all +if(NOT CONFIG_MBEDTLS_THREADING_C) + return() +endif() + +# If we are in a local build where the CC3XX driver or CC3XX backend is enabed +# then there is already a solution for mutex for the core +if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX OR CONFIG_CC3XX_BACKEND) + return() +endif() + +# Add support for threading using +append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} + threading_alt.c +) + +# Add include of threading_alt.h in library build +target_include_directories(psa_crypto_library_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/include +) + +# Add include of threading_alt.h in interface build +target_include_directories(psa_crypto_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/include +) \ No newline at end of file diff --git a/subsys/nrf_security/src/threading/include/threading_alt.h b/subsys/nrf_security/src/threading/include/threading_alt.h new file mode 100644 index 000000000000..365b8d69915e --- /dev/null +++ b/subsys/nrf_security/src/threading/include/threading_alt.h @@ -0,0 +1,15 @@ +/* + * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef MBEDTLS_THREADING_ALT_H +#define MBEDTLS_THREADING_ALT_H + +#include +#include "mbedtls/build_info.h" + +typedef struct k_mutex mbedtls_threading_mutex_t; + +#endif /* MBEDTLS_THREADING_ALT_H */ diff --git a/subsys/nrf_security/src/threading/threading_alt.c b/subsys/nrf_security/src/threading/threading_alt.c new file mode 100644 index 000000000000..39b802d96764 --- /dev/null +++ b/subsys/nrf_security/src/threading/threading_alt.c @@ -0,0 +1,73 @@ + +/* + * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause OR Arm’s non-OSI source license + */ + +#include "threading_alt.h" +#include +#include +#include + +#include + +BUILD_ASSERT(IS_ENABLED(CONFIG_MULTITHREADING), + "This file is intended for multi-threading, but single-threading is enabled. " + "Please check your config build configuration!"); + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +K_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); +K_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); +K_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); + +#if defined(MBEDTLS_THREADING_ALT) && !(defined(CONFIG_CC3XX_BACKEND) || defined(CONFIG_PSA_CRYPTO_DRIVER_CC3XX)) + +void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), + void (*mutex_free)( mbedtls_threading_mutex_t * ), + int (*mutex_lock)( mbedtls_threading_mutex_t * ), + int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ) +{ + // Do nothing +} + +void mbedtls_threading_free_alt( void ) +{ + // Do nothing +} + +#endif /* MBEDTLS_THREADING_ALT */ + +#if defined(MBEDTLS_THREADING_C) + +void mutex_init(mbedtls_threading_mutex_t *mutex) +{ + (void)k_mutex_init((struct k_mutex*)mutex); +} + +void mutex_free(mbedtls_threading_mutex_t *mutex) +{ + // Do nothing +} + +int mutex_lock(mbedtls_threading_mutex_t *mutex) +{ + return k_mutex_lock((struct k_mutex*)mutex, K_FOREVER); +} + +int mutex_unlock(mbedtls_threading_mutex_t *mutex) +{ + return k_mutex_unlock((struct k_mutex*)mutex); +} + +void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex) = mutex_init; +void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex) = mutex_free; +int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex) = mutex_lock; +int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex) = mutex_unlock; + +#endif /* MBEDTLS_THREADING_C */ From 2ecaeeb2de4db98533d20feb5b072a13f0d894c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 11:57:31 +0200 Subject: [PATCH 028/217] sample: tls: Enable SSL CLI for psa_tls MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Enabling CONFIG_MBEDTLS_SSL_CLI_C for psa_tls sample This seems required to be set after Mbed TLS 3.6.0... Signed-off-by: Frank Audun Kvamtrø --- samples/crypto/psa_tls/prj.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/crypto/psa_tls/prj.conf b/samples/crypto/psa_tls/prj.conf index 6721cf772b0c..17ae060b6eba 100644 --- a/samples/crypto/psa_tls/prj.conf +++ b/samples/crypto/psa_tls/prj.conf @@ -51,6 +51,7 @@ CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=32768 CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=2304 CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=2304 +CONFIG_MBEDTLS_SSL_CLI_C=y CONFIG_MBEDTLS_TLS_LIBRARY=y CONFIG_MBEDTLS_X509_LIBRARY=y CONFIG_NRF_SECURITY_ADVANCED=y From 7d2912aa9e7a4e2a7dd7e9e3490596e9d6de4f5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 5 Sep 2024 08:52:32 +0200 Subject: [PATCH 029/217] crypto: nrf_security: Fix coding standard issues MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit contains coding-standard fixes for CMake. This doesn't change any functionality Signed-off-by: Frank Audun Kvamtrø --- .../tfm_boards/CMakeLists.txt | 64 +++++++++---------- subsys/nrf_security/CMakeLists.txt | 16 ++--- subsys/nrf_security/src/CMakeLists.txt | 6 +- subsys/nrf_security/src/legacy/CMakeLists.txt | 8 +-- 4 files changed, 47 insertions(+), 47 deletions(-) diff --git a/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt b/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt index 488c248614b1..0074a606bf39 100644 --- a/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt +++ b/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt @@ -12,45 +12,45 @@ set(NRF_BOARD_SELECTED True) set(partition_includes partition ${CMAKE_BINARY_DIR}/../zephyr/include/generated - ) +) set(board_includes board ${CMAKE_BINARY_DIR}/../zephyr/misc/generated/syscalls_links/include ${ZEPHYR_BASE}/include - ) +) target_include_directories(platform_region_defs INTERFACE ${partition_includes}) target_compile_definitions(platform_s PRIVATE - $<$:PLATFORM_DEFAULT_CRYPTO_KEYS> - FIRMWARE_INFO_MAGIC=${FIRMWARE_INFO_MAGIC} - EXT_API_MAGIC=${EXT_API_MAGIC} - ) + $<$:PLATFORM_DEFAULT_CRYPTO_KEYS> + FIRMWARE_INFO_MAGIC=${FIRMWARE_INFO_MAGIC} + EXT_API_MAGIC=${EXT_API_MAGIC} +) target_include_directories(platform_s PUBLIC - include - ${partition_includes} - ${board_includes} - services/include - ${ZEPHYR_NRF_MODULE_DIR}/include - ) + include + ${partition_includes} + ${board_includes} + services/include + ${ZEPHYR_NRF_MODULE_DIR}/include +) target_sources(platform_s PRIVATE - common/tfm_hal_platform.c - $<$,$>:${CMAKE_CURRENT_SOURCE_DIR}/common/attest_hal.c> - common/assert.c - $<$>:${CMAKE_CURRENT_SOURCE_DIR}/common/dummy_otp.c> - $<$>:${CMAKE_CURRENT_SOURCE_DIR}/common/tfm_hal_reset_halt.c> - ) + common/tfm_hal_platform.c + $<$,$>:${CMAKE_CURRENT_SOURCE_DIR}/common/attest_hal.c> + common/assert.c + $<$>:${CMAKE_CURRENT_SOURCE_DIR}/common/dummy_otp.c> + $<$>:${CMAKE_CURRENT_SOURCE_DIR}/common/tfm_hal_reset_halt.c> +) target_link_libraries(platform_s PRIVATE - tfm_sprt - ) + tfm_sprt +) if (NOT ${PLATFORM_DEFAULT_PROVISIONING}) if(NRF_PROVISIONING) @@ -80,10 +80,10 @@ if (${TFM_PARTITION_CRYPTO}) endif() target_link_libraries(platform_crypto_keys - PUBLIC - platform_s - # Link with tfm_sprt to get the include path for tfm_sp_log.h - tfm_sprt + PUBLIC + platform_s + # Link with tfm_sprt to get the include path for tfm_sp_log.h + tfm_sprt ) if (${CONFIG_HW_UNIQUE_KEY}) @@ -114,7 +114,7 @@ if (${TFM_PARTITION_CRYPTO}) endif() if(EXISTS platform_cc3xx) - target_link_libraries(platform_s PRIVATE platform_cc3xx) + target_link_libraries(platform_s PRIVATE platform_cc3xx) endif() # Needed in order to get crypto partition modules flags @@ -169,16 +169,16 @@ if(TFM_PARTITION_PLATFORM) target_include_directories(platform_s PUBLIC - include - ${ZEPHYR_NRF_MODULE_DIR}/include/tfm - ${ZEPHYR_NRF_MODULE_DIR}/include - ) + include + ${ZEPHYR_NRF_MODULE_DIR}/include/tfm + ${ZEPHYR_NRF_MODULE_DIR}/include + ) target_sources(platform_s PRIVATE - ${src_dir}/tfm_platform_system.c - ${src_dir}/tfm_ioctl_s_api.c - ) + ${src_dir}/tfm_platform_system.c + ${src_dir}/tfm_ioctl_s_api.c + ) endif() diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index d364a38579b9..d80f8c6643a4 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -25,15 +25,15 @@ configure_file(${CMAKE_CURRENT_LIST_DIR}/configs/config_extra.cmake.in include(${CMAKE_CURRENT_BINARY_DIR}/cmake/config_extra.cmake) if(CONFIG_SSF_SERVER_PSA_CRYPTO_SERVICE_ENABLED) -# Inside the SSF server, when the PSA crypto service is enabled we need to -# use the OWNER id to give key ownership to the differrent domains. -set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) + # Inside the SSF server, when the PSA crypto service is enabled we need to + # use the OWNER id to give key ownership to the differrent domains. + set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) else() -# MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be disabled for Zephyr -# builds or when MBEDTLS_USE_PSA_CRYPTO is enabled (e.g. for TLS/DTLS -# and x.509 support) Note: This configuration is internal and may be -# removed with a new mbed TLS version -set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER False) + # MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be disabled for Zephyr + # builds or when MBEDTLS_USE_PSA_CRYPTO is enabled (e.g. for TLS/DTLS + # and x.509 support) Note: This configuration is internal and may be + # removed with a new mbed TLS version + set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER False) endif() if(CONFIG_BUILD_WITH_TFM) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 230375c61f5e..243e007e84fb 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -220,9 +220,9 @@ if (CONFIG_MBEDTLS_TLS_LIBRARY) ) if (CONFIG_MBEDTLS_DEBUG) - list(APPEND src_tls - ${ARM_MBEDTLS_PATH}/library/ssl_debug_helpers_generated.c - ) + list(APPEND src_tls + ${ARM_MBEDTLS_PATH}/library/ssl_debug_helpers_generated.c + ) endif() add_library(${mbedtls_target} STATIC diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 7f4529e24415..2f8fd2a8ce5b 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -108,10 +108,10 @@ if(TARGET mbedcrypto_oberon_mbedtls_imported) mbedcrypto_oberon_mbedtls_imported ) -target_link_libraries(mbedcrypto_oberon_mbedtls_imported - INTERFACE - mbedcrypto_base -) + target_link_libraries(mbedcrypto_oberon_mbedtls_imported + INTERFACE + mbedcrypto_base + ) # Add nrf_oberon Mbed TLS includes to mbedcrypto library target_include_directories(${mbedcrypto_target} From ff3a6f8a519aaa52a3583d34695564f8542dde64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 4 Sep 2024 15:20:04 +0200 Subject: [PATCH 030/217] crypto: legacy: Enable more PSA core/crypto awareness MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Ensure MBEDTLS_THREADING_C is enabled when either CC3XX_BACKEND or PSA core is enabled. Enabling this will only happen when the core is built in secure-only builds. TF-M circumvents threading in its build -Ensure MBEDTLS_THREADING_ALT is set -Ensure MBEDTLS_BASE64_C is enabled always to simplify adding support for PEM (parse and write -Adding Kconfig MBEDTLS_OID_C so it can be generated in nrf-config.h both when building PSA centric and with MBEDTLS_LEGACY_CRYPTO_C enabled -Enabling MBEDTLS_ASN1_WRITE_C/MBEDTLS_ASN1_PARSE_C additionally when MBEDTLS_USE_PSA_CRYPTO is set for X.509 support -Remove MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT depending on !BUILD_WITH_TFM -Remove default enablement of MBEDTLS_LEGACY_CRYPTO_C when BUILD_WITH_TFM is set -Ensure all legacy configurations aren't built when PSA crypto is used (using the Zephyr Kconfig PSA_CRYPTO_CLIENT to test) -Resolve PSA_WANT_ALG_XXXX and PSA_WANT_KEY_TYPE_XXXX from all enabled legacy crypto configurations Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 114 ++++++++++++++++++++++------- 1 file changed, 87 insertions(+), 27 deletions(-) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 6402cb062c27..19ee00beef94 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -22,19 +22,23 @@ config MBEDTLS_MEMORY_BUFFER_ALLOC_C config MBEDTLS_THREADING_C bool - default y if CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX + default y if CC3XX_BACKEND || MBEDTLS_PSA_CRYPTO_C config MBEDTLS_BASE64_C bool - default y if MBEDTLS_PEM_WRITE_C || MBEDTLS_PEM_PARSE_C + default y + +config MBEDTLS_OID_C + bool + default y config MBEDTLS_ASN1_WRITE_C bool - default y if MBEDTLS_PEM_WRITE_C + default y if MBEDTLS_PEM_WRITE_C || MBEDTLS_USE_PSA_CRYPTO config MBEDTLS_ASN1_PARSE_C bool - default y if MBEDTLS_PEM_PARSE_C + default y if MBEDTLS_PEM_PARSE_C || MBEDTLS_USE_PSA_CRYPTO # Platform configurations for _ALT defines config MBEDTLS_PLATFORM_EXIT_ALT @@ -52,6 +56,7 @@ config MBEDTLS_PLATFORM_SNPRINTF_ALT config MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT bool default y if CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX + depends on !BUILD_WITH_TFM config MBEDTLS_ENTROPY_HARDWARE_ALT bool @@ -59,7 +64,8 @@ config MBEDTLS_ENTROPY_HARDWARE_ALT config MBEDTLS_THREADING_ALT bool - default y if CC3XX_BACKEND || PSA_CRYPTO_DRIVER_CC3XX + default y if CC3XX_BACKEND || MBEDTLS_PSA_CRYPTO_C + depends on !BUILD_WITH_TFM # Legacy configurations for _ALT defines config MBEDTLS_AES_SETKEY_ENC_ALT @@ -280,7 +286,6 @@ config MBEDTLS_MPI_MAX_SIZE config MBEDTLS_LEGACY_CRYPTO_C bool prompt "Enable (legacy) mbed TLS crypto APIs" - default y if BUILD_WITH_TFM help Enable support for legacy mbed TLS APIs. Note that this is a configuration that may be removed at some point. @@ -368,7 +373,7 @@ config MBEDTLS_ENTROPY_C menuconfig MBEDTLS_AES_C bool prompt "AES - Advanced Encryption Standard" - default y + default y if !PSA_CRYPTO_CLIENT help This setting will enable AES block cipher, including ECB - Electronic Code Book. Enabling AES will provide a sub-menu which allows for fine grained @@ -382,6 +387,7 @@ comment "Cipher Selection" config MBEDTLS_CIPHER_MODE_CBC bool "AES-CBC - AES Cipher Block Chaining mode" default y if !NET_L2_OPENTHREAD + select PSA_WANT_ALG_CBC_NO_PADDING if PSA_CRYPTO_CLIENT help Enable the AES Cipher Block Chaining (CBC) mode, MBEDTLS_CIPHER_MODE_CBC setting in mbed TLS config file. @@ -393,6 +399,7 @@ config MBEDTLS_CIPHER_PADDING_PKCS7 bool prompt "Enable MBEDTLS_CIPHER_PADDING_PKCS7" default y if !NET_L2_OPENTHREAD + select PSA_WANT_ALG_CBC_PKCS7 if PSA_CRYPTO_CLIENT help Enable support for PKCS7 padding for CBC cipher functions in mbedTLS. That is, fill buffer with ll bytes, where ll is padding length. @@ -442,6 +449,7 @@ config MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH config MBEDTLS_CIPHER_MODE_CTR bool "AES-CTR - AES Counter Block Cipher mode" default y + select PSA_WANT_ALG_CTR if PSA_CRYPTO_CLIENT help Enable the AES Counter Block Cipher mode (CTR) mode, MBEDTLS_CIPHER_MODE_CTR setting in mbed TLS config file. @@ -456,7 +464,8 @@ config MBEDTLS_CIPHER_MODE_XTS config MBEDTLS_CMAC_C bool "AES-CMAC - AES Cipher-based Message Authentication Code mode for block ciphers" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_CMAC if PSA_CRYPTO_CLIENT help Enable AES CMAC support. @@ -467,7 +476,8 @@ menu "AEAD - Authenticated Encryption with Associated Data" config MBEDTLS_CCM_C bool "AES-CCM - AES Counter with CBC-MAC mode" depends on MBEDTLS_AES_C - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_CCM if PSA_CRYPTO_CLIENT help Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. This also includes CCM* @@ -476,7 +486,8 @@ config MBEDTLS_CCM_C config MBEDTLS_GCM_C bool prompt "AES-GCM - AES Galois/Counter Mode support" - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_GCM if PSA_CRYPTO_CLIENT help Enable the GCM module. MBEDTLS_GCM_C setting in mbed TLS config file. @@ -484,7 +495,9 @@ config MBEDTLS_GCM_C config MBEDTLS_CHACHA20_C bool prompt "CHACHA20 stream cipher support" - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_CHACHA20 if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the CHACHA20 stream cipher. MBEDTLS_CHACHA20_C setting in mbed TLS config file. @@ -492,7 +505,8 @@ config MBEDTLS_CHACHA20_C config MBEDTLS_POLY1305_C bool prompt "POLY1305 module support" - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the POLY1305 module. MBEDTLS_POLY1305_C setting in mbed TLS config file. @@ -501,7 +515,8 @@ config MBEDTLS_CHACHAPOLY_C bool prompt "CHACHA-POLY module support" depends on (MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C) - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the CHACHA-POLY module. MBEDTLS_CHACHAPOLY_C setting in mbed TLS config file. @@ -519,7 +534,11 @@ config MBEDTLS_DHM_C menuconfig MBEDTLS_ECP_C bool prompt "ECC - Eliptic Curve Cryptography" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE if PSA_CRYPTO_CLIENT help Enable low level APIs for elliptic curves for additional functionality (besides ECDH and ECDSA) @@ -532,7 +551,8 @@ if MBEDTLS_ECP_C config MBEDTLS_ECDH_C bool prompt "ECDH - Elliptic Curve Diffie-Hellman" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_ECDH if PSA_CRYPTO_CLIENT help Enable the ECDH module. MBEDTLS_ECDH_C setting in mbed TLS config file. @@ -540,20 +560,27 @@ config MBEDTLS_ECDH_C config MBEDTLS_ECDSA_C bool prompt "ECDSA - Elliptic Curve Digital Signature Algorithm" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_ECDSA if PSA_CRYPTO_CLIENT help Enable the ECDSA module. MBEDTLS_ECDSA_C setting in mbed TLS config file. config MBEDTLS_ECDSA_DETERMINISTIC bool "Enable deterministic ECDSA (RFC 6979)" - select MBEDTLS_HMAC_DRBG_C + select MBEDTLS_HMAC_DRBG_C if !PSA_CRYPTO_CLIENT depends on MBEDTLS_ECDSA_C - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_DETERMINISTIC_ECDSA if PSA_CRYPTO_CLIENT config MBEDTLS_ECJPAKE_C bool "ECJPAKE - Elliptic curve J-PAKE" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY help Enable support for ECJPAKE @@ -563,18 +590,21 @@ config MBEDTLS_ECP_DP_SECP192R1_ENABLED bool "Enable NIST curve secp192r1" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_SECP_R1_192 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP192R1_ENABLED setting in mbed TLS config file. config MBEDTLS_ECP_DP_SECP224R1_ENABLED bool "Enable NIST curve secp224r1" + select PSA_WANT_ECC_SECP_R1_224 if PSA_CRYPTO_CLIENT default n help MBEDTLS_ECP_DP_SECP224R1_ENABLED setting in mbed TLS config file. config MBEDTLS_ECP_DP_SECP256R1_ENABLED bool "Enable NIST curve secp256r1" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ECC_SECP_R1_256 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP256R1_ENABLED setting in mbed TLS config file. @@ -582,6 +612,7 @@ config MBEDTLS_ECP_DP_SECP384R1_ENABLED bool "Enable NIST curve secp384r1" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_SECP_R1_384 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP384R1_ENABLED setting in mbed TLS config file. @@ -589,6 +620,7 @@ config MBEDTLS_ECP_DP_SECP521R1_ENABLED bool "Enable NIST curve secp521r1" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_SECP_R1_521 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP521R1_ENABLED setting in mbed TLS config file. @@ -596,6 +628,7 @@ config MBEDTLS_ECP_DP_SECP192K1_ENABLED bool "Enable Koblitz curve secp192k1" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_SECP_R1_192 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP192K1_ENABLED setting in mbed TLS config file. @@ -603,6 +636,7 @@ config MBEDTLS_ECP_DP_SECP224K1_ENABLED bool "Enable Koblitz curve secp224k1" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_SECP_K1_224 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP224K1_ENABLED setting in mbed TLS config file. @@ -610,6 +644,7 @@ config MBEDTLS_ECP_DP_SECP256K1_ENABLED bool "Enable Koblitz curve secp256k1" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_SECP_K1_256 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP256K1_ENABLED setting in mbed TLS config file. @@ -618,6 +653,7 @@ config MBEDTLS_ECP_DP_BP256R1_ENABLED depends on !OBERON_BACKEND depends on !CC3XX_BACKEND default n + select PSA_WANT_ECC_BRAINPOOL_P_R1_256 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_BP256R1_ENABLED setting in mbed TLS config file. @@ -626,6 +662,7 @@ config MBEDTLS_ECP_DP_BP384R1_ENABLED depends on !OBERON_BACKEND depends on !CC3XX_BACKEND default n + select PSA_WANT_ECC_BRAINPOOL_P_R1_384 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_BP384R1_ENABLED setting in mbed TLS config file. @@ -634,6 +671,7 @@ config MBEDTLS_ECP_DP_BP512R1_ENABLED depends on !OBERON_BACKEND depends on !CC3XX_BACKEND default n + select PSA_WANT_ECC_BRAINPOOL_P_R1_512 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_BP512R1_ENABLED setting in mbed TLS config file. @@ -641,6 +679,8 @@ config MBEDTLS_ECP_DP_CURVE25519_ENABLED bool "Enable Curve25519" depends on !OBERON_BACKEND default n + select PSA_WANT_ECC_MONTGOMERY_255 if PSA_CRYPTO_CLIENT + help MBEDTLS_ECP_DP_CURVE25519_ENABLED setting in mbed TLS config file. @@ -649,6 +689,7 @@ config MBEDTLS_ECP_DP_CURVE448_ENABLED depends on !OBERON_BACKEND depends on !CC3XX_BACKEND default n + select PSA_WANT_ECC_MONTGOMERY_448 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_CURVE448_ENABLED setting in mbed TLS config file. @@ -659,7 +700,10 @@ endif # MBEDTLS_ECP_C config MBEDTLS_HKDF_C bool prompt "HKDF support" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_HKDF if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_TLS12_PRF if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY + select PSA_WANT_ALG_TLS12_PSK_TO_MS if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY help Enable HKDF support. MBEDTLS_HKDF_C setting in mbed TLS config file. @@ -667,7 +711,11 @@ config MBEDTLS_HKDF_C config MBEDTLS_RSA_C bool prompt "RSA - Rivest-Shamir-Adleman cryptosystem" - depends on PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || !MBEDTLS_USE_PSA_CRYPTO + depends on !MBEDTLS_USE_PSA_CRYPTO + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE if PSA_CRYPTO_CLIENT + select PSA_WANT_RSA_KEY_SIZE_2048 if PSA_CRYPTO_CLIENT help Enable RSA cryptosystem support. MBEDTLS_RSA_C setting in mbed TLS config file. @@ -679,14 +727,21 @@ comment "RSA Encoding Selection" config MBEDTLS_GENPRIME bool default y + select PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT config MBEDTLS_PKCS1_V15 bool "PKCS1 v1.5 support" default y + select PSA_WANT_ALG_RSA_PKCS1V15_CRYPT if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_RSA_PKCS1V15_SIGN if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW if PSA_CRYPTO_CLIENT config MBEDTLS_PKCS1_V21 bool "PKCS1 v2.1 support" default y + select PSA_WANT_ALG_RSA_PSS if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_RSA_PSS_ANY_SALT if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_RSA_OAEP if PSA_CRYPTO_CLIENT endif # MBEDTLS_RSA_C @@ -702,21 +757,24 @@ config MBEDTLS_MD5_C config MBEDTLS_SHA1_C bool prompt "SHA-1 hash functionality" - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_SHA_1 if PSA_CRYPTO_CLIENT help SHA-1 hash functionality. config MBEDTLS_SHA224_C bool prompt "SHA-224 hash functionality" - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_SHA_224 if PSA_CRYPTO_CLIENT help SHA-224 hash functionality. config MBEDTLS_SHA256_C bool prompt "SHA-256 hash functionality" - default y + default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_SHA_256 if PSA_CRYPTO_CLIENT help SHA-256 hash functionality. @@ -730,14 +788,16 @@ config MBEDTLS_SHA384_C bool prompt "SHA-384 hash functionality" select MBEDTLS_SHA512_C - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_SHA_384 if PSA_CRYPTO_CLIENT help SHA-384 hash functionality. config MBEDTLS_SHA512_C bool prompt "SHA-512 hash functionality" - default y if !NET_L2_OPENTHREAD + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + select PSA_WANT_ALG_SHA_512 if PSA_CRYPTO_CLIENT help SHA-512 hash functionality. From c59d4db9e2aa3a415bce2895c346f55e6c25d4b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 9 Sep 2024 15:15:01 +0200 Subject: [PATCH 031/217] libraries: Update all includes to MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -The current upmerge deprecated and replaces it with . This change is on HCI, DTM, WIFI, RPC bluetooth and applications (to mention a few) Signed-off-by: Frank Audun Kvamtrø --- .../connectivity_bridge/src/modules/usb_bulk_interface.c | 2 +- applications/ipc_radio/src/bt_hci_ipc.c | 2 +- drivers/net/eth_rtt.c | 2 +- include/nrf_rpc/nrf_rpc_serialize.h | 2 +- samples/bluetooth/direct_test_mode/remote_hci/src/main.c | 2 +- samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c | 2 +- .../bluetooth/direct_test_mode/src/transport/dtm_transport.h | 2 +- samples/bluetooth/direct_test_mode/src/transport/hci_uart.c | 2 +- samples/bluetooth/direct_test_mode/src/transport/hci_uart.h | 2 +- .../bluetooth/direct_test_mode/src/transport/hci_uart_remote.c | 2 +- samples/nrf5340/multiprotocol_rpmsg/src/main.c | 2 +- samples/openthread/coprocessor/src/rcp_hci.c | 2 +- subsys/bluetooth/services/ancs_app_attr_get.c | 2 +- subsys/bluetooth/services/cgms/cgms.c | 2 +- subsys/bluetooth/services/fast_pair/fmdn/auth.c | 2 +- subsys/bluetooth/services/fast_pair/fmdn/beacon_actions.c | 2 +- subsys/bluetooth/services/fast_pair/fmdn/read_mode.c | 2 +- subsys/bluetooth/services/fast_pair/fmdn/state.c | 2 +- subsys/bluetooth/services/fast_pair/fp_advertising.c | 2 +- subsys/bluetooth/services/fast_pair/fp_gatt_service.c | 2 +- subsys/bluetooth/services/mds.c | 2 +- subsys/bluetooth/services/wifi_prov/wifi_prov_ble.c | 2 +- subsys/bluetooth/services/wifi_prov/wifi_prov_internal.h | 2 +- subsys/dm/rpc/common/serialize.h | 2 +- subsys/dult/bt/anos.c | 2 +- subsys/nfc/ndef/ch_rec_parser.c | 2 +- subsys/nfc/ndef/le_oob_rec_parser.c | 2 +- subsys/nfc/tnep/ch/common.h | 2 +- tests/bluetooth/tester/src/gap.c | 2 +- tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.c | 2 +- tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.h | 2 +- tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.c | 2 +- tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.h | 2 +- tests/subsys/dfu/dfu_target/smp/src/smp_stub.c | 2 +- tests/subsys/dfu/dfu_target/smp/src/smp_stub.h | 2 +- 35 files changed, 35 insertions(+), 35 deletions(-) diff --git a/applications/connectivity_bridge/src/modules/usb_bulk_interface.c b/applications/connectivity_bridge/src/modules/usb_bulk_interface.c index cc2157e6b073..7d8a07dab62d 100644 --- a/applications/connectivity_bridge/src/modules/usb_bulk_interface.c +++ b/applications/connectivity_bridge/src/modules/usb_bulk_interface.c @@ -10,7 +10,7 @@ #include #include #include -#include +#include #include #define MODULE bulk_interface diff --git a/applications/ipc_radio/src/bt_hci_ipc.c b/applications/ipc_radio/src/bt_hci_ipc.c index 161cdeef9851..bab02b34a950 100644 --- a/applications/ipc_radio/src/bt_hci_ipc.c +++ b/applications/ipc_radio/src/bt_hci_ipc.c @@ -13,7 +13,7 @@ #include #include -#include +#include #include #include diff --git a/drivers/net/eth_rtt.c b/drivers/net/eth_rtt.c index fb308b9fa243..b55f33c98192 100644 --- a/drivers/net/eth_rtt.c +++ b/drivers/net/eth_rtt.c @@ -42,7 +42,7 @@ LOG_MODULE_REGISTER(LOG_MODULE_NAME); #include #include #include -#include +#include #include #include #include diff --git a/include/nrf_rpc/nrf_rpc_serialize.h b/include/nrf_rpc/nrf_rpc_serialize.h index cb06a2298880..569b41bccd6d 100644 --- a/include/nrf_rpc/nrf_rpc_serialize.h +++ b/include/nrf_rpc/nrf_rpc_serialize.h @@ -14,7 +14,7 @@ #ifndef NRF_RPC_SERIALIZE_H_ #define NRF_RPC_SERIALIZE_H_ -#include +#include #include #include diff --git a/samples/bluetooth/direct_test_mode/remote_hci/src/main.c b/samples/bluetooth/direct_test_mode/remote_hci/src/main.c index 2503255e4026..5cb103de60ae 100644 --- a/samples/bluetooth/direct_test_mode/remote_hci/src/main.c +++ b/samples/bluetooth/direct_test_mode/remote_hci/src/main.c @@ -6,7 +6,7 @@ #include #include -#include +#include #include #include #include diff --git a/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c b/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c index a37f90cf09f2..c9f1b79a34d5 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c +++ b/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c @@ -8,7 +8,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/samples/bluetooth/direct_test_mode/src/transport/dtm_transport.h b/samples/bluetooth/direct_test_mode/src/transport/dtm_transport.h index ee348c83d920..c03790558f3e 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/dtm_transport.h +++ b/samples/bluetooth/direct_test_mode/src/transport/dtm_transport.h @@ -7,7 +7,7 @@ #ifndef DTM_TRANSPORT_H_ #define DTM_TRANSPORT_H_ -#include +#include #include #ifdef __cplusplus diff --git a/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c b/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c index 99eaceb25915..d0f4315c4649 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c +++ b/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include diff --git a/samples/bluetooth/direct_test_mode/src/transport/hci_uart.h b/samples/bluetooth/direct_test_mode/src/transport/hci_uart.h index 27c5402467d7..ae729406c828 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/hci_uart.h +++ b/samples/bluetooth/direct_test_mode/src/transport/hci_uart.h @@ -7,7 +7,7 @@ #ifndef HCI_UART_H_ #define HCI_UART_H_ -#include +#include #include #ifdef __cplusplus diff --git a/samples/bluetooth/direct_test_mode/src/transport/hci_uart_remote.c b/samples/bluetooth/direct_test_mode/src/transport/hci_uart_remote.c index 20ed71e56991..39c93363d0b0 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/hci_uart_remote.c +++ b/samples/bluetooth/direct_test_mode/src/transport/hci_uart_remote.c @@ -6,7 +6,7 @@ #include #include -#include +#include #include #include #include diff --git a/samples/nrf5340/multiprotocol_rpmsg/src/main.c b/samples/nrf5340/multiprotocol_rpmsg/src/main.c index b45237fe20b2..7fcc2c0c0486 100644 --- a/samples/nrf5340/multiprotocol_rpmsg/src/main.c +++ b/samples/nrf5340/multiprotocol_rpmsg/src/main.c @@ -17,7 +17,7 @@ #include -#include +#include #include #include #include diff --git a/samples/openthread/coprocessor/src/rcp_hci.c b/samples/openthread/coprocessor/src/rcp_hci.c index aaa95cd10d55..2f7b8b2e16e3 100644 --- a/samples/openthread/coprocessor/src/rcp_hci.c +++ b/samples/openthread/coprocessor/src/rcp_hci.c @@ -19,7 +19,7 @@ #include -#include +#include #include #include #include diff --git a/subsys/bluetooth/services/ancs_app_attr_get.c b/subsys/bluetooth/services/ancs_app_attr_get.c index 348c3fded5bc..120015756b0d 100644 --- a/subsys/bluetooth/services/ancs_app_attr_get.c +++ b/subsys/bluetooth/services/ancs_app_attr_get.c @@ -12,7 +12,7 @@ #include #include -#include +#include #include "ancs_client_internal.h" #include "ancs_app_attr_get.h" diff --git a/subsys/bluetooth/services/cgms/cgms.c b/subsys/bluetooth/services/cgms/cgms.c index 6f12b3639bf0..273944933114 100644 --- a/subsys/bluetooth/services/cgms/cgms.c +++ b/subsys/bluetooth/services/cgms/cgms.c @@ -9,7 +9,7 @@ #include #include #include -#include +#include #include #include diff --git a/subsys/bluetooth/services/fast_pair/fmdn/auth.c b/subsys/bluetooth/services/fast_pair/fmdn/auth.c index c5a656a40082..dcbb98a35954 100644 --- a/subsys/bluetooth/services/fast_pair/fmdn/auth.c +++ b/subsys/bluetooth/services/fast_pair/fmdn/auth.c @@ -10,7 +10,7 @@ #include "fp_fmdn_state.h" #include "fp_storage_ak.h" -#include +#include #include LOG_MODULE_REGISTER(fp_fmdn_auth, CONFIG_BT_FAST_PAIR_LOG_LEVEL); diff --git a/subsys/bluetooth/services/fast_pair/fmdn/beacon_actions.c b/subsys/bluetooth/services/fast_pair/fmdn/beacon_actions.c index 6257333a71e3..acbceaa132f5 100644 --- a/subsys/bluetooth/services/fast_pair/fmdn/beacon_actions.c +++ b/subsys/bluetooth/services/fast_pair/fmdn/beacon_actions.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #include #include diff --git a/subsys/bluetooth/services/fast_pair/fmdn/read_mode.c b/subsys/bluetooth/services/fast_pair/fmdn/read_mode.c index 4ddbef3fc3ba..a7bf38df24fb 100644 --- a/subsys/bluetooth/services/fast_pair/fmdn/read_mode.c +++ b/subsys/bluetooth/services/fast_pair/fmdn/read_mode.c @@ -5,7 +5,7 @@ */ #include -#include +#include #include LOG_MODULE_REGISTER(fp_fmdn_read_mode, CONFIG_BT_FAST_PAIR_LOG_LEVEL); diff --git a/subsys/bluetooth/services/fast_pair/fmdn/state.c b/subsys/bluetooth/services/fast_pair/fmdn/state.c index 5eed95145bda..ba94a9fae76f 100644 --- a/subsys/bluetooth/services/fast_pair/fmdn/state.c +++ b/subsys/bluetooth/services/fast_pair/fmdn/state.c @@ -6,7 +6,7 @@ #include #include -#include +#include #include #include diff --git a/subsys/bluetooth/services/fast_pair/fp_advertising.c b/subsys/bluetooth/services/fast_pair/fp_advertising.c index 9c0e8e8ad411..16b9dcce99ad 100644 --- a/subsys/bluetooth/services/fast_pair/fp_advertising.c +++ b/subsys/bluetooth/services/fast_pair/fp_advertising.c @@ -5,7 +5,7 @@ */ #include -#include +#include #include #include diff --git a/subsys/bluetooth/services/fast_pair/fp_gatt_service.c b/subsys/bluetooth/services/fast_pair/fp_gatt_service.c index 7f5d1db09a4d..6ff073f206e8 100644 --- a/subsys/bluetooth/services/fast_pair/fp_gatt_service.c +++ b/subsys/bluetooth/services/fast_pair/fp_gatt_service.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #include #include diff --git a/subsys/bluetooth/services/mds.c b/subsys/bluetooth/services/mds.c index e705b731509f..b96ecc6c6c3b 100644 --- a/subsys/bluetooth/services/mds.c +++ b/subsys/bluetooth/services/mds.c @@ -15,7 +15,7 @@ #include -#include +#include #include #include diff --git a/subsys/bluetooth/services/wifi_prov/wifi_prov_ble.c b/subsys/bluetooth/services/wifi_prov/wifi_prov_ble.c index dc9c8aab9688..dcef86be04f1 100644 --- a/subsys/bluetooth/services/wifi_prov/wifi_prov_ble.c +++ b/subsys/bluetooth/services/wifi_prov/wifi_prov_ble.c @@ -19,7 +19,7 @@ #include #include -#include +#include #include #include diff --git a/subsys/bluetooth/services/wifi_prov/wifi_prov_internal.h b/subsys/bluetooth/services/wifi_prov/wifi_prov_internal.h index ebb1e481b180..b59b346b66fe 100644 --- a/subsys/bluetooth/services/wifi_prov/wifi_prov_internal.h +++ b/subsys/bluetooth/services/wifi_prov/wifi_prov_internal.h @@ -8,7 +8,7 @@ #define WIFI_PROV_INTERNAL_H #include -#include +#include #include "request.pb.h" #include "response.pb.h" #include "result.pb.h" diff --git a/subsys/dm/rpc/common/serialize.h b/subsys/dm/rpc/common/serialize.h index 41ce21b93d82..dc2c70a9a20a 100644 --- a/subsys/dm/rpc/common/serialize.h +++ b/subsys/dm/rpc/common/serialize.h @@ -7,7 +7,7 @@ #ifndef SERIALIZE_H_ #define SERIALIZE_H_ -#include +#include #include #include diff --git a/subsys/dult/bt/anos.c b/subsys/dult/bt/anos.c index da6f180b77c7..9aa1188848a0 100644 --- a/subsys/dult/bt/anos.c +++ b/subsys/dult/bt/anos.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #include #include diff --git a/subsys/nfc/ndef/ch_rec_parser.c b/subsys/nfc/ndef/ch_rec_parser.c index 2871af0dbf1c..c9c922ee0f74 100644 --- a/subsys/nfc/ndef/ch_rec_parser.c +++ b/subsys/nfc/ndef/ch_rec_parser.c @@ -6,7 +6,7 @@ #include #include -#include +#include #include #include diff --git a/subsys/nfc/ndef/le_oob_rec_parser.c b/subsys/nfc/ndef/le_oob_rec_parser.c index 92acf466c3d0..e9e75e155dd2 100644 --- a/subsys/nfc/ndef/le_oob_rec_parser.c +++ b/subsys/nfc/ndef/le_oob_rec_parser.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/subsys/nfc/tnep/ch/common.h b/subsys/nfc/tnep/ch/common.h index 7018dc8b7e9d..16b77dfb2d9a 100644 --- a/subsys/nfc/tnep/ch/common.h +++ b/subsys/nfc/tnep/ch/common.h @@ -10,7 +10,7 @@ #include #include -#include +#include #include #include diff --git a/tests/bluetooth/tester/src/gap.c b/tests/bluetooth/tester/src/gap.c index 039d0b39f36a..ce608db2eaa3 100644 --- a/tests/bluetooth/tester/src/gap.c +++ b/tests/bluetooth/tester/src/gap.c @@ -16,7 +16,7 @@ #include #include -#include +#include #include #define LOG_MODULE_NAME bttester_gap diff --git a/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.c b/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.c index 0905a7c90c4d..248b3b215587 100644 --- a/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.c +++ b/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #include #include #include diff --git a/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.h b/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.h index 60bcccd8f386..d438e2ed3199 100644 --- a/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.h +++ b/tests/subsys/dfu/dfu_target/smp/src/img_gr_stub.h @@ -7,7 +7,7 @@ #define H_IMG_GR_STUB_ #include -#include +#include #ifdef __cplusplus diff --git a/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.c b/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.c index 7381b15179d2..b0be2fd0abb9 100644 --- a/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.c +++ b/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #include #include #include diff --git a/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.h b/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.h index 133def0ee206..c1cd28410968 100644 --- a/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.h +++ b/tests/subsys/dfu/dfu_target/smp/src/os_gr_stub.h @@ -7,7 +7,7 @@ #define H_OS_GR_STUB_ #include -#include +#include #ifdef __cplusplus extern "C" { diff --git a/tests/subsys/dfu/dfu_target/smp/src/smp_stub.c b/tests/subsys/dfu/dfu_target/smp/src/smp_stub.c index 7b5c8e33ba01..ecbd8c46dc5b 100644 --- a/tests/subsys/dfu/dfu_target/smp/src/smp_stub.c +++ b/tests/subsys/dfu/dfu_target/smp/src/smp_stub.c @@ -4,7 +4,7 @@ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ -#include +#include #include #include #include diff --git a/tests/subsys/dfu/dfu_target/smp/src/smp_stub.h b/tests/subsys/dfu/dfu_target/smp/src/smp_stub.h index 75ee463a4fb6..8a9711fc6f8a 100644 --- a/tests/subsys/dfu/dfu_target/smp/src/smp_stub.h +++ b/tests/subsys/dfu/dfu_target/smp/src/smp_stub.h @@ -7,7 +7,7 @@ #define H_SMP_STUB_ #include -#include +#include #include From 4faaad163320433834714e0c26c146e8912b3315 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 9 Sep 2024 15:15:44 +0200 Subject: [PATCH 032/217] suit: Fix Kconfig for SUIT (missing type) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Suit overrides for MBEDTLS_PSA_CRYPTO and MBEDTLS_ZEPHYR_ENTROPY was missing the Kconfig type and was giving warnings Signed-off-by: Frank Audun Kvamtrø --- subsys/suit/platform/Kconfig | 2 ++ 1 file changed, 2 insertions(+) diff --git a/subsys/suit/platform/Kconfig b/subsys/suit/platform/Kconfig index 593eb13cc2b6..91ba39301af8 100644 --- a/subsys/suit/platform/Kconfig +++ b/subsys/suit/platform/Kconfig @@ -56,10 +56,12 @@ if MBEDTLS && SOC_POSIX # Make sure that PSA API compatibility layer is enabled config MBEDTLS_PSA_CRYPTO_C + bool default y # Instruct mbedTLS to use Zephyr entropy config MBEDTLS_ZEPHYR_ENTROPY + bool default y config SUIT_DEFAULT_MBEDTLS_CONFIG From 97f92a7b5e69d397e3eec185370f5ea65697a2af Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 5 Aug 2024 20:40:25 +0530 Subject: [PATCH 033/217] drivers: Remove nRF70 Wi-Fi driver This is now part of the Zephyr upstream. Signed-off-by: Chaitanya Tata --- CODEOWNERS | 1 - drivers/CMakeLists.txt | 1 - drivers/Kconfig | 1 - drivers/wifi/CMakeLists.txt | 6 - drivers/wifi/Kconfig | 11 - drivers/wifi/nrf700x/CMakeLists.txt | 239 -- drivers/wifi/nrf700x/Kconfig | 751 ----- drivers/wifi/nrf700x/inc/coex.h | 84 - drivers/wifi/nrf700x/inc/coex_struct.h | 182 -- drivers/wifi/nrf700x/inc/fmac_main.h | 133 - drivers/wifi/nrf700x/inc/net_if.h | 66 - drivers/wifi/nrf700x/inc/wifi_mgmt.h | 75 - drivers/wifi/nrf700x/inc/wifi_mgmt_scan.h | 34 - drivers/wifi/nrf700x/inc/wpa_supp_if.h | 142 - drivers/wifi/nrf700x/rpu_fw_patches.ld | 51 - drivers/wifi/nrf700x/src/coex.c | 333 -- drivers/wifi/nrf700x/src/fmac_main.c | 952 ------ drivers/wifi/nrf700x/src/fw_load.c | 306 -- drivers/wifi/nrf700x/src/net_if.c | 1239 -------- drivers/wifi/nrf700x/src/qspi/inc/ficr_prog.h | 23 - drivers/wifi/nrf700x/src/qspi/inc/qspi_if.h | 116 - drivers/wifi/nrf700x/src/qspi/inc/rpu_hw_if.h | 61 - drivers/wifi/nrf700x/src/qspi/inc/spi_if.h | 36 - drivers/wifi/nrf700x/src/qspi/inc/spi_nor.h | 49 - drivers/wifi/nrf700x/src/qspi/src/device.c | 86 - drivers/wifi/nrf700x/src/qspi/src/ficr_prog.c | 379 --- drivers/wifi/nrf700x/src/qspi/src/qspi_if.c | 1342 -------- drivers/wifi/nrf700x/src/qspi/src/rpu_hw_if.c | 482 --- drivers/wifi/nrf700x/src/qspi/src/spi_if.c | 343 -- drivers/wifi/nrf700x/src/shim.c | 973 ------ drivers/wifi/nrf700x/src/shim.h | 68 - drivers/wifi/nrf700x/src/timer.c | 43 - drivers/wifi/nrf700x/src/timer.h | 26 - drivers/wifi/nrf700x/src/wifi_mgmt.c | 1015 ------ drivers/wifi/nrf700x/src/wifi_mgmt_scan.c | 440 --- drivers/wifi/nrf700x/src/wifi_util.c | 1005 ------ drivers/wifi/nrf700x/src/wifi_util.h | 24 - drivers/wifi/nrf700x/src/work.c | 158 - drivers/wifi/nrf700x/src/work.h | 44 - drivers/wifi/nrf700x/src/wpa_supp_if.c | 2761 ----------------- 40 files changed, 14081 deletions(-) delete mode 100644 drivers/wifi/CMakeLists.txt delete mode 100644 drivers/wifi/Kconfig delete mode 100644 drivers/wifi/nrf700x/CMakeLists.txt delete mode 100644 drivers/wifi/nrf700x/Kconfig delete mode 100644 drivers/wifi/nrf700x/inc/coex.h delete mode 100644 drivers/wifi/nrf700x/inc/coex_struct.h delete mode 100644 drivers/wifi/nrf700x/inc/fmac_main.h delete mode 100644 drivers/wifi/nrf700x/inc/net_if.h delete mode 100644 drivers/wifi/nrf700x/inc/wifi_mgmt.h delete mode 100644 drivers/wifi/nrf700x/inc/wifi_mgmt_scan.h delete mode 100644 drivers/wifi/nrf700x/inc/wpa_supp_if.h delete mode 100644 drivers/wifi/nrf700x/rpu_fw_patches.ld delete mode 100644 drivers/wifi/nrf700x/src/coex.c delete mode 100644 drivers/wifi/nrf700x/src/fmac_main.c delete mode 100644 drivers/wifi/nrf700x/src/fw_load.c delete mode 100644 drivers/wifi/nrf700x/src/net_if.c delete mode 100644 drivers/wifi/nrf700x/src/qspi/inc/ficr_prog.h delete mode 100644 drivers/wifi/nrf700x/src/qspi/inc/qspi_if.h delete mode 100644 drivers/wifi/nrf700x/src/qspi/inc/rpu_hw_if.h delete mode 100644 drivers/wifi/nrf700x/src/qspi/inc/spi_if.h delete mode 100644 drivers/wifi/nrf700x/src/qspi/inc/spi_nor.h delete mode 100644 drivers/wifi/nrf700x/src/qspi/src/device.c delete mode 100644 drivers/wifi/nrf700x/src/qspi/src/ficr_prog.c delete mode 100644 drivers/wifi/nrf700x/src/qspi/src/qspi_if.c delete mode 100644 drivers/wifi/nrf700x/src/qspi/src/rpu_hw_if.c delete mode 100644 drivers/wifi/nrf700x/src/qspi/src/spi_if.c delete mode 100644 drivers/wifi/nrf700x/src/shim.c delete mode 100644 drivers/wifi/nrf700x/src/shim.h delete mode 100644 drivers/wifi/nrf700x/src/timer.c delete mode 100644 drivers/wifi/nrf700x/src/timer.h delete mode 100644 drivers/wifi/nrf700x/src/wifi_mgmt.c delete mode 100644 drivers/wifi/nrf700x/src/wifi_mgmt_scan.c delete mode 100644 drivers/wifi/nrf700x/src/wifi_util.c delete mode 100644 drivers/wifi/nrf700x/src/wifi_util.h delete mode 100644 drivers/wifi/nrf700x/src/work.c delete mode 100644 drivers/wifi/nrf700x/src/work.h delete mode 100644 drivers/wifi/nrf700x/src/wpa_supp_if.c diff --git a/CODEOWNERS b/CODEOWNERS index 57ac220a7d71..8fa8a5bc54cb 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -70,7 +70,6 @@ /drivers/sensor/bme68x_iaq/ @nrfconnect/ncs-co-drivers @nrfconnect/ncs-cia /drivers/sensor/paw3212/ @nrfconnect/ncs-co-drivers @nrfconnect/ncs-si-bluebagel /drivers/sensor/pmw3360/ @nrfconnect/ncs-co-drivers @nrfconnect/ncs-si-bluebagel -/drivers/wifi/nrf700x/ @nrfconnect/ncs-co-networking @krish2718 @sachinthegreen @rado17 # Devicetree /dts/ @nrfconnect/ncs-co-drivers diff --git a/drivers/CMakeLists.txt b/drivers/CMakeLists.txt index a6f71a22de50..3a178f3e1a93 100644 --- a/drivers/CMakeLists.txt +++ b/drivers/CMakeLists.txt @@ -14,4 +14,3 @@ endif() add_subdirectory_ifdef(CONFIG_NETWORKING net) add_subdirectory_ifdef(CONFIG_SENSOR sensor) add_subdirectory(serial) -add_subdirectory_ifdef(CONFIG_WIFI wifi) diff --git a/drivers/Kconfig b/drivers/Kconfig index 765dcb7bfef8..554b6a917249 100644 --- a/drivers/Kconfig +++ b/drivers/Kconfig @@ -19,7 +19,6 @@ endif rsource "net/Kconfig" rsource "sensor/Kconfig" rsource "serial/Kconfig" -rsource "wifi/Kconfig" config NRFE bool diff --git a/drivers/wifi/CMakeLists.txt b/drivers/wifi/CMakeLists.txt deleted file mode 100644 index a1589e33f07f..000000000000 --- a/drivers/wifi/CMakeLists.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -# Copyright (c) 2018-2020 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -add_subdirectory_ifdef(CONFIG_WIFI_NRF700X nrf700x) diff --git a/drivers/wifi/Kconfig b/drivers/wifi/Kconfig deleted file mode 100644 index 95ab147c235a..000000000000 --- a/drivers/wifi/Kconfig +++ /dev/null @@ -1,11 +0,0 @@ -# -# Copyright (c) 2022 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -if WIFI - -rsource "nrf700x/Kconfig" - -endif # WIFI diff --git a/drivers/wifi/nrf700x/CMakeLists.txt b/drivers/wifi/nrf700x/CMakeLists.txt deleted file mode 100644 index a972da139ca6..000000000000 --- a/drivers/wifi/nrf700x/CMakeLists.txt +++ /dev/null @@ -1,239 +0,0 @@ -# -# Copyright (c) 2022 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -zephyr_library() - -set(OS_AGNOSTIC_BASE ${ZEPHYR_NRFXLIB_MODULE_DIR}/nrf_wifi) - -zephyr_include_directories( - inc - ${OS_AGNOSTIC_BASE}/utils/inc - ${OS_AGNOSTIC_BASE}/os_if/inc - ${OS_AGNOSTIC_BASE}/bus_if/bus/qspi/inc - ${OS_AGNOSTIC_BASE}/bus_if/bal/inc - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc - ${OS_AGNOSTIC_BASE}/fw_load/mips/fw/inc - ${OS_AGNOSTIC_BASE}/hw_if/hal/inc - src/qspi/inc - # for net_sprint_ll_addr - ${ZEPHYR_BASE}/subsys/net/ip - ${OS_AGNOSTIC_BASE}/hw_if/hal/inc/fw - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/fw -) - -zephyr_include_directories_ifdef(CONFIG_NRF700X_RADIO_TEST - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/radio_test -) - -zephyr_include_directories_ifndef(CONFIG_NRF700X_RADIO_TEST - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/default -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_SR_COEX - src/coex.c -) - -zephyr_library_sources( - ${OS_AGNOSTIC_BASE}/os_if/src/osal.c - ${OS_AGNOSTIC_BASE}/utils/src/list.c - ${OS_AGNOSTIC_BASE}/utils/src/queue.c - ${OS_AGNOSTIC_BASE}/utils/src/util.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/hal_api.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/hal_fw_patch_loader.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/hal_interrupt.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/hal_mem.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/hal_reg.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/hpqm.c - ${OS_AGNOSTIC_BASE}/hw_if/hal/src/pal.c - ${OS_AGNOSTIC_BASE}/bus_if/bal/src/bal.c - ${OS_AGNOSTIC_BASE}/bus_if/bus/qspi/src/qspi.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/cmd.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/event.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_api_common.c - src/shim.c - src/work.c - src/timer.c - src/fmac_main.c - src/fw_load.c - src/qspi/src/device.c - src/qspi/src/rpu_hw_if.c - src/qspi/src/ficr_prog.c -) - -zephyr_library_sources_ifndef(CONFIG_NRF700X_RADIO_TEST - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/rx.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_vif.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c - src/net_if.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/default/fmac_api.c -) - -zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_MGMT - src/wifi_mgmt_scan.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_SYSTEM_MODE - src/wifi_mgmt.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_SCAN_ONLY - src/wifi_mgmt_scan.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_RADIO_TEST - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/radio_test/fmac_api.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_DATA_TX - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/tx.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_peer.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_STA_MODE - src/wpa_supp_if.c - src/wifi_mgmt.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_peer.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_AP_MODE - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_ap.c -) - - -# Without WPA supplicant we only support scan -zephyr_library_sources_ifdef(CONFIG_NRF700X_STA_MODE - src/wpa_supp_if.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_peer.c - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_ON_QSPI - src/qspi/src/qspi_if.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_ON_SPI - src/qspi/src/spi_if.c -) - -zephyr_library_sources_ifdef(CONFIG_NRF700X_UTIL - src/wifi_util.c -) - -if(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP) -# Run patches from the external flash (XIP). No need to copy. -zephyr_code_relocate(FILES src/fw_load.c LOCATION EXTFLASH_RODATA NOCOPY) -endif() - -zephyr_compile_definitions_ifdef(CONFIG_NRF700X_ON_QSPI -# These are XIP related anomalies and aren't applicable for nRF7002 and cause -# throughput issues. - -DNRF53_ERRATA_43_ENABLE_WORKAROUND=0 - -DNRF52_ERRATA_215_ENABLE_WORKAROUND=0 -# nRF70 QSPI doesn't use 192MHz clock and most samples use 128MHz, this can cause anomaly 159 -# but as its rare and not seen in most cases, we can disable it. -# Alternative is 128MHz CPU should be disabled that impacts Wi-Fi performance. - -DNRF53_ERRATA_159_ENABLE_WORKAROUND=0 -) - -# RPU FW patch binaries based on the selected configuration -if(CONFIG_NRF700X_SYSTEM_MODE) - set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/default/nrf70.bin) -elseif(CONFIG_NRF700X_RADIO_TEST) - set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/radio_test/nrf70.bin) -elseif(CONFIG_NRF700X_SCAN_ONLY) - set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/scan_only/nrf70.bin) -elseif (CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES) - set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/system_with_raw/nrf70.bin) -else() - # Error - message(FATAL_ERROR "Unsupported nRF70 patch configuration") -endif() - -zephyr_compile_definitions( - -DCONFIG_NRF_WIFI_FW_BIN=${NRF70_PATCH} -) - -if(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_STORE) - message(STATUS "nRF WiFi FW patch binary will be stored in external flash") - - dt_chosen(ext_flash_dev PROPERTY nordic,pm-ext-flash) - if(DEFINED ext_flash_dev) - get_filename_component(qspi_node ${ext_flash_dev} DIRECTORY) - else() - dt_nodelabel(qspi_node NODELABEL "qspi") - endif() - if(DEFINED qspi_node) - dt_reg_addr(xip_addr PATH ${qspi_node} NAME qspi_mm) - if(NOT DEFINED xip_addr) - message(FATAL_ERROR "Unable to find XIP area in dts") - endif() - else() - message(FATAL_ERROR "QSPI node not found in dts") - endif() - - if(CONFIG_PARTITION_MANAGER_ENABLED) - if(NOT SYSBUILD) - add_custom_target(nrf70_wifi_fw_patch_target - DEPENDS ${CMAKE_BINARY_DIR}/zephyr/nrf70.hex - ) - add_custom_command(OUTPUT ${CMAKE_BINARY_DIR}/zephyr/nrf70.hex - COMMAND ${Python3_EXECUTABLE} - -c "import sys; import intelhex; intelhex.bin2hex(sys.argv[1], sys.argv[2], int(sys.argv[3])) " - ${NRF70_PATCH} - ${CMAKE_BINARY_DIR}/zephyr/nrf70.hex - $ - VERBATIM - ) - # Delegate merging WiFi FW patch to mcuboot because we need to merge signed hex instead of raw nrf70.hex. - if(NOT CONFIG_NRF_WIFI_FW_PATCH_DFU) - set_property( - GLOBAL PROPERTY - nrf70_wifi_fw_PM_HEX_FILE - ${CMAKE_BINARY_DIR}/zephyr/nrf70.hex - ) - set_property( - GLOBAL PROPERTY - nrf70_wifi_fw_PM_TARGET - nrf70_wifi_fw_patch_target - ) - endif() - endif() - else() - dt_nodelabel(nrf70_fw_node NODELABEL "nrf70_fw_partition") - if(NOT DEFINED nrf70_fw_node) - message(FATAL_ERROR "nrf70_fw_partition node not found in dts") - endif() - dt_prop(nrf70_fw_offset PATH ${nrf70_fw_node} PROPERTY reg INDEX 0) - if(NOT DEFINED nrf70_fw_offset) - message(FATAL_ERROR "nrf70_fw_partition.reg not found in dts") - endif() - math(EXPR NRF70_PATCH_ADDR "${xip_addr} + ${nrf70_fw_offset}") - - # Using python module instead of intelhex command line tool to handle windows - execute_process( - COMMAND ${Python3_EXECUTABLE} - -c "import sys; import intelhex; intelhex.bin2hex(sys.argv[1], sys.argv[2], int(sys.argv[3]))" - ${NRF70_PATCH} - ${CMAKE_BINARY_DIR}/zephyr/nrf70.hex - ${NRF70_PATCH_ADDR} - RESULT_VARIABLE _bin2hex_result - OUTPUT_VARIABLE _bin2hex_output - ERROR_VARIABLE _bin2hex_error - COMMAND_ECHO STDOUT - ) - - if(NOT _bin2hex_result EQUAL 0) - message(FATAL_ERROR "Failed to convert binary patch to hex format: \n${_bin2hex_output}\n${_bin2hex_error}") - endif() - - set_property(GLOBAL APPEND PROPERTY HEX_FILES_TO_MERGE - ${CMAKE_BINARY_DIR}/zephyr/nrf70.hex ${CMAKE_BINARY_DIR}/zephyr/zephyr.hex) - set_property(TARGET runners_yaml_props_target PROPERTY - hex_file ${CMAKE_BINARY_DIR}/zephyr/merged.hex) - endif() -endif() diff --git a/drivers/wifi/nrf700x/Kconfig b/drivers/wifi/nrf700x/Kconfig deleted file mode 100644 index d446e1b20c99..000000000000 --- a/drivers/wifi/nrf700x/Kconfig +++ /dev/null @@ -1,751 +0,0 @@ -# Nordic Wi-Fi driver for nRF700x -# -# Copyright (c) 2022 Nordic Semiconductor -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -DT_COMPAT_NORDIC_NRF700X_QSPI := nordic,nrf700x-qspi -DT_COMPAT_NORDIC_NRF700X_SPI := nordic,nrf700x-spi - -menuconfig WIFI_NRF700X - bool "nRF700x driver" - depends on WIFI - select NET_L2_WIFI_MGMT if NETWORKING - select NET_L2_ETHERNET_MGMT if NETWORKING && NET_L2_ETHERNET - select WIFI_USE_NATIVE_NETWORKING if NETWORKING - select EXPERIMENTAL if !SOC_SERIES_NRF53X && !SOC_SERIES_NRF91X - help - Nordic Wi-Fi Driver - -if WIFI_NRF700X -module = WIFI_NRF700X_BUS -module-dep = LOG -module-str = Log level for Wi-Fi nRF700x bus layers -module-help = Sets log level for Wi-Fi nRF700x bus layers -source "subsys/net/Kconfig.template.log_config.net" - -config WIFI_NRF700X_BUS_LOG_LEVEL - # Enable error by default - default 1 - -choice NRF700X_OPER_MODES - bool "nRF700x operating modes" - default NRF700X_SYSTEM_MODE if WPA_SUPP && !(NRF700X_RAW_DATA_TX || NRF700X_RAW_DATA_RX || NRF700X_PROMISC_DATA_RX) - default NRF700X_SYSTEM_WITH_RAW_MODES if (NRF700X_RAW_DATA_TX || NRF700X_RAW_DATA_RX || NRF700X_PROMISC_DATA_RX) - default NRF700X_SCAN_ONLY - help - Select the operating mode of the nRF700x driver - -config NRF700X_SYSTEM_MODE - bool "Enable nRF700X system mode" - depends on WPA_SUPP - help - Select this option to enable system mode of the nRF700x driver - -config NRF700X_SCAN_ONLY - bool "Enable nRF700X scan only mode" - help - Select this option to enable scan only mode of the nRF700x driver - -config NRF700X_RADIO_TEST - bool "Radio test mode of the nRF700x driver" - -config NRF700X_SYSTEM_WITH_RAW_MODES - bool "Enable nRF700X system mode with raw modes" - # TODO: This dependency need to be removed for Monitor and TX injection only - depends on WPA_SUPP - help - Select this option to enable system mode of the nRF700x driver with raw modes - -endchoice - -if NRF700X_SYSTEM_MODE || NRF700X_SYSTEM_WITH_RAW_MODES -config NRF700X_STA_MODE - bool "Enable nRF700X STA mode" - default y - help - Select this option to enable STA mode of the nRF700x driver - -config NRF700X_AP_MODE - bool "Enable Access point mode" - depends on WPA_SUPP_AP - -config NRF700X_P2P_MODE - bool "Enable P2P support in driver" -endif # NRF700X_SYSTEM_MODE || NRF700X_SYSTEM_WITH_RAW_MODES - -config NRF700X_RAW_DATA_TX - bool "Enable RAW TX data path in the driver" - -config NRF700X_RAW_DATA_RX - bool "Enable RAW RX sniffer operation in the driver" - -config NRF700X_PROMISC_DATA_RX - bool "Enable promiscuous RX sniffer operation in the driver" - depends on WPA_SUPP - select EXPERIMENTAL - select NET_PROMISCUOUS_MODE - -config NRF700X_DATA_TX - bool "Enable TX data path in the driver" - default y if NRF700X_SYSTEM_MODE || NRF700X_SYSTEM_WITH_RAW_MODES - -config NRF_WIFI_IF_AUTO_START - bool "Enable Wi-Fi interface auto start on boot" - default y - -config NRF_WIFI_PATCHES_BUILTIN - bool "Store nRF700x FW patches as part of the driver" - depends on !NRF_WIFI_PATCHES_EXT_FLASH_STORE - default y if !NRF_WIFI_PATCHES_EXT_FLASH_STORE - help - Select this option to store nRF700x FW patches as part of the driver. - This option impacts the code memory footprint of the driver. - -choice NRF_WIFI_PATCHES_EXT_FLASH_SUPPORT - bool "Store nRF700x FW patches in external flash" - default NRF_WIFI_PATCHES_EXT_FLASH_DISABLED - help - Select this option to store nRF700x FW patches in external flash. - This option helps to reduce the code memory size of the application, but - requires external memory to be available for storing the FW patches. - -config NRF_WIFI_PATCHES_EXT_FLASH_DISABLED - bool "Store nRF700x FW patches in RAM" - select NRF_WIFI_PATCHES_BUILTIN - -config NRF_WIFI_PATCHES_EXT_FLASH_XIP - bool "Relocate nRF700x FW patches to external memory and execute from there" - # nRF7002 supports SPI based external flash access with no XIP - depends on !BOARD_NRF7002DK_NRF5340_CPUAPP && !BOARD_NRF7002DK_NRF5340_CPUAPP_NS - # Disable until Matter DFU changes are ready - # default y if BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF52840DK_NRF52840 - select NRF_WIFI_PATCHES_BUILTIN - # For accessing external flash - select FLASH - # For relocation code to external flash - select XIP - select NORDIC_QSPI_NOR - select BUILD_NO_GAP_FILL - select CODE_DATA_RELOCATION - select HAVE_CUSTOM_LINKER_SCRIPT - -config NRF_WIFI_PATCHES_EXT_FLASH_STORE - bool "Store nRF700x FW patches in external memory but execute from RAM" - # nRF7002 supports SPI based external memory access but missing tools support - # TODO: Enable when tools support is available (NRFJPROG-157) - depends on !BOARD_NRF7002DK_NRF5340_CPUAPP && !BOARD_NRF7002DK_NRF5340_CPUAPP_NS - select FLASH - select FLASH_MAP -endchoice - -if NRF_WIFI_PATCHES_EXT_FLASH_STORE -config NRF_WIFI_FW_FLASH_CHUNK_SIZE - int "Chunk size for nRF70 FW patches to be read from external flash" - default 8192 - help - Chunk size for nRF70 FW patches to be read from external flash. - This option impacts the loading time of the nRF70 FW patches and - RAM usage (heap) of the application. - -config NRF_WIFI_FW_PATCH_INTEGRITY_CHECK - bool "Enable integrity check of nRF70 FW patches" - select FLASH_AREA_CHECK_INTEGRITY - default y - help - Select this option to enable integrity check of nRF70 FW patches using - SHA-256 verification algorithm.This option impacts the loading time of the - nRF70 FW patches but protects against corrupted FW patches. - -config NRF_WIFI_FW_PATCH_DFU - bool "Direct Firmware Update of nRF70 FW patch" - depends on PARTITION_MANAGER_ENABLED - depends on BOOTLOADER_MCUBOOT - depends on !XIP_SPLIT_IMAGE - help - Enabling this option adds support for Device Firmware Update (DFU) - for the nRF70 Series Firmware Patch. - - This feature requires the addition of an MCUBoot partition pair: - a primary and a secondary partition. These partitions are used to - store the new firmware patch. The specific partition numbers to be used - depend on the number of partitions already in use. - - The "nrf70_wifi_fw" partition must be added to the newly created - MCUBoot primary partition. Once this Kconfig option is enabled, - the nRF70.hex file will be signed by MCUBoot. The signed image - will then be merged with the application image and flashed onto - the target board. - - Ensure that the required MCUBoot partitions are properly configured - before enabling this option. Refer to the documentation for detailed - instructions on partition configuration and the DFU process. - -# TC is the default but Wi-Fi uses MbedTLS, so, to avoid loading another library. -if NRF_WIFI_FW_PATCH_INTEGRITY_CHECK -choice FLASH_AREA_CHECK_INTEGRITY_BACKEND - default FLASH_AREA_CHECK_INTEGRITY_MBEDTLS -endchoice -endif -endif - -config CUSTOM_LINKER_SCRIPT - string "Custom linker script for nRF700x FW patches" - default "${ZEPHYR_BASE}/../nrf/drivers/wifi/nrf700x/rpu_fw_patches.ld" - -config NRF_WIFI_LOW_POWER - bool "Enable low power mode in nRF Wi-Fi chipsets" - default y - -config NRF700X_TCP_IP_CHECKSUM_OFFLOAD - bool "Enable TCP/IP checksum offload" - default y - -config NRF700X_REG_DOMAIN - string "The ISO/IEC alpha2 country code for the country in which this device is currently operating. Default 00 (World regulatory)" - # 00 is used for World regulatory - default "00" - -# Making calls to RPU from net_mgmt callbacks. -# -# If WPA supplicant is enabled, then don't override as it has higher -# stack requirements. -config NET_MGMT_EVENT_STACK_SIZE - default 2048 if !WPA_SUPP - -config NRF700X_LOG_VERBOSE - bool "Maintains the verbosity of information in logs" - default y - -module = WIFI_NRF700X -module-dep = LOG -module-str = Log level for Wi-Fi nRF700x driver -module-help = Sets log level for Wi-Fi nRF700x driver -source "subsys/logging/Kconfig.template.log_config" - -config WIFI_NRF700X_LOG_LEVEL - # Enable error by default - default 1 - -config NRF700X_ON_QSPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_QSPI)) - select NRFX_QSPI - -config NRF700X_ON_SPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_SPI)) - select SPI - -# Wi-Fi and SR Coexistence Hardware configuration. -config NRF700X_SR_COEX - bool "Enable Wi-Fi and SR coexistence support" - select EXPERIMENTAL if OPENTHREAD - def_bool $(dt_nodelabel_enabled,nrf_radio_coex) - -# GPIO configuration to control SR side RF switch position. -config NRF700X_SR_COEX_RF_SWITCH - def_bool $(dt_nodelabel_has_prop,nrf_radio_coex,srrf-switch-gpios) - -config NRF700X_WORKQ_STACK_SIZE - int "Stack size for workqueue" - default 4096 - -config NRF700X_WORKQ_MAX_ITEMS - int "Maximum work items for all workqueues" - default 100 - -config NRF700X_MAX_TX_PENDING_QLEN - int "Maximum number of pending TX packets" - default 18 - -config NRF700X_UTIL - depends on SHELL - bool "Enable Utility shell in nRF700x driver" - -config NRF700X_QSPI_LOW_POWER - bool "Enable low power mode in QSPI" - default y if NRF_WIFI_LOW_POWER - -config NRF700X_PCB_LOSS_2G - int "PCB loss for 2.4 GHz band" - default 0 - range 0 4 - help - Specifies PCB loss from the antenna connector to the RF pin. - The values are in dB scale in steps of 1dB and range of 0-4dB. - The loss is considered in the RX path only. - -config NRF700X_PCB_LOSS_5G_BAND1 - int "PCB loss for 5 GHz band (5150 MHz - 5350 MHz, Channel-32 - Channel-68)" - default 0 - range 0 4 - help - Specifies PCB loss from the antenna connector to the RF pin. - The values are in dB scale in steps of 1dB and range of 0-4dB. - The loss is considered in the RX path only. - -config NRF700X_PCB_LOSS_5G_BAND2 - int "PCB loss for 5 GHz band (5470 MHz - 5730 MHz, Channel-96 - Channel-144)" - default 0 - range 0 4 - help - Specifies PCB loss from the antenna connector to the RF pin. - The values are in dB scale in steps of 1dB and range of 0-4dB. - The loss is considered in the RX path only. - -config NRF700X_PCB_LOSS_5G_BAND3 - int "PCB loss for 5 GHz band (5730 MHz - 5895 MHz, Channel-149 - Channel-177)" - default 0 - range 0 4 - help - Specifies PCB loss from the antenna connector to the RF pin. - The values are in dB scale in steps of 1dB and range of 0-4dB. - The loss is considered in the RX path only. - -config NRF700X_ANT_GAIN_2G - int "Antenna gain for 2.4 GHz band" - default 0 - range 0 6 - -config NRF700X_ANT_GAIN_5G_BAND1 - int "Antenna gain for 5 GHz band (5150 MHz - 5350 MHz)" - default 0 - range 0 6 - -config NRF700X_ANT_GAIN_5G_BAND2 - int "Antenna gain for 5 GHz band (5470 MHz - 5730 MHz)" - default 0 - range 0 6 - -config NRF700X_ANT_GAIN_5G_BAND3 - int "Antenna gain for 5 GHz band (5730 MHz - 5895 MHz)" - default 0 - range 0 6 - -config NRF700X_BAND_2G_LOWER_EDGE_BACKOFF_DSSS - int "DSSS Transmit power backoff (in dB) for lower edge of 2.4 GHz frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_2G_LOWER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for lower edge of 2.4 GHz frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_2G_LOWER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for lower edge of 2.4 GHz frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_2G_UPPER_EDGE_BACKOFF_DSSS - int "DSSS Transmit power backoff (in dB) for upper edge of 2.4 GHz frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_2G_UPPER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for upper edge of 2.4 GHz frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_2G_UPPER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for upper edge of 2.4 GHz frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_1_LOWER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for lower edge of UNII-1 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_1_LOWER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for lower edge of UNII-1 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_1_UPPER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for upper edge of UNII-1 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_1_UPPER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for upper edge of UNII-1 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2A_LOWER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for lower edge of UNII-2A frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2A_LOWER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for lower edge of UNII-2A frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2A_UPPER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for upper edge of UNII-2A frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2A_UPPER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for upper edge of UNII-2A frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2C_LOWER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for lower edge of UNII-2C frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2C_LOWER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for lower edge of UNII-2C frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2C_UPPER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for upper edge of UNII-2C frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_2C_UPPER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for upper edge of UNII-2C frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_3_LOWER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for lower edge of UNII-3 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_3_LOWER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for lower edge of UNII-3 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_3_UPPER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for upper edge of UNII-3 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_3_UPPER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for upper edge of UNII-3 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_4_LOWER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for lower edge of UNII-4 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_4_LOWER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for lower edge of UNII-4 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_4_UPPER_EDGE_BACKOFF_HT - int "HT/VHT Transmit power backoff (in dB) for upper edge of UNII-4 frequency band" - default 0 - range 0 10 - -config NRF700X_BAND_UNII_4_UPPER_EDGE_BACKOFF_HE - int "HE Transmit power backoff (in dB) for upper edge of UNII-4 frequency band" - default 0 - range 0 10 - -# Performance fine tuning options - -config NRF700X_RX_NUM_BUFS - int "Number of RX buffers" - default 48 - -config NRF700X_MAX_TX_AGGREGATION - int "Maximum number of TX packets to aggregate" - default 12 - -config NRF700X_MAX_TX_TOKENS - int "Maximum number of TX tokens" - range 5 12 if !NRF700X_RADIO_TEST - default 10 - -config NRF700X_TX_MAX_DATA_SIZE - int "Maximum size of TX data" - default 1600 - -config NRF700X_RX_MAX_DATA_SIZE - int "Maximum size of RX data" - default 1600 - -config NRF700X_TX_DONE_WQ_ENABLED - bool "Enable TX done workqueue (impacts performance negatively)" - -config NRF700X_RX_WQ_ENABLED - bool "Enable RX workqueue" - -# Use for IRQ processing (TODO: using for BH processing causes issues) -config NUM_METAIRQ_PRIORITIES - default 1 - -config NRF700X_IRQ_WQ_PRIORITY - int "Priority of the workqueue for handling IRQs" - default -15 - -config NRF700X_BH_WQ_PRIORITY - int "Priority of the workqueue for handling bottom half" - default 0 - -config NRF700X_IRQ_WQ_STACK_SIZE - int "Stack size of the workqueue for handling IRQs" - default 2048 - -config NRF700X_BH_WQ_STACK_SIZE - int "Stack size of the workqueue for handling bottom half" - default 2048 - -if NRF700X_TX_DONE_WQ_ENABLED -config NRF700X_TX_DONE_WQ_PRIORITY - int "Priority of the workqueue for handling TX done" - default 0 - -config NRF700X_TX_DONE_WQ_STACK_SIZE - int "Stack size of the workqueue for handling TX done" - default 2048 -endif - -if NRF700X_RX_WQ_ENABLED -config NRF700X_RX_WQ_PRIORITY - int "Priority of the workqueue for handling RX" - default 0 - -config NRF700X_RX_WQ_STACK_SIZE - int "Stack size of the workqueue for handling RX" - default 2048 -endif - -if NRF_WIFI_LOW_POWER -config NRF700X_RPU_PS_IDLE_TIMEOUT_MS - int "RPU power save idle timeout in milliseconds" - default 10 - -config NRF700X_RPU_EXTEND_TWT_SP - bool "Enable extending TWT service period" - help - In case frames accepted before beginning of SP are not - transmitted before the SP completes then typically they are - dropped to conform to SP window as per specification i.e., no - transmission outside SP window. - - This feature mitigates the frame loss by transmitting even after SP - completion by using standard contention mechanism which is allowed - in specification but not recommended. As the device is actively transmitting - beyond SP, the power consumption increases depending on the amount - of traffic available at the start of SP. - - Please note that if a frame is sent after SP starts it will be queued and this - mechanism is not used. -endif - -config WIFI_FIXED_MAC_ADDRESS - string "WiFi Fixed MAC address in format XX:XX:XX:XX:XX:XX" - help - This overrides the MAC address read from OTP. Strictly for testing purposes only. - -choice - prompt "Wi-Fi MAC address type" - default WIFI_OTP_MAC_ADDRESS if WIFI_FIXED_MAC_ADDRESS = "" - default WIFI_FIXED_MAC_ADDRESS_ENABLED if WIFI_FIXED_MAC_ADDRESS != "" - help - Select the type of MAC address to be used by the Wi-Fi driver - -config WIFI_OTP_MAC_ADDRESS - bool "Use MAC address from OTP" - help - This option uses the MAC address stored in the OTP memory of the nRF700x. - -config WIFI_FIXED_MAC_ADDRESS_ENABLED - bool "Enable fixed MAC address" - help - Enable fixed MAC address - -config WIFI_RANDOM_MAC_ADDRESS - bool "Enable random MAC address generation at runtime" - depends on ENTROPY_GENERATOR - help - This option enables random MAC address generation at runtime. - The random MAC address is generated using the entropy device random generator. - -endchoice - -config NRF700X_RSSI_STALE_TIMEOUT_MS - int "RSSI stale timeout in milliseconds" - default 1000 - help - RSSI stale timeout is the period after which driver queries - RPU to get the RSSI the value. - If data is active (e.g. ping), driver stores the RSSI value from - the received frames and provides this stored information - to wpa_supplicant. In this case a higher value will be suitable - as stored RSSI value at driver will be updated regularly. - If data is not active or after the stale timeout duration, - driver queries the RPU to get the RSSI value - and provides it to wpa_supplicant. The value should be set to lower - value as driver does not store it and requires RPU to provide the - info. - -if NETWORKING -# Finetune defaults for certain system components used by the driver -config HEAP_MEM_POOL_SIZE - default 153000 - -config SYSTEM_WORKQUEUE_STACK_SIZE - default 4096 - -config NET_TX_STACK_SIZE - default 4096 - -config NET_RX_STACK_SIZE - default 4096 - -config NET_TC_TX_COUNT - default 1 - -endif # NETWORKING - -# Override the Wi-Fi subsytems WIFI_MGMT_SCAN_SSID_FILT_MAX parameter, -# since we support a maximum of 2 SSIDs for scan result filtering. -config WIFI_MGMT_SCAN_SSID_FILT_MAX - default 2 -endif - -config NRF_WIFI_SCAN_MAX_BSS_CNT - int "Maximum number of scan results to return." - default 0 - range 0 65535 - help - Maximum number of scan results to return. 0 represents unlimited number of BSSes. - -config NRF_WIFI_BEAMFORMING - bool "Enable Wi-Fi beamforming. Enabling beamforming can provide slight improvement in performance where as disabling it can provide better power saving in low network activity applications" - default y - -config WIFI_NRF700X_SCAN_TIMEOUT_S - int "Scan timeout in seconds" - default 30 - -menu "nRF Wi-Fi operation band(s)" - visible if !NRF70_2_4G_ONLY - -config NRF_WIFI_2G_BAND - bool "Set operation band to 2.4GHz" - default y if NRF70_2_4G_ONLY - -config NRF_WIFI_5G_BAND - bool "Set operation band to 5GHz" - depends on !NRF70_2_4G_ONLY - -config NRF_WIFI_OP_BAND - int "Options to set operation band" - default 1 if NRF_WIFI_2G_BAND - default 2 if NRF_WIFI_5G_BAND - default 3 - help - Set this option to select frequency band - 1 - 2.4GHz - 2 - 5GHz - 3 - All ( 2.4GHz and 5GHz ) -endmenu - -config NRF_WIFI_IFACE_MTU - int "MTU for Wi-Fi interface" - range 576 2304 if NET_IPV4 - range 1280 2304 if NET_IPV6 - default 1500 - -config WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC - bool "Suppress networks with non-individual MAC address as BSSID in the scan results" - help - Wi-Fi access points use locally administered MAC address to manage - multiple virtual interfaces, for geo-location usecase these networks - from the virtual interfaces do not help in anyway as they are co-located with the primary interface - that has globally unique MAC address. - - So, to save resources, this option drops such networks from the scan results. - -config WIFI_NRF700X_SCAN_DISABLE_DFS_CHANNELS - bool "Disables DFS channels in scan operation" - help - This option disables inclusion of DFS channels in scan operation. - This is useful to reduce the scan time, as DFS channels are seldom used. - -config NET_INTERFACE_NAME_LEN - # nordic_wlanN - default 15 - -config NRF_WIFI_AP_DEAD_DETECT_TIMEOUT - int "Access point dead detection timeout in seconds" - range 1 30 - default 20 - help - The number of seconds after which AP is declared dead if no beacons - are received from the AP. Used to detect AP silently going down e.g., power off. - -config NRF_WIFI_RPU_RECOVERY - bool "Enable RPU recovery mechanism" - select EXPERIMENTAL - help - Enable RPU recovery mechanism to recover from RPU (nRF70) hang. - This feature performs an interface reset (down and up) which triggers - a RPU coldboot. Application's network connection will be lost during - the recovery process and it is application's responsibility to - re-establish the network connection. - -if NRF_WIFI_RPU_RECOVERY - -config NRF_WIFI_RPU_RECOVERY_PROPAGATION_DELAY_MS - int "RPU recovery propagation delay in milliseconds" - default 10 - help - Propagation delay in milliseconds to wait after RPU is powered down - before powering it up. This delay is required to ensure that the recovery - is propagted to all the applications and stack and have enough time to - clean up the resources. - -config NET_MGMT_EVENT_QUEUE_SIZE - # Doing interface down and up even with delay puts a lot of events in the queue - default 16 -endif - -config NRF_WIFI_COMBINED_BUCKEN_IOVDD_GPIO - bool - help - Enable this option to use a single GPIO to control both buck enable and IOVDD enable, - there will be a internal hardware switch to add delay between the two operations. This - is typically 4ms delay for nRF70. - -config NRF_WIFI_FEAT_WMM - bool "Enable/Disable WMM mode" - default y - help - This option controls disable/enable of the WMM(Wireless Multi-Media) feature. - -choice NRF_WIFI_PS_DATA_RETRIEVAL_MECHANISM - prompt "Power save data retrieval mechanism" - default NRF_WIFI_PS_POLL_BASED_RETRIEVAL - help - Select the mechanism to retrieve buffered data from AP. - -config NRF_WIFI_PS_POLL_BASED_RETRIEVAL - bool "PS-Poll frame based mechanism to retrieve buffered data from AP" - help - When AP notifies about availability of buffered data, the STA stays in power save - and retrieves the frames one-by-one, this conserved more power but adds latency - to the traffic. Ideal for minimum number of frames. - -config NRF_WIFI_QOS_NULL_BASED_RETRIEVAL - bool "QoS null frame based mechanism to retrieve buffered data from AP" - help - When AP notifies about availability of buffered data, the STA comes out of - power save and then AP can deliver all buffered frames without any additional - overhead or latency, but STA enters power save after a delay costing more power - depending on the delay. Ideal for heavy buffered traffic. - -endchoice diff --git a/drivers/wifi/nrf700x/inc/coex.h b/drivers/wifi/nrf700x/inc/coex.h deleted file mode 100644 index 13f3b2e0786b..000000000000 --- a/drivers/wifi/nrf700x/inc/coex.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing Coexistence APIs. - */ - -#ifndef __COEX_H__ -#define __COEX_H__ - -#include - -/* Indicates WLAN frequency band of operation */ -enum nrf_wifi_pta_wlan_op_band { - NRF_WIFI_PTA_WLAN_OP_BAND_2_4_GHZ = 0, - NRF_WIFI_PTA_WLAN_OP_BAND_5_GHZ, - NRF_WIFI_PTA_WLAN_OP_BAND_NONE = 0xFF -}; - -/** - * @function nrf_wifi_coex_config_pta(enum nrf_wifi_pta_wlan_op_band wlan_band, - * bool separate_antennas, bool is_sr_protocol_ble) - * - * @brief Function used to configure PTA tables of coexistence hardware. - * - * @param[in] enum nrf_wifi_pta_wlan_op_band wlan_band - * @param[in] separate_antennas - * Indicates whether separate antenans are used or not. - * @param[in] is_sr_protocol_ble - * Indicates if SR protocol is Bluetooth LE or not. - * @return Returns status of configuration. - * Returns zero upon successful configuration. - * Returns non-zero upon unsuccessful configuration. - */ -int nrf_wifi_coex_config_pta(enum nrf_wifi_pta_wlan_op_band wlan_band, bool separate_antennas, - bool is_sr_protocol_ble); - -#if defined(CONFIG_NRF700X_SR_COEX_RF_SWITCH) || defined(__DOXYGEN__) -/** - * @function nrf_wifi_config_sr_switch(bool separate_antennas) - * - * @brief Function used to configure SR side switch (nRF5340 side switch in nRF7002 DK). - * - * @param[in] separate_antennas - * Indicates whether separate antenans are used or not. - * - * @return Returns status of configuration. - * Returns zero upon successful configuration. - * Returns non-zero upon unsuccessful configuration. - */ -int nrf_wifi_config_sr_switch(bool separate_antennas); -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ - -/** - * @function nrf_wifi_coex_config_non_pta(bool separate_antennas) - * - * @brief Function used to configure non-PTA registers of coexistence hardware. - * - * @param[in] separate_antennas - * Indicates whether separate antenans are used or not. - * @param[in] is_sr_protocol_ble - * Indicates if SR protocol is Bluetooth LE or not. - * - * @return Returns status of configuration. - * Returns zero upon successful configuration. - * Returns non-zero upon unsuccessful configuration. - */ -int nrf_wifi_coex_config_non_pta(bool separate_antennas, bool is_sr_protocol_ble); - -/** - * @function nrf_wifi_coex_hw_reset(void) - * - * @brief Function used to reset coexistence hardware. - * - * @return Returns status of configuration. - * Returns zero upon successful configuration. - * Returns non-zero upon unsuccessful configuration. - */ -int nrf_wifi_coex_hw_reset(void); - -#endif /* __COEX_H__ */ diff --git a/drivers/wifi/nrf700x/inc/coex_struct.h b/drivers/wifi/nrf700x/inc/coex_struct.h deleted file mode 100644 index ccdf210ebb6b..000000000000 --- a/drivers/wifi/nrf700x/inc/coex_struct.h +++ /dev/null @@ -1,182 +0,0 @@ -/** - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Structures and related enumerations used in Coexistence. - */ - -#ifndef __COEX_STRUCT_H__ -#define __COEX_STRUCT_H__ - -#include -#include - -/* Max size of message buffer (exchanged between host and MAC). This is in "bytes" */ -#define MAX_MESSAGE_BUF_SIZE 320 -/* Number of elements in coex_ch_configuration other than configbuf[] */ -#define NUM_ELEMENTS_EXCL_CONFIGBUF 4 -/* Each configuration value is of type uint32_t */ -#define MAX_NUM_CONFIG_VALUES ((MAX_MESSAGE_BUF_SIZE-\ - (NUM_ELEMENTS_EXCL_CONFIGBUF*sizeof(uint32_t)))>>2) -/* Number of elements in coex_sr_traffic_info other than sr_traffic_info[] */ -#define NUM_ELEMENTS_EXCL_SRINFOBUF 1 -/* Each SR Traffic Info is of type uint32_t */ -#define MAX_SR_TRAFFIC_BUF_SIZE 32 - -enum { - /** Used two different values for AGGREGATION module because offset from base is - * beyond supported message buffer size for WAIT_STATE_1_TIME register - */ - COEX_HARDWARE = 1, - MAC_CTRL, - MAC_CTRL_AGG_WAIT_STATE_1_TIME, - MAC_CTRL_AGG, - MAC_CTRL_DEAGG, - WLAN_CTRL, -}; - -/* IDs of different messages posted from Coexistence Driver to Coexistence Manager */ -enum { - /* To insturct Coexistence Manager to collect and post SR traffic information */ - COLLECT_SR_TRAFFIC_INFO = 1, - /* To insturct Coexistence Manager to allocate a priority window to SR */ - ALLOCATE_PTI_WINDOW, - /* To do configuration of hardware related to coexistence */ - HW_CONFIGURATION, - /* To start allocating periodic priority windows to Wi-Fi and SR */ - ALLOCATE_PPW, - /* To start allocating virtual priority windows to Wi-Fi */ - ALLOCATE_VPW, - /* To configure CM SW parameters */ - SW_CONFIGURATION, - /* To control sheliak side switch */ - UPDATE_SWITCH_CONFIG -}; - -/* ID(s) of different messages posted from Coexistence Manager to Coexistence Driver */ -enum { - /* To post SR traffic information */ - SR_TRAFFIC_INFO = 1 -}; - -/** - * struct coex_collect_sr_traffic_info - Message from CD to CM to request SR traffic info. - * @message_id: Indicates message ID. This is to be set to COLLECT_SR_TRAFFIC_INFO. - * @num_sets_requested: Indicates the number of sets of duration and periodicity to be collected. - * - * Message from CD to CM to request SR traffic information. - */ -struct coex_collect_sr_traffic_info { - uint32_t message_id; - uint32_t num_sets_requested; -}; - -/** - * struct coex_ch_configuration -Message from CD to CM to configure CH. - * @message_id: Indicates message ID. This is to be set to HW_CONFIGURATION. - * @num_reg_to_config: Indicates the number of registers to be configured. - * @hw_to_config: Indicates the hardware block that is to be configured. - * @hw_block_base_addr: Base address of the hardware block to be configured. - * @configbuf: Configuration buffer that holds packed offset and configuration value. - * - * Message from CD to CM to configure CH - */ -struct coex_ch_configuration { - uint32_t message_id; - uint32_t num_reg_to_config; - uint32_t hw_to_config; - uint32_t hw_block_base_addr; - uint32_t configbuf[MAX_NUM_CONFIG_VALUES]; -}; - -/** - * struct coex_allocate_pti_window - Message to CM to request a priority window. - * @message_id: Indicates message ID. This is to be set to ALLOCATE_PTI_WINDOW. - * @device_req_window: Indicates device requesting a priority window. - * @window_start_or_end: Indicates if request is posted to START or END a priority window. - * @imp_of_request: Indicates importance of activity for which the window is requested. - * @can_be_deferred: activity of Wi-Fi/SR, for which window is requested can be deferred or not. - * - * Message to CM to request a priority window - */ -struct coex_allocate_pti_window { - uint32_t message_id; - uint32_t device_req_window; - uint32_t window_start_or_end; - uint32_t imp_of_request; - uint32_t can_be_deferred; -}; - -/** - * struct coex_allocate_ppw - Message from CD to CM to allocate Periodic Priority Windows. - * @message_id: Indicates message ID. This is to be set to ALLOCATE_PPW. - * @start_or_stop: Indiates start or stop allocation of PPWs. - * @first_pti_window: Indicates first priority window in the series of PPWs. - * @ps_mechanism: Indicates recommended powersave mechanism for Wi-Fi's downlink. - * @wifi_window_duration: Indicates duration of Wi-Fi priority window. - * @sr_window_duration: Indicates duration of SR priority window. - * - * Message from CD to CM to allocate Periodic Priority Windows. - */ -struct coex_allocate_ppw { - uint32_t message_id; - uint32_t start_or_stop; - uint32_t first_pti_window; - uint32_t ps_mechanism; - uint32_t wifi_window_duration; - uint32_t sr_window_duration; -}; - -/** - * struct coex_allocate_vpw - Message from CD to CM to allocate Virtual Priority Windows. - * @message_id: Indicates message ID. This is to be set to ALLOCATE_VPW. - * @start_or_stop: Indicates start or stop allocation of VPWs. - * @wifi_window_duration: Indicates duration of Wi-Fi virtual priority window. - * @ps_mechanism: Indicates recommended powersave mechanism for Wi-Fi's downlink. - * - * Message from CD to CM to allocate Virtual Priority Windows. - */ -struct coex_allocate_vpw { - uint32_t message_id; - uint32_t start_or_stop; - uint32_t wifi_window_duration; - uint32_t ps_mechanism; -}; - -/** - * struct coex_config_cm_params - Message from CD to CM to configure CM parameters - * @message_id: Indicates message ID. This is to be set to SW_CONFIGURATION. - * @first_isr_trigger_period: microseconds . used to trigger the ISR mechanism. - * @sr_window_poll_periodicity_vpw: microseconds. This is used to poll through SR window. - * that comes after Wi-Fi window ends and next SR activity starts, in the case of VPWs. - * @lead_time_from_end_of_wlan_win: microseconds. Lead time from the end of Wi-Fi window. - * (to inform AP that Wi-Fi is entering powersave) in the case of PPW and VPW generation. - * @sr_window_poll_count_threshold: This is equal to "Wi-Fi contention timeout. - * threshold"/sr_window_poll_periodicity_vpw. - * - * Message from CD to CM to configure CM parameters. - */ -struct coex_config_cm_params { - uint32_t message_id; - uint32_t first_isr_trigger_period; - uint32_t sr_window_poll_periodicity_vpw; - uint32_t lead_time_from_end_of_wlan_win; - uint32_t sr_window_poll_count_threshold; -}; - -/** - * struct coex_sr_traffic_info - Message from CM to CD to post SR traffic information. - * @message_id: Indicates message ID. This is to be set to SR_TRAFFIC_INFO. - * @sr_traffic_info: Traffic information buffer. - * - * Message from CM to CD to post SR traffic inforamtion - */ -struct coex_sr_traffic_info { - uint32_t message_id; - uint32_t sr_traffic_info[MAX_SR_TRAFFIC_BUF_SIZE]; -}; - -#endif /* __COEX_STRUCT_H__ */ diff --git a/drivers/wifi/nrf700x/inc/fmac_main.h b/drivers/wifi/nrf700x/inc/fmac_main.h deleted file mode 100644 index 46c8b47eedbd..000000000000 --- a/drivers/wifi/nrf700x/inc/fmac_main.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing FMAC interface specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __ZEPHYR_FMAC_MAIN_H__ -#define __ZEPHYR_FMAC_MAIN_H__ - -#include - -#include -#include -#ifndef CONFIG_NRF700X_RADIO_TEST -#include -#include -#ifdef CONFIG_NETWORKING -#include -#endif /* CONFIG_NETWORKING */ -#ifdef CONFIG_NRF700X_STA_MODE -#include -#endif /* CONFIG_NRF700X_STA_MODE */ -#endif /* !CONFIG_NRF700X_RADIO_TEST */ - -#include -#include -#include "ncs_version.h" - -#define NRF700X_DRIVER_VERSION "1."NCS_VERSION_STRING - -#ifndef CONFIG_NRF700X_RADIO_TEST -struct nrf_wifi_vif_ctx_zep { - const struct device *zep_dev_ctx; - struct net_if *zep_net_if_ctx; - void *supp_drv_if_ctx; - void *rpu_ctx_zep; - unsigned char vif_idx; - struct k_mutex vif_lock; - - scan_result_cb_t disp_scan_cb; - bool scan_in_progress; - int scan_type; - uint16_t max_bss_cnt; - unsigned int scan_res_cnt; - struct k_work_delayable scan_timeout_work; - - struct net_eth_addr mac_addr; - int if_type; - char ifname[16]; - enum nrf_wifi_fmac_if_op_state if_op_state; - bool set_if_event_received; - int set_if_status; -#ifdef CONFIG_NET_STATISTICS_ETHERNET - struct net_stats_eth eth_stats; -#endif /* CONFIG_NET_STATISTICS_ETHERNET */ -#ifdef CONFIG_NRF700X_STA_MODE - unsigned int assoc_freq; - enum nrf_wifi_fmac_if_carr_state if_carr_state; - struct wpa_signal_info *signal_info; - struct wpa_conn_info *conn_info; - struct zep_wpa_supp_dev_callbk_fns supp_callbk_fns; - unsigned char twt_flows_map; - unsigned char twt_flow_in_progress_map; - struct wifi_ps_config *ps_info; - bool ps_config_info_evnt; - bool authorized; - bool cookie_resp_received; -#ifdef CONFIG_NRF700X_DATA_TX - struct k_work nrf_wifi_net_iface_work; -#endif /* CONFIG_NRF700X_DATA_TX */ - unsigned long rssi_record_timestamp_us; - signed short rssi; -#endif /* CONFIG_NRF700X_STA_MODE */ -#ifdef CONFIG_NRF700X_AP_MODE - int inactive_time_sec; -#endif /* CONFIG_NRF700X_AP_MODE */ -#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY - struct k_work nrf_wifi_rpu_recovery_work; -#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ -}; - -struct nrf_wifi_vif_ctx_map { - const char *ifname; - struct nrf_wifi_vif_ctx_zep *vif_ctx; -}; -#endif /* !CONFIG_NRF700X_RADIO_TEST */ - -struct nrf_wifi_ctx_zep { - void *drv_priv_zep; - void *rpu_ctx; -#ifdef CONFIG_NRF700X_RADIO_TEST - struct rpu_conf_params conf_params; - bool rf_test_run; - unsigned char rf_test; -#else /* CONFIG_NRF700X_RADIO_TEST */ - struct nrf_wifi_vif_ctx_zep vif_ctx_zep[MAX_NUM_VIFS]; -#ifdef CONFIG_NRF700X_UTIL - struct rpu_conf_params conf_params; -#endif /* CONFIG_NRF700X_UTIL */ -#endif /* CONFIG_NRF700X_RADIO_TEST */ - unsigned char *extended_capa, *extended_capa_mask; - unsigned int extended_capa_len; - struct k_mutex rpu_lock; -}; - -struct nrf_wifi_drv_priv_zep { - struct nrf_wifi_fmac_priv *fmac_priv; - /* TODO: Replace with a linked list to handle unlimited RPUs */ - struct nrf_wifi_ctx_zep rpu_ctx_zep; -}; - -extern struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; - -void nrf_wifi_scan_timeout_work(struct k_work *work); -void configure_tx_pwr_settings(struct nrf_wifi_tx_pwr_ctrl_params *tx_pwr_ctrl_params, - struct nrf_wifi_tx_pwr_ceil_params *tx_pwr_ceil_params); -void configure_board_dep_params(struct nrf_wifi_board_params *board_params); -void set_tx_pwr_ceil_default(struct nrf_wifi_tx_pwr_ceil_params *pwr_ceil_params); -const char *nrf_wifi_get_drv_version(void); -enum nrf_wifi_status nrf_wifi_fmac_dev_add_zep(struct nrf_wifi_drv_priv_zep *drv_priv_zep); -enum nrf_wifi_status nrf_wifi_fmac_dev_rem_zep(struct nrf_wifi_drv_priv_zep *drv_priv_zep); -enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx); -struct nrf_wifi_vif_ctx_zep *nrf_wifi_get_vif_ctx(struct net_if *iface); -void nrf_wifi_rpu_recovery_cb(void *vif_ctx, - void *event_data, - unsigned int event_len); - -#endif /* __ZEPHYR_FMAC_MAIN_H__ */ diff --git a/drivers/wifi/nrf700x/inc/net_if.h b/drivers/wifi/nrf700x/inc/net_if.h deleted file mode 100644 index 7d2d3ff784fe..000000000000 --- a/drivers/wifi/nrf700x/inc/net_if.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing network stack interface specific declarations for - * the Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __ZEPHYR_NET_IF_H__ -#define __ZEPHYR_NET_IF_H__ -#include -#include -#include -#include -#include -#include - -#define UNICAST_MASK GENMASK(7, 1) -#define LOCAL_BIT BIT(1) - -void nrf_wifi_if_init_zep(struct net_if *iface); - -int nrf_wifi_if_start_zep(const struct device *dev); - -int nrf_wifi_if_stop_zep(const struct device *dev); - -int nrf_wifi_if_set_config_zep(const struct device *dev, - enum ethernet_config_type type, - const struct ethernet_config *config); - -int nrf_wifi_if_get_config_zep(const struct device *dev, - enum ethernet_config_type type, - struct ethernet_config *config); - -enum ethernet_hw_caps nrf_wifi_if_caps_get(const struct device *dev); - -int nrf_wifi_if_send(const struct device *dev, - struct net_pkt *pkt); - -void nrf_wifi_if_rx_frm(void *os_vif_ctx, - void *frm); - -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) -void nrf_wifi_if_sniffer_rx_frm(void *os_vif_ctx, - void *frm, - struct raw_rx_pkt_header *raw_rx_hdr, - bool pkt_free); -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ - -enum nrf_wifi_status nrf_wifi_if_carr_state_chg(void *os_vif_ctx, - enum nrf_wifi_fmac_if_carr_state carr_state); - -int nrf_wifi_stats_get(const struct device *dev, - struct net_stats_wifi *stats); - -struct net_stats_eth *nrf_wifi_eth_stats_get(const struct device *dev); - -void nrf_wifi_set_iface_event_handler(void *os_vif_ctx, - struct nrf_wifi_umac_event_set_interface *event, - unsigned int event_len); - -int nrf_wifi_stats_reset(const struct device *dev); -#endif /* __ZEPHYR_NET_IF_H__ */ diff --git a/drivers/wifi/nrf700x/inc/wifi_mgmt.h b/drivers/wifi/nrf700x/inc/wifi_mgmt.h deleted file mode 100644 index 9e8424d43a05..000000000000 --- a/drivers/wifi/nrf700x/inc/wifi_mgmt.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing WiFi management operation implementations - * for the Zephyr OS. - */ - -#ifndef __ZEPHYR_WIFI_MGMT_H__ -#define __ZEPHYR_WIFI_MGMT_H__ -#include - -#include -#include - -#include "osal_api.h" - -/** Filter setting defines for sniffer mode. */ -#define WIFI_MGMT_DATA_CTRL_FILTER_SETTING 0xE -#define WIFI_ALL_FILTER_SETTING 0xF - -struct twt_interval_float { - unsigned short mantissa; - unsigned char exponent; -}; - -int nrf_wifi_set_power_save(const struct device *dev, - struct wifi_ps_params *params); - -int nrf_wifi_set_twt(const struct device *dev, - struct wifi_twt_params *twt_params); - -void nrf_wifi_event_proc_twt_setup_zep(void *vif_ctx, - struct nrf_wifi_umac_cmd_config_twt *twt_setup_info, - unsigned int event_len); - -void nrf_wifi_event_proc_twt_teardown_zep(void *vif_ctx, - struct nrf_wifi_umac_cmd_teardown_twt *twt_teardown_info, - unsigned int event_len); - -void nrf_wifi_event_proc_twt_sleep_zep(void *vif_ctx, - struct nrf_wifi_umac_event_twt_sleep *twt_sleep_info, - unsigned int event_len); - -int nrf_wifi_twt_teardown_flows(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, - unsigned char start_flow_id, unsigned char end_flow_id); - -int nrf_wifi_get_power_save_config(const struct device *dev, - struct wifi_ps_config *ps_config); - -void nrf_wifi_event_proc_get_power_save_info(void *vif_ctx, - struct nrf_wifi_umac_event_power_save_info *ps_info, - unsigned int event_len); - -#ifdef CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES -int nrf_wifi_mode(const struct device *dev, - struct wifi_mode_info *mode); -#endif - -#if defined(CONFIG_NRF700X_RAW_DATA_TX) || defined(CONFIG_NRF700X_RAW_DATA_RX) -int nrf_wifi_channel(const struct device *dev, - struct wifi_channel_info *channel); -#endif /* CONFIG_NRF700X_RAW_DATA_TX || CONFIG_NRF700X_RAW_DATA_RX */ - -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) -int nrf_wifi_filter(const struct device *dev, - struct wifi_filter_info *filter); -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ - -int nrf_wifi_set_rts_threshold(const struct device *dev, - unsigned int rts_threshold); -#endif /* __ZEPHYR_WIFI_MGMT_H__ */ diff --git a/drivers/wifi/nrf700x/inc/wifi_mgmt_scan.h b/drivers/wifi/nrf700x/inc/wifi_mgmt_scan.h deleted file mode 100644 index f7b1bdf3f3c5..000000000000 --- a/drivers/wifi/nrf700x/inc/wifi_mgmt_scan.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing display scan specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __ZEPHYR_DISP_SCAN_H__ -#define __ZEPHYR_DISP_SCAN_H__ -#include -#include - -#include "osal_api.h" -int nrf_wifi_disp_scan_zep(const struct device *dev, struct wifi_scan_params *params, - scan_result_cb_t cb); - -enum nrf_wifi_status nrf_wifi_disp_scan_res_get_zep(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep); - -void nrf_wifi_event_proc_disp_scan_res_zep(void *vif_ctx, - struct nrf_wifi_umac_event_new_scan_display_results *scan_res, - unsigned int event_len, - bool is_last); - -#ifdef CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS -void nrf_wifi_rx_bcn_prb_resp_frm(void *vif_ctx, - void *frm, - unsigned short frequency, - signed short signal); -#endif /* CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS */ -#endif /* __ZEPHYR_DISP_SCAN_H__ */ diff --git a/drivers/wifi/nrf700x/inc/wpa_supp_if.h b/drivers/wifi/nrf700x/inc/wpa_supp_if.h deleted file mode 100644 index 698dcf0b5acd..000000000000 --- a/drivers/wifi/nrf700x/inc/wpa_supp_if.h +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing WPA supplicant interface specific declarations for - * the Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __ZEPHYR_WPA_SUPP_IF_H__ -#define __ZEPHYR_WPA_SUPP_IF_H__ - - -#define RPU_RESP_EVENT_TIMEOUT 5000 -#ifdef CONFIG_NRF700X_STA_MODE -#include - -void *nrf_wifi_wpa_supp_dev_init(void *supp_drv_if_ctx, const char *iface_name, - struct zep_wpa_supp_dev_callbk_fns *supp_callbk_fns); - -void nrf_wifi_wpa_supp_dev_deinit(void *if_priv); - -int nrf_wifi_wpa_supp_scan2(void *if_priv, struct wpa_driver_scan_params *params); - -int nrf_wifi_wpa_supp_scan_abort(void *if_priv); - -int nrf_wifi_wpa_supp_scan_results_get(void *if_priv); - -int nrf_wifi_wpa_supp_deauthenticate(void *if_priv, const char *addr, unsigned short reason_code); - -int nrf_wifi_wpa_supp_authenticate(void *if_priv, struct wpa_driver_auth_params *params, - struct wpa_bss *curr_bss); - -int nrf_wifi_wpa_supp_associate(void *if_priv, struct wpa_driver_associate_params *params); - -int nrf_wifi_wpa_set_supp_port(void *if_priv, int authorized, char *bssid); - -int nrf_wifi_wpa_supp_signal_poll(void *if_priv, struct wpa_signal_info *si, - unsigned char *bssid); - -int nrf_wifi_nl80211_send_mlme(void *if_priv, const u8 *data, size_t data_len, int noack, - unsigned int freq, int no_cck, int offchanok, unsigned int wait_time, - int cookie); - -int nrf_wifi_supp_get_wiphy(void *if_priv); - -int nrf_wifi_supp_register_frame(void *if_priv, - u16 type, const u8 *match, size_t match_len, - bool multicast); - -int nrf_wifi_wpa_supp_set_key(void *if_priv, - const unsigned char *ifname, - enum wpa_alg alg, - const unsigned char *addr, - int key_idx, - int set_tx, - const unsigned char *seq, - size_t seq_len, - const unsigned char *key, - size_t key_len); - -void nrf_wifi_wpa_supp_event_proc_scan_start(void *if_priv); - -void nrf_wifi_wpa_supp_event_proc_scan_done(void *if_priv, - struct nrf_wifi_umac_event_trigger_scan *scan_done_event, - unsigned int event_len, - int aborted); - -void nrf_wifi_wpa_supp_event_proc_scan_res(void *if_priv, - struct nrf_wifi_umac_event_new_scan_results *scan_res, - unsigned int event_len, - bool more_res); - -void nrf_wifi_wpa_supp_event_proc_auth_resp(void *if_priv, - struct nrf_wifi_umac_event_mlme *auth_resp, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_proc_assoc_resp(void *if_priv, - struct nrf_wifi_umac_event_mlme *assoc_resp, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_proc_deauth(void *if_priv, - struct nrf_wifi_umac_event_mlme *deauth, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_proc_disassoc(void *if_priv, - struct nrf_wifi_umac_event_mlme *disassoc, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_proc_get_sta(void *if_priv, - struct nrf_wifi_umac_event_new_station *info, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_proc_get_if(void *if_priv, - struct nrf_wifi_interface_info *info, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_mgmt_tx_status(void *if_priv, - struct nrf_wifi_umac_event_mlme *mlme_event, - unsigned int event_len); - - -void nrf_wifi_wpa_supp_event_proc_unprot_mgmt(void *if_priv, - struct nrf_wifi_umac_event_mlme *unprot_mgmt, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_get_wiphy(void *if_priv, - struct nrf_wifi_event_get_wiphy *get_wiphy, - unsigned int event_len); - -void nrf_wifi_wpa_supp_event_mgmt_rx_callbk_fn(void *if_priv, - struct nrf_wifi_umac_event_mlme *mgmt_rx_event, - unsigned int event_len); - -int nrf_wifi_supp_get_capa(void *if_priv, struct wpa_driver_capa *capa); - -void nrf_wifi_wpa_supp_event_mac_chgd(void *if_priv); -int nrf_wifi_supp_get_conn_info(void *if_priv, struct wpa_conn_info *info); - -void nrf_wifi_supp_event_proc_get_conn_info(void *os_vif_ctx, - struct nrf_wifi_umac_event_conn_info *info, - unsigned int event_len); - -#endif /* CONFIG_NRF700X_STA_MODE */ -#ifdef CONFIG_NRF700X_AP_MODE -int nrf_wifi_wpa_supp_init_ap(void *if_priv, struct wpa_driver_associate_params *params); -int nrf_wifi_wpa_supp_start_ap(void *if_priv, struct wpa_driver_ap_params *params); -int nrf_wifi_wpa_supp_change_beacon(void *if_priv, struct wpa_driver_ap_params *params); -int nrf_wifi_wpa_supp_stop_ap(void *if_priv); -int nrf_wifi_wpa_supp_deinit_ap(void *if_priv); -int nrf_wifi_wpa_supp_sta_add(void *if_priv, struct hostapd_sta_add_params *params); -int nrf_wifi_wpa_supp_sta_remove(void *if_priv, const u8 *addr); -int nrf_wifi_supp_register_mgmt_frame(void *if_priv, - u16 frame_type, size_t match_len, const u8 *match); -int nrf_wifi_wpa_supp_sta_set_flags(void *if_priv, const u8 *addr, - unsigned int total_flags, unsigned int flags_or, - unsigned int flags_and); -int nrf_wifi_wpa_supp_sta_get_inact_sec(void *if_priv, const u8 *addr); -#endif /* CONFIG_NRF700X_AP_MODE */ -#endif /* __ZEPHYR_WPA_SUPP_IF_H__ */ diff --git a/drivers/wifi/nrf700x/rpu_fw_patches.ld b/drivers/wifi/nrf700x/rpu_fw_patches.ld deleted file mode 100644 index e2a6fdd50c69..000000000000 --- a/drivers/wifi/nrf700x/rpu_fw_patches.ld +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @file - * @brief Custom Linker command/script file - * - * Custom Linker script for the Cortex-M platforms. - */ - -#include -#include - -#include -#include - -#if CONFIG_BOARD_NRF5340DK_NRF5340_CPUAPP || CONFIG_BOARD_NRF52840DK_NRF52840 -/* - * nRF53/52 series ship an external flash that can be used for XIP using QSPI/SPI. - * - * Note: In nRF7002 external flash using is accessible only using SPI but there is no - * support for XIP, so, relocation cannot be used. - */ -#if CONFIG_BOARD_NRF5340DK_NRF5340_CPUAPP -#define EXTFLASH_BASE_ADDR 0x10000000 -#define EXTFLASH_SIZE 0x800000 -#elif CONFIG_BOARD_NRF52840DK_NRF52840 -#define EXTFLASH_BASE_ADDR 0x12000000 -#define EXTFLASH_SIZE 0x800000 -#endif /* CONFIG_BOARD_NRF5340DK_NRF5340_CPUAPP */ - -#if USE_PARTITION_MANAGER && PM_EXTERNAL_FLASH_ADDRESS -#include -#define EXTFLASH_ADDRESS (EXTFLASH_BASE_ADDR + PM_EXTERNAL_FLASH_ADDRESS) -#undef EXTFLASH_SIZE -#define EXTFLASH_SIZE (PM_EXTERNAL_FLASH_SIZE) -#else -#define EXTFLASH_ADDRESS (EXTFLASH_BASE_ADDR) -#endif /* USE_PARTITION_MANAGER && PM_EXTERNAL_FLASH_ADDRESS */ - -MEMORY -{ - EXTFLASH (wx) : ORIGIN = EXTFLASH_ADDRESS, LENGTH = EXTFLASH_SIZE -} - -#endif /* CONFIG_BOARD_NRF5340DK_NRF5340_CPUAPP || CONFIG_BOARD_NRF52840DK_NRF52840 */ - -#include diff --git a/drivers/wifi/nrf700x/src/coex.c b/drivers/wifi/nrf700x/src/coex.c deleted file mode 100644 index 22313de2fa19..000000000000 --- a/drivers/wifi/nrf700x/src/coex.c +++ /dev/null @@ -1,333 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** @file - * @brief Coexistence functions - */ - -#include -#include -#include -#include -#include - -#include "coex.h" -#include "coex_struct.h" -#include "fmac_main.h" -#include "fmac_api.h" - -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -extern struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; -static struct nrf_wifi_ctx_zep *rpu_ctx = &rpu_drv_priv_zep.rpu_ctx_zep; - -#define CH_BASE_ADDRESS ABS_EXT_SYS_WLANSYSCOEX_CH_CONTROL -#define COEX_CONFIG_FIXED_PARAMS 4 -#define COEX_REG_CFG_OFFSET_SHIFT 24 - -/* copied from uccp530_77_registers_ext_sys_bus.h of UCCP toolkit */ -#define EXT_SYS_WLANSYSCOEX_CH_CONTROL 0x0000 -#define ABS_EXT_SYS_WLANSYSCOEX_CH_CONTROL 0xA401BC00UL -#define EXT_SYS_WLANSYSCOEX_CH_TIME_REFERENCE 0x0004 -#define EXT_SYS_WLANSYSCOEX_CH_SR_INFO_STATUS 0x0040 -#define EXT_SYS_WLANSYSCOEX_CH_NO_WINDOW_LOOKUP_0 0x008C -#define EXT_SYS_WLANSYSCOEX_CH_NO_WINDOW_LOOKUP_44 0x013C -#define EXT_SYS_WLANSYSCOEX_RESET_SHIFT 0 - -/* copied from uccp530_77_registers.h of UCCP toolkit */ -#define ABS_PMB_WLAN_MAC_CTRL_PULSED_SOFTWARE_RESET 0xA5009A00UL - -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH - #define NRF_RADIO_COEX_NODE DT_NODELABEL(nrf_radio_coex) - static const struct gpio_dt_spec sr_rf_switch_spec = - GPIO_DT_SPEC_GET(NRF_RADIO_COEX_NODE, srrf_switch_gpios); -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ - -/* PTA registers configuration of Coexistence Hardware */ -/* Separate antenna configuration, WLAN in 2.4GHz. For BLE protocol. */ -const uint16_t config_buffer_SEA_ble[] = { - 0x0019, 0x00F6, 0x0008, 0x0062, 0x00F5, - 0x00F5, 0x0019, 0x0019, 0x0074, 0x0074, - 0x0008, 0x01E2, 0x00D5, 0x00D5, 0x01F6, - 0x01F6, 0x0061, 0x0061, 0x01E2, 0x0008, - 0x0004, 0x0004, 0x0019, 0x0019, 0x0008, - 0x0008, 0x00F5, 0x00F5, 0x00D5, 0x00D5, - 0x0008, 0x01E2, 0x0051, 0x0051, 0x0074, - 0x0074, 0x00F6, 0x0019, 0x0062, 0x0019, - 0x00F6, 0x0008, 0x0062, 0x0008, 0x001A -}; - -/* Separate antenna configuration, WLAN in 2.4GHz. For non BLE protocol */ -const uint16_t config_buffer_SEA_non_ble[] = { - 0x0019, 0x00F6, 0x0008, 0x0062, 0x00F5, - 0x00F5, 0x0061, 0x0061, 0x0074, 0x0074, - 0x01E2, 0x01E2, 0x00D5, 0x00D5, 0x01F6, - 0x01F6, 0x0061, 0x0061, 0x01E2, 0x01E2, - 0x00C4, 0x00C4, 0x0061, 0x0061, 0x0008, - 0x0008, 0x00F5, 0x00F5, 0x00D5, 0x00D5, - 0x0162, 0x0162, 0x0019, 0x0019, 0x01F6, - 0x01F6, 0x00F6, 0x0019, 0x0062, 0x0019, - 0x00F6, 0x0008, 0x0062, 0x0008, 0x001A -}; - -/* Shared antenna configuration, WLAN in 2.4GHz. */ -const uint16_t config_buffer_SHA[] = { - 0x0019, 0x00F6, 0x0008, 0x00E2, 0x0015, - 0x00F5, 0x0019, 0x0019, 0x0004, 0x01F6, - 0x0008, 0x01E2, 0x00F5, 0x00F5, 0x01F6, - 0x01F6, 0x00E1, 0x00E1, 0x01E2, 0x0008, - 0x0004, 0x0004, 0x0019, 0x0019, 0x0008, - 0x0008, 0x0015, 0x00F5, 0x00F5, 0x00F5, - 0x0008, 0x01E2, 0x00E1, 0x00E1, 0x0004, - 0x01F6, 0x00F6, 0x0019, 0x00E2, 0x0019, - 0x00F6, 0x0008, 0x00E2, 0x0008, 0x001A -}; - -/* Shared/separate antennas, WLAN in 5GHz */ -const uint16_t config_buffer_5G[] = { - 0x0039, 0x0076, 0x0028, 0x0062, 0x0075, - 0x0075, 0x0061, 0x0061, 0x0074, 0x0074, - 0x0060, 0x0060, 0x0075, 0x0075, 0x0064, - 0x0064, 0x0071, 0x0071, 0x0060, 0x0060, - 0x0064, 0x0064, 0x0061, 0x0061, 0x0060, - 0x0060, 0x0075, 0x0075, 0x0075, 0x0075, - 0x0060, 0x0060, 0x0071, 0x0071, 0x0074, - 0x0074, 0x0076, 0x0039, 0x0062, 0x0039, - 0x0076, 0x0028, 0x0062, 0x0028, 0x003A -}; - -/* non-PTA register configuration of coexistence hardware */ -/* Shared antenna */ -const uint32_t ch_config_sha[] = { - 0x00000028, 0x00000000, 0x001e1023, 0x00000000, 0x00000000, - 0x00000000, 0x00000021, 0x000002ca, 0x00000050, 0x00000000, - 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000 -}; - -/* Separate antennas. For BLE protocol. */ -const uint32_t ch_config_sep_ble[] = { - 0x00000028, 0x00000000, 0x001e1023, 0x00000000, 0x00000000, - 0x00000000, 0x00000021, 0x000002ca, 0x00000055, 0x00000000, - 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000 -}; - -/* Separate antennas. For non BLE protocol. */ -const uint32_t ch_config_sep_non_ble[] = { - 0x00000028, 0x00000000, 0x001e1023, 0x00000000, 0x00000000, - 0x00000000, 0x00000021, 0x000002ca, 0x00000055, 0x00000000, - 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000 -}; - -int nrf_wifi_coex_config_non_pta(bool separate_antennas, bool is_sr_protocol_ble) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct coex_ch_configuration params = { 0 }; - const uint32_t *config_buffer_ptr = NULL; - uint32_t start_offset = 0; - uint32_t num_reg_to_config = 1; - uint32_t cmd_len, index; - - /* Offset from the base address of CH */ - start_offset = ((EXT_SYS_WLANSYSCOEX_CH_TIME_REFERENCE - - EXT_SYS_WLANSYSCOEX_CH_CONTROL) >> 2); - /* Number of registers to be configured */ - num_reg_to_config = ((EXT_SYS_WLANSYSCOEX_CH_SR_INFO_STATUS - - EXT_SYS_WLANSYSCOEX_CH_TIME_REFERENCE) >> 2) + 1; - - if (separate_antennas) { - if (is_sr_protocol_ble) { - config_buffer_ptr = ch_config_sep_ble; - } else { - config_buffer_ptr = ch_config_sep_non_ble; - } - } else { - config_buffer_ptr = ch_config_sha; - } - - params.message_id = HW_CONFIGURATION; - params.num_reg_to_config = num_reg_to_config; - params.hw_to_config = COEX_HARDWARE; - params.hw_block_base_addr = CH_BASE_ADDRESS; - - for (index = 0; index < num_reg_to_config; index++) { - params.configbuf[index] = (start_offset << COEX_REG_CFG_OFFSET_SHIFT) | - (*(config_buffer_ptr + index)); - start_offset++; - } - - cmd_len = (COEX_CONFIG_FIXED_PARAMS + num_reg_to_config) * sizeof(uint32_t); - status = nrf_wifi_fmac_conf_srcoex(rpu_ctx->rpu_ctx, - (void *)(¶ms), cmd_len); - if (status != NRF_WIFI_STATUS_SUCCESS) { - return -1; - } - - return 0; -} - -int nrf_wifi_coex_config_pta(enum nrf_wifi_pta_wlan_op_band wlan_band, bool separate_antennas, - bool is_sr_protocol_ble) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct coex_ch_configuration params = { 0 }; - const uint16_t *config_buffer_ptr = NULL; - uint32_t start_offset = 0; - uint32_t num_reg_to_config = 1; - uint32_t cmd_len, index; - - /* common for both SHA and SEA */ - /* Indicates offset from the base address of CH */ - start_offset = ((EXT_SYS_WLANSYSCOEX_CH_NO_WINDOW_LOOKUP_0 - - EXT_SYS_WLANSYSCOEX_CH_CONTROL) >> 2); - /* Number of contiguous registers to be configured starting from base+offset */ - num_reg_to_config = ((EXT_SYS_WLANSYSCOEX_CH_NO_WINDOW_LOOKUP_44 - - EXT_SYS_WLANSYSCOEX_CH_NO_WINDOW_LOOKUP_0) >> 2) + 1; - - if (wlan_band == NRF_WIFI_PTA_WLAN_OP_BAND_2_4_GHZ) { - /* WLAN operating in 2.4GHz */ - if (separate_antennas) { - /* separate antennas configuration */ - if (is_sr_protocol_ble) { - config_buffer_ptr = config_buffer_SEA_ble; - } else { - config_buffer_ptr = config_buffer_SEA_non_ble; - } - } else { - /* Shared antenna configuration */ - config_buffer_ptr = config_buffer_SHA; - } - } else if (wlan_band == NRF_WIFI_PTA_WLAN_OP_BAND_5_GHZ) { - /* WLAN operating in 5GHz */ - config_buffer_ptr = config_buffer_5G; - } else { - return -EINVAL; - } - - params.message_id = HW_CONFIGURATION; - params.num_reg_to_config = num_reg_to_config; - params.hw_to_config = COEX_HARDWARE; - params.hw_block_base_addr = CH_BASE_ADDRESS; - - for (index = 0; index < num_reg_to_config; index++) { - params.configbuf[index] = (start_offset << COEX_REG_CFG_OFFSET_SHIFT) | - (*(config_buffer_ptr+index)); - start_offset++; - } - - cmd_len = (COEX_CONFIG_FIXED_PARAMS + num_reg_to_config) * sizeof(uint32_t); - status = nrf_wifi_fmac_conf_srcoex(rpu_ctx->rpu_ctx, - (void *)(¶ms), cmd_len); - if (status != NRF_WIFI_STATUS_SUCCESS) { - return -1; - } - - return 0; -} -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH -int nrf_wifi_config_sr_switch(bool separate_antennas) -{ - int ret; - - if (!device_is_ready(sr_rf_switch_spec.port)) { - LOG_ERR("Unable to open GPIO device"); - return -ENODEV; - } - - ret = gpio_pin_configure_dt(&sr_rf_switch_spec, GPIO_OUTPUT); - if (ret < 0) { - LOG_ERR("Unable to configure GPIO device"); - return -1; - } - - if (separate_antennas) { - gpio_pin_set_dt(&sr_rf_switch_spec, 0x0); - LOG_INF("GPIO P1.10 set to 0"); - } else { - gpio_pin_set_dt(&sr_rf_switch_spec, 0x1); - LOG_INF("GPIO P1.10 set to 1"); - } - - return 0; -} -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ - -int nrf_wifi_coex_hw_reset(void) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct coex_ch_configuration params = { 0 }; - uint32_t num_reg_to_config = 1; - uint32_t start_offset = 0; - uint32_t index = 0; - uint32_t coex_hw_reset = 1; - uint32_t cmd_len; - - /* reset CH */ - params.message_id = HW_CONFIGURATION; - params.num_reg_to_config = num_reg_to_config; - params.hw_to_config = COEX_HARDWARE; - params.hw_block_base_addr = CH_BASE_ADDRESS; - - start_offset = ((EXT_SYS_WLANSYSCOEX_CH_CONTROL - EXT_SYS_WLANSYSCOEX_CH_CONTROL) >> 2); - params.configbuf[index] = (start_offset << COEX_REG_CFG_OFFSET_SHIFT) | - (coex_hw_reset << EXT_SYS_WLANSYSCOEX_RESET_SHIFT); - - cmd_len = (COEX_CONFIG_FIXED_PARAMS + num_reg_to_config) * sizeof(uint32_t); - - status = nrf_wifi_fmac_conf_srcoex(rpu_ctx->rpu_ctx, - (void *)(¶ms), cmd_len); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("CH reset configuration failed"); - return -1; - } - - return 0; -} - -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH -int sr_gpio_config(void) -{ - int ret; - - if (!device_is_ready(sr_rf_switch_spec.port)) { - return -ENODEV; - } - - ret = gpio_pin_configure_dt(&sr_rf_switch_spec, GPIO_OUTPUT); - if (ret) { - LOG_ERR("SR GPIO configuration failed %d", ret); - } - - return ret; -} - -int sr_gpio_remove(void) -{ - int ret; - - ret = gpio_pin_configure_dt(&sr_rf_switch_spec, GPIO_DISCONNECTED); - if (ret) { - LOG_ERR("SR GPIO remove failed %d", ret); - } - - return ret; -} - -int sr_ant_switch(unsigned int ant_switch) -{ - int ret; - - ret = gpio_pin_set_dt(&sr_rf_switch_spec, ant_switch & 0x1); - if (ret) { - LOG_ERR("SR GPIO set failed %d", ret); - } - - return ret; -} -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ diff --git a/drivers/wifi/nrf700x/src/fmac_main.c b/drivers/wifi/nrf700x/src/fmac_main.c deleted file mode 100644 index 81a5c92a0fbf..000000000000 --- a/drivers/wifi/nrf700x/src/fmac_main.c +++ /dev/null @@ -1,952 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing FMAC interface specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include - -#include -#ifdef CONFIG_NET_L2_ETHERNET -#include -#endif -#include -#include -#include - - -#include -#include -#include "fmac_util.h" -#include - -#ifndef CONFIG_NRF700X_RADIO_TEST -#ifdef CONFIG_NRF700X_STA_MODE -#include -#include -#include -#include -#else -#include -#include -#endif /* CONFIG_WPA_SPP */ -#include - -#endif /* !CONFIG_NRF700X_RADIO_TEST */ - -#define DT_DRV_COMPAT nordic_wlan0 -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; -extern const struct nrf_wifi_osal_ops nrf_wifi_os_zep_ops; - -/* 3 bytes for addreess, 3 bytes for length */ -#define MAX_PKT_RAM_TX_ALIGN_OVERHEAD 6 -#ifndef CONFIG_NRF700X_RADIO_TEST -#ifdef CONFIG_NRF700X_DATA_TX - -#define MAX_RX_QUEUES 3 - -#define MAX_TX_FRAME_SIZE \ - (CONFIG_NRF_WIFI_IFACE_MTU + NRF_WIFI_FMAC_ETH_HDR_LEN + TX_BUF_HEADROOM) -#define TOTAL_TX_SIZE \ - (CONFIG_NRF700X_MAX_TX_TOKENS * CONFIG_NRF700X_TX_MAX_DATA_SIZE) -#define TOTAL_RX_SIZE \ - (CONFIG_NRF700X_RX_NUM_BUFS * CONFIG_NRF700X_RX_MAX_DATA_SIZE) - -BUILD_ASSERT(CONFIG_NRF700X_MAX_TX_TOKENS >= 1, - "At least one TX token is required"); -BUILD_ASSERT(CONFIG_NRF700X_MAX_TX_AGGREGATION <= 15, - "Max TX aggregation is 15"); -BUILD_ASSERT(CONFIG_NRF700X_RX_NUM_BUFS >= 1, - "At least one RX buffer is required"); -BUILD_ASSERT(RPU_PKTRAM_SIZE - TOTAL_RX_SIZE >= TOTAL_TX_SIZE, - "Packet RAM overflow: not enough memory for TX"); - -BUILD_ASSERT(CONFIG_NRF700X_TX_MAX_DATA_SIZE >= MAX_TX_FRAME_SIZE, - "TX buffer size must be at least as big as the MTU and headroom"); - -static const unsigned char aggregation = 1; -static const unsigned char max_num_tx_agg_sessions = 4; -static const unsigned char max_num_rx_agg_sessions = 8; -static const unsigned char reorder_buf_size = 16; -static const unsigned char max_rxampdu_size = MAX_RX_AMPDU_SIZE_64KB; - -static const unsigned char max_tx_aggregation = CONFIG_NRF700X_MAX_TX_AGGREGATION; - -static const unsigned int rx1_num_bufs = CONFIG_NRF700X_RX_NUM_BUFS / MAX_RX_QUEUES; -static const unsigned int rx2_num_bufs = CONFIG_NRF700X_RX_NUM_BUFS / MAX_RX_QUEUES; -static const unsigned int rx3_num_bufs = CONFIG_NRF700X_RX_NUM_BUFS / MAX_RX_QUEUES; - -static const unsigned int rx1_buf_sz = CONFIG_NRF700X_RX_MAX_DATA_SIZE; -static const unsigned int rx2_buf_sz = CONFIG_NRF700X_RX_MAX_DATA_SIZE; -static const unsigned int rx3_buf_sz = CONFIG_NRF700X_RX_MAX_DATA_SIZE; - -static const unsigned char rate_protection_type; -#else -/* Reduce buffers to Scan only operation */ -static const unsigned int rx1_num_bufs = 2; -static const unsigned int rx2_num_bufs = 2; -static const unsigned int rx3_num_bufs = 2; - -static const unsigned int rx1_buf_sz = 1000; -static const unsigned int rx2_buf_sz = 1000; -static const unsigned int rx3_buf_sz = 1000; -#endif - -struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; -static K_MUTEX_DEFINE(reg_lock); - -const char *nrf_wifi_get_drv_version(void) -{ - return NRF700X_DRIVER_VERSION; -} - -/* If the interface is not Wi-Fi then errors are expected, so, fail silently */ -struct nrf_wifi_vif_ctx_zep *nrf_wifi_get_vif_ctx(struct net_if *iface) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx = &rpu_drv_priv_zep.rpu_ctx_zep; - - if (!iface || !rpu_ctx || !rpu_ctx->rpu_ctx) { - return NULL; - } - - for (int i = 0; i < ARRAY_SIZE(rpu_ctx->vif_ctx_zep); i++) { - if (rpu_ctx->vif_ctx_zep[i].zep_net_if_ctx == iface) { - vif_ctx_zep = &rpu_ctx->vif_ctx_zep[i]; - break; - } - } - - return vif_ctx_zep; -} - -void nrf_wifi_event_proc_scan_start_zep(void *if_priv, - struct nrf_wifi_umac_event_trigger_scan *scan_start_event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - vif_ctx_zep = if_priv; - - if (vif_ctx_zep->scan_type == SCAN_DISPLAY) { - return; - } - -#ifdef CONFIG_NRF700X_STA_MODE - nrf_wifi_wpa_supp_event_proc_scan_start(if_priv); -#endif /* CONFIG_NRF700X_STA_MODE */ -} - - -void nrf_wifi_event_proc_scan_done_zep(void *vif_ctx, - struct nrf_wifi_umac_event_trigger_scan *scan_done_event, - unsigned int event_len) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - switch (vif_ctx_zep->scan_type) { -#ifdef CONFIG_NET_L2_WIFI_MGMT - case SCAN_DISPLAY: - status = nrf_wifi_disp_scan_res_get_zep(vif_ctx_zep); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_disp_scan_res_get_zep failed", __func__); - return; - } - vif_ctx_zep->scan_in_progress = false; - break; -#endif /* CONFIG_NET_L2_WIFI_MGMT */ -#ifdef CONFIG_NRF700X_STA_MODE - case SCAN_CONNECT: - nrf_wifi_wpa_supp_event_proc_scan_done(vif_ctx_zep, - scan_done_event, - event_len, - 0); - break; -#endif /* CONFIG_NRF700X_STA_MODE */ - default: - LOG_ERR("%s: Scan type = %d not supported yet", __func__, vif_ctx_zep->scan_type); - return; - } - - status = NRF_WIFI_STATUS_SUCCESS; -} - -void nrf_wifi_scan_timeout_work(struct k_work *work) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - - vif_ctx_zep = CONTAINER_OF(work, struct nrf_wifi_vif_ctx_zep, scan_timeout_work.work); - - if (!vif_ctx_zep->scan_in_progress) { - LOG_INF("%s: Scan not in progress", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - -#ifdef CONFIG_NET_L2_WIFI_MGMT - if (vif_ctx_zep->disp_scan_cb) { - vif_ctx_zep->disp_scan_cb(vif_ctx_zep->zep_net_if_ctx, -ETIMEDOUT, NULL); - vif_ctx_zep->disp_scan_cb = NULL; - } else -#endif /* CONFIG_NET_L2_WIFI_MGMT */ - { -#ifdef CONFIG_NRF700X_STA_MODE - /* WPA supplicant scan */ - union wpa_event_data event; - struct scan_info *info = NULL; - - memset(&event, 0, sizeof(event)); - - info = &event.scan_info; - - info->aborted = 0; - info->external_scan = 0; - info->nl_scan_event = 1; - - if (vif_ctx_zep->supp_drv_if_ctx && - vif_ctx_zep->supp_callbk_fns.scan_done) { - vif_ctx_zep->supp_callbk_fns.scan_done(vif_ctx_zep->supp_drv_if_ctx, - &event); - } -#endif /* CONFIG_NRF700X_STA_MODE */ - } - - vif_ctx_zep->scan_in_progress = false; -} - -#ifdef CONFIG_NRF700X_STA_MODE -static void nrf_wifi_process_rssi_from_rx(void *vif_ctx, - signed short signal) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = vif_ctx; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - vif_ctx_zep->rssi = MBM_TO_DBM(signal); - vif_ctx_zep->rssi_record_timestamp_us = - nrf_wifi_osal_time_get_curr_us(); -} -#endif /* CONFIG_NRF700X_STA_MODE */ - - -void nrf_wifi_event_get_reg_zep(void *vif_ctx, - struct nrf_wifi_reg *get_reg_event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - - LOG_DBG("%s: alpha2 = %c%c", __func__, - get_reg_event->nrf_wifi_alpha2[0], - get_reg_event->nrf_wifi_alpha2[1]); - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - if (fmac_dev_ctx->alpha2_valid) { - LOG_ERR("%s: Unsolicited regulatory get!", __func__); - return; - } - - memcpy(&fmac_dev_ctx->alpha2, - &get_reg_event->nrf_wifi_alpha2, - sizeof(get_reg_event->nrf_wifi_alpha2)); - - fmac_dev_ctx->reg_chan_count = get_reg_event->num_channels; - memcpy(fmac_dev_ctx->reg_chan_info, - &get_reg_event->chn_info, - fmac_dev_ctx->reg_chan_count * - sizeof(struct nrf_wifi_get_reg_chn_info)); - - fmac_dev_ctx->alpha2_valid = true; -} - -int nrf_wifi_reg_domain(const struct device *dev, struct wifi_reg_domain *reg_domain) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_fmac_reg_info reg_domain_info = {0}; - struct wifi_reg_chan_info *chan_info = NULL; - struct nrf_wifi_get_reg_chn_info *reg_domain_chan_info = NULL; - int ret = -1; - int chan_idx = 0; - - k_mutex_lock(®_lock, K_FOREVER); - - if (!dev || !reg_domain) { - goto err; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto err; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - goto err; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - if (!fmac_dev_ctx) { - LOG_ERR("%s: fmac_dev_ctx is NULL", __func__); - goto err; - } - - if (reg_domain->oper == WIFI_MGMT_SET) { -#ifndef CONFIG_NRF700X_RADIO_TEST -#ifdef CONFIG_NRF700X_STA_MODE - /* Need to check if WPA supplicant is initialized or not. - * Must be checked when CONFIG_WPA_SUPP is enabled. - * Not applicable for RADIO_TEST or when CONFIG_WPA_SUPP is not enabled. - */ - /* It is possbile that during supplicant initialization driver may - * get the command. lock will try to ensure that supplicant - * initialization is complete. - */ - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if ((!vif_ctx_zep->supp_drv_if_ctx) || - (!wifi_nm_get_instance_iface(vif_ctx_zep->zep_net_if_ctx))) { - LOG_ERR("%s: WPA supplicant initialization not complete yet", __func__); - k_mutex_unlock(&vif_ctx_zep->vif_lock); - goto err; - } - k_mutex_unlock(&vif_ctx_zep->vif_lock); -#endif /* CONFIG_NRF700X_STA_MODE */ -#endif /* !CONFIG_NRF700X_RADIO_TEST */ - memcpy(reg_domain_info.alpha2, reg_domain->country_code, WIFI_COUNTRY_CODE_LEN); - - reg_domain_info.force = reg_domain->force; - - status = nrf_wifi_fmac_set_reg(fmac_dev_ctx, ®_domain_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Failed to set regulatory domain", __func__); - goto err; - } - } else if (reg_domain->oper == WIFI_MGMT_GET) { - - if (!reg_domain->chan_info) { - LOG_ERR("%s: Invalid regulatory info (NULL)\n", __func__); - goto err; - } - - status = nrf_wifi_fmac_get_reg(fmac_dev_ctx, ®_domain_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Failed to get regulatory domain", __func__); - goto err; - } - - memcpy(reg_domain->country_code, reg_domain_info.alpha2, WIFI_COUNTRY_CODE_LEN); - reg_domain->num_channels = reg_domain_info.reg_chan_count; - - for (chan_idx = 0; chan_idx < reg_domain_info.reg_chan_count; chan_idx++) { - chan_info = &(reg_domain->chan_info[chan_idx]); - reg_domain_chan_info = &(reg_domain_info.reg_chan_info[chan_idx]); - chan_info->center_frequency = reg_domain_chan_info->center_frequency; - chan_info->dfs = !!reg_domain_chan_info->dfs; - chan_info->max_power = reg_domain_chan_info->max_power; - chan_info->passive_only = !!reg_domain_chan_info->passive_channel; - chan_info->supported = !!reg_domain_chan_info->supported; - } - } else { - LOG_ERR("%s: Invalid operation: %d", __func__, reg_domain->oper); - goto err; - } - - ret = 0; -err: - k_mutex_unlock(®_lock); - return ret; -} -#ifdef CONFIG_NRF700X_STA_MODE -void nrf_wifi_event_proc_cookie_rsp(void *vif_ctx, - struct nrf_wifi_umac_event_cookie_rsp *cookie_rsp_event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - LOG_DBG("%s: cookie_rsp_event->cookie = %llx", __func__, cookie_rsp_event->cookie); - LOG_DBG("%s: host_cookie = %llx", __func__, cookie_rsp_event->host_cookie); - LOG_DBG("%s: mac_addr = %x:%x:%x:%x:%x:%x", __func__, - cookie_rsp_event->mac_addr[0], - cookie_rsp_event->mac_addr[1], - cookie_rsp_event->mac_addr[2], - cookie_rsp_event->mac_addr[3], - cookie_rsp_event->mac_addr[4], - cookie_rsp_event->mac_addr[5]); - - vif_ctx_zep->cookie_resp_received = true; - /* TODO: When supp_callbk_fns.mgmt_tx_status is implemented, add logic - * here to use the cookie and host_cookie to map requests to responses. - */ -} -#endif /* CONFIG_NRF700X_STA_MODE */ - -void reg_change_callbk_fn(void *vif_ctx, - struct nrf_wifi_event_regulatory_change *reg_change_event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - if (!fmac_dev_ctx) { - LOG_ERR("%s: fmac_dev_ctx is NULL", __func__); - return; - } - - fmac_dev_ctx->reg_change = k_malloc(sizeof(struct nrf_wifi_event_regulatory_change)); - if (!fmac_dev_ctx->reg_change) { - LOG_ERR("%s: Failed to allocate memory for reg_change", __func__); - return; - } - - memcpy(fmac_dev_ctx->reg_change, - reg_change_event, - sizeof(struct nrf_wifi_event_regulatory_change)); - fmac_dev_ctx->reg_set_status = true; -} -#endif /* !CONFIG_NRF700X_RADIO_TEST */ - -void configure_tx_pwr_settings(struct nrf_wifi_tx_pwr_ctrl_params *tx_pwr_ctrl_params, - struct nrf_wifi_tx_pwr_ceil_params *tx_pwr_ceil_params) -{ - tx_pwr_ctrl_params->ant_gain_2g = CONFIG_NRF700X_ANT_GAIN_2G; - tx_pwr_ctrl_params->ant_gain_5g_band1 = CONFIG_NRF700X_ANT_GAIN_5G_BAND1; - tx_pwr_ctrl_params->ant_gain_5g_band2 = CONFIG_NRF700X_ANT_GAIN_5G_BAND2; - tx_pwr_ctrl_params->ant_gain_5g_band3 = CONFIG_NRF700X_ANT_GAIN_5G_BAND3; - tx_pwr_ctrl_params->band_edge_2g_lo_dss = CONFIG_NRF700X_BAND_2G_LOWER_EDGE_BACKOFF_DSSS; - tx_pwr_ctrl_params->band_edge_2g_lo_ht = CONFIG_NRF700X_BAND_2G_LOWER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_2g_lo_he = CONFIG_NRF700X_BAND_2G_LOWER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_2g_hi_dsss = CONFIG_NRF700X_BAND_2G_UPPER_EDGE_BACKOFF_DSSS; - tx_pwr_ctrl_params->band_edge_2g_hi_ht = CONFIG_NRF700X_BAND_2G_UPPER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_2g_hi_he = CONFIG_NRF700X_BAND_2G_UPPER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_1_lo_ht = - CONFIG_NRF700X_BAND_UNII_1_LOWER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_1_lo_he = - CONFIG_NRF700X_BAND_UNII_1_LOWER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_1_hi_ht = - CONFIG_NRF700X_BAND_UNII_1_UPPER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_1_hi_he = - CONFIG_NRF700X_BAND_UNII_1_UPPER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_2a_lo_ht = - CONFIG_NRF700X_BAND_UNII_2A_LOWER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_2a_lo_he = - CONFIG_NRF700X_BAND_UNII_2A_LOWER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_2a_hi_ht = - CONFIG_NRF700X_BAND_UNII_2A_UPPER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_2a_hi_he = - CONFIG_NRF700X_BAND_UNII_2A_UPPER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_2c_lo_ht = - CONFIG_NRF700X_BAND_UNII_2C_LOWER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_2c_lo_he = - CONFIG_NRF700X_BAND_UNII_2C_LOWER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_2c_hi_ht = - CONFIG_NRF700X_BAND_UNII_2C_UPPER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_2c_hi_he = - CONFIG_NRF700X_BAND_UNII_2C_UPPER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_3_lo_ht = - CONFIG_NRF700X_BAND_UNII_3_LOWER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_3_lo_he = - CONFIG_NRF700X_BAND_UNII_3_LOWER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_3_hi_ht = - CONFIG_NRF700X_BAND_UNII_3_UPPER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_3_hi_he = - CONFIG_NRF700X_BAND_UNII_3_UPPER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_4_lo_ht = - CONFIG_NRF700X_BAND_UNII_4_LOWER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_4_lo_he = - CONFIG_NRF700X_BAND_UNII_4_LOWER_EDGE_BACKOFF_HE; - tx_pwr_ctrl_params->band_edge_5g_unii_4_hi_ht = - CONFIG_NRF700X_BAND_UNII_4_UPPER_EDGE_BACKOFF_HT; - tx_pwr_ctrl_params->band_edge_5g_unii_4_hi_he = - CONFIG_NRF700X_BAND_UNII_4_UPPER_EDGE_BACKOFF_HE; - - - tx_pwr_ceil_params->max_pwr_2g_dsss = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_2g_dsss); - - tx_pwr_ceil_params->max_pwr_2g_mcs7 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_2g_mcs7); - - tx_pwr_ceil_params->max_pwr_2g_mcs0 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_2g_mcs0); - -#ifndef CONFIG_NRF70_2_4G_ONLY - tx_pwr_ceil_params->max_pwr_5g_low_mcs7 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_5g_low_mcs7); - - tx_pwr_ceil_params->max_pwr_5g_mid_mcs7 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_5g_mid_mcs7); - - tx_pwr_ceil_params->max_pwr_5g_high_mcs7 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_5g_high_mcs7); - - tx_pwr_ceil_params->max_pwr_5g_low_mcs0 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_5g_low_mcs0); - - tx_pwr_ceil_params->max_pwr_5g_mid_mcs0 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_5g_mid_mcs0); - - tx_pwr_ceil_params->max_pwr_5g_high_mcs0 = - DT_PROP(DT_NODELABEL(nrf70_tx_power_ceiling), max_pwr_5g_high_mcs0); -#endif /* CONFIG_NRF70_2_4G_ONLY */ -} - -void configure_board_dep_params(struct nrf_wifi_board_params *board_params) -{ - board_params->pcb_loss_2g = CONFIG_NRF700X_PCB_LOSS_2G; -#ifndef CONFIG_NRF70_2_4G_ONLY - board_params->pcb_loss_5g_band1 = CONFIG_NRF700X_PCB_LOSS_5G_BAND1; - board_params->pcb_loss_5g_band2 = CONFIG_NRF700X_PCB_LOSS_5G_BAND2; - board_params->pcb_loss_5g_band3 = CONFIG_NRF700X_PCB_LOSS_5G_BAND3; -#endif /* CONFIG_NRF70_2_4G_ONLY */ -} - -enum nrf_wifi_status nrf_wifi_fmac_dev_add_zep(struct nrf_wifi_drv_priv_zep *drv_priv_zep) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - void *rpu_ctx = NULL; - enum op_band op_band = CONFIG_NRF_WIFI_OP_BAND; -#ifdef CONFIG_NRF_WIFI_LOW_POWER - int sleep_type = -1; - -#ifndef CONFIG_NRF700X_RADIO_TEST - sleep_type = HW_SLEEP_ENABLE; -#else - sleep_type = SLEEP_DISABLE; -#endif /* CONFIG_NRF700X_RADIO_TEST */ -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - struct nrf_wifi_tx_pwr_ctrl_params tx_pwr_ctrl_params; - struct nrf_wifi_tx_pwr_ceil_params tx_pwr_ceil_params; - struct nrf_wifi_board_params board_params; - - unsigned int fw_ver = 0; - - rpu_ctx_zep = &drv_priv_zep->rpu_ctx_zep; - - rpu_ctx_zep->drv_priv_zep = drv_priv_zep; - - rpu_ctx = nrf_wifi_fmac_dev_add(drv_priv_zep->fmac_priv, rpu_ctx_zep); - - if (!rpu_ctx) { - LOG_ERR("%s: nrf_wifi_fmac_dev_add failed", __func__); - rpu_ctx_zep = NULL; - goto err; - } - - rpu_ctx_zep->rpu_ctx = rpu_ctx; - - status = nrf_wifi_fw_load(rpu_ctx); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fw_load failed", __func__); - goto err; - } - - status = nrf_wifi_fmac_ver_get(rpu_ctx, - &fw_ver); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: FW version read failed", __func__); - goto err; - } - - LOG_DBG("Firmware (v%d.%d.%d.%d) booted successfully", - NRF_WIFI_UMAC_VER(fw_ver), - NRF_WIFI_UMAC_VER_MAJ(fw_ver), - NRF_WIFI_UMAC_VER_MIN(fw_ver), - NRF_WIFI_UMAC_VER_EXTRA(fw_ver)); - - configure_tx_pwr_settings(&tx_pwr_ctrl_params, - &tx_pwr_ceil_params); - - configure_board_dep_params(&board_params); - -#ifdef CONFIG_NRF700X_RADIO_TEST - status = nrf_wifi_fmac_dev_init_rt(rpu_ctx_zep->rpu_ctx, -#ifdef CONFIG_NRF_WIFI_LOW_POWER - sleep_type, -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - NRF_WIFI_DEF_PHY_CALIB, - op_band, - IS_ENABLED(CONFIG_NRF_WIFI_BEAMFORMING), - &tx_pwr_ctrl_params, - &tx_pwr_ceil_params, - &board_params); -#else - status = nrf_wifi_fmac_dev_init(rpu_ctx_zep->rpu_ctx, -#ifdef CONFIG_NRF_WIFI_LOW_POWER - sleep_type, -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - NRF_WIFI_DEF_PHY_CALIB, - op_band, - IS_ENABLED(CONFIG_NRF_WIFI_BEAMFORMING), - &tx_pwr_ctrl_params, - &tx_pwr_ceil_params, - &board_params); -#endif /* CONFIG_NRF700X_RADIO_TEST */ - - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_dev_init failed", __func__); - goto err; - } - - k_mutex_init(&rpu_ctx_zep->rpu_lock); - - return status; -err: - if (rpu_ctx) { -#ifdef CONFIG_NRF700X_RADIO_TEST - nrf_wifi_fmac_dev_rem_rt(rpu_ctx); -#else - nrf_wifi_fmac_dev_rem(rpu_ctx); -#endif /* CONFIG_NRF700X_RADIO_TEST */ - rpu_ctx_zep->rpu_ctx = NULL; - } - return status; -} - -enum nrf_wifi_status nrf_wifi_fmac_dev_rem_zep(struct nrf_wifi_drv_priv_zep *drv_priv_zep) -{ - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - - rpu_ctx_zep = &drv_priv_zep->rpu_ctx_zep; -#ifdef CONFIG_NRF700X_RADIO_TEST - nrf_wifi_fmac_dev_deinit_rt(rpu_ctx_zep->rpu_ctx); - nrf_wifi_fmac_dev_rem_rt(rpu_ctx_zep->rpu_ctx); -#else - nrf_wifi_fmac_dev_deinit(rpu_ctx_zep->rpu_ctx); - nrf_wifi_fmac_dev_rem(rpu_ctx_zep->rpu_ctx); -#endif /* CONFIG_NRF700X_RADIO_TEST */ - - k_free(rpu_ctx_zep->extended_capa); - rpu_ctx_zep->extended_capa = NULL; - k_free(rpu_ctx_zep->extended_capa_mask); - rpu_ctx_zep->extended_capa_mask = NULL; - - rpu_ctx_zep->rpu_ctx = NULL; - LOG_DBG("%s: FMAC device removed", __func__); - - return NRF_WIFI_STATUS_SUCCESS; -} - -static int nrf_wifi_drv_main_zep(const struct device *dev) -{ -#ifndef CONFIG_NRF700X_RADIO_TEST - struct nrf_wifi_fmac_callbk_fns callbk_fns = { 0 }; - struct nrf_wifi_data_config_params data_config = { 0 }; - struct rx_buf_pool_params rx_buf_pools[MAX_NUM_OF_RX_QUEUES]; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = dev->data; - - vif_ctx_zep->rpu_ctx_zep = &rpu_drv_priv_zep.rpu_ctx_zep; - -#ifdef CONFIG_NRF700X_DATA_TX - data_config.aggregation = aggregation; - data_config.wmm = IS_ENABLED(CONFIG_NRF_WIFI_FEAT_WMM); - data_config.max_num_tx_agg_sessions = max_num_tx_agg_sessions; - data_config.max_num_rx_agg_sessions = max_num_rx_agg_sessions; - data_config.max_tx_aggregation = max_tx_aggregation; - data_config.reorder_buf_size = reorder_buf_size; - data_config.max_rxampdu_size = max_rxampdu_size; - data_config.rate_protection_type = rate_protection_type; - callbk_fns.if_carr_state_chg_callbk_fn = nrf_wifi_if_carr_state_chg; - callbk_fns.rx_frm_callbk_fn = nrf_wifi_if_rx_frm; -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) - callbk_fns.rx_sniffer_frm_callbk_fn = nrf_wifi_if_sniffer_rx_frm; -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ -#endif - rx_buf_pools[0].num_bufs = rx1_num_bufs; - rx_buf_pools[1].num_bufs = rx2_num_bufs; - rx_buf_pools[2].num_bufs = rx3_num_bufs; - rx_buf_pools[0].buf_sz = rx1_buf_sz; - rx_buf_pools[1].buf_sz = rx2_buf_sz; - rx_buf_pools[2].buf_sz = rx3_buf_sz; - -#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY - callbk_fns.rpu_recovery_callbk_fn = nrf_wifi_rpu_recovery_cb; -#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ - callbk_fns.scan_start_callbk_fn = nrf_wifi_event_proc_scan_start_zep; - callbk_fns.scan_done_callbk_fn = nrf_wifi_event_proc_scan_done_zep; - callbk_fns.reg_change_callbk_fn = reg_change_callbk_fn; -#ifdef CONFIG_NET_L2_WIFI_MGMT - callbk_fns.disp_scan_res_callbk_fn = nrf_wifi_event_proc_disp_scan_res_zep; -#endif /* CONFIG_NET_L2_WIFI_MGMT */ -#ifdef CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS - callbk_fns.rx_bcn_prb_resp_callbk_fn = nrf_wifi_rx_bcn_prb_resp_frm; -#endif /* CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS */ -#if defined(CONFIG_NRF700X_SYSTEM_MODE) || defined(CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES) - callbk_fns.set_if_callbk_fn = nrf_wifi_set_iface_event_handler; -#endif /* CONFIG_NRF700X_SYSTEM_MODE */ -#ifdef CONFIG_NRF700X_STA_MODE - callbk_fns.twt_config_callbk_fn = nrf_wifi_event_proc_twt_setup_zep; - callbk_fns.twt_teardown_callbk_fn = nrf_wifi_event_proc_twt_teardown_zep; - callbk_fns.twt_sleep_callbk_fn = nrf_wifi_event_proc_twt_sleep_zep; - callbk_fns.event_get_reg = nrf_wifi_event_get_reg_zep; - callbk_fns.event_get_ps_info = nrf_wifi_event_proc_get_power_save_info; - callbk_fns.cookie_rsp_callbk_fn = nrf_wifi_event_proc_cookie_rsp; - callbk_fns.process_rssi_from_rx = nrf_wifi_process_rssi_from_rx; - callbk_fns.scan_res_callbk_fn = nrf_wifi_wpa_supp_event_proc_scan_res; - callbk_fns.auth_resp_callbk_fn = nrf_wifi_wpa_supp_event_proc_auth_resp; - callbk_fns.assoc_resp_callbk_fn = nrf_wifi_wpa_supp_event_proc_assoc_resp; - callbk_fns.deauth_callbk_fn = nrf_wifi_wpa_supp_event_proc_deauth; - callbk_fns.disassoc_callbk_fn = nrf_wifi_wpa_supp_event_proc_disassoc; - callbk_fns.get_station_callbk_fn = nrf_wifi_wpa_supp_event_proc_get_sta; - callbk_fns.get_interface_callbk_fn = nrf_wifi_wpa_supp_event_proc_get_if; - callbk_fns.mgmt_tx_status = nrf_wifi_wpa_supp_event_mgmt_tx_status; - callbk_fns.unprot_mlme_mgmt_rx_callbk_fn = nrf_wifi_wpa_supp_event_proc_unprot_mgmt; - callbk_fns.event_get_wiphy = nrf_wifi_wpa_supp_event_get_wiphy; - callbk_fns.mgmt_rx_callbk_fn = nrf_wifi_wpa_supp_event_mgmt_rx_callbk_fn; - callbk_fns.get_conn_info_callbk_fn = nrf_wifi_supp_event_proc_get_conn_info; -#endif /* CONFIG_NRF700X_STA_MODE */ - - /* The OSAL layer needs to be initialized before any other initialization - * so that other layers (like FW IF,HW IF etc) have access to OS ops - */ - nrf_wifi_osal_init(&nrf_wifi_os_zep_ops); - - rpu_drv_priv_zep.fmac_priv = nrf_wifi_fmac_init(&data_config, - rx_buf_pools, - &callbk_fns); -#else /* !CONFIG_NRF700X_RADIO_TEST */ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - - /* The OSAL layer needs to be initialized before any other initialization - * so that other layers (like FW IF,HW IF etc) have access to OS ops - */ - nrf_wifi_osal_init(&nrf_wifi_os_zep_ops); - - rpu_drv_priv_zep.fmac_priv = nrf_wifi_fmac_init_rt(); -#endif /* CONFIG_NRF700X_RADIO_TEST */ - - if (rpu_drv_priv_zep.fmac_priv == NULL) { - LOG_ERR("%s: nrf_wifi_fmac_init failed", - __func__); - goto err; - } - -#ifdef CONFIG_NRF700X_DATA_TX - struct nrf_wifi_fmac_priv_def *def_priv = NULL; - - def_priv = wifi_fmac_priv(rpu_drv_priv_zep.fmac_priv); - def_priv->max_ampdu_len_per_token = - (RPU_PKTRAM_SIZE - (CONFIG_NRF700X_RX_NUM_BUFS * CONFIG_NRF700X_RX_MAX_DATA_SIZE)) / - CONFIG_NRF700X_MAX_TX_TOKENS; - /* Align to 4-byte */ - def_priv->max_ampdu_len_per_token &= ~0x3; - - /* Alignment overhead for size based coalesce */ - def_priv->avail_ampdu_len_per_token = - def_priv->max_ampdu_len_per_token - - (MAX_PKT_RAM_TX_ALIGN_OVERHEAD * max_tx_aggregation); -#endif /* CONFIG_NRF700X_DATA_TX */ - -#ifdef CONFIG_NRF700X_RADIO_TEST - status = nrf_wifi_fmac_dev_add_zep(&rpu_drv_priv_zep); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_dev_add_zep failed", __func__); - goto fmac_deinit; - } -#else - k_work_init_delayable(&vif_ctx_zep->scan_timeout_work, - nrf_wifi_scan_timeout_work); -#endif /* CONFIG_NRF700X_RADIO_TEST */ - - return 0; -#ifdef CONFIG_NRF700X_RADIO_TEST -fmac_deinit: - nrf_wifi_fmac_deinit_rt(rpu_drv_priv_zep.fmac_priv); - nrf_wifi_osal_deinit(); -#endif /* CONFIG_NRF700X_RADIO_TEST */ -err: - return -1; -} - -#ifndef CONFIG_NRF700X_RADIO_TEST -#ifdef CONFIG_NET_L2_WIFI_MGMT -static struct wifi_mgmt_ops nrf_wifi_mgmt_ops = { - .scan = nrf_wifi_disp_scan_zep, -#ifdef CONFIG_NET_STATISTICS_WIFI - .get_stats = nrf_wifi_stats_get, - .reset_stats = nrf_wifi_stats_reset, -#endif /* CONFIG_NET_STATISTICS_WIFI */ -#ifdef CONFIG_NRF700X_STA_MODE - .set_power_save = nrf_wifi_set_power_save, - .set_twt = nrf_wifi_set_twt, - .reg_domain = nrf_wifi_reg_domain, - .get_power_save_config = nrf_wifi_get_power_save_config, - .set_rts_threshold = nrf_wifi_set_rts_threshold, -#endif /* CONFIG_NRF700X_STA_MODE */ -#ifdef CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES - .mode = nrf_wifi_mode, -#endif -#if defined(CONFIG_NRF700X_RAW_DATA_TX) || defined(CONFIG_NRF700X_RAW_DATA_RX) - .channel = nrf_wifi_channel, -#endif /* CONFIG_NRF700X_RAW_DATA_TX || CONFIG_NRF700X_RAW_DATA_RX */ -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) - .filter = nrf_wifi_filter, -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ -}; -#endif /* CONFIG_NET_L2_WIFI_MGMT */ - - -#ifdef CONFIG_NET_L2_ETHERNET -static const struct net_wifi_mgmt_offload wifi_offload_ops = { - .wifi_iface.iface_api.init = nrf_wifi_if_init_zep, - .wifi_iface.start = nrf_wifi_if_start_zep, - .wifi_iface.stop = nrf_wifi_if_stop_zep, - .wifi_iface.set_config = nrf_wifi_if_set_config_zep, - .wifi_iface.get_config = nrf_wifi_if_get_config_zep, - .wifi_iface.get_capabilities = nrf_wifi_if_caps_get, - .wifi_iface.send = nrf_wifi_if_send, -#ifdef CONFIG_NET_STATISTICS_ETHERNET - .wifi_iface.get_stats = nrf_wifi_eth_stats_get, -#endif /* CONFIG_NET_STATISTICS_ETHERNET */ -#ifdef CONFIG_NET_L2_WIFI_MGMT - .wifi_mgmt_api = &nrf_wifi_mgmt_ops, -#endif /* CONFIG_NET_L2_WIFI_MGMT */ -}; -#endif /* CONFIG_NET_L2_ETHERNET */ - - -#ifdef CONFIG_NRF700X_STA_MODE -static const struct zep_wpa_supp_dev_ops wpa_supp_ops = { - .init = nrf_wifi_wpa_supp_dev_init, - .deinit = nrf_wifi_wpa_supp_dev_deinit, - .scan2 = nrf_wifi_wpa_supp_scan2, - .scan_abort = nrf_wifi_wpa_supp_scan_abort, - .get_scan_results2 = nrf_wifi_wpa_supp_scan_results_get, - .deauthenticate = nrf_wifi_wpa_supp_deauthenticate, - .authenticate = nrf_wifi_wpa_supp_authenticate, - .associate = nrf_wifi_wpa_supp_associate, - .set_supp_port = nrf_wifi_wpa_set_supp_port, - .set_key = nrf_wifi_wpa_supp_set_key, - .signal_poll = nrf_wifi_wpa_supp_signal_poll, - .send_mlme = nrf_wifi_nl80211_send_mlme, - .get_wiphy = nrf_wifi_supp_get_wiphy, - .register_frame = nrf_wifi_supp_register_frame, - .get_capa = nrf_wifi_supp_get_capa, - .get_conn_info = nrf_wifi_supp_get_conn_info, -#ifdef CONFIG_NRF700X_AP_MODE - .init_ap = nrf_wifi_wpa_supp_init_ap, - .start_ap = nrf_wifi_wpa_supp_start_ap, - .change_beacon = nrf_wifi_wpa_supp_change_beacon, - .stop_ap = nrf_wifi_wpa_supp_stop_ap, - .deinit_ap = nrf_wifi_wpa_supp_deinit_ap, - .sta_add = nrf_wifi_wpa_supp_sta_add, - .sta_remove = nrf_wifi_wpa_supp_sta_remove, - .register_mgmt_frame = nrf_wifi_supp_register_mgmt_frame, - .sta_set_flags = nrf_wifi_wpa_supp_sta_set_flags, - .get_inact_sec = nrf_wifi_wpa_supp_sta_get_inact_sec, -#endif /* CONFIG_NRF700X_AP_MODE */ -}; -#endif /* CONFIG_NRF700X_STA_MODE */ -#endif /* !CONFIG_NRF700X_RADIO_TEST */ - - -#ifdef CONFIG_NET_L2_ETHERNET -ETH_NET_DEVICE_DT_INST_DEFINE(0, - nrf_wifi_drv_main_zep, /* init_fn */ - NULL, /* pm_action_cb */ - &rpu_drv_priv_zep.rpu_ctx_zep.vif_ctx_zep[0], /* data */ -#ifdef CONFIG_NRF700X_STA_MODE - &wpa_supp_ops, /* cfg */ -#else /* CONFIG_NRF700X_STA_MODE */ - NULL, /* cfg */ -#endif /* !CONFIG_NRF700X_STA_MODE */ - CONFIG_WIFI_INIT_PRIORITY, /* prio */ - &wifi_offload_ops, /* api */ - CONFIG_NRF_WIFI_IFACE_MTU); /*mtu */ -#else -DEVICE_DT_INST_DEFINE(0, - nrf_wifi_drv_main_zep, /* init_fn */ - NULL, /* pm_action_cb */ -#ifndef CONFIG_NRF700X_RADIO_TEST - &rpu_drv_priv_zep, /* data */ -#else /* !CONFIG_NRF700X_RADIO_TEST */ - NULL, -#endif /* CONFIG_NRF700X_RADIO_TEST */ - NULL, /* cfg */ - POST_KERNEL, - CONFIG_WIFI_INIT_PRIORITY, /* prio */ - NULL); /* api */ -#endif /* CONFIG_NRF700X_STA_MODE */ - -#ifdef CONFIG_L2_WIFI_CONNECTIVITY -CONN_MGR_BIND_CONN(Z_DEVICE_DT_DEV_ID(DT_DRV_INST(0)), L2_CONN_WLAN0); -#endif /* CONFIG_L2_WIFI_CONNECTIVITY */ diff --git a/drivers/wifi/nrf700x/src/fw_load.c b/drivers/wifi/nrf700x/src/fw_load.c deleted file mode 100644 index ba6ce8424e5c..000000000000 --- a/drivers/wifi/nrf700x/src/fw_load.c +++ /dev/null @@ -1,306 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing FW load functions for Zephyr. - */ -#include -#include - -#include -#include -#if defined(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP) && defined(CONFIG_NORDIC_QSPI_NOR) -#include -#endif /* CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP */ - -#include -#if defined(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP) && defined(CONFIG_NORDIC_QSPI_NOR) -/* For NRF QSPI NOR special handling is needed for this file as all RODATA of - * this file is stored in external flash, so, any use of RODATA has to be protected - * by disabling XIP and enabling it again after use. This means no LOG_* macros - * (buffered) or buffered printk can be used in this file, else it will crash. - */ -LOG_MODULE_DECLARE(wifi_nrf, LOG_LEVEL_NONE); -#else -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); -#endif /* CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP */ - -#include - -#ifdef CONFIG_NRF_WIFI_PATCHES_BUILTIN -/* INCBIN macro Taken from https://gist.github.com/mmozeiko/ed9655cf50341553d282 */ -#define STR2(x) #x -#define STR(x) STR2(x) - -#ifdef __APPLE__ -#define USTR(x) "_" STR(x) -#else -#define USTR(x) STR(x) -#endif - -#ifdef _WIN32 -#define INCBIN_SECTION ".rdata, \"dr\"" -#elif defined __APPLE__ -#define INCBIN_SECTION "__TEXT,__const" -#else -#define INCBIN_SECTION ".rodata.*" -#endif - -/* this aligns start address to 16 and terminates byte array with explicit 0 - * which is not really needed, feel free to change it to whatever you want/need - */ -#define INCBIN(prefix, name, file) \ - __asm__(".section " INCBIN_SECTION "\n" \ - ".global " USTR(prefix) "_" STR(name) "_start\n" \ - ".balign 16\n" \ - USTR(prefix) "_" STR(name) "_start:\n" \ - ".incbin \"" file "\"\n" \ - \ - ".global " STR(prefix) "_" STR(name) "_end\n" \ - ".balign 1\n" \ - USTR(prefix) "_" STR(name) "_end:\n" \ - ".byte 0\n" \ - ); \ - extern __aligned(16) const char prefix ## _ ## name ## _start[]; \ - extern const char prefix ## _ ## name ## _end[]; - -INCBIN(_bin, nrf70_fw, STR(CONFIG_NRF_WIFI_FW_BIN)); -#endif /* CONFIG_NRF_WIFI_PATCHES_BUILTIN */ - -#ifdef CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_STORE -#include -#include - -#include "hal_api.h" - -#include - -#if USE_PARTITION_MANAGER -#include -#define NRF70_FW_PATCH_ID PM_NRF70_WIFI_FW_ID -#else -#define NRF70_FW_PATCH_ID FIXED_PARTITION_ID(nrf70_fw_partition) -#endif -static const struct flash_area *fa; - -static int nrf_wifi_read_and_download_chunk(struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx, - const struct flash_area *fa, - unsigned int image_id, - char *fw_chunk, - unsigned int offset, - unsigned int rpu_addr_offset, - unsigned int len) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - const struct nrf70_fw_addr_info *addr_info; - struct nrf_wifi_fmac_fw_chunk_info fw_chunk_info = { 0 }; - int err; - - LOG_DBG("Reading chunk of size %d from offset %d", len, offset); - - /* Read the chunk from Flash */ - err = flash_area_read(fa, offset, fw_chunk, len); - if (err < 0) { - LOG_ERR("Failed to read patch chunk offset:%d from flash: %d", offset, err); - goto out; - } - - switch (image_id) { - case NRF70_IMAGE_LMAC_PRI: - addr_info = &nrf70_fw_addr_info[0]; - break; - case NRF70_IMAGE_LMAC_SEC: - addr_info = &nrf70_fw_addr_info[1]; - break; - case NRF70_IMAGE_UMAC_PRI: - addr_info = &nrf70_fw_addr_info[2]; - break; - case NRF70_IMAGE_UMAC_SEC: - addr_info = &nrf70_fw_addr_info[3]; - break; - default: - LOG_ERR("Invalid image id: %d\n", image_id); - goto out; - } - - fw_chunk_info.dest_addr = addr_info->dest_addr + rpu_addr_offset; - memcpy(fw_chunk_info.id_str, addr_info->name, sizeof(addr_info->name)); - fw_chunk_info.data = fw_chunk; - fw_chunk_info.size = len; - - status = nrf_wifi_fmac_fw_chunk_load(fmac_dev_ctx, - addr_info->rpu_proc, - &fw_chunk_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("Failed to load patch chunk, %s", addr_info->name); - } - -out: - return status; -} - -enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf70_fw_image_info patch_hdr; - unsigned int image_id; - int err; - unsigned int offset = 0, rpu_addr_offset; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = rpu_ctx; - unsigned int max_chunk_size = CONFIG_NRF_WIFI_FW_FLASH_CHUNK_SIZE; - char *fw_chunk = NULL; -#ifdef CONFIG_NRF_WIFI_FW_PATCH_INTEGRITY_CHECK - struct flash_area_check nrf70_fw_patch_check = { 0 }; - char *fw_patch_check_buf = NULL; -#endif /* NRF_WIFI_FW_PATCH_INTEGRITY_CHECK */ - - err = flash_area_open(NRF70_FW_PATCH_ID, &fa); - if (err < 0) { - LOG_ERR("Failed to open flash area: %d", err); - goto out; - } - - LOG_DBG("Flash area opened with size: %d, offset: %ld", fa->fa_size, fa->fa_off); - - /* Read the Header from Flash */ - err = flash_area_read(fa, 0, &patch_hdr, sizeof(patch_hdr)); - if (err < 0) { - LOG_ERR("Failed to read patch header from flash: %d", err); - goto out; - } - offset += sizeof(patch_hdr); - - status = nrf_wifi_validate_fw_header(rpu_ctx, &patch_hdr); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("Failed to validate patch header: %d", status); - goto out; - } - -#ifdef CONFIG_NRF_WIFI_FW_PATCH_INTEGRITY_CHECK - fw_patch_check_buf = k_malloc(max_chunk_size); - if (!fw_patch_check_buf) { - LOG_ERR("Failed to allocate memory for patch data size: %d", patch_hdr.len); - goto out; - } - nrf70_fw_patch_check.match = (uint8_t *)patch_hdr.hash; - nrf70_fw_patch_check.clen = patch_hdr.len; - nrf70_fw_patch_check.off = offset; - nrf70_fw_patch_check.rbuf = fw_patch_check_buf; - nrf70_fw_patch_check.rblen = max_chunk_size; - /* Check the integrity of the patch */ - err = flash_area_check_int_sha256(fa, &nrf70_fw_patch_check); - if (err < 0) { - LOG_ERR("Patch integrity check failed: %d", err); - status = NRF_WIFI_STATUS_FAIL; - k_free(fw_patch_check_buf); - goto out; - } - k_free(fw_patch_check_buf); -#endif /* NRF_WIFI_FW_PATCH_INTEGRITY_CHECK */ - - status = nrf_wifi_fmac_fw_reset(rpu_ctx); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("Failed to reset FMAC: %d", status); - goto out; - } - - fw_chunk = k_malloc(max_chunk_size); - if (!fw_chunk) { - LOG_ERR("Failed to allocate memory for patch chunk size: %d", max_chunk_size); - goto out; - } - - for (image_id = 0; image_id < patch_hdr.num_images; image_id++) { - struct nrf70_fw_image image; - unsigned int num_chunks; - unsigned int chunk_id; - - rpu_addr_offset = 0; - - /* Read sub-header */ - err = flash_area_read(fa, offset, &image, sizeof(image)); - if (err < 0) { - LOG_ERR("Failed to read patch image from flash: %d", err); - goto out; - } - offset += sizeof(image); - - num_chunks = image.len / max_chunk_size + - (image.len % max_chunk_size ? 1 : 0); - LOG_DBG("Processing image %d, len: %d, num_chunks: %d", - image_id, image.len, num_chunks); - for (chunk_id = 0; chunk_id < num_chunks; chunk_id++) { - unsigned int chunk_size = image.len - chunk_id * max_chunk_size; - - if (chunk_size > max_chunk_size) { - chunk_size = max_chunk_size; - } - - LOG_DBG("Processing chunk %d-%d, size: %d", image_id, chunk_id, chunk_size); - status = nrf_wifi_read_and_download_chunk(fmac_dev_ctx, - fa, image_id, fw_chunk, offset, rpu_addr_offset, - chunk_size); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("Failed to read and download patch %d-%d", - image_id, chunk_id); - goto out; - } - offset += chunk_size; - rpu_addr_offset += chunk_size; - } - } - - status = nrf_wifi_fmac_fw_boot(rpu_ctx); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("Failed to boot FMAC: %d", status); - goto out; - } - -out: - if (fw_chunk) { - k_free(fw_chunk); - } - flash_area_close(fa); - return status; -} -#else -enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_fmac_fw_info fw_info = { 0 }; -#if defined(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP) && defined(CONFIG_NORDIC_QSPI_NOR) - const struct device *flash_dev = DEVICE_DT_GET(DT_INST(0, nordic_qspi_nor)); -#endif /* CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP */ - uint8_t *fw_start; - uint8_t *fw_end; - - fw_start = (uint8_t *)_bin_nrf70_fw_start; - fw_end = (uint8_t *)_bin_nrf70_fw_end; - -#if defined(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP) && defined(CONFIG_NORDIC_QSPI_NOR) - nrf_qspi_nor_xip_enable(flash_dev, true); -#endif /* CONFIG_NRF_WIFI */ - - status = nrf_wifi_fmac_fw_parse(rpu_ctx, fw_start, fw_end - fw_start, - &fw_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_fw_parse failed", __func__); - return status; - } - /* Load the FW patches to the RPU */ - status = nrf_wifi_fmac_fw_load(rpu_ctx, &fw_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_fw_load failed", __func__); - } - -#if defined(CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_XIP) && defined(CONFIG_NORDIC_QSPI_NOR) - nrf_qspi_nor_xip_enable(flash_dev, false); -#endif /* CONFIG_NRF_WIFI */ - - return status; -} -#endif /* NRF_WIFI_PATCHES_EXT_FLASH_STORE */ diff --git a/drivers/wifi/nrf700x/src/net_if.c b/drivers/wifi/nrf700x/src/net_if.c deleted file mode 100644 index 28173824b84a..000000000000 --- a/drivers/wifi/nrf700x/src/net_if.c +++ /dev/null @@ -1,1239 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing netowrk stack interface specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include - -#ifdef CONFIG_WIFI_RANDOM_MAC_ADDRESS -#include -#endif - -#include -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -#include "net_private.h" - -#include "util.h" -#include "fmac_api.h" -#include "fmac_util.h" -#include "shim.h" -#include "fmac_main.h" -#include "wpa_supp_if.h" -#include "net_if.h" - -extern char *net_sprint_ll_addr_buf(const uint8_t *ll, uint8_t ll_len, - char *buf, int buflen); - -#ifdef CONFIG_NRF700X_STA_MODE -static struct net_mgmt_event_callback ip_maddr4_cb; -static struct net_mgmt_event_callback ip_maddr6_cb; -#endif /* CONFIG_NRF700X_STA_MODE */ - -void nrf_wifi_set_iface_event_handler(void *os_vif_ctx, - struct nrf_wifi_umac_event_set_interface *event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!os_vif_ctx) { - LOG_ERR("%s: Invalid parameters", - __func__); - goto out; - } - - if (!event) { - LOG_ERR("%s: event is NULL", - __func__); - goto out; - } - - (void)event_len; - - vif_ctx_zep = os_vif_ctx; - - vif_ctx_zep->set_if_event_received = true; - vif_ctx_zep->set_if_status = event->return_value; - -out: - return; -} - -#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY -static void nrf_wifi_rpu_recovery_work_handler(struct k_work *work) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = CONTAINER_OF(work, - struct nrf_wifi_vif_ctx_zep, - nrf_wifi_rpu_recovery_work); - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - if (!vif_ctx_zep->zep_net_if_ctx) { - LOG_ERR("%s: zep_net_if_ctx is NULL", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return; - } - - k_mutex_lock(&rpu_ctx_zep->rpu_lock, K_FOREVER); - LOG_DBG("%s: Bringing the interface down", __func__); - /* This indirectly does a cold-boot of RPU */ - net_if_down(vif_ctx_zep->zep_net_if_ctx); - k_msleep(CONFIG_NRF_WIFI_RPU_RECOVERY_PROPAGATION_DELAY_MS); - LOG_DBG("%s: Bringing the interface up", __func__); - net_if_up(vif_ctx_zep->zep_net_if_ctx); - k_mutex_unlock(&rpu_ctx_zep->rpu_lock); -} - -void nrf_wifi_rpu_recovery_cb(void *vif_ctx_handle, - void *event_data, - unsigned int event_len) -{ - struct nrf_wifi_fmac_vif_ctx *vif_ctx = vif_ctx_handle; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!vif_ctx) { - LOG_ERR("%s: vif_ctx is NULL", - __func__); - goto out; - } - - fmac_dev_ctx = vif_ctx->fmac_dev_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - if (!def_dev_ctx) { - LOG_ERR("%s: def_dev_ctx is NULL", - __func__); - goto out; - } - - vif_ctx_zep = vif_ctx->os_vif_ctx; - (void)event_data; - - k_work_submit(&vif_ctx_zep->nrf_wifi_rpu_recovery_work); -out: - return; -} -#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ - -#ifdef CONFIG_NRF700X_DATA_TX -static void nrf_wifi_net_iface_work_handler(struct k_work *work) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = CONTAINER_OF(work, - struct nrf_wifi_vif_ctx_zep, - nrf_wifi_net_iface_work); - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - if (!vif_ctx_zep->zep_net_if_ctx) { - LOG_ERR("%s: zep_net_if_ctx is NULL", __func__); - return; - } - - if (vif_ctx_zep->if_carr_state == NRF_WIFI_FMAC_IF_CARR_STATE_ON) { - net_if_dormant_off(vif_ctx_zep->zep_net_if_ctx); - } else if (vif_ctx_zep->if_carr_state == NRF_WIFI_FMAC_IF_CARR_STATE_OFF) { - net_if_dormant_on(vif_ctx_zep->zep_net_if_ctx); - } -} - -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) -void nrf_wifi_if_sniffer_rx_frm(void *os_vif_ctx, void *frm, - struct raw_rx_pkt_header *raw_rx_hdr, - bool pkt_free) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = os_vif_ctx; - struct net_if *iface = vif_ctx_zep->zep_net_if_ctx; - struct net_pkt *pkt; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - int ret; - - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - - pkt = net_raw_pkt_from_nbuf(iface, frm, sizeof(struct raw_rx_pkt_header), - raw_rx_hdr, - pkt_free); - if (!pkt) { - LOG_DBG("Failed to allocate net_pkt"); - return; - } - - net_capture_pkt(iface, pkt); - - ret = net_recv_data(iface, pkt); - if (ret < 0) { - LOG_DBG("RCV Packet dropped by NET stack: %d", ret); - net_pkt_unref(pkt); - } -} -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ - -void nrf_wifi_if_rx_frm(void *os_vif_ctx, void *frm) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = os_vif_ctx; - struct net_if *iface = vif_ctx_zep->zep_net_if_ctx; - struct net_pkt *pkt; - int status; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - struct rpu_host_stats *host_stats = NULL; - - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - host_stats = &def_dev_ctx->host_stats; - host_stats->total_rx_pkts++; - - pkt = net_pkt_from_nbuf(iface, frm); - if (!pkt) { - LOG_DBG("Failed to allocate net_pkt"); - host_stats->total_rx_drop_pkts++; - return; - } - - status = net_recv_data(iface, pkt); - - if (status < 0) { - LOG_DBG("RCV Packet dropped by NET stack: %d", status); - host_stats->total_rx_drop_pkts++; - net_pkt_unref(pkt); - } -} - -enum nrf_wifi_status nrf_wifi_if_carr_state_chg(void *os_vif_ctx, - enum nrf_wifi_fmac_if_carr_state carr_state) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!os_vif_ctx) { - LOG_ERR("%s: Invalid parameters", - __func__); - goto out; - } - - vif_ctx_zep = os_vif_ctx; - - vif_ctx_zep->if_carr_state = carr_state; - - LOG_DBG("%s: Carrier state: %d", __func__, carr_state); - - k_work_submit(&vif_ctx_zep->nrf_wifi_net_iface_work); - - status = NRF_WIFI_STATUS_SUCCESS; - -out: - return status; -} - -static bool is_eapol(struct net_pkt *pkt) -{ - struct net_eth_hdr *hdr; - uint16_t ethertype; - - hdr = NET_ETH_HDR(pkt); - ethertype = ntohs(hdr->type); - - return ethertype == NET_ETH_PTYPE_EAPOL; -} -#endif /* CONFIG_NRF700X_DATA_TX */ - -enum ethernet_hw_caps nrf_wifi_if_caps_get(const struct device *dev) -{ - enum ethernet_hw_caps caps = (ETHERNET_LINK_10BASE_T | - ETHERNET_LINK_100BASE_T | ETHERNET_LINK_1000BASE_T); - -#ifdef CONFIG_NRF700X_TCP_IP_CHECKSUM_OFFLOAD - caps |= ETHERNET_HW_TX_CHKSUM_OFFLOAD | - ETHERNET_HW_RX_CHKSUM_OFFLOAD; -#endif /* CONFIG_NRF700X_TCP_IP_CHECKSUM_OFFLOAD */ - -#ifdef CONFIG_NRF700X_RAW_DATA_TX - caps |= ETHERNET_TXINJECTION_MODE; -#endif -#ifdef CONFIG_NRF700X_PROMISC_DATA_RX - caps |= ETHERNET_PROMISC_MODE; -#endif - return caps; -} - -int nrf_wifi_if_send(const struct device *dev, - struct net_pkt *pkt) -{ - int ret = -1; -#ifdef CONFIG_NRF700X_DATA_TX - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - struct rpu_host_stats *host_stats = NULL; - void *nbuf = NULL; - - if (!dev || !pkt) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto out; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - goto unlock; - } - - def_dev_ctx = wifi_dev_priv(rpu_ctx_zep->rpu_ctx); - host_stats = &def_dev_ctx->host_stats; - nbuf = net_pkt_to_nbuf(pkt); - if (!nbuf) { - LOG_DBG("Failed to allocate net_pkt"); - host_stats->total_tx_drop_pkts++; - goto out; - } - -#ifdef CONFIG_NRF700X_RAW_DATA_TX - if ((*(unsigned int *)pkt->frags->data) == NRF_WIFI_MAGIC_NUM_RAWTX) { - if (vif_ctx_zep->if_carr_state != NRF_WIFI_FMAC_IF_CARR_STATE_ON) { - goto unlock; - } - - ret = nrf_wifi_fmac_start_rawpkt_xmit(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - nbuf); - } else { -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ - if ((vif_ctx_zep->if_carr_state != NRF_WIFI_FMAC_IF_CARR_STATE_ON) || - (!vif_ctx_zep->authorized && !is_eapol(pkt))) { - goto unlock; - } - - ret = nrf_wifi_fmac_start_xmit(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - nbuf); -#ifdef CONFIG_NRF700X_RAW_DATA_TX - } -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -#else - ARG_UNUSED(dev); - ARG_UNUSED(pkt); - goto out; -#endif /* CONFIG_NRF700X_DATA_TX */ - -out: - return ret; -} - -#ifdef CONFIG_NRF700X_STA_MODE -static void ip_maddr_event_handler(struct net_mgmt_event_callback *cb, - uint32_t mgmt_event, - struct net_if *iface) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct net_eth_addr mac_addr; - struct nrf_wifi_umac_mcast_cfg *mcast_info = NULL; - enum nrf_wifi_status status; - uint8_t mac_string_buf[sizeof("xx:xx:xx:xx:xx:xx")]; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret; - - if (mgmt_event != NET_EVENT_IPV4_MADDR_ADD && - mgmt_event != NET_EVENT_IPV4_MADDR_DEL && - mgmt_event != NET_EVENT_IPV6_MADDR_ADD && - mgmt_event != NET_EVENT_IPV6_MADDR_DEL) { - return; - } - - vif_ctx_zep = nrf_wifi_get_vif_ctx(iface); - if (!vif_ctx_zep) { - return; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: rpu_ctx_zep or rpu_ctx is NULL", - __func__); - goto unlock; - } - - mcast_info = k_calloc(sizeof(*mcast_info), sizeof(char)); - - if (!mcast_info) { - LOG_ERR("%s: Unable to allocate memory of size %d " - "for mcast_info", __func__, sizeof(*mcast_info)); - return; - } - - if ((mgmt_event == NET_EVENT_IPV4_MADDR_ADD) || - (mgmt_event == NET_EVENT_IPV4_MADDR_DEL)) { - if ((cb->info == NULL) || - (cb->info_length != sizeof(struct in_addr))) { - goto unlock; - } - - net_eth_ipv4_mcast_to_mac_addr((const struct in_addr *)cb->info, - &mac_addr); - - if (mgmt_event == NET_EVENT_IPV4_MADDR_ADD) { - mcast_info->type = MCAST_ADDR_ADD; - } else { - mcast_info->type = MCAST_ADDR_DEL; - } - - } else if ((mgmt_event == NET_EVENT_IPV6_MADDR_ADD) || - (mgmt_event == NET_EVENT_IPV6_MADDR_DEL)) { - if ((cb->info == NULL) || - (cb->info_length != sizeof(struct in6_addr))) { - goto unlock; - } - - net_eth_ipv6_mcast_to_mac_addr( - (const struct in6_addr *)cb->info, - &mac_addr); - - if (mgmt_event == NET_EVENT_IPV6_MADDR_ADD) { - mcast_info->type = MCAST_ADDR_ADD; - } else { - mcast_info->type = MCAST_ADDR_DEL; - } - } - - memcpy(((char *)(mcast_info->mac_addr)), - &mac_addr, - NRF_WIFI_ETH_ADDR_LEN); - - status = nrf_wifi_fmac_set_mcast_addr(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - mcast_info); - - if (status == NRF_WIFI_STATUS_FAIL) { - LOG_ERR("%s: nrf_wifi_fmac_set_multicast failed for" - " mac addr=%s", - __func__, - net_sprint_ll_addr_buf(mac_addr.addr, - WIFI_MAC_ADDR_LEN, mac_string_buf, - sizeof(mac_string_buf))); - } -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: - k_free(mcast_info); -} -#endif /* CONFIG_NRF700X_STA_MODE */ - -#ifdef CONFIG_WIFI_FIXED_MAC_ADDRESS_ENABLED -BUILD_ASSERT(sizeof(CONFIG_WIFI_FIXED_MAC_ADDRESS) - 1 == ((WIFI_MAC_ADDR_LEN * 2) + 5), - "Invalid fixed MAC address length"); -#endif - -enum nrf_wifi_status nrf_wifi_get_mac_addr(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", - __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: rpu_ctx_zep or rpu_ctx is NULL", - __func__); - goto unlock; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - -#ifdef CONFIG_WIFI_FIXED_MAC_ADDRESS_ENABLED - char fixed_mac_addr[WIFI_MAC_ADDR_LEN]; - - ret = net_bytes_from_str(fixed_mac_addr, - WIFI_MAC_ADDR_LEN, - CONFIG_WIFI_FIXED_MAC_ADDRESS); - if (ret < 0) { - LOG_ERR("%s: Failed to parse MAC address: %s", - __func__, - CONFIG_WIFI_FIXED_MAC_ADDRESS); - goto unlock; - } - - memcpy(vif_ctx_zep->mac_addr.addr, - fixed_mac_addr, - WIFI_MAC_ADDR_LEN); -#elif CONFIG_WIFI_RANDOM_MAC_ADDRESS - char random_mac_addr[WIFI_MAC_ADDR_LEN]; - - sys_rand_get(random_mac_addr, WIFI_MAC_ADDR_LEN); - random_mac_addr[0] = (random_mac_addr[0] & UNICAST_MASK) | LOCAL_BIT; - - memcpy(vif_ctx_zep->mac_addr.addr, - random_mac_addr, - WIFI_MAC_ADDR_LEN); -#elif CONFIG_WIFI_OTP_MAC_ADDRESS - status = nrf_wifi_fmac_otp_mac_addr_get(fmac_dev_ctx, - vif_ctx_zep->vif_idx, - vif_ctx_zep->mac_addr.addr); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Fetching of MAC address from OTP failed", - __func__); - goto unlock; - } -#endif - - if (!nrf_wifi_utils_is_mac_addr_valid(vif_ctx_zep->mac_addr.addr)) { - LOG_ERR("%s: Invalid MAC address: %s", - __func__, - net_sprint_ll_addr(vif_ctx_zep->mac_addr.addr, - WIFI_MAC_ADDR_LEN)); - status = NRF_WIFI_STATUS_FAIL; - memset(vif_ctx_zep->mac_addr.addr, - 0, - WIFI_MAC_ADDR_LEN); - goto unlock; - } - status = NRF_WIFI_STATUS_SUCCESS; -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: - return status; -} - -void nrf_wifi_if_init_zep(struct net_if *iface) -{ - const struct device *dev = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct ethernet_context *eth_ctx = net_if_l2_data(iface); - - if (!iface) { - LOG_ERR("%s: Invalid parameters", - __func__); - return; - } - - dev = net_if_get_device(iface); - - if (!dev) { - LOG_ERR("%s: Invalid dev", - __func__); - return; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", - __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", - __func__); - return; - } - - vif_ctx_zep->zep_net_if_ctx = iface; - vif_ctx_zep->zep_dev_ctx = dev; - - eth_ctx->eth_if_type = L2_ETH_IF_TYPE_WIFI; - ethernet_init(iface); - net_eth_carrier_on(iface); - net_if_dormant_on(iface); - -#ifdef CONFIG_NRF700X_STA_MODE - net_mgmt_init_event_callback(&ip_maddr4_cb, - ip_maddr_event_handler, - NET_EVENT_IPV4_MADDR_ADD | NET_EVENT_IPV4_MADDR_DEL); - net_mgmt_add_event_callback(&ip_maddr4_cb); - - net_mgmt_init_event_callback(&ip_maddr6_cb, - ip_maddr_event_handler, - NET_EVENT_IPV6_MADDR_ADD | NET_EVENT_IPV6_MADDR_DEL); - net_mgmt_add_event_callback(&ip_maddr6_cb); -#endif /* CONFIG_NRF700X_STA_MODE */ -#ifdef CONFIG_NRF700X_DATA_TX - k_work_init(&vif_ctx_zep->nrf_wifi_net_iface_work, - nrf_wifi_net_iface_work_handler); -#endif /* CONFIG_NRF700X_DATA_TX */ - -#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY - k_work_init(&vif_ctx_zep->nrf_wifi_rpu_recovery_work, - nrf_wifi_rpu_recovery_work_handler); -#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ - -#if !defined(CONFIG_NRF_WIFI_IF_AUTO_START) - net_if_flag_set(iface, NET_IF_NO_AUTO_START); -#endif /* CONFIG_NRF_WIFI_IF_AUTO_START */ - net_if_flag_set(iface, NET_IF_NO_TX_LOCK); - - return; -} - -/* Board-specific Wi-Fi startup code to run before the Wi-Fi device is started */ -__weak int nrf_wifi_if_zep_start_board(const struct device *dev) -{ - ARG_UNUSED(dev); - return 0; -} - -/* Board-specific Wi-Fi shutdown code to run after the Wi-Fi device is stopped */ -__weak int nrf_wifi_if_zep_stop_board(const struct device *dev) -{ - ARG_UNUSED(dev); - return 0; -} - -int nrf_wifi_if_start_zep(const struct device *dev) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_umac_chg_vif_state_info vif_info; - struct nrf_wifi_umac_add_vif_info add_vif_info; - char *mac_addr = NULL; - unsigned int mac_addr_len = 0; - int ret = -1; - bool fmac_dev_added = false; - - if (!dev) { - LOG_ERR("%s: Invalid parameters", - __func__); - goto out; - } - - if (!device_is_ready(dev)) { - LOG_ERR("%s: Device %s is not ready", - __func__, dev->name); - goto out; - } - - ret = nrf_wifi_if_zep_start_board(dev); - if (ret) { - LOG_ERR("nrf_wifi_if_zep_start_board failed with error: %d", - ret); - goto out; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", - __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", - __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - if (!rpu_ctx_zep->rpu_ctx) { - status = nrf_wifi_fmac_dev_add_zep(&rpu_drv_priv_zep); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_dev_add_zep failed", - __func__); - goto out; - } - fmac_dev_added = true; - LOG_DBG("%s: FMAC device added", __func__); - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - memset(&add_vif_info, - 0, - sizeof(add_vif_info)); - - /* TODO: This should be configurable */ - add_vif_info.iftype = NRF_WIFI_IFTYPE_STATION; - - memcpy(add_vif_info.ifacename, - dev->name, - strlen(dev->name)); - - vif_ctx_zep->vif_idx = nrf_wifi_fmac_add_vif(fmac_dev_ctx, - vif_ctx_zep, - &add_vif_info); - if (vif_ctx_zep->vif_idx >= MAX_NUM_VIFS) { - LOG_ERR("%s: FMAC returned invalid interface index", - __func__); - goto dev_rem; - } - - k_mutex_init(&vif_ctx_zep->vif_lock); - rpu_ctx_zep->vif_ctx_zep[vif_ctx_zep->vif_idx].if_type = - add_vif_info.iftype; - - /* Check if user has provided a valid MAC address, if not - * fetch it from OTP. - */ - mac_addr = net_if_get_link_addr(vif_ctx_zep->zep_net_if_ctx)->addr; - mac_addr_len = net_if_get_link_addr(vif_ctx_zep->zep_net_if_ctx)->len; - - if (!nrf_wifi_utils_is_mac_addr_valid(mac_addr)) { - status = nrf_wifi_get_mac_addr(vif_ctx_zep); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Failed to get MAC address", - __func__); - goto del_vif; - } - net_if_set_link_addr(vif_ctx_zep->zep_net_if_ctx, - vif_ctx_zep->mac_addr.addr, - WIFI_MAC_ADDR_LEN, - NET_LINK_ETHERNET); - mac_addr = vif_ctx_zep->mac_addr.addr; - mac_addr_len = WIFI_MAC_ADDR_LEN; - } - - status = nrf_wifi_fmac_set_vif_macaddr(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - mac_addr); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: MAC address change failed", - __func__); - goto del_vif; - } - - memset(&vif_info, - 0, - sizeof(vif_info)); - - vif_info.state = NRF_WIFI_FMAC_IF_OP_STATE_UP; - vif_info.if_index = vif_ctx_zep->vif_idx; - - memcpy(vif_ctx_zep->ifname, - dev->name, - strlen(dev->name)); - - status = nrf_wifi_fmac_chg_vif_state(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &vif_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_vif_state failed", - __func__); - goto del_vif; - } - -#ifdef CONFIG_NRF700X_STA_MODE - nrf_wifi_wpa_supp_event_mac_chgd(vif_ctx_zep); - -#ifdef CONFIG_NRF_WIFI_LOW_POWER - status = nrf_wifi_fmac_set_power_save(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - NRF_WIFI_PS_ENABLED); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_set_power_save failed", - __func__); - goto dev_rem; - } -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ -#endif /* CONFIG_NRF700X_STA_MODE */ - - vif_ctx_zep->if_op_state = NRF_WIFI_FMAC_IF_OP_STATE_UP; - - ret = 0; - - goto out; -del_vif: - status = nrf_wifi_fmac_del_vif(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_del_vif failed", - __func__); - } -dev_rem: - /* Free only if we added above i.e., for 1st VIF */ - if (fmac_dev_added) { - nrf_wifi_fmac_dev_rem_zep(&rpu_drv_priv_zep); - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - - -int nrf_wifi_if_stop_zep(const struct device *dev) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_chg_vif_state_info vif_info; - int ret = -1; - - if (!dev) { - LOG_ERR("%s: Invalid parameters", - __func__); - goto out; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", - __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", - __func__); - goto out; - } - -#ifdef CONFIG_NRF700X_STA_MODE -#ifdef CONFIG_NRF_WIFI_LOW_POWER - status = nrf_wifi_fmac_set_power_save(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - NRF_WIFI_PS_DISABLED); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_set_power_save failed", - __func__); - goto unlock; - } -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ -#endif /* CONFIG_NRF700X_STA_MODE */ - - memset(&vif_info, - 0, - sizeof(vif_info)); - - vif_info.state = NRF_WIFI_FMAC_IF_OP_STATE_DOWN; - vif_info.if_index = vif_ctx_zep->vif_idx; - - status = nrf_wifi_fmac_chg_vif_state(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &vif_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_vif_state failed", - __func__); - goto unlock; - } - - status = nrf_wifi_fmac_del_vif(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_del_vif failed", - __func__); - goto unlock; - } - - vif_ctx_zep->if_op_state = NRF_WIFI_FMAC_IF_OP_STATE_DOWN; - - if (nrf_wifi_fmac_get_num_vifs(rpu_ctx_zep->rpu_ctx) == 0) { - nrf_wifi_fmac_dev_rem_zep(&rpu_drv_priv_zep); - } - ret = 0; -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - - ret = nrf_wifi_if_zep_stop_board(dev); - if (ret) { - LOG_ERR("nrf_wifi_if_zep_stop_board failed with error: %d", - ret); - } -out: - return ret; -} - -int nrf_wifi_if_get_config_zep(const struct device *dev, - enum ethernet_config_type type, - struct ethernet_config *config) -{ - int ret = -1; -#ifdef CONFIG_NRF700X_RAW_DATA_TX - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - - if (!dev || !config) { - LOG_ERR("%s: Invalid parameters", - __func__); - goto out; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", - __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: rpu_ctx_zep or rpu_ctx is NULL", - __func__); - goto unlock; - } - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - if (!def_dev_ctx) { - LOG_ERR("%s: def_dev_ctx is NULL", - __func__); - goto unlock; - } - - if (type == ETHERNET_CONFIG_TYPE_TXINJECTION_MODE) { - config->txinjection_mode = - def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->txinjection_mode; - } - ret = 0; -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: -#endif - return ret; -} - -int nrf_wifi_if_set_config_zep(const struct device *dev, - enum ethernet_config_type type, - const struct ethernet_config *config) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - int ret = -1; - - if (!dev) { - LOG_ERR("%s: Invalid parameters", - __func__); - goto out; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", - __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - /* Commands without FMAC interaction */ - if (type == ETHERNET_CONFIG_TYPE_MAC_ADDRESS) { - if (!net_eth_is_addr_valid((struct net_eth_addr *)&config->mac_address)) { - LOG_ERR("%s: Invalid MAC address", - __func__); - goto unlock; - } - memcpy(vif_ctx_zep->mac_addr.addr, - config->mac_address.addr, - sizeof(vif_ctx_zep->mac_addr.addr)); - - net_if_set_link_addr(vif_ctx_zep->zep_net_if_ctx, - vif_ctx_zep->mac_addr.addr, - sizeof(vif_ctx_zep->mac_addr.addr), - NET_LINK_ETHERNET); - ret = 0; - goto unlock; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: rpu_ctx_zep or rpu_ctx is NULL", - __func__); - goto unlock; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - if (!def_dev_ctx) { - LOG_ERR("%s: def_dev_ctx is NULL", - __func__); - goto unlock; - } - -#ifdef CONFIG_NRF700X_RAW_DATA_TX - if (type == ETHERNET_CONFIG_TYPE_TXINJECTION_MODE) { - unsigned char mode; - - if (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->txinjection_mode == - config->txinjection_mode) { - LOG_INF("%s: Driver TX injection setting is same as configured setting", - __func__); - goto unlock; - } - /** - * Since UMAC wishes to use the same mode command as previously - * used for mode, `OR` the primary mode with TX-Injection mode and - * send it to the UMAC. That way UMAC can still maintain code - * as is - */ - if (config->txinjection_mode) { - mode = (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->mode) | - (NRF_WIFI_TX_INJECTION_MODE); - } else { - mode = (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->mode) ^ - (NRF_WIFI_TX_INJECTION_MODE); - } - - ret = nrf_wifi_fmac_set_mode(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, mode); - - if (ret != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Mode set operation failed", __func__); - goto unlock; - } - } -#endif -#ifdef CONFIG_NRF700X_PROMISC_DATA_RX - else if (type == ETHERNET_CONFIG_TYPE_PROMISC_MODE) { - unsigned char mode; - - if (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->promisc_mode == - config->promisc_mode) { - LOG_ERR("%s: Driver promisc mode setting is same as configured setting", - __func__); - goto out; - } - - if (config->promisc_mode) { - mode = (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->mode) | - (NRF_WIFI_PROMISCUOUS_MODE); - } else { - mode = (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->mode) ^ - (NRF_WIFI_PROMISCUOUS_MODE); - } - - ret = nrf_wifi_fmac_set_mode(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, mode); - - if (ret != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: mode set operation failed", __func__); - goto out; - } - } -#endif - ret = 0; -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: - return ret; -} - -#ifdef CONFIG_NET_STATISTICS_ETHERNET -struct net_stats_eth *nrf_wifi_eth_stats_get(const struct device *dev) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!dev) { - LOG_ERR("%s Device not found", __func__); - goto out; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto out; - } - - return &vif_ctx_zep->eth_stats; -out: - return NULL; -} -#endif /* CONFIG_NET_STATISTICS_ETHERNET */ - -#ifdef CONFIG_NET_STATISTICS_WIFI -int nrf_wifi_stats_get(const struct device *dev, struct net_stats_wifi *zstats) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; -#ifdef CONFIG_NRF700X_RAW_DATA_TX - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ - struct rpu_op_stats stats; - int ret = -1; - - if (!dev) { - LOG_ERR("%s Device not found", __func__); - goto out; - } - - if (!zstats) { - LOG_ERR("%s Stats buffer not allocated", __func__); - goto out; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: rpu_ctx_zep or rpu_ctx is NULL", - __func__); - goto unlock; - } - - memset(&stats, 0, sizeof(struct rpu_op_stats)); - status = nrf_wifi_fmac_stats_get(rpu_ctx_zep->rpu_ctx, 0, &stats); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_stats_get failed", __func__); - goto unlock; - } - - zstats->pkts.tx = stats.host.total_tx_pkts; - zstats->pkts.rx = stats.host.total_rx_pkts; - zstats->errors.tx = stats.host.total_tx_drop_pkts; - zstats->errors.rx = stats.host.total_rx_drop_pkts + - stats.fw.umac.interface_data_stats.rx_checksum_error_count; - zstats->bytes.received = stats.fw.umac.interface_data_stats.rx_bytes; - zstats->bytes.sent = stats.fw.umac.interface_data_stats.tx_bytes; - zstats->sta_mgmt.beacons_rx = stats.fw.umac.interface_data_stats.rx_beacon_success_count; - zstats->sta_mgmt.beacons_miss = stats.fw.umac.interface_data_stats.rx_beacon_miss_count; - zstats->broadcast.rx = stats.fw.umac.interface_data_stats.rx_broadcast_pkt_count; - zstats->broadcast.tx = stats.fw.umac.interface_data_stats.tx_broadcast_pkt_count; - zstats->multicast.rx = stats.fw.umac.interface_data_stats.rx_multicast_pkt_count; - zstats->multicast.tx = stats.fw.umac.interface_data_stats.tx_multicast_pkt_count; - zstats->unicast.rx = stats.fw.umac.interface_data_stats.rx_unicast_pkt_count; - zstats->unicast.tx = stats.fw.umac.interface_data_stats.tx_unicast_pkt_count; - -#ifdef CONFIG_NRF700X_RAW_DATA_TX - def_dev_ctx = wifi_dev_priv(rpu_ctx_zep->rpu_ctx); - zstats->errors.tx += def_dev_ctx->raw_pkt_stats.raw_pkt_send_failure; -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ - ret = 0; -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: - return ret; -} - -int nrf_wifi_stats_reset(const struct device *dev) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - int ret = -1; - - if (!dev) { - LOG_ERR("%s Device not found", __func__); - goto out; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto out; - } - - ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (ret != 0) { - LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep || !rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: rpu_ctx_zep or rpu_ctx is NULL", - __func__); - goto unlock; - } - - status = nrf_wifi_fmac_stats_reset(rpu_ctx_zep->rpu_ctx); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_stats_reset failed", __func__); - goto unlock; - } - - def_dev_ctx = wifi_dev_priv(rpu_ctx_zep->rpu_ctx); - memset(&def_dev_ctx->host_stats, 0, sizeof(struct rpu_host_stats)); - - ret = 0; -unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: - return ret; -} -#endif /* CONFIG_NET_STATISTICS_WIFI */ diff --git a/drivers/wifi/nrf700x/src/qspi/inc/ficr_prog.h b/drivers/wifi/nrf700x/src/qspi/inc/ficr_prog.h deleted file mode 100644 index d2ae442e0bf4..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/inc/ficr_prog.h +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing address/offets and functions for writing - * the FICR fields of the OTP memory on nRF7002 device - */ - -#ifndef __OTP_PROG_H_ -#define __OTP_PROG_H_ - -#include -#include - -int write_otp_memory(unsigned int otp_addr, unsigned int *write_val); -int read_otp_memory(unsigned int otp_addr, unsigned int *read_val, int len); -unsigned int check_protection(unsigned int *buff, unsigned int off1, unsigned int off2, - unsigned int off3, unsigned int off4); - -#endif /* __OTP_PROG_H_ */ diff --git a/drivers/wifi/nrf700x/src/qspi/inc/qspi_if.h b/drivers/wifi/nrf700x/src/qspi/inc/qspi_if.h deleted file mode 100644 index cb130f87dff0..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/inc/qspi_if.h +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing QSPI device interface specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __QSPI_IF_H__ -#define __QSPI_IF_H__ - -#include -#include -#ifdef CONFIG_NRF700X_ON_QSPI -#include -#endif - -#define RPU_WAKEUP_NOW BIT(0) /* WAKEUP RPU - RW */ -#define RPU_AWAKE_BIT BIT(1) /* RPU AWAKE FROM SLEEP - RO */ -#define RPU_READY_BIT BIT(2) /* RPU IS READY - RO*/ - -struct qspi_config { -#ifdef CONFIG_NRF700X_ON_QSPI - nrf_qspi_addrmode_t addrmode; - nrf_qspi_readoc_t readoc; - nrf_qspi_writeoc_t writeoc; - nrf_qspi_frequency_t sckfreq; -#endif - unsigned char RDC4IO; - bool easydma; - bool single_op; - bool quad_spi; - bool encryption; - bool CMD_CNONCE; - bool enc_enabled; - struct k_sem lock; - unsigned int addrmask; - unsigned char qspi_slave_latency; -#if defined(CONFIG_NRF700X_ON_QSPI) && (NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC) - nrf_qspi_encryption_t p_cfg; -#endif /*CONFIG_NRF700X_ON_QSPI && (NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC)*/ - int test_hlread; - char *test_name; - int test_start; - int test_end; - int test_iterations; - int test_timediff_read; - int test_timediff_write; - int test_status; - int test_iteration; -}; -struct qspi_dev { - int (*deinit)(void); - void *config; - int (*init)(struct qspi_config *config); - int (*write)(unsigned int addr, const void *data, int len); - int (*read)(unsigned int addr, void *data, int len); - int (*hl_read)(unsigned int addr, void *data, int len); - void (*hard_reset)(void); -}; - -int qspi_cmd_wakeup_rpu(const struct device *dev, uint8_t data); - -int qspi_init(struct qspi_config *config); - -int qspi_write(unsigned int addr, const void *data, int len); - -int qspi_read(unsigned int addr, void *data, int len); - -int qspi_hl_read(unsigned int addr, void *data, int len); - -int qspi_deinit(void); - -void gpio_free_irq(int pin, struct gpio_callback *button_cb_data); - -int gpio_request_irq(int pin, struct gpio_callback *button_cb_data, void (*irq_handler)()); - -struct qspi_config *qspi_defconfig(void); - -struct qspi_dev *qspi_dev(void); -struct qspi_config *qspi_get_config(void); - -int qspi_cmd_sleep_rpu(const struct device *dev); - -void hard_reset(void); -void get_sleep_stats(uint32_t addr, uint32_t *buff, uint32_t wrd_len); - -extern struct device qspi_perip; - -int qspi_validate_rpu_wake_writecmd(const struct device *dev); -int qspi_cmd_wakeup_rpu(const struct device *dev, uint8_t data); -int qspi_wait_while_rpu_awake(const struct device *dev); - -int qspi_RDSR1(const struct device *dev, uint8_t *rdsr1); -int qspi_RDSR2(const struct device *dev, uint8_t *rdsr2); -int qspi_WRSR2(const struct device *dev, const uint8_t wrsr2); - -#ifdef CONFIG_NRF_WIFI_LOW_POWER -int func_rpu_sleep(void); -int func_rpu_wake(void); -int func_rpu_sleep_status(void); -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - -#define QSPI_KEY_LEN_BYTES 16 - -/*! \brief Enable encryption - * - * \param key Pointer to the 128-bit key - * \return 0 on success, negative errno code on failure. - */ -int qspi_enable_encryption(uint8_t *key); - -#endif /* __QSPI_IF_H__ */ diff --git a/drivers/wifi/nrf700x/src/qspi/inc/rpu_hw_if.h b/drivers/wifi/nrf700x/src/qspi/inc/rpu_hw_if.h deleted file mode 100644 index 98165b33cc67..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/inc/rpu_hw_if.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing common functions for RPU hardware interaction - * using QSPI and SPI that can be invoked by shell or the driver. - */ - -#ifndef __RPU_HW_IF_H_ -#define __RPU_HW_IF_H_ - -#include -#include -#include - -enum { - SYSBUS = 0, - EXT_SYS_BUS, - PBUS, - PKTRAM, - GRAM, - LMAC_ROM, - LMAC_RET_RAM, - LMAC_SRC_RAM, - UMAC_ROM, - UMAC_RET_RAM, - UMAC_SRC_RAM, - NUM_MEM_BLOCKS -}; - -extern char blk_name[][15]; -extern uint32_t rpu_7002_memmap[][3]; - -int rpu_read(unsigned int addr, void *data, int len); -int rpu_write(unsigned int addr, const void *data, int len); - -int rpu_sleep(void); -int rpu_wakeup(void); -int rpu_sleep_status(void); -void rpu_get_sleep_stats(uint32_t addr, uint32_t *buff, uint32_t wrd_len); -int rpu_irq_config(struct gpio_callback *irq_callback_data, void (*irq_handler)()); -int rpu_irq_remove(struct gpio_callback *irq_callback_data); - -int rpu_wrsr2(uint8_t data); -int rpu_rdsr2(void); -int rpu_rdsr1(void); -int rpu_clks_on(void); - -int rpu_init(void); -int rpu_enable(void); -int rpu_disable(void); - -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH -int sr_ant_switch(unsigned int ant_switch); -int sr_gpio_remove(void); -int sr_gpio_config(void); -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ -#endif /* __RPU_HW_IF_H_ */ diff --git a/drivers/wifi/nrf700x/src/qspi/inc/spi_if.h b/drivers/wifi/nrf700x/src/qspi/inc/spi_if.h deleted file mode 100644 index 93ae191d7ea5..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/inc/spi_if.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing SPI device interface specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -/* SPIM driver config */ - -int spim_init(struct qspi_config *config); - -int spim_deinit(void); - -int spim_write(unsigned int addr, const void *data, int len); - -int spim_read(unsigned int addr, void *data, int len); - -int spim_hl_read(unsigned int addr, void *data, int len); - -int spim_cmd_rpu_wakeup_fn(uint32_t data); - -int spim_wait_while_rpu_awake(void); - -int spi_validate_rpu_wake_writecmd(void); - -int spim_cmd_sleep_rpu_fn(void); - -int spim_RDSR1(const struct device *dev, uint8_t *rdsr1); - -int spim_RDSR2(const struct device *dev, uint8_t *rdsr2); - -int spim_WRSR2(const struct device *dev, const uint8_t wrsr2); diff --git a/drivers/wifi/nrf700x/src/qspi/inc/spi_nor.h b/drivers/wifi/nrf700x/src/qspi/inc/spi_nor.h deleted file mode 100644 index 93c2f41a63c3..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/inc/spi_nor.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing SPI device specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __SPI_NOR_H__ -#define __SPI_NOR_H__ - -#include - -#define SPI_NOR_MAX_ID_LEN 3 - -/* Status register bits */ -#define SPI_NOR_WIP_BIT BIT(0) /* Write in progress */ -#define SPI_NOR_WEL_BIT BIT(1) /* Write enable latch */ - -/* Flash opcodes */ -#define SPI_NOR_CMD_WRSR 0x01 /* Write status register */ -#define SPI_NOR_CMD_RDSR 0x05 /* Read status register */ -#define SPI_NOR_CMD_READ 0x03 /* Read data */ -#define SPI_NOR_CMD_WREN 0x06 /* Write enable */ -#define SPI_NOR_CMD_WRDI 0x04 /* Write disable */ -#define SPI_NOR_CMD_PP 0x02 /* Page program */ -#define SPI_NOR_CMD_SE 0x20 /* Sector erase */ -#define SPI_NOR_CMD_BE_32K 0x52 /* Block erase 32KB */ -#define SPI_NOR_CMD_BE 0xD8 /* Block erase */ -#define SPI_NOR_CMD_CE 0xC7 /* Chip erase */ -#define SPI_NOR_CMD_RDID 0x9F /* Read JEDEC ID */ -#define SPI_NOR_CMD_ULBPR 0x98 /* Global Block Protection Unlock */ -#define SPI_NOR_CMD_4BA 0xB7 /* Enter 4-Byte Address Mode */ -#define SPI_NOR_CMD_DPD 0xB9 /* Deep Power Down */ -#define SPI_NOR_CMD_RDPD 0xAB /* Release from Deep Power Down */ - -/* Page, sector, and block size are standard, not configurable. */ -#define SPI_NOR_PAGE_SIZE 0x0100U -#define SPI_NOR_SECTOR_SIZE 0x1000U -#define SPI_NOR_BLOCK_SIZE 0x10000U - -/* Test whether offset is aligned to a given number of bits. */ -#define SPI_NOR_IS_ALIGNED(_ofs, _bits) (((_ofs)&BIT_MASK(_bits)) == 0) -#define SPI_NOR_IS_SECTOR_ALIGNED(_ofs) SPI_NOR_IS_ALIGNED(_ofs, 12) - -#endif /*__SPI_NOR_H__*/ diff --git a/drivers/wifi/nrf700x/src/qspi/src/device.c b/drivers/wifi/nrf700x/src/qspi/src/device.c deleted file mode 100644 index 86cd724b0b9e..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/src/device.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing QSPI device specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include -#include -#include -#include -#include - -#include "qspi_if.h" -#include "spi_if.h" - -static struct qspi_config config; - -#if defined(CONFIG_NRF700X_ON_QSPI) -static struct qspi_dev qspi = { - .init = qspi_init, - .deinit = qspi_deinit, - .read = qspi_read, - .write = qspi_write, - .hl_read = qspi_hl_read -}; -#else -static struct qspi_dev spim = { - .init = spim_init, - .deinit = spim_deinit, - .read = spim_read, - .write = spim_write, - .hl_read = spim_hl_read -}; -#endif - -struct qspi_config *qspi_defconfig(void) -{ - memset(&config, 0, sizeof(struct qspi_config)); -#if defined(CONFIG_NRF700X_ON_QSPI) - config.addrmode = NRF_QSPI_ADDRMODE_24BIT; - config.RDC4IO = 0xA0; - config.easydma = true; - config.quad_spi = true; -#endif - config.addrmask = 0x800000; /* set bit23 (incr. addr mode) */ - - config.test_name = "QSPI TEST"; - config.test_hlread = false; - config.test_iteration = 0; - - config.qspi_slave_latency = 0; - - config.encryption = config.CMD_CNONCE = false; - -#if defined(CONFIG_NRF700X_ON_QSPI) && (NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC) - - /*For #Bit 6 Enable below: i.e ALL Ones for QSPI Key*/ - memset(&config.p_cfg.key, 0xff, sizeof(config.p_cfg.key)); - - config.p_cfg.nonce[0] = 0x16181648; - config.p_cfg.nonce[1] = 0x0; - config.p_cfg.nonce[2] = 0x1; - -#endif /*CONFIG_NRF700X_ON_QSPI && (NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC)*/ - - return &config; -} - -struct qspi_config *qspi_get_config(void) -{ - return &config; -} - -struct qspi_dev *qspi_dev(void) -{ -#if CONFIG_NRF700X_ON_QSPI - return &qspi; -#else - return &spim; -#endif -} diff --git a/drivers/wifi/nrf700x/src/qspi/src/ficr_prog.c b/drivers/wifi/nrf700x/src/qspi/src/ficr_prog.c deleted file mode 100644 index 7f058d65abb8..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/src/ficr_prog.c +++ /dev/null @@ -1,379 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* @file - * @brief NRF Wi-Fi radio FICR programming functions - */ - -#include -#include -#include "rpu_if.h" -#include "rpu_hw_if.h" -#include "ficr_prog.h" - - -LOG_MODULE_DECLARE(otp_prog, CONFIG_WIFI_NRF700X_BUS_LOG_LEVEL); - -static void write_word(unsigned int addr, unsigned int data) -{ - rpu_write(addr, &data, 4); -} - -static void read_word(unsigned int addr, unsigned int *data) -{ - rpu_read(addr, data, 4); -} - -unsigned int check_protection(unsigned int *buff, unsigned int off1, unsigned int off2, - unsigned int off3, unsigned int off4) -{ - if ((buff[off1] == OTP_PROGRAMMED) && - (buff[off2] == OTP_PROGRAMMED) && - (buff[off3] == OTP_PROGRAMMED) && - (buff[off4] == OTP_PROGRAMMED)) - return OTP_PROGRAMMED; - else if ((buff[off1] == OTP_FRESH_FROM_FAB) && - (buff[off2] == OTP_FRESH_FROM_FAB) && - (buff[off3] == OTP_FRESH_FROM_FAB) && - (buff[off4] == OTP_FRESH_FROM_FAB)) - return OTP_FRESH_FROM_FAB; - else if ((buff[off1] == OTP_ENABLE_PATTERN) && - (buff[off2] == OTP_ENABLE_PATTERN) && - (buff[off3] == OTP_ENABLE_PATTERN) && - (buff[off4] == OTP_ENABLE_PATTERN)) - return OTP_ENABLE_PATTERN; - else - return OTP_INVALID; -} - - -static void set_otp_timing_reg_40mhz(void) -{ - write_word(OTP_TIMING_REG1_ADDR, OTP_TIMING_REG1_VAL); - write_word(OTP_TIMING_REG2_ADDR, OTP_TIMING_REG2_VAL); -} - -static int poll_otp_ready(void) -{ - int otp_mem_status = 0; - int poll = 0; - - while (poll != 100) { - read_word(OTP_POLL_ADDR, &otp_mem_status); - - if ((otp_mem_status & OTP_READY) == OTP_READY) { - return 0; - } - poll++; - } - LOG_ERR("OTP is not ready"); - return -ENOEXEC; -} - - -static int req_otp_standby_mode(void) -{ - write_word(OTP_RWSBMODE_ADDR, 0x0); - return poll_otp_ready(); -} - - -static int otp_wr_voltage_2V5(void) -{ - int err; - - err = req_otp_standby_mode(); - - if (err) { - LOG_ERR("Failed Setting OTP voltage IOVDD to 2.5V"); - return -ENOEXEC; - } - write_word(OTP_VOLTCTRL_ADDR, OTP_VOLTCTRL_2V5); - return 0; -} - -static int poll_otp_read_valid(void) -{ - int otp_mem_status = 0; - int poll = 0; - - while (poll < 100) { - read_word(OTP_POLL_ADDR, &otp_mem_status); - - if ((otp_mem_status & OTP_READ_VALID) == OTP_READ_VALID) { - return 0; - } - poll++; - } - LOG_ERR("failed poll_otp_read_valid()"); - return -ENOEXEC; -} - -static int poll_otp_wrdone(void) -{ - int otp_mem_status = 0; - int poll = 0; - - while (poll < 100) { - read_word(OTP_POLL_ADDR, &otp_mem_status); - - if ((otp_mem_status & OTP_WR_DONE) == OTP_WR_DONE) { - return 0; - } - poll++; - } - LOG_ERR("failed poll_otp_wrdone()"); - return -ENOEXEC; -} - -static int req_otp_read_mode(void) -{ - write_word(OTP_RWSBMODE_ADDR, OTP_READ_MODE); - return poll_otp_ready(); -} - - -static int req_otp_byte_write_mode(void) -{ - write_word(OTP_RWSBMODE_ADDR, OTP_BYTE_WRITE_MODE); - return poll_otp_ready(); -} - -static unsigned int read_otp_location(unsigned int offset, unsigned int *read_val) -{ - int err; - - write_word(OTP_RDENABLE_ADDR, offset); - err = poll_otp_read_valid(); - if (err) { - LOG_ERR("OTP read failed"); - return err; - } - read_word(OTP_READREG_ADDR, read_val); - - return 0; -} - -static int write_otp_location(unsigned int otp_location_offset, unsigned int otp_data) -{ - write_word(OTP_WRENABLE_ADDR, otp_location_offset); - write_word(OTP_WRITEREG_ADDR, otp_data); - - return poll_otp_wrdone(); -} - - -static int otp_rd_voltage_1V8(void) -{ - int err; - - err = req_otp_standby_mode(); - if (err) { - LOG_ERR("error in %s", __func__); - return err; - } - write_word(OTP_VOLTCTRL_ADDR, OTP_VOLTCTRL_1V8); - - return 0; -} - -static int update_mac_addr(unsigned int index, unsigned int *write_val) -{ - int ret = 0; - - for (int i = 0; i < 2; i++) { - ret = write_otp_location(MAC0_ADDR + 2 * index + i, write_val[i]); - if (ret == -ENOEXEC) { - LOG_ERR("FICR: Failed to update MAC ADDR%d", index); - break; - } - LOG_INF("mac addr %d : Reg%d (0x%x) = 0x%04x", - index, (i+1), (MAC0_ADDR + i) << 2, write_val[i]); - } - return ret; -} - -int write_otp_memory(unsigned int otp_addr, unsigned int *write_val) -{ - int err = 0; - int mask_val; - int ret = 0; - int retrim_loc = 0; - - err = poll_otp_ready(); - if (err) { - LOG_ERR("err in otp ready poll"); - return err; - } - - set_otp_timing_reg_40mhz(); - - err = otp_wr_voltage_2V5(); - if (err) { - LOG_ERR("error in write_voltage 2V5"); - goto _exit_otp_write; - } - - err = req_otp_byte_write_mode(); - if (err) { - LOG_ERR("error in OTP byte write mode"); - goto _exit_otp_write; - } - - switch (otp_addr) { - case REGION_PROTECT: - write_otp_location(REGION_PROTECT, write_val[0]); - write_otp_location(REGION_PROTECT+1, write_val[0]); - write_otp_location(REGION_PROTECT+2, write_val[0]); - write_otp_location(REGION_PROTECT+3, write_val[0]); - - LOG_INF("Written REGION_PROTECT0 (0x%x) : 0x%04x", - (REGION_PROTECT << 2), write_val[0]); - LOG_INF("Written REGION_PROTECT1 (0x%x) : 0x%04x", - (REGION_PROTECT+1) << 2, write_val[0]); - LOG_INF("Written REGION_PROTECT2 (0x%x) : 0x%04x", - (REGION_PROTECT+2) << 2, write_val[0]); - LOG_INF("Written REGION_PROTECT3 (0x%x) : 0x%04x", - (REGION_PROTECT+3) << 2, write_val[0]); - break; - case QSPI_KEY: - mask_val = QSPI_KEY_FLAG_MASK; - for (int i = 0; i < QSPI_KEY_LENGTH_BYTES / 4; i++) { - ret = write_otp_location(QSPI_KEY + i, write_val[i]); - if (ret == -ENOEXEC) { - LOG_ERR("FICR: Failed to write QSPI key offset-%d", QSPI_KEY + i); - goto _exit_otp_write; - } - LOG_INF("Written QSPI_KEY0 (0x%x) : 0x%04x", - (QSPI_KEY + i) << 2, write_val[i]); - } - write_otp_location(REGION_DEFAULTS, mask_val); - LOG_INF("Written REGION_DEFAULTS (0x%x) : 0x%04x", - (REGION_DEFAULTS) << 2, mask_val); - break; - case MAC0_ADDR: - mask_val = MAC0_ADDR_FLAG_MASK; - ret = update_mac_addr(0, write_val); - if (ret == -ENOEXEC) { - goto _exit_otp_write; - } - - write_otp_location(REGION_DEFAULTS, mask_val); - LOG_INF("Written MAC address 0"); - LOG_INF("Written REGION_DEFAULTS (0x%x) : 0x%04x", - (REGION_DEFAULTS) << 2, mask_val); - break; - case MAC1_ADDR: - mask_val = MAC1_ADDR_FLAG_MASK; - ret = update_mac_addr(1, write_val); - if (ret == -ENOEXEC) { - goto _exit_otp_write; - } - write_otp_location(REGION_DEFAULTS, mask_val); - LOG_INF("Written MAC address 1"); - LOG_INF("Written REGION_DEFAULTS (0x%x) : 0x%04x", - (REGION_DEFAULTS) << 2, mask_val); - break; - case CALIB_XO: - mask_val = CALIB_XO_FLAG_MASK; - ret = write_otp_location(CALIB_XO, write_val[0]); - - if (ret == -ENOEXEC) { - LOG_ERR("XO_Update Exception"); - goto _exit_otp_write; - } else { - write_otp_location(REGION_DEFAULTS, mask_val); - - LOG_INF("Written CALIB_XO (0x%x) to 0x%04x", - CALIB_XO << 2, write_val[0]); - LOG_INF("Written REGION_DEFAULTS (0x%x) : 0x%04x", - (REGION_DEFAULTS) << 2, mask_val); - } - break; - case PRODRETEST_PROGVERSION: - ret = write_otp_location(PRODRETEST_PROGVERSION, *write_val); - - if (ret == -ENOEXEC) { - LOG_ERR("PRODRETEST.PROGVERSION_Update Exception"); - goto _exit_otp_write; - } else { - LOG_INF("Written PRODRETEST.PROGVERSION 0x%04x", *write_val); - } - break; - case PRODRETEST_TRIM0: - case PRODRETEST_TRIM1: - case PRODRETEST_TRIM2: - case PRODRETEST_TRIM3: - case PRODRETEST_TRIM4: - case PRODRETEST_TRIM5: - case PRODRETEST_TRIM6: - case PRODRETEST_TRIM7: - case PRODRETEST_TRIM8: - case PRODRETEST_TRIM9: - case PRODRETEST_TRIM10: - case PRODRETEST_TRIM11: - case PRODRETEST_TRIM12: - case PRODRETEST_TRIM13: - case PRODRETEST_TRIM14: - retrim_loc = otp_addr - PRODRETEST_TRIM0; - ret = write_otp_location(otp_addr, *write_val); - - if (ret == -ENOEXEC) { - LOG_ERR("PRODRETEST.TRIM_Update Exception"); - goto _exit_otp_write; - } else { - LOG_INF("Written PRODRETEST.TRIM%d 0x%04x", - retrim_loc, *write_val); - } - break; - case REGION_DEFAULTS: - write_otp_location(REGION_DEFAULTS, write_val[0]); - - LOG_INF("Written REGION_DEFAULTS (0x%x) to 0x%04x", - REGION_DEFAULTS << 2, write_val[0]); - break; - default: - LOG_ERR("unknown field received: %d", otp_addr); - - } - return ret; - -_exit_otp_write: - err = req_otp_standby_mode(); - err |= otp_rd_voltage_1V8(); - return err; -} - -int read_otp_memory(unsigned int otp_addr, unsigned int *read_val, int len) -{ - int err; - - err = poll_otp_ready(); - if (err) { - LOG_ERR("err in otp ready poll"); - return -ENOEXEC; - } - - set_otp_timing_reg_40mhz(); - - err = otp_rd_voltage_1V8(); - if (err) { - LOG_ERR("error in read_voltage 1V8"); - return -ENOEXEC; - } - - err = req_otp_read_mode(); - if (err) { - LOG_ERR("error in req_otp_read_mode()"); - return -ENOEXEC; - } - - for (int i = 0; i < len; i++) { - read_otp_location(otp_addr + i, &read_val[i]); - } - - return req_otp_standby_mode(); -} diff --git a/drivers/wifi/nrf700x/src/qspi/src/qspi_if.c b/drivers/wifi/nrf700x/src/qspi/src/qspi_if.c deleted file mode 100644 index 0277440b0f74..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/src/qspi_if.c +++ /dev/null @@ -1,1342 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing QSPI device interface specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#define DT_DRV_COMPAT nordic_nrf700x_qspi - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "spi_nor.h" -#include "qspi_if.h" - -static struct qspi_config *qspi_config; -#if NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC -static unsigned int nonce_last_addr; -static unsigned int nonce_cnt; -#endif /*NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC*/ - -/* Main config structure */ -static nrfx_qspi_config_t QSPIconfig; - -#define INST_0_SCK_FREQUENCY DT_INST_PROP(0, sck_frequency) -/* - * According to the respective specifications, the nRF52 QSPI supports clock - * frequencies 2 - 32 MHz and the nRF53 one supports 6 - 96 MHz. - */ -BUILD_ASSERT(INST_0_SCK_FREQUENCY >= (NRF_QSPI_BASE_CLOCK_FREQ / 16), - "Unsupported SCK frequency."); - -/* - * Determine a configuration value (INST_0_SCK_CFG) and, if needed, a divider - * (BASE_CLOCK_DIV) for the clock from which the SCK frequency is derived that - * need to be used to achieve the SCK frequency as close as possible (but not - * higher) to the one specified in DT. - */ -#if defined(CONFIG_SOC_SERIES_NRF53X) -/* - * On nRF53 Series SoCs, the default /4 divider for the HFCLK192M clock can - * only be used when the QSPI peripheral is idle. When a QSPI operation is - * performed, the divider needs to be changed to /1 or /2 (particularly, - * the specification says that the peripheral "supports 192 MHz and 96 MHz - * PCLK192M frequency"), but after that operation is complete, the default - * divider needs to be restored to avoid increased current consumption. - */ -#if (INST_0_SCK_FREQUENCY >= NRF_QSPI_BASE_CLOCK_FREQ) -/* For requested SCK >= 96 MHz, use HFCLK192M / 1 / (2*1) = 96 MHz */ -#define BASE_CLOCK_DIV NRF_CLOCK_HFCLK_DIV_1 -#define INST_0_SCK_CFG NRF_QSPI_FREQ_DIV1 -/* If anomaly 159 is to be prevented, only /1 divider can be used. */ -#elif NRF53_ERRATA_159_ENABLE_WORKAROUND -#define BASE_CLOCK_DIV NRF_CLOCK_HFCLK_DIV_1 -#define INST_0_SCK_CFG (DIV_ROUND_UP(NRF_QSPI_BASE_CLOCK_FREQ, \ - INST_0_SCK_FREQUENCY) - 1) -#elif (INST_0_SCK_FREQUENCY >= (NRF_QSPI_BASE_CLOCK_FREQ / 2)) -/* For 96 MHz > SCK >= 48 MHz, use HFCLK192M / 2 / (2*1) = 48 MHz */ -#define BASE_CLOCK_DIV NRF_CLOCK_HFCLK_DIV_2 -#define INST_0_SCK_CFG NRF_QSPI_FREQ_DIV1 -#elif (INST_0_SCK_FREQUENCY >= (NRF_QSPI_BASE_CLOCK_FREQ / 3)) -/* For 48 MHz > SCK >= 32 MHz, use HFCLK192M / 1 / (2*3) = 32 MHz */ -#define BASE_CLOCK_DIV NRF_CLOCK_HFCLK_DIV_1 -#define INST_0_SCK_CFG NRF_QSPI_FREQ_DIV3 -#else -/* For requested SCK < 32 MHz, use divider /2 for HFCLK192M. */ -#define BASE_CLOCK_DIV NRF_CLOCK_HFCLK_DIV_2 -#define INST_0_SCK_CFG (DIV_ROUND_UP(NRF_QSPI_BASE_CLOCK_FREQ / 2, \ - INST_0_SCK_FREQUENCY) - 1) -#endif - -#if BASE_CLOCK_DIV == NRF_CLOCK_HFCLK_DIV_1 -/* For 8 MHz, use HFCLK192M / 1 / (2*12) */ -#define INST_0_SCK_CFG_WAKE NRF_QSPI_FREQ_DIV12 -#elif BASE_CLOCK_DIV == NRF_CLOCK_HFCLK_DIV_2 -/* For 8 MHz, use HFCLK192M / 2 / (2*6) */ -#define INST_0_SCK_CFG_WAKE NRF_QSPI_FREQ_DIV6 -#else -#error "Unsupported base clock divider for wake-up frequency." -#endif - -/* After the base clock divider is changed, some time is needed for the new - * setting to take effect. This value specifies the delay (in microseconds) - * to be applied to ensure that the clock is ready when the QSPI operation - * starts. It was measured with a logic analyzer (unfortunately, the nRF5340 - * specification does not provide any numbers in this regard). - */ -#define BASE_CLOCK_SWITCH_DELAY_US 7 - -#else -/* - * On nRF52 Series SoCs, the base clock divider is not configurable, - * so BASE_CLOCK_DIV is not defined. - */ -#if (INST_0_SCK_FREQUENCY >= NRF_QSPI_BASE_CLOCK_FREQ) -#define INST_0_SCK_CFG NRF_QSPI_FREQ_DIV1 -#else -#define INST_0_SCK_CFG (DIV_ROUND_UP(NRF_QSPI_BASE_CLOCK_FREQ, \ - INST_0_SCK_FREQUENCY) - 1) -#endif - -/* For 8 MHz, use PCLK32M / 4 */ -#define INST_0_SCK_CFG_WAKE NRF_QSPI_FREQ_DIV4 - -#endif /* defined(CONFIG_SOC_SERIES_NRF53X) */ - -/* for accessing devicetree properties of the bus node */ -#define QSPI_NODE DT_BUS(DT_DRV_INST(0)) -#define QSPI_PROP_AT(prop, idx) DT_PROP_BY_IDX(QSPI_NODE, prop, idx) -#define QSPI_PROP_LEN(prop) DT_PROP_LEN(QSPI_NODE, prop) - -#define INST_0_QER \ - _CONCAT(JESD216_DW15_QER_, DT_ENUM_TOKEN(DT_DRV_INST(0), quad_enable_requirements)) - -static int qspi_device_init(const struct device *dev); -static void qspi_device_uninit(const struct device *dev); - -#define QSPI_SCK_DELAY 0 -#define WORD_SIZE 4 - -LOG_MODULE_DECLARE(wifi_nrf_bus, CONFIG_WIFI_NRF700X_BUS_LOG_LEVEL); - -/** - * @brief QSPI buffer structure - * Structure used both for TX and RX purposes. - * - * @param buf is a valid pointer to a data buffer. - * Can not be NULL. - * @param len is the length of the data to be handled. - * If no data to transmit/receive - pass 0. - */ -struct qspi_buf { - uint8_t *buf; - size_t len; -}; - -/** - * @brief QSPI command structure - * Structure used for custom command usage. - * - * @param op_code is a command value (i.e 0x9F - get Jedec ID) - * @param tx_buf structure used for TX purposes. Can be NULL if not used. - * @param rx_buf structure used for RX purposes. Can be NULL if not used. - */ -struct qspi_cmd { - uint8_t op_code; - const struct qspi_buf *tx_buf; - const struct qspi_buf *rx_buf; -}; - -/** - * @brief Structure for defining the QSPI NOR access - */ -struct qspi_nor_data { -#ifdef CONFIG_MULTITHREADING - /* The semaphore to control exclusive access on write/erase. */ - struct k_sem trans; - /* The semaphore to control exclusive access to the device. */ - struct k_sem sem; - /* The semaphore to indicate that transfer has completed. */ - struct k_sem sync; - /* The semaphore to control driver init/uninit. */ - struct k_sem count; -#else /* CONFIG_MULTITHREADING */ - /* A flag that signals completed transfer when threads are - * not enabled. - */ - volatile bool ready; -#endif /* CONFIG_MULTITHREADING */ -}; - -static inline int qspi_get_mode(bool cpol, bool cpha) -{ - register int ret = -EINVAL; - - if ((!cpol) && (!cpha)) - ret = 0; - else if (cpol && cpha) - ret = 1; - - __ASSERT(ret != -EINVAL, "Invalid QSPI mode"); - - return ret; -} - -static inline bool qspi_write_is_quad(nrf_qspi_writeoc_t lines) -{ - switch (lines) { - case NRF_QSPI_WRITEOC_PP4IO: - case NRF_QSPI_WRITEOC_PP4O: - return true; - default: - return false; - } -} - -static inline bool qspi_read_is_quad(nrf_qspi_readoc_t lines) -{ - switch (lines) { - case NRF_QSPI_READOC_READ4IO: - case NRF_QSPI_READOC_READ4O: - return true; - default: - return false; - } -} - -static inline int qspi_get_lines_write(uint8_t lines) -{ - register int ret = -EINVAL; - - switch (lines) { - case 3: - ret = NRF_QSPI_WRITEOC_PP4IO; - break; - case 2: - ret = NRF_QSPI_WRITEOC_PP4O; - break; - case 1: - ret = NRF_QSPI_WRITEOC_PP2O; - break; - case 0: - ret = NRF_QSPI_WRITEOC_PP; - break; - default: - break; - } - - __ASSERT(ret != -EINVAL, "Invalid QSPI write line"); - - return ret; -} - -static inline int qspi_get_lines_read(uint8_t lines) -{ - register int ret = -EINVAL; - - switch (lines) { - case 4: - ret = NRF_QSPI_READOC_READ4IO; - break; - case 3: - ret = NRF_QSPI_READOC_READ4O; - break; - case 2: - ret = NRF_QSPI_READOC_READ2IO; - break; - case 1: - ret = NRF_QSPI_READOC_READ2O; - break; - case 0: - ret = NRF_QSPI_READOC_FASTREAD; - break; - default: - break; - } - - __ASSERT(ret != -EINVAL, "Invalid QSPI read line"); - - return ret; -} - -nrfx_err_t _nrfx_qspi_read(void *p_rx_buffer, size_t rx_buffer_length, uint32_t src_address) -{ - return nrfx_qspi_read(p_rx_buffer, rx_buffer_length, src_address); -} - -nrfx_err_t _nrfx_qspi_write(void const *p_tx_buffer, size_t tx_buffer_length, uint32_t dst_address) -{ - return nrfx_qspi_write(p_tx_buffer, tx_buffer_length, dst_address); -} - -nrfx_err_t _nrfx_qspi_init(nrfx_qspi_config_t const *p_config, nrfx_qspi_handler_t handler, - void *p_context) -{ - NRF_QSPI_Type *p_reg = NRF_QSPI; - - nrfx_qspi_init(p_config, handler, p_context); - - /* RDC4IO = 4'hA (register IFTIMING), which means 10 Dummy Cycles for READ4. */ - p_reg->IFTIMING |= qspi_config->RDC4IO; - - /* LOG_DBG("%04x : IFTIMING", p_reg->IFTIMING & qspi_config->RDC4IO); */ - - /* ACTIVATE task fails for slave bitfile so ignore it */ - return NRFX_SUCCESS; -} - - -/** - * @brief Main configuration structure - */ -static struct qspi_nor_data qspi_nor_memory_data = { -#ifdef CONFIG_MULTITHREADING - .trans = Z_SEM_INITIALIZER(qspi_nor_memory_data.trans, 1, 1), - .sem = Z_SEM_INITIALIZER(qspi_nor_memory_data.sem, 1, 1), - .sync = Z_SEM_INITIALIZER(qspi_nor_memory_data.sync, 0, 1), - .count = Z_SEM_INITIALIZER(qspi_nor_memory_data.count, 0, K_SEM_MAX_LIMIT), -#endif /* CONFIG_MULTITHREADING */ -}; - -NRF_DT_CHECK_NODE_HAS_PINCTRL_SLEEP(QSPI_NODE); - -IF_ENABLED(CONFIG_PINCTRL, (PINCTRL_DT_DEFINE(QSPI_NODE))); - -/** - * @brief Converts NRFX return codes to the zephyr ones - */ -static inline int qspi_get_zephyr_ret_code(nrfx_err_t res) -{ - switch (res) { - case NRFX_SUCCESS: - return 0; - case NRFX_ERROR_INVALID_PARAM: - case NRFX_ERROR_INVALID_ADDR: - return -EINVAL; - case NRFX_ERROR_INVALID_STATE: - return -ECANCELED; -#if NRF53_ERRATA_159_ENABLE_WORKAROUND - case NRFX_ERROR_FORBIDDEN: - LOG_ERR("nRF5340 anomaly 159 conditions detected"); - LOG_ERR("Set the CPU clock to 64 MHz before starting QSPI operation"); - return -ECANCELED; -#endif - case NRFX_ERROR_BUSY: - case NRFX_ERROR_TIMEOUT: - default: - return -EBUSY; - } -} - -static inline struct qspi_nor_data *get_dev_data(const struct device *dev) -{ - return dev->data; -} - -static inline void qspi_lock(const struct device *dev) -{ -#ifdef CONFIG_MULTITHREADING - struct qspi_nor_data *dev_data = get_dev_data(dev); - - k_sem_take(&dev_data->sem, K_FOREVER); -#else /* CONFIG_MULTITHREADING */ - ARG_UNUSED(dev); -#endif /* CONFIG_MULTITHREADING */ - - /* - * Change the base clock divider only for the time the driver is locked - * to perform a QSPI operation, otherwise the power consumption would be - * increased also when the QSPI peripheral is idle. - */ -#if defined(CONFIG_SOC_SERIES_NRF53X) - nrf_clock_hfclk192m_div_set(NRF_CLOCK, BASE_CLOCK_DIV); - k_busy_wait(BASE_CLOCK_SWITCH_DELAY_US); -#endif -} - -static inline void qspi_unlock(const struct device *dev) -{ -#if defined(CONFIG_SOC_SERIES_NRF53X) - /* Restore the default base clock divider to reduce power consumption. - */ - nrf_clock_hfclk192m_div_set(NRF_CLOCK, NRF_CLOCK_HFCLK_DIV_4); - k_busy_wait(BASE_CLOCK_SWITCH_DELAY_US); -#endif - -#ifdef CONFIG_MULTITHREADING - struct qspi_nor_data *dev_data = get_dev_data(dev); - - k_sem_give(&dev_data->sem); -#else /* CONFIG_MULTITHREADING */ - ARG_UNUSED(dev); -#endif /* CONFIG_MULTITHREADING */ -} - -static inline void qspi_trans_lock(const struct device *dev) -{ -#ifdef CONFIG_MULTITHREADING - struct qspi_nor_data *dev_data = get_dev_data(dev); - - k_sem_take(&dev_data->trans, K_FOREVER); -#else /* CONFIG_MULTITHREADING */ - ARG_UNUSED(dev); -#endif /* CONFIG_MULTITHREADING */ -} - -static inline void qspi_trans_unlock(const struct device *dev) -{ -#ifdef CONFIG_MULTITHREADING - struct qspi_nor_data *dev_data = get_dev_data(dev); - - k_sem_give(&dev_data->trans); -#else /* CONFIG_MULTITHREADING */ - ARG_UNUSED(dev); -#endif /* CONFIG_MULTITHREADING */ -} - -static inline void qspi_wait_for_completion(const struct device *dev, nrfx_err_t res) -{ - struct qspi_nor_data *dev_data = get_dev_data(dev); - - if (res == NRFX_SUCCESS) { -#ifdef CONFIG_MULTITHREADING - k_sem_take(&dev_data->sync, K_FOREVER); -#else /* CONFIG_MULTITHREADING */ - unsigned int key = irq_lock(); - - while (!dev_data->ready) { - k_cpu_atomic_idle(key); - key = irq_lock(); - } - - dev_data->ready = false; - irq_unlock(key); -#endif /* CONFIG_MULTITHREADING */ - } -} - -static inline void qspi_complete(struct qspi_nor_data *dev_data) -{ -#ifdef CONFIG_MULTITHREADING - k_sem_give(&dev_data->sync); -#else /* CONFIG_MULTITHREADING */ - dev_data->ready = true; -#endif /* CONFIG_MULTITHREADING */ -} - -static inline void _qspi_complete(struct qspi_nor_data *dev_data) -{ - if (!qspi_config->easydma) - return; - - qspi_complete(dev_data); -} -static inline void _qspi_wait_for_completion(const struct device *dev, nrfx_err_t res) -{ - if (!qspi_config->easydma) - return; - - qspi_wait_for_completion(dev, res); -} - -/** - * @brief QSPI handler - * - * @param event Driver event type - * @param p_context Pointer to context. Use in interrupt handler. - * @retval None - */ -static void qspi_handler(nrfx_qspi_evt_t event, void *p_context) -{ - struct qspi_nor_data *dev_data = p_context; - - if (event == NRFX_QSPI_EVENT_DONE) - _qspi_complete(dev_data); -} - -static bool qspi_initialized; - -static int qspi_device_init(const struct device *dev) -{ - struct qspi_nor_data *dev_data = get_dev_data(dev); - nrfx_err_t res; - int ret = 0; - - if (!IS_ENABLED(CONFIG_NRF700X_QSPI_LOW_POWER)) { - return 0; - } - - qspi_lock(dev); - - /* In multithreading, driver can call qspi_device_init more than once - * before calling qspi_device_uninit. Keepping count, so QSPI is - * uninitialized only at the last call (count == 0). - */ -#ifdef CONFIG_MULTITHREADING - k_sem_give(&dev_data->count); -#endif - - if (!qspi_initialized) { - res = nrfx_qspi_init(&QSPIconfig, qspi_handler, dev_data); - ret = qspi_get_zephyr_ret_code(res); - NRF_QSPI->IFTIMING |= qspi_config->RDC4IO; - qspi_initialized = (ret == 0); - } - - qspi_unlock(dev); - - return ret; -} - -static void qspi_device_uninit(const struct device *dev) -{ - bool last = true; - - if (!IS_ENABLED(CONFIG_NRF700X_QSPI_LOW_POWER)) { - return; - } - - qspi_lock(dev); - -#ifdef CONFIG_MULTITHREADING - struct qspi_nor_data *dev_data = get_dev_data(dev); - - /* The last thread to finish using the driver uninit the QSPI */ - (void)k_sem_take(&dev_data->count, K_NO_WAIT); - last = (k_sem_count_get(&dev_data->count) == 0); -#endif - - if (last) { - while (nrfx_qspi_mem_busy_check() != NRFX_SUCCESS) { - if (IS_ENABLED(CONFIG_MULTITHREADING)) - k_msleep(50); - else - k_busy_wait(50000); - } - - nrfx_qspi_uninit(); - -#ifndef CONFIG_PINCTRL - nrf_gpio_cfg_output(QSPI_PROP_AT(csn_pins, 0)); - nrf_gpio_pin_set(QSPI_PROP_AT(csn_pins, 0)); -#endif - - qspi_initialized = false; - } - - qspi_unlock(dev); -} - -/* QSPI send custom command. - * - * If this is used for both send and receive the buffer sizes must be - * equal and cover the whole transaction. - */ -static int qspi_send_cmd(const struct device *dev, const struct qspi_cmd *cmd, bool wren) -{ - /* Check input parameters */ - if (!cmd) - return -EINVAL; - - const void *tx_buf = NULL; - size_t tx_len = 0; - void *rx_buf = NULL; - size_t rx_len = 0; - size_t xfer_len = sizeof(cmd->op_code); - - if (cmd->tx_buf) { - tx_buf = cmd->tx_buf->buf; - tx_len = cmd->tx_buf->len; - } - - if (cmd->rx_buf) { - rx_buf = cmd->rx_buf->buf; - rx_len = cmd->rx_buf->len; - } - - if ((rx_len != 0) && (tx_len != 0)) { - if (rx_len != tx_len) - return -EINVAL; - - xfer_len += tx_len; - } else - /* At least one of these is zero. */ - xfer_len += tx_len + rx_len; - - if (xfer_len > NRF_QSPI_CINSTR_LEN_9B) { - LOG_WRN("cinstr %02x transfer too long: %zu", cmd->op_code, xfer_len); - - return -EINVAL; - } - - nrf_qspi_cinstr_conf_t cinstr_cfg = { - .opcode = cmd->op_code, - .length = xfer_len, - .io2_level = true, - .io3_level = true, - .wipwait = false, - .wren = wren, - }; - - qspi_lock(dev); - - int res = nrfx_qspi_cinstr_xfer(&cinstr_cfg, tx_buf, rx_buf); - - qspi_unlock(dev); - return qspi_get_zephyr_ret_code(res); -} - -/* RDSR wrapper. Negative value is error. */ -static int qspi_rdsr(const struct device *dev) -{ - uint8_t sr = -1; - const struct qspi_buf sr_buf = { - .buf = &sr, - .len = sizeof(sr), - }; - struct qspi_cmd cmd = { - .op_code = SPI_NOR_CMD_RDSR, - .rx_buf = &sr_buf, - }; - int ret = qspi_send_cmd(dev, &cmd, false); - - return (ret < 0) ? ret : sr; -} - -/* Wait until RDSR confirms write is not in progress. */ -static int qspi_wait_while_writing(const struct device *dev) -{ - int ret; - - do { - ret = qspi_rdsr(dev); - } while ((ret >= 0) && ((ret & SPI_NOR_WIP_BIT) != 0U)); - - return (ret < 0) ? ret : 0; -} - -/** - * @brief Fills init struct - * - * @param config Pointer to the config struct provided by user - * @param initstruct Pointer to the configuration struct - * @retval None - */ -static inline void qspi_fill_init_struct(nrfx_qspi_config_t *initstruct) -{ - bool quad_mode; - - /* Configure XIP offset */ - initstruct->xip_offset = 0; - -#ifdef CONFIG_PINCTRL - initstruct->skip_gpio_cfg = true, - initstruct->skip_psel_cfg = true, -#else - /* Configure pins */ - initstruct->pins.sck_pin = DT_PROP(QSPI_NODE, sck_pin); - initstruct->pins.csn_pin = QSPI_PROP_AT(csn_pins, 0); - initstruct->pins.io0_pin = QSPI_PROP_AT(io_pins, 0); - initstruct->pins.io1_pin = QSPI_PROP_AT(io_pins, 1); -#if QSPI_PROP_LEN(io_pins) > 2 - initstruct->pins.io2_pin = QSPI_PROP_AT(io_pins, 2); - initstruct->pins.io3_pin = QSPI_PROP_AT(io_pins, 3); -#else - initstruct->pins.io2_pin = NRF_QSPI_PIN_NOT_CONNECTED; - initstruct->pins.io3_pin = NRF_QSPI_PIN_NOT_CONNECTED; -#endif -#endif /* CONFIG_PINCTRL */ - /* Configure Protocol interface */ - initstruct->prot_if.addrmode = NRF_QSPI_ADDRMODE_24BIT; - - initstruct->prot_if.dpmconfig = false; - - /* Configure physical interface */ - initstruct->phy_if.sck_freq = INST_0_SCK_CFG; - - /* Using MHZ fails checkpatch constant check */ - if (INST_0_SCK_FREQUENCY >= 16000000) { - qspi_config->qspi_slave_latency = 1; - } - initstruct->phy_if.sck_delay = QSPI_SCK_DELAY; - initstruct->phy_if.spi_mode = qspi_get_mode(DT_INST_PROP(0, cpol), DT_INST_PROP(0, cpha)); - - quad_mode = DT_INST_PROP(0, quad_mode); - if (quad_mode) { - initstruct->prot_if.readoc = NRF_QSPI_READOC_READ4IO; - initstruct->prot_if.writeoc = NRF_QSPI_WRITEOC_PP4IO; - } else { - initstruct->prot_if.readoc = NRF_QSPI_READOC_FASTREAD; - initstruct->prot_if.writeoc = NRF_QSPI_WRITEOC_PP; - } - - initstruct->phy_if.dpmen = false; -} - -/* Configures QSPI memory for the transfer */ -static int qspi_nrfx_configure(const struct device *dev) -{ - if (!dev) - return -ENXIO; - - struct qspi_nor_data *dev_data = dev->data; - - qspi_fill_init_struct(&QSPIconfig); - -#if defined(CONFIG_SOC_SERIES_NRF53X) - /* When the QSPI peripheral is activated, during the nrfx_qspi driver - * initialization, it reads the status of the connected flash chip. - * Make sure this transaction is performed with a valid base clock - * divider. - */ - nrf_clock_hfclk192m_div_set(NRF_CLOCK, BASE_CLOCK_DIV); - k_busy_wait(BASE_CLOCK_SWITCH_DELAY_US); -#endif - - nrfx_err_t res = _nrfx_qspi_init(&QSPIconfig, qspi_handler, dev_data); - -#if defined(CONFIG_SOC_SERIES_NRF53X) - /* Restore the default /4 divider after the QSPI initialization. */ - nrf_clock_hfclk192m_div_set(NRF_CLOCK, NRF_CLOCK_HFCLK_DIV_4); - k_busy_wait(BASE_CLOCK_SWITCH_DELAY_US); -#endif - - int ret = qspi_get_zephyr_ret_code(res); - - if (ret == 0) { - /* Set QE to match transfer mode. If not using quad - * it's OK to leave QE set, but doing so prevents use - * of WP#/RESET#/HOLD# which might be useful. - * - * Note build assert above ensures QER is S1B6. Other - * options require more logic. - */ - ret = qspi_rdsr(dev); - - if (ret < 0) { - LOG_ERR("RDSR failed: %d", ret); - return ret; - } - - uint8_t sr = (uint8_t)ret; - bool qe_value = (qspi_write_is_quad(QSPIconfig.prot_if.writeoc)) || - (qspi_read_is_quad(QSPIconfig.prot_if.readoc)); - const uint8_t qe_mask = BIT(6); /* only S1B6 */ - bool qe_state = ((sr & qe_mask) != 0U); - - LOG_DBG("RDSR %02x QE %d need %d: %s", sr, qe_state, qe_value, - (qe_state != qe_value) ? "updating" : "no-change"); - - ret = 0; - - if (qe_state != qe_value) { - const struct qspi_buf sr_buf = { - .buf = &sr, - .len = sizeof(sr), - }; - struct qspi_cmd cmd = { - .op_code = SPI_NOR_CMD_WRSR, - .tx_buf = &sr_buf, - }; - - sr ^= qe_mask; - ret = qspi_send_cmd(dev, &cmd, true); - - /* Writing SR can take some time, and further - * commands sent while it's happening can be - * corrupted. Wait. - */ - if (ret == 0) - ret = qspi_wait_while_writing(dev); - } - - if (ret < 0) - LOG_ERR("QE %s failed: %d", qe_value ? "set" : "clear", ret); - } - - return ret; -} - -static inline nrfx_err_t read_non_aligned(const struct device *dev, int addr, void *dest, - size_t size) -{ - uint8_t __aligned(WORD_SIZE) buf[WORD_SIZE * 2]; - uint8_t *dptr = dest; - - int flash_prefix = (WORD_SIZE - (addr % WORD_SIZE)) % WORD_SIZE; - - if (flash_prefix > size) - flash_prefix = size; - - int dest_prefix = (WORD_SIZE - (int)dptr % WORD_SIZE) % WORD_SIZE; - - if (dest_prefix > size) - dest_prefix = size; - - int flash_suffix = (size - flash_prefix) % WORD_SIZE; - int flash_middle = size - flash_prefix - flash_suffix; - int dest_middle = size - dest_prefix - (size - dest_prefix) % WORD_SIZE; - - if (flash_middle > dest_middle) { - flash_middle = dest_middle; - flash_suffix = size - flash_prefix - flash_middle; - } - - nrfx_err_t res = NRFX_SUCCESS; - - /* read from aligned flash to aligned memory */ - if (flash_middle != 0) { - res = _nrfx_qspi_read(dptr + dest_prefix, flash_middle, addr + flash_prefix); - - _qspi_wait_for_completion(dev, res); - - if (res != NRFX_SUCCESS) - return res; - - /* perform shift in RAM */ - if (flash_prefix != dest_prefix) - memmove(dptr + flash_prefix, dptr + dest_prefix, flash_middle); - } - - /* read prefix */ - if (flash_prefix != 0) { - res = _nrfx_qspi_read(buf, WORD_SIZE, addr - (WORD_SIZE - flash_prefix)); - - _qspi_wait_for_completion(dev, res); - - if (res != NRFX_SUCCESS) - return res; - - memcpy(dptr, buf + WORD_SIZE - flash_prefix, flash_prefix); - } - - /* read suffix */ - if (flash_suffix != 0) { - res = _nrfx_qspi_read(buf, WORD_SIZE * 2, addr + flash_prefix + flash_middle); - - _qspi_wait_for_completion(dev, res); - - if (res != NRFX_SUCCESS) - return res; - - memcpy(dptr + flash_prefix + flash_middle, buf, flash_suffix); - } - - return res; -} - -static int qspi_nor_read(const struct device *dev, int addr, void *dest, size_t size) -{ - if (!dest) - return -EINVAL; - - /* read size must be non-zero */ - if (!size) - return 0; - - int rc = qspi_device_init(dev); - - if (rc != 0) - goto out; - - qspi_lock(dev); - - nrfx_err_t res = read_non_aligned(dev, addr, dest, size); - - qspi_unlock(dev); - - rc = qspi_get_zephyr_ret_code(res); - -out: - qspi_device_uninit(dev); - return rc; -} - -/* addr aligned, sptr not null, slen less than 4 */ -static inline nrfx_err_t write_sub_word(const struct device *dev, int addr, const void *sptr, - size_t slen) -{ - uint8_t __aligned(4) buf[4]; - nrfx_err_t res; - - /* read out the whole word so that unchanged data can be - * written back - */ - res = _nrfx_qspi_read(buf, sizeof(buf), addr); - _qspi_wait_for_completion(dev, res); - - if (res == NRFX_SUCCESS) { - memcpy(buf, sptr, slen); - res = _nrfx_qspi_write(buf, sizeof(buf), addr); - _qspi_wait_for_completion(dev, res); - } - - return res; -} - -static int qspi_nor_write(const struct device *dev, int addr, const void *src, size_t size) -{ - if (!src) - return -EINVAL; - - /* write size must be non-zero, less than 4, or a multiple of 4 */ - if ((size == 0) || ((size > 4) && ((size % 4U) != 0))) - return -EINVAL; - - /* address must be 4-byte aligned */ - if ((addr % 4U) != 0) - return -EINVAL; - - nrfx_err_t res = NRFX_SUCCESS; - - int rc = qspi_device_init(dev); - - if (rc != 0) - goto out; - - qspi_trans_lock(dev); - - qspi_lock(dev); - - if (size < 4U) - res = write_sub_word(dev, addr, src, size); - else { - res = _nrfx_qspi_write(src, size, addr); - _qspi_wait_for_completion(dev, res); - } - - qspi_unlock(dev); - - qspi_trans_unlock(dev); - - rc = qspi_get_zephyr_ret_code(res); -out: - qspi_device_uninit(dev); - return rc; -} - -/** - * @brief Configure the flash - * - * @param dev The flash device structure - * @param info The flash info structure - * @return 0 on success, negative errno code otherwise - */ -static int qspi_nor_configure(const struct device *dev) -{ - int ret = qspi_nrfx_configure(dev); - - if (ret != 0) - return ret; - - qspi_device_uninit(dev); - - return 0; -} - -/** - * @brief Initialize and configure the flash - * - * @param name The flash name - * @return 0 on success, negative errno code otherwise - */ -static int qspi_nor_init(const struct device *dev) -{ -#ifdef CONFIG_PINCTRL - int ret = pinctrl_apply_state(PINCTRL_DT_DEV_CONFIG_GET(QSPI_NODE), PINCTRL_STATE_DEFAULT); - - if (ret < 0) { - return ret; - } -#endif - - IRQ_CONNECT(DT_IRQN(QSPI_NODE), DT_IRQ(QSPI_NODE, priority), nrfx_isr, - nrfx_qspi_irq_handler, 0); - return qspi_nor_configure(dev); -} - -#if defined(CONFIG_SOC_SERIES_NRF53X) -static int qspi_cmd_encryption(const struct device *dev, nrf_qspi_encryption_t *p_cfg) -{ - const struct qspi_buf tx_buf = { .buf = (uint8_t *)&p_cfg->nonce[1], - .len = sizeof(p_cfg->nonce[1]) }; - const struct qspi_cmd cmd = { - .op_code = 0x4f, - .tx_buf = &tx_buf, - }; - - int ret = qspi_device_init(dev); - - if (ret == 0) - ret = qspi_send_cmd(dev, &cmd, false); - - qspi_device_uninit(dev); - - if (ret < 0) - LOG_DBG("cmd_encryption failed %d", ret); - - return ret; -} -#endif - -int qspi_RDSR2(const struct device *dev, uint8_t *rdsr2) -{ - int ret = 0; - uint8_t sr = 0; - - const struct qspi_buf sr_buf = { - .buf = &sr, - .len = sizeof(sr), - }; - struct qspi_cmd cmd = { - .op_code = 0x2f, - .rx_buf = &sr_buf, - }; - - ret = qspi_device_init(dev); - - ret = qspi_send_cmd(dev, &cmd, false); - - qspi_device_uninit(dev); - - LOG_DBG("RDSR2 = 0x%x", sr); - - if (ret == 0) - *rdsr2 = sr; - - return ret; -} - -/* Wait until RDSR2 confirms RPU_WAKE write is successful */ -int qspi_validate_rpu_wake_writecmd(const struct device *dev) -{ - int ret = 0; - uint8_t rdsr2 = 0; - - for (int ii = 0; ii < 1; ii++) { - ret = qspi_RDSR2(dev, &rdsr2); - if (!ret && (rdsr2 & RPU_WAKEUP_NOW)) { - return 0; - } - } - - return -1; -} - - -int qspi_RDSR1(const struct device *dev, uint8_t *rdsr1) -{ - int ret = 0; - uint8_t sr = 0; - - const struct qspi_buf sr_buf = { - .buf = &sr, - .len = sizeof(sr), - }; - struct qspi_cmd cmd = { - .op_code = 0x1f, - .rx_buf = &sr_buf, - }; - - ret = qspi_device_init(dev); - - ret = qspi_send_cmd(dev, &cmd, false); - - qspi_device_uninit(dev); - - LOG_DBG("RDSR1 = 0x%x", sr); - - if (ret == 0) - *rdsr1 = sr; - - return ret; -} - -/* Wait until RDSR1 confirms RPU_AWAKE/RPU_READY */ -int qspi_wait_while_rpu_awake(const struct device *dev) -{ - int ret; - uint8_t val = 0; - - for (int ii = 0; ii < 10; ii++) { - ret = qspi_RDSR1(dev, &val); - - LOG_DBG("RDSR1 = 0x%x", val); - - if (!ret && (val & RPU_AWAKE_BIT)) { - break; - } - - k_msleep(1); - } - - if (ret || !(val & RPU_AWAKE_BIT)) { - LOG_ERR("RPU is not awake even after 10ms"); - return -1; - } - - /* Restore QSPI clock frequency from DTS */ - QSPIconfig.phy_if.sck_freq = INST_0_SCK_CFG; - - return val; -} - -int qspi_WRSR2(const struct device *dev, uint8_t data) -{ - const struct qspi_buf tx_buf = { - .buf = &data, - .len = sizeof(data), - }; - const struct qspi_cmd cmd = { - .op_code = 0x3f, - .tx_buf = &tx_buf, - }; - int ret = qspi_device_init(dev); - - if (ret == 0) - ret = qspi_send_cmd(dev, &cmd, false); - - qspi_device_uninit(dev); - - if (ret < 0) - LOG_ERR("cmd_wakeup RPU failed %d", ret); - - return ret; -} - -int qspi_cmd_wakeup_rpu(const struct device *dev, uint8_t data) -{ - int ret; - - /* Waking RPU works reliably only with lowest frequency (8MHz) */ - QSPIconfig.phy_if.sck_freq = INST_0_SCK_CFG_WAKE; - - ret = qspi_WRSR2(dev, data); - - return ret; -} - -struct device qspi_perip = { - .data = &qspi_nor_memory_data, -}; - -int qspi_deinit(void) -{ - LOG_DBG("TODO : %s", __func__); - - return 0; -} - -int qspi_init(struct qspi_config *config) -{ - unsigned int rc; - - qspi_config = config; - - config->readoc = config->quad_spi ? NRF_QSPI_READOC_READ4IO : NRF_QSPI_READOC_FASTREAD; - config->writeoc = config->quad_spi ? NRF_QSPI_WRITEOC_PP4IO : NRF_QSPI_WRITEOC_PP; - - rc = qspi_nor_init(&qspi_perip); - - k_sem_init(&qspi_config->lock, 1, 1); - - return rc; -} - -void qspi_update_nonce(unsigned int addr, int len, int hlread) -{ -#if NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC - - NRF_QSPI_Type *p_reg = NRF_QSPI; - - if (!qspi_config->encryption) - return; - - if (nonce_last_addr == 0 || hlread) - p_reg->DMA_ENC.NONCE2 = ++nonce_cnt; - else if ((nonce_last_addr + 4) != addr) - p_reg->DMA_ENC.NONCE2 = ++nonce_cnt; - - nonce_last_addr = addr + len - 4; - -#endif /*NRF_QSPI_HAS_XIP_ENC || NRF_QSPI_HAS_DMA_ENC*/ -} - -void qspi_addr_check(unsigned int addr, const void *data, unsigned int len) -{ - if ((addr % 4 != 0) || (((unsigned int)data) % 4 != 0) || (len % 4 != 0)) { - LOG_ERR("%s : Unaligned address %x %x %d %x %x", __func__, addr, - (unsigned int)data, (addr % 4 != 0), (((unsigned int)data) % 4 != 0), - (len % 4 != 0)); - } -} - -int qspi_write(unsigned int addr, const void *data, int len) -{ - int status; - - qspi_addr_check(addr, data, len); - - addr |= qspi_config->addrmask; - - k_sem_take(&qspi_config->lock, K_FOREVER); - - qspi_update_nonce(addr, len, 0); - - status = qspi_nor_write(&qspi_perip, addr, data, len); - - k_sem_give(&qspi_config->lock); - - return status; -} - -int qspi_read(unsigned int addr, void *data, int len) -{ - int status; - - qspi_addr_check(addr, data, len); - - addr |= qspi_config->addrmask; - - k_sem_take(&qspi_config->lock, K_FOREVER); - - qspi_update_nonce(addr, len, 0); - - status = qspi_nor_read(&qspi_perip, addr, data, len); - - k_sem_give(&qspi_config->lock); - - return status; -} - -int qspi_hl_readw(unsigned int addr, void *data) -{ - int status; - uint8_t *rxb = NULL; - uint32_t len = 4; - - len = len + (4 * qspi_config->qspi_slave_latency); - - rxb = k_malloc(len); - - if (rxb == NULL) { - LOG_ERR("%s: ERROR ENOMEM line %d", __func__, __LINE__); - return -ENOMEM; - } - - memset(rxb, 0, len); - - k_sem_take(&qspi_config->lock, K_FOREVER); - - qspi_update_nonce(addr, 4, 1); - - status = qspi_nor_read(&qspi_perip, addr, rxb, len); - - k_sem_give(&qspi_config->lock); - - *(uint32_t *)data = *(uint32_t *)(rxb + (len - 4)); - - k_free(rxb); - - return status; -} - -int qspi_hl_read(unsigned int addr, void *data, int len) -{ - int count = 0; - - qspi_addr_check(addr, data, len); - - while (count < (len / 4)) { - qspi_hl_readw(addr + (4 * count), ((char *)data + (4 * count))); - count++; - } - - return 0; -} - -int qspi_cmd_sleep_rpu(const struct device *dev) -{ - uint8_t data = 0x0; - - /* printf("TODO : %s:", __func__); */ - const struct qspi_buf tx_buf = { - .buf = &data, - .len = sizeof(data), - }; - - const struct qspi_cmd cmd = { - .op_code = 0x3f, /* 0x3f, //WRSR2(0x3F) WakeUP RPU. */ - .tx_buf = &tx_buf, - }; - - int ret = qspi_device_init(dev); - - if (ret == 0) { - ret = qspi_send_cmd(dev, &cmd, false); - } - - qspi_device_uninit(dev); - - if (ret < 0) { - LOG_ERR("cmd_wakeup RPU failed: %d", ret); - } - - return ret; -} - -/* Encryption public API */ - -int qspi_enable_encryption(uint8_t *key) -{ -#if defined(CONFIG_SOC_SERIES_NRF53X) - int err = 0; - - if (qspi_config->encryption) - return -EALREADY; - - int ret = qspi_device_init(&qspi_perip); - - if (ret != 0) { - LOG_ERR("qspi_device_init failed: %d", ret); - return -EIO; - } - - memcpy(qspi_config->p_cfg.key, key, 16); - - err = nrfx_qspi_dma_encrypt(&qspi_config->p_cfg); - if (err != NRFX_SUCCESS) { - LOG_ERR("nrfx_qspi_dma_encrypt failed: %d", err); - return -EIO; - } - - err = qspi_cmd_encryption(&qspi_perip, &qspi_config->p_cfg); - if (err != 0) { - LOG_ERR("qspi_cmd_encryption failed: %d", err); - return -EIO; - } - - qspi_config->encryption = true; - - qspi_device_uninit(&qspi_perip); - - return 0; -#else - return -ENOTSUP; -#endif -} diff --git a/drivers/wifi/nrf700x/src/qspi/src/rpu_hw_if.c b/drivers/wifi/nrf700x/src/qspi/src/rpu_hw_if.c deleted file mode 100644 index a1daffc18747..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/src/rpu_hw_if.c +++ /dev/null @@ -1,482 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing common functions for RPU hardware interaction - * using QSPI and SPI that can be invoked by shell or the driver. - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "rpu_hw_if.h" -#include "qspi_if.h" -#include "spi_if.h" - -LOG_MODULE_REGISTER(wifi_nrf_bus, CONFIG_WIFI_NRF700X_BUS_LOG_LEVEL); - -#define NRF7002_NODE DT_NODELABEL(nrf700x) - -static const struct gpio_dt_spec host_irq_spec = -GPIO_DT_SPEC_GET(NRF7002_NODE, host_irq_gpios); - -static const struct gpio_dt_spec iovdd_ctrl_spec = -GPIO_DT_SPEC_GET(NRF7002_NODE, iovdd_ctrl_gpios); - -static const struct gpio_dt_spec bucken_spec = -GPIO_DT_SPEC_GET(NRF7002_NODE, bucken_gpios); - -char blk_name[][15] = { "SysBus", "ExtSysBus", "PBus", "PKTRAM", - "GRAM", "LMAC_ROM", "LMAC_RET_RAM", "LMAC_SRC_RAM", - "UMAC_ROM", "UMAC_RET_RAM", "UMAC_SRC_RAM" }; - -uint32_t rpu_7002_memmap[][3] = { - { 0x000000, 0x008FFF, 1 }, - { 0x009000, 0x03FFFF, 2 }, - { 0x040000, 0x07FFFF, 1 }, - { 0x0C0000, 0x0F0FFF, 0 }, - { 0x080000, 0x092000, 1 }, - { 0x100000, 0x134000, 1 }, - { 0x140000, 0x14C000, 1 }, - { 0x180000, 0x190000, 1 }, - { 0x200000, 0x261800, 1 }, - { 0x280000, 0x2A4000, 1 }, - { 0x300000, 0x338000, 1 } -}; - -static const struct qspi_dev *qdev; -static struct qspi_config *cfg; - -static int validate_addr_blk(uint32_t start_addr, - uint32_t end_addr, - uint32_t block_no, - bool *hl_flag, - int *selected_blk) -{ - uint32_t *block_map = rpu_7002_memmap[block_no]; - - if (((start_addr >= block_map[0]) && (start_addr <= block_map[1])) && - ((end_addr >= block_map[0]) && (end_addr <= block_map[1]))) { - if (block_no == PKTRAM) { - *hl_flag = 0; - } - *selected_blk = block_no; - return 0; - } - - return -1; -} - -static int rpu_validate_addr(uint32_t start_addr, uint32_t len, bool *hl_flag) -{ - int ret = 0, i; - uint32_t end_addr; - int selected_blk; - - end_addr = start_addr + len - 1; - - *hl_flag = 1; - - for (i = 0; i < NUM_MEM_BLOCKS; i++) { - ret = validate_addr_blk(start_addr, end_addr, i, hl_flag, &selected_blk); - if (!ret) { - break; - } - } - - if (ret) { - LOG_ERR("Address validation failed - pls check memmory map and re-try"); - return -1; - } - - if ((selected_blk == LMAC_ROM) || (selected_blk == UMAC_ROM)) { - LOG_ERR("Error: Cannot write to ROM blocks"); - return -1; - } - - cfg->qspi_slave_latency = (*hl_flag) ? rpu_7002_memmap[selected_blk][2] : 0; - - return 0; -} - -int rpu_irq_config(struct gpio_callback *irq_callback_data, void (*irq_handler)()) -{ - int ret; - - if (!device_is_ready(host_irq_spec.port)) { - LOG_ERR("Host IRQ GPIO %s is not ready", host_irq_spec.port->name); - return -ENODEV; - } - - ret = gpio_pin_configure_dt(&host_irq_spec, GPIO_INPUT); - if (ret) { - LOG_ERR("Failed to configure host_irq pin %d", host_irq_spec.pin); - goto out; - } - - ret = gpio_pin_interrupt_configure_dt(&host_irq_spec, - GPIO_INT_EDGE_TO_ACTIVE); - if (ret) { - LOG_ERR("Failed to configure interrupt on host_irq pin %d", - host_irq_spec.pin); - goto out; - } - - gpio_init_callback(irq_callback_data, - irq_handler, - BIT(host_irq_spec.pin)); - - ret = gpio_add_callback(host_irq_spec.port, irq_callback_data); - if (ret) { - LOG_ERR("Failed to add callback on host_irq pin %d", - host_irq_spec.pin); - goto out; - } - - LOG_DBG("Finished Interrupt config\n"); - -out: - return ret; -} - -int rpu_irq_remove(struct gpio_callback *irq_callback_data) -{ - int ret; - - ret = gpio_pin_configure_dt(&host_irq_spec, GPIO_DISCONNECTED); - if (ret) { - LOG_ERR("Failed to remove host_irq pin %d", host_irq_spec.pin); - goto out; - } - - ret = gpio_remove_callback(host_irq_spec.port, irq_callback_data); - if (ret) { - LOG_ERR("Failed to remove callback on host_irq pin %d", - host_irq_spec.pin); - goto out; - } - -out: - return ret; -} - -static int rpu_gpio_config(void) -{ - int ret; - - if (!device_is_ready(iovdd_ctrl_spec.port)) { - LOG_ERR("IOVDD GPIO %s is not ready", iovdd_ctrl_spec.port->name); - return -ENODEV; - } - - if (!device_is_ready(bucken_spec.port)) { - LOG_ERR("BUCKEN GPIO %s is not ready", bucken_spec.port->name); - return -ENODEV; - } - - ret = gpio_pin_configure_dt(&bucken_spec, (GPIO_OUTPUT | NRF_GPIO_DRIVE_H0H1)); - if (ret) { - LOG_ERR("BUCKEN GPIO configuration failed..."); - return ret; - } - - ret = gpio_pin_configure_dt(&iovdd_ctrl_spec, GPIO_OUTPUT); - if (ret) { - LOG_ERR("IOVDD GPIO configuration failed..."); - gpio_pin_configure_dt(&bucken_spec, GPIO_DISCONNECTED); - return ret; - } - - LOG_DBG("GPIO configuration done...\n"); - - return 0; -} - -static int rpu_gpio_remove(void) -{ - int ret; - - ret = gpio_pin_configure_dt(&bucken_spec, GPIO_DISCONNECTED); - if (ret) { - LOG_ERR("BUCKEN GPIO remove failed..."); - return ret; - } - - ret = gpio_pin_configure_dt(&iovdd_ctrl_spec, GPIO_DISCONNECTED); - if (ret) { - LOG_ERR("IOVDD GPIO remove failed..."); - return ret; - } - - LOG_DBG("GPIO remove done...\n"); - return ret; -} - -static int rpu_pwron(void) -{ - int ret; - - ret = gpio_pin_set_dt(&bucken_spec, 1); - if (ret) { - LOG_ERR("BUCKEN GPIO set failed..."); - return ret; - } - /* Settling time is 50us (H0) or 100us (L0) */ - k_msleep(1); - - ret = gpio_pin_set_dt(&iovdd_ctrl_spec, 1); - if (ret) { - LOG_ERR("IOVDD GPIO set failed..."); - gpio_pin_set_dt(&bucken_spec, 0); - return ret; - } - /* Settling time for iovdd nRF7002 DK/EK - switch (TCK106AG): ~600us */ - k_msleep(1); - - if (IS_ENABLED(CONFIG_NRF_WIFI_COMBINED_BUCKEN_IOVDD_GPIO)) { - /* When a single GPIO is used, we need a total wait time after bucken assertion - * to be 6ms (1ms + 1ms + 4ms). - */ - k_msleep(4); - } - - LOG_DBG("Bucken = %d, IOVDD = %d", gpio_pin_get_dt(&bucken_spec), - gpio_pin_get_dt(&iovdd_ctrl_spec)); - - return ret; -} - -static int rpu_pwroff(void) -{ - int ret; - - ret = gpio_pin_set_dt(&bucken_spec, 0); /* BUCKEN = 0 */ - if (ret) { - LOG_ERR("BUCKEN GPIO set failed..."); - return ret; - } - - ret = gpio_pin_set_dt(&iovdd_ctrl_spec, 0); /* IOVDD CNTRL = 0 */ - if (ret) { - LOG_ERR("IOVDD GPIO set failed..."); - return ret; - } - - return ret; -} - -int rpu_read(unsigned int addr, void *data, int len) -{ - bool hl_flag; - - if (rpu_validate_addr(addr, len, &hl_flag)) { - return -1; - } - - if (hl_flag) - return qdev->hl_read(addr, data, len); - else - return qdev->read(addr, data, len); -} - -int rpu_write(unsigned int addr, const void *data, int len) -{ - bool hl_flag; - - if (rpu_validate_addr(addr, len, &hl_flag)) { - return -1; - } - - return qdev->write(addr, data, len); -} - -int rpu_sleep(void) -{ -#if CONFIG_NRF700X_ON_QSPI - return qspi_cmd_sleep_rpu(&qspi_perip); -#else - return spim_cmd_sleep_rpu_fn(); -#endif -} - -int rpu_wakeup(void) -{ - int ret; - - ret = rpu_wrsr2(1); - if (ret) { - LOG_ERR("Error: WRSR2 failed"); - return ret; - } - - ret = rpu_rdsr2(); - if (ret < 0) { - LOG_ERR("Error: RDSR2 failed"); - return ret; - } - - ret = rpu_rdsr1(); - if (ret < 0) { - LOG_ERR("Error: RDSR1 failed"); - return ret; - } - - return 0; -} - -int rpu_sleep_status(void) -{ - return rpu_rdsr1(); -} - -void rpu_get_sleep_stats(uint32_t addr, uint32_t *buff, uint32_t wrd_len) -{ - int ret; - - ret = rpu_wakeup(); - if (ret) { - LOG_ERR("Error: RPU wakeup failed"); - return; - } - - ret = rpu_read(addr, buff, wrd_len * 4); - if (ret) { - LOG_ERR("Error: RPU read failed"); - return; - } - - ret = rpu_sleep(); - if (ret) { - LOG_ERR("Error: RPU sleep failed"); - return; - } -} - -int rpu_wrsr2(uint8_t data) -{ - int ret; - -#if CONFIG_NRF700X_ON_QSPI - ret = qspi_cmd_wakeup_rpu(&qspi_perip, data); -#else - ret = spim_cmd_rpu_wakeup_fn(data); -#endif - - LOG_DBG("Written 0x%x to WRSR2", data); - return ret; -} - -int rpu_rdsr2(void) -{ -#if CONFIG_NRF700X_ON_QSPI - return qspi_validate_rpu_wake_writecmd(&qspi_perip); -#else - return spi_validate_rpu_wake_writecmd(); -#endif -} - -int rpu_rdsr1(void) -{ -#if CONFIG_NRF700X_ON_QSPI - return qspi_wait_while_rpu_awake(&qspi_perip); -#else - return spim_wait_while_rpu_awake(); -#endif -} - - -int rpu_clks_on(void) -{ - uint32_t rpu_clks = 0x100; - /* Enable RPU Clocks */ - qdev->write(0x048C20, &rpu_clks, 4); - LOG_DBG("RPU Clocks ON..."); - return 0; -} - -#define CALL_RPU_FUNC(func, ...) \ - do { \ - ret = func(__VA_ARGS__); \ - if (ret) { \ - LOG_DBG("Error: %s failed with %d", #func, ret); \ - goto out; \ - } \ - } while (0) - -int rpu_init(void) -{ - int ret; - - qdev = qspi_dev(); - cfg = qspi_get_config(); - - CALL_RPU_FUNC(rpu_gpio_config); - -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH - ret = sr_gpio_config(); - if (ret) { - goto remove_sr_gpio; - } -#endif - ret = rpu_pwron(); - if (ret) { - goto remove_rpu_gpio; - } - - return 0; - -remove_rpu_gpio: - rpu_gpio_remove(); - -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH -remove_sr_gpio: - sr_gpio_remove(); -#endif -out: - return ret; -} - -int rpu_enable(void) -{ - int ret; - - ret = rpu_wakeup(); - if (ret) { - goto rpu_pwroff; - } - - ret = rpu_clks_on(); - if (ret) { - goto rpu_pwroff; - } - - return 0; -rpu_pwroff: - rpu_pwroff(); - return ret; -} - -int rpu_disable(void) -{ - int ret; - - CALL_RPU_FUNC(rpu_pwroff); - CALL_RPU_FUNC(rpu_gpio_remove); -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH - CALL_RPU_FUNC(sr_gpio_remove); -#endif - qdev = NULL; - cfg = NULL; - -out: - return ret; -} diff --git a/drivers/wifi/nrf700x/src/qspi/src/spi_if.c b/drivers/wifi/nrf700x/src/qspi/src/spi_if.c deleted file mode 100644 index 51180ad03287..000000000000 --- a/drivers/wifi/nrf700x/src/qspi/src/spi_if.c +++ /dev/null @@ -1,343 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing SPI device interface specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include - -#include -#include - -#include "qspi_if.h" -#include "spi_if.h" - -LOG_MODULE_DECLARE(wifi_nrf_bus, CONFIG_WIFI_NRF700X_BUS_LOG_LEVEL); - -#define NRF7002_NODE DT_NODELABEL(nrf700x) - -static struct qspi_config *spim_config; - -static const struct spi_dt_spec spi_spec = -SPI_DT_SPEC_GET(NRF7002_NODE, SPI_WORD_SET(8) | SPI_TRANSFER_MSB, 0); - -static int spim_xfer_tx(unsigned int addr, void *data, unsigned int len) -{ - int err; - uint8_t hdr[4] = { - 0x02, /* PP opcode */ - (((addr >> 16) & 0xFF) | 0x80), - (addr >> 8) & 0xFF, - (addr & 0xFF) - }; - - const struct spi_buf tx_buf[] = { - {.buf = hdr, .len = sizeof(hdr) }, - {.buf = data, .len = len }, - }; - const struct spi_buf_set tx = { .buffers = tx_buf, .count = 2 }; - - - err = spi_transceive_dt(&spi_spec, &tx, NULL); - - return err; -} - - -static int spim_xfer_rx(unsigned int addr, void *data, unsigned int len, unsigned int discard_bytes) -{ - uint8_t hdr[] = { - 0x0b, /* FASTREAD opcode */ - (addr >> 16) & 0xFF, - (addr >> 8) & 0xFF, - addr & 0xFF, - 0 /* dummy byte */ - }; - - const struct spi_buf tx_buf[] = { - {.buf = hdr, .len = sizeof(hdr) }, - {.buf = NULL, .len = len }, - }; - - const struct spi_buf_set tx = { .buffers = tx_buf, .count = 2 }; - - const struct spi_buf rx_buf[] = { - {.buf = NULL, .len = sizeof(hdr) + discard_bytes}, - {.buf = data, .len = len }, - }; - - const struct spi_buf_set rx = { .buffers = rx_buf, .count = 2 }; - - return spi_transceive_dt(&spi_spec, &tx, &rx); -} - -int spim_read_reg(uint32_t reg_addr, uint8_t *reg_value) -{ - int err; - uint8_t tx_buffer[6] = { reg_addr }; - - const struct spi_buf tx_buf = { - .buf = tx_buffer, - .len = sizeof(tx_buffer) - }; - - const struct spi_buf_set tx = { - .buffers = &tx_buf, - .count = 1 - }; - - uint8_t sr[6]; - - struct spi_buf rx_buf = { - .buf = &sr, - .len = sizeof(sr), - }; - const struct spi_buf_set rx = { .buffers = &rx_buf, .count = 1 }; - - err = spi_transceive_dt(&spi_spec, &tx, &rx); - - LOG_DBG("err: %d -> %x %x %x %x %x %x", err, sr[0], sr[1], sr[2], sr[3], sr[4], sr[5]); - - if (err == 0) - *reg_value = sr[1]; - - return err; -} - -int spim_write_reg(uint32_t reg_addr, const uint8_t reg_value) -{ - int err; - uint8_t tx_buffer[] = { reg_addr, reg_value }; - - const struct spi_buf tx_buf = { .buf = tx_buffer, .len = sizeof(tx_buffer) }; - const struct spi_buf_set tx = { .buffers = &tx_buf, .count = 1 }; - - err = spi_transceive_dt(&spi_spec, &tx, NULL); - - if (err) { - LOG_ERR("SPI error: %d", err); - } - - return err; -} - - -int spim_RDSR1(const struct device *dev, uint8_t *rdsr1) -{ - uint8_t val = 0; - - return spim_read_reg(0x1F, &val); -} - -int spim_RDSR2(const struct device *dev, uint8_t *rdsr1) -{ - uint8_t val = 0; - - return spim_read_reg(0x2F, &val); -} - -int spim_WRSR2(const struct device *dev, const uint8_t wrsr2) -{ - return spim_write_reg(0x3F, wrsr2); -} - -int _spim_wait_while_rpu_awake(void) -{ - int ret; - uint8_t val = 0; - - for (int ii = 0; ii < 10; ii++) { - - ret = spim_read_reg(0x1F, &val); - - LOG_DBG("RDSR1 = 0x%x", val); - - if (!ret && (val & RPU_AWAKE_BIT)) { - break; - } - - k_msleep(1); - } - - if (ret || !(val & RPU_AWAKE_BIT)) { - LOG_ERR("RPU is not awake even after 10ms"); - return -1; - } - - return val; -} - -/* Wait until RDSR2 confirms RPU_WAKEUP_NOW write is successful */ -int spim_wait_while_rpu_wake_write(void) -{ - int ret; - uint8_t val = 0; - - for (int ii = 0; ii < 10; ii++) { - - ret = spim_read_reg(0x2F, &val); - - LOG_DBG("RDSR2 = 0x%x", val); - - if (!ret && (val & RPU_WAKEUP_NOW)) { - break; - } - - k_msleep(1); - } - - if (ret || !(val & RPU_WAKEUP_NOW)) { - LOG_ERR("RPU wakeup write ACK failed even after 10ms"); - return -1; - } - - return ret; -} - -int spim_cmd_rpu_wakeup(uint32_t data) -{ - return spim_write_reg(0x3F, data); -} - -unsigned int spim_cmd_sleep_rpu(void) -{ - int err; - uint8_t tx_buffer[] = { 0x3f, 0x0 }; - - const struct spi_buf tx_buf = { .buf = tx_buffer, .len = sizeof(tx_buffer) }; - const struct spi_buf_set tx = { .buffers = &tx_buf, .count = 1 }; - - err = spi_transceive_dt(&spi_spec, &tx, NULL); - - if (err) { - LOG_ERR("SPI error: %d", err); - } - - return 0; -} - -int spim_init(struct qspi_config *config) -{ - if (!spi_is_ready_dt(&spi_spec)) { - LOG_ERR("Device %s is not ready", spi_spec.bus->name); - return -ENODEV; - } - - spim_config = config; - - k_sem_init(&spim_config->lock, 1, 1); - - if (spi_spec.config.frequency >= MHZ(16)) { - spim_config->qspi_slave_latency = 1; - } - - LOG_INF("SPIM %s: freq = %d MHz", spi_spec.bus->name, - spi_spec.config.frequency / MHZ(1)); - LOG_INF("SPIM %s: latency = %d", spi_spec.bus->name, spim_config->qspi_slave_latency); - - return 0; -} - -int spim_deinit(void) -{ - LOG_DBG("TODO : %s", __func__); - - return 0; -} - -static void spim_addr_check(unsigned int addr, const void *data, unsigned int len) -{ - if ((addr % 4 != 0) || (((unsigned int)data) % 4 != 0) || (len % 4 != 0)) { - LOG_ERR("%s : Unaligned address %x %x %d %x %x", __func__, addr, - (unsigned int)data, (addr % 4 != 0), (((unsigned int)data) % 4 != 0), - (len % 4 != 0)); - } -} - -int spim_write(unsigned int addr, const void *data, int len) -{ - int status; - - spim_addr_check(addr, data, len); - - addr |= spim_config->addrmask; - - k_sem_take(&spim_config->lock, K_FOREVER); - - status = spim_xfer_tx(addr, (void *)data, len); - - k_sem_give(&spim_config->lock); - - return status; -} - -int spim_read(unsigned int addr, void *data, int len) -{ - int status; - - spim_addr_check(addr, data, len); - - addr |= spim_config->addrmask; - - k_sem_take(&spim_config->lock, K_FOREVER); - - status = spim_xfer_rx(addr, data, len, 0); - - k_sem_give(&spim_config->lock); - - return status; -} - -static int spim_hl_readw(unsigned int addr, void *data) -{ - int status = -1; - - k_sem_take(&spim_config->lock, K_FOREVER); - - status = spim_xfer_rx(addr, data, 4, 4 * spim_config->qspi_slave_latency); - - k_sem_give(&spim_config->lock); - - return status; -} - -int spim_hl_read(unsigned int addr, void *data, int len) -{ - int count = 0; - - spim_addr_check(addr, data, len); - - while (count < (len / 4)) { - spim_hl_readw(addr + (4 * count), (char *)data + (4 * count)); - count++; - } - - return 0; -} - -/* ------------------------------added for wifi utils -------------------------------- */ - -int spim_cmd_rpu_wakeup_fn(uint32_t data) -{ - return spim_cmd_rpu_wakeup(data); -} - -int spim_cmd_sleep_rpu_fn(void) -{ - return spim_cmd_sleep_rpu(); -} - -int spim_wait_while_rpu_awake(void) -{ - return _spim_wait_while_rpu_awake(); -} - -int spi_validate_rpu_wake_writecmd(void) -{ - return spim_wait_while_rpu_wake_write(); -} diff --git a/drivers/wifi/nrf700x/src/shim.c b/drivers/wifi/nrf700x/src/shim.c deleted file mode 100644 index 240f78340a25..000000000000 --- a/drivers/wifi/nrf700x/src/shim.c +++ /dev/null @@ -1,973 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing OS specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "rpu_hw_if.h" -#include "shim.h" -#include "work.h" -#include "timer.h" -#include "osal_ops.h" -#include "qspi_if.h" - -LOG_MODULE_REGISTER(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -struct zep_shim_intr_priv *intr_priv; - -static void *zep_shim_mem_alloc(size_t size) -{ - size = (size + 4) & 0xfffffffc; - return k_malloc(size); -} - -static void *zep_shim_mem_zalloc(size_t size) -{ - size = (size + 4) & 0xfffffffc; - return k_calloc(size, sizeof(char)); -} - -static void *zep_shim_mem_cpy(void *dest, const void *src, size_t count) -{ - return memcpy(dest, src, count); -} - -static void *zep_shim_mem_set(void *start, int val, size_t size) -{ - return memset(start, val, size); -} - -static int zep_shim_mem_cmp(const void *addr1, - const void *addr2, - size_t size) -{ - return memcmp(addr1, addr2, size); -} - -static unsigned int zep_shim_qspi_read_reg32(void *priv, unsigned long addr) -{ - unsigned int val; - struct zep_shim_bus_qspi_priv *qspi_priv = priv; - struct qspi_dev *dev; - - dev = qspi_priv->qspi_dev; - - if (addr < 0x0C0000) { - dev->hl_read(addr, &val, 4); - } else { - dev->read(addr, &val, 4); - } - - return val; -} - -static void zep_shim_qspi_write_reg32(void *priv, unsigned long addr, unsigned int val) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = priv; - struct qspi_dev *dev; - - dev = qspi_priv->qspi_dev; - - dev->write(addr, &val, 4); -} - -static void zep_shim_qspi_cpy_from(void *priv, void *dest, unsigned long addr, size_t count) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = priv; - struct qspi_dev *dev; - - dev = qspi_priv->qspi_dev; - - if (count % 4 != 0) { - count = (count + 4) & 0xfffffffc; - } - - if (addr < 0x0C0000) { - dev->hl_read(addr, dest, count); - } else { - dev->read(addr, dest, count); - } -} - -static void zep_shim_qspi_cpy_to(void *priv, unsigned long addr, const void *src, size_t count) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = priv; - struct qspi_dev *dev; - - dev = qspi_priv->qspi_dev; - - if (count % 4 != 0) { - count = (count + 4) & 0xfffffffc; - } - - dev->write(addr, src, count); -} - -static void *zep_shim_spinlock_alloc(void) -{ - struct k_sem *lock = NULL; - - lock = k_malloc(sizeof(*lock)); - - if (!lock) { - LOG_ERR("%s: Unable to allocate memory for spinlock", __func__); - } - - return lock; -} - -static void zep_shim_spinlock_free(void *lock) -{ - k_free(lock); -} - -static void zep_shim_spinlock_init(void *lock) -{ - k_sem_init(lock, 1, 1); -} - -static void zep_shim_spinlock_take(void *lock) -{ - k_sem_take(lock, K_FOREVER); -} - -static void zep_shim_spinlock_rel(void *lock) -{ - k_sem_give(lock); -} - -static void zep_shim_spinlock_irq_take(void *lock, unsigned long *flags) -{ - k_sem_take(lock, K_FOREVER); -} - -static void zep_shim_spinlock_irq_rel(void *lock, unsigned long *flags) -{ - k_sem_give(lock); -} - -static int zep_shim_pr_dbg(const char *fmt, va_list args) -{ - char buf[80]; - - vsnprintf(buf, sizeof(buf), fmt, args); - - LOG_DBG("%s", buf); - - return 0; -} - -static int zep_shim_pr_info(const char *fmt, va_list args) -{ - char buf[80]; - - vsnprintf(buf, sizeof(buf), fmt, args); - - LOG_INF("%s", buf); - - return 0; -} - -static int zep_shim_pr_err(const char *fmt, va_list args) -{ - char buf[256]; - - vsnprintf(buf, sizeof(buf), fmt, args); - - LOG_ERR("%s", buf); - - return 0; -} - -struct nwb { - unsigned char *data; - unsigned char *tail; - int len; - int headroom; - void *next; - void *priv; - int iftype; - void *ifaddr; - void *dev; - int hostbuffer; - void *cleanup_ctx; - void (*cleanup_cb)(); - unsigned char priority; - bool chksum_done; -}; - -static void *zep_shim_nbuf_alloc(unsigned int size) -{ - struct nwb *nwb; - - nwb = (struct nwb *)k_calloc(sizeof(struct nwb), sizeof(char)); - - if (!nwb) - return NULL; - - nwb->priv = k_calloc(size, sizeof(char)); - - if (!nwb->priv) { - k_free(nwb); - return NULL; - } - - nwb->data = (unsigned char *)nwb->priv; - nwb->tail = nwb->data; - nwb->len = 0; - nwb->headroom = 0; - nwb->next = NULL; - - return nwb; -} - -static void zep_shim_nbuf_free(void *nbuf) -{ - struct nwb *nwb; - - nwb = nbuf; - - k_free(((struct nwb *)nbuf)->priv); - - k_free(nbuf); -} - -static void zep_shim_nbuf_headroom_res(void *nbuf, unsigned int size) -{ - struct nwb *nwb = (struct nwb *)nbuf; - - nwb->data += size; - nwb->tail += size; - nwb->headroom += size; -} - -static unsigned int zep_shim_nbuf_headroom_get(void *nbuf) -{ - return ((struct nwb *)nbuf)->headroom; -} - -static unsigned int zep_shim_nbuf_data_size(void *nbuf) -{ - return ((struct nwb *)nbuf)->len; -} - -static void *zep_shim_nbuf_data_get(void *nbuf) -{ - return ((struct nwb *)nbuf)->data; -} - -static void *zep_shim_nbuf_data_put(void *nbuf, unsigned int size) -{ - struct nwb *nwb = (struct nwb *)nbuf; - unsigned char *data = nwb->tail; - - nwb->tail += size; - nwb->len += size; - - return data; -} - -static void *zep_shim_nbuf_data_push(void *nbuf, unsigned int size) -{ - struct nwb *nwb = (struct nwb *)nbuf; - - nwb->data -= size; - nwb->headroom -= size; - nwb->len += size; - - return nwb->data; -} - -static void *zep_shim_nbuf_data_pull(void *nbuf, unsigned int size) -{ - struct nwb *nwb = (struct nwb *)nbuf; - - nwb->data += size; - nwb->headroom += size; - nwb->len -= size; - - return nwb->data; -} - -static unsigned char zep_shim_nbuf_get_priority(void *nbuf) -{ - struct nwb *nwb = (struct nwb *)nbuf; - - return nwb->priority; -} - -static unsigned char zep_shim_nbuf_get_chksum_done(void *nbuf) -{ - struct nwb *nwb = (struct nwb *)nbuf; - - return nwb->chksum_done; -} - -static void zep_shim_nbuf_set_chksum_done(void *nbuf, unsigned char chksum_done) -{ - struct nwb *nwb = (struct nwb *)nbuf; - - nwb->chksum_done = (bool)chksum_done; -} - -#include -#include - -void *net_pkt_to_nbuf(struct net_pkt *pkt) -{ - struct nwb *nwb; - unsigned char *data; - unsigned int len; - - len = net_pkt_get_len(pkt); - - nwb = zep_shim_nbuf_alloc(len + 100); - - if (!nwb) { - return NULL; - } - - zep_shim_nbuf_headroom_res(nwb, 100); - - data = zep_shim_nbuf_data_put(nwb, len); - - net_pkt_read(pkt, data, len); - - nwb->priority = net_pkt_priority(pkt); - nwb->chksum_done = (bool)net_pkt_is_chksum_done(pkt); - - return nwb; -} - -void *net_pkt_from_nbuf(void *iface, void *frm) -{ - struct net_pkt *pkt = NULL; - unsigned char *data; - unsigned int len; - struct nwb *nwb = frm; - - if (!nwb) { - return NULL; - } - - len = zep_shim_nbuf_data_size(nwb); - - data = zep_shim_nbuf_data_get(nwb); - - pkt = net_pkt_rx_alloc_with_buffer(iface, len, AF_UNSPEC, 0, K_MSEC(100)); - - if (!pkt) { - goto out; - } - - if (net_pkt_write(pkt, data, len)) { - net_pkt_unref(pkt); - pkt = NULL; - goto out; - } - -out: - zep_shim_nbuf_free(nwb); - return pkt; -} - -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) -void *net_raw_pkt_from_nbuf(void *iface, void *frm, - unsigned short raw_hdr_len, - void *raw_rx_hdr, - bool pkt_free) -{ - struct net_pkt *pkt = NULL; - unsigned char *nwb_data; - unsigned char *data = NULL; - unsigned int nwb_len; - unsigned int total_len; - struct nwb *nwb = frm; - - if (!nwb) { - LOG_ERR("%s: Received network buffer is NULL", __func__); - return NULL; - } - - nwb_len = zep_shim_nbuf_data_size(nwb); - nwb_data = zep_shim_nbuf_data_get(nwb); - total_len = raw_hdr_len + nwb_len; - - data = (unsigned char *)k_malloc(total_len); - if (!data) { - LOG_ERR("%s: Unable to allocate memory for sniffer data packet", __func__); - goto out; - } - - pkt = net_pkt_rx_alloc_with_buffer(iface, total_len, AF_PACKET, ETH_P_ALL, K_MSEC(100)); - if (!pkt) { - LOG_ERR("%s: Unable to allocate net packet buffer", __func__); - goto out; - } - - memcpy(data, raw_rx_hdr, raw_hdr_len); - memcpy((data+raw_hdr_len), nwb_data, nwb_len); - - if (net_pkt_write(pkt, data, total_len)) { - net_pkt_unref(pkt); - pkt = NULL; - goto out; - } -out: - if (data != NULL) { - k_free(data); - } - - if (pkt_free) { - zep_shim_nbuf_free(nwb); - } - - return pkt; -} -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ - -static void *zep_shim_llist_node_alloc(void) -{ - struct zep_shim_llist_node *llist_node = NULL; - - llist_node = k_calloc(sizeof(*llist_node), sizeof(char)); - - if (!llist_node) { - LOG_ERR("%s: Unable to allocate memory for linked list node", __func__); - return NULL; - } - - sys_dnode_init(&llist_node->head); - - return llist_node; -} - -static void zep_shim_llist_node_free(void *llist_node) -{ - k_free(llist_node); -} - -static void *zep_shim_llist_node_data_get(void *llist_node) -{ - struct zep_shim_llist_node *zep_llist_node = NULL; - - zep_llist_node = (struct zep_shim_llist_node *)llist_node; - - return zep_llist_node->data; -} - -static void zep_shim_llist_node_data_set(void *llist_node, void *data) -{ - struct zep_shim_llist_node *zep_llist_node = NULL; - - zep_llist_node = (struct zep_shim_llist_node *)llist_node; - - zep_llist_node->data = data; -} - -static void *zep_shim_llist_alloc(void) -{ - struct zep_shim_llist *llist = NULL; - - llist = k_calloc(sizeof(*llist), sizeof(char)); - - if (!llist) { - LOG_ERR("%s: Unable to allocate memory for linked list", __func__); - } - - return llist; -} - -static void zep_shim_llist_free(void *llist) -{ - k_free(llist); -} - -static void zep_shim_llist_init(void *llist) -{ - struct zep_shim_llist *zep_llist = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - - sys_dlist_init(&zep_llist->head); -} - -static void zep_shim_llist_add_node_tail(void *llist, void *llist_node) -{ - struct zep_shim_llist *zep_llist = NULL; - struct zep_shim_llist_node *zep_node = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - zep_node = (struct zep_shim_llist_node *)llist_node; - - sys_dlist_append(&zep_llist->head, &zep_node->head); - - zep_llist->len += 1; -} - -static void zep_shim_llist_add_node_head(void *llist, void *llist_node) -{ - struct zep_shim_llist *zep_llist = NULL; - struct zep_shim_llist_node *zep_node = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - zep_node = (struct zep_shim_llist_node *)llist_node; - - sys_dlist_prepend(&zep_llist->head, &zep_node->head); - - zep_llist->len += 1; -} - -static void *zep_shim_llist_get_node_head(void *llist) -{ - struct zep_shim_llist_node *zep_head_node = NULL; - struct zep_shim_llist *zep_llist = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - - if (!zep_llist->len) { - return NULL; - } - - zep_head_node = (struct zep_shim_llist_node *)sys_dlist_peek_head(&zep_llist->head); - - return zep_head_node; -} - -static void *zep_shim_llist_get_node_nxt(void *llist, void *llist_node) -{ - struct zep_shim_llist_node *zep_node = NULL; - struct zep_shim_llist_node *zep_nxt_node = NULL; - struct zep_shim_llist *zep_llist = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - zep_node = (struct zep_shim_llist_node *)llist_node; - - zep_nxt_node = (struct zep_shim_llist_node *)sys_dlist_peek_next(&zep_llist->head, - &zep_node->head); - - return zep_nxt_node; -} - -static void zep_shim_llist_del_node(void *llist, void *llist_node) -{ - struct zep_shim_llist_node *zep_node = NULL; - struct zep_shim_llist *zep_llist = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - zep_node = (struct zep_shim_llist_node *)llist_node; - - sys_dlist_remove(&zep_node->head); - - zep_llist->len -= 1; -} - -static unsigned int zep_shim_llist_len(void *llist) -{ - struct zep_shim_llist *zep_llist = NULL; - - zep_llist = (struct zep_shim_llist *)llist; - - return zep_llist->len; -} - -static void *zep_shim_work_alloc(int type) -{ - return work_alloc(type); -} - -static void zep_shim_work_free(void *item) -{ - return work_free(item); -} - -static void zep_shim_work_init(void *item, void (*callback)(unsigned long data), - unsigned long data) -{ - work_init(item, callback, data); -} - -static void zep_shim_work_schedule(void *item) -{ - work_schedule(item); -} - -static void zep_shim_work_kill(void *item) -{ - work_kill(item); -} - -static unsigned long zep_shim_time_get_curr_us(void) -{ - return k_uptime_get() * USEC_PER_MSEC; -} - -static unsigned int zep_shim_time_elapsed_us(unsigned long start_time_us) -{ - unsigned long curr_time_us = 0; - - curr_time_us = zep_shim_time_get_curr_us(); - - return curr_time_us - start_time_us; -} - -static enum nrf_wifi_status zep_shim_bus_qspi_dev_init(void *os_qspi_dev_ctx) -{ - ARG_UNUSED(os_qspi_dev_ctx); - - return NRF_WIFI_STATUS_SUCCESS; -} - -static void zep_shim_bus_qspi_dev_deinit(void *priv) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = priv; - volatile struct qspi_dev *dev = qspi_priv->qspi_dev; - - dev->deinit(); -} - -static void *zep_shim_bus_qspi_dev_add(void *os_qspi_priv, void *osal_qspi_dev_ctx) -{ - struct zep_shim_bus_qspi_priv *zep_qspi_priv = os_qspi_priv; - struct qspi_dev *dev = qspi_dev(); - int ret; - enum nrf_wifi_status status; - - ret = rpu_init(); - if (ret) { - LOG_ERR("%s: RPU init failed with error %d", __func__, ret); - return NULL; - } - - status = dev->init(qspi_defconfig()); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: QSPI device init failed", __func__); - return NULL; - } - - ret = rpu_enable(); - if (ret) { - LOG_ERR("%s: RPU enable failed with error %d", __func__, ret); - return NULL; - } - zep_qspi_priv->qspi_dev = dev; - zep_qspi_priv->dev_added = true; - - return zep_qspi_priv; -} - -static void zep_shim_bus_qspi_dev_rem(void *priv) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = priv; - struct qspi_dev *dev = qspi_priv->qspi_dev; - - ARG_UNUSED(dev); - - /* TODO: Make qspi_dev a dynamic instance and remove it here */ - rpu_disable(); -} - -static void *zep_shim_bus_qspi_init(void) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = NULL; - - qspi_priv = k_calloc(sizeof(*qspi_priv), sizeof(char)); - - if (!qspi_priv) { - LOG_ERR("%s: Unable to allocate memory for qspi_priv", __func__); - goto out; - } -out: - return qspi_priv; -} - -static void zep_shim_bus_qspi_deinit(void *os_qspi_priv) -{ - struct zep_shim_bus_qspi_priv *qspi_priv = NULL; - - qspi_priv = os_qspi_priv; - - k_free(qspi_priv); -} - -#ifdef CONFIG_NRF_WIFI_LOW_POWER -static int zep_shim_bus_qspi_ps_sleep(void *os_qspi_priv) -{ - rpu_sleep(); - - return 0; -} - -static int zep_shim_bus_qspi_ps_wake(void *os_qspi_priv) -{ - rpu_wakeup(); - - return 0; -} - -static int zep_shim_bus_qspi_ps_status(void *os_qspi_priv) -{ - return rpu_sleep_status(); -} -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - -static void zep_shim_bus_qspi_dev_host_map_get(void *os_qspi_dev_ctx, - struct nrf_wifi_osal_host_map *host_map) -{ - if (!os_qspi_dev_ctx || !host_map) { - LOG_ERR("%s: Invalid parameters", __func__); - return; - } - - host_map->addr = 0; -} - -static void irq_work_handler(struct k_work *work) -{ - int ret = 0; - - ret = intr_priv->callbk_fn(intr_priv->callbk_data); - - if (ret) { - LOG_ERR("%s: Interrupt callback failed", __func__); - } -} - - -extern struct k_work_q zep_wifi_intr_q; - -static void zep_shim_irq_handler(const struct device *dev, struct gpio_callback *cb, uint32_t pins) -{ - ARG_UNUSED(cb); - ARG_UNUSED(pins); - - k_work_schedule_for_queue(&zep_wifi_intr_q, &intr_priv->work, K_NO_WAIT); -} - -static enum nrf_wifi_status zep_shim_bus_qspi_intr_reg(void *os_dev_ctx, void *callbk_data, - int (*callbk_fn)(void *callbk_data)) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - ARG_UNUSED(os_dev_ctx); - - intr_priv = k_calloc(sizeof(*intr_priv), sizeof(char)); - - if (!intr_priv) { - LOG_ERR("%s: Unable to allocate memory for intr_priv", __func__); - goto out; - } - - intr_priv->callbk_data = callbk_data; - intr_priv->callbk_fn = callbk_fn; - - k_work_init_delayable(&intr_priv->work, irq_work_handler); - - ret = rpu_irq_config(&intr_priv->gpio_cb_data, zep_shim_irq_handler); - - if (ret) { - LOG_ERR("%s: request_irq failed", __func__); - k_free(intr_priv); - intr_priv = NULL; - goto out; - } - - status = NRF_WIFI_STATUS_SUCCESS; - -out: - return status; -} - -static void zep_shim_bus_qspi_intr_unreg(void *os_qspi_dev_ctx) -{ - struct k_work_sync sync; - int ret; - - ARG_UNUSED(os_qspi_dev_ctx); - - ret = rpu_irq_remove(&intr_priv->gpio_cb_data); - if (ret) { - LOG_ERR("%s: rpu_irq_remove failed", __func__); - return; - } - - k_work_cancel_delayable_sync(&intr_priv->work, &sync); - - k_free(intr_priv); - intr_priv = NULL; -} - -#ifdef CONFIG_NRF_WIFI_LOW_POWER -static void *zep_shim_timer_alloc(void) -{ - struct timer_list *timer = NULL; - - timer = k_malloc(sizeof(*timer)); - - if (!timer) - LOG_ERR("%s: Unable to allocate memory for work", __func__); - - return timer; -} - -static void zep_shim_timer_init(void *timer, void (*callback)(unsigned long), unsigned long data) -{ - ((struct timer_list *)timer)->function = callback; - ((struct timer_list *)timer)->data = data; - - init_timer(timer); -} - -static void zep_shim_timer_free(void *timer) -{ - k_free(timer); -} - -static void zep_shim_timer_schedule(void *timer, unsigned long duration) -{ - mod_timer(timer, duration); -} - -static void zep_shim_timer_kill(void *timer) -{ - del_timer_sync(timer); -} -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - -static void zep_shim_assert(int test_val, int val, enum nrf_wifi_assert_op_type op, char *msg) -{ - switch (op) { - case NRF_WIFI_ASSERT_EQUAL_TO: - NET_ASSERT(test_val == val, "%s", msg); - break; - case NRF_WIFI_ASSERT_NOT_EQUAL_TO: - NET_ASSERT(test_val != val, "%s", msg); - break; - case NRF_WIFI_ASSERT_LESS_THAN: - NET_ASSERT(test_val < val, "%s", msg); - break; - case NRF_WIFI_ASSERT_LESS_THAN_EQUAL_TO: - NET_ASSERT(test_val <= val, "%s", msg); - break; - case NRF_WIFI_ASSERT_GREATER_THAN: - NET_ASSERT(test_val > val, "%s", msg); - break; - case NRF_WIFI_ASSERT_GREATER_THAN_EQUAL_TO: - NET_ASSERT(test_val >= val, "%s", msg); - break; - default: - LOG_ERR("%s: Invalid assertion operation", __func__); - } -} - -static unsigned int zep_shim_strlen(const void *str) -{ - return strlen(str); -} - -const struct nrf_wifi_osal_ops nrf_wifi_os_zep_ops = { - .mem_alloc = zep_shim_mem_alloc, - .mem_zalloc = zep_shim_mem_zalloc, - .mem_free = k_free, - .mem_cpy = zep_shim_mem_cpy, - .mem_set = zep_shim_mem_set, - .mem_cmp = zep_shim_mem_cmp, - - .qspi_read_reg32 = zep_shim_qspi_read_reg32, - .qspi_write_reg32 = zep_shim_qspi_write_reg32, - .qspi_cpy_from = zep_shim_qspi_cpy_from, - .qspi_cpy_to = zep_shim_qspi_cpy_to, - - .spinlock_alloc = zep_shim_spinlock_alloc, - .spinlock_free = zep_shim_spinlock_free, - .spinlock_init = zep_shim_spinlock_init, - .spinlock_take = zep_shim_spinlock_take, - .spinlock_rel = zep_shim_spinlock_rel, - - .spinlock_irq_take = zep_shim_spinlock_irq_take, - .spinlock_irq_rel = zep_shim_spinlock_irq_rel, - - .log_dbg = zep_shim_pr_dbg, - .log_info = zep_shim_pr_info, - .log_err = zep_shim_pr_err, - - .llist_node_alloc = zep_shim_llist_node_alloc, - .llist_node_free = zep_shim_llist_node_free, - .llist_node_data_get = zep_shim_llist_node_data_get, - .llist_node_data_set = zep_shim_llist_node_data_set, - - .llist_alloc = zep_shim_llist_alloc, - .llist_free = zep_shim_llist_free, - .llist_init = zep_shim_llist_init, - .llist_add_node_tail = zep_shim_llist_add_node_tail, - .llist_add_node_head = zep_shim_llist_add_node_head, - .llist_get_node_head = zep_shim_llist_get_node_head, - .llist_get_node_nxt = zep_shim_llist_get_node_nxt, - .llist_del_node = zep_shim_llist_del_node, - .llist_len = zep_shim_llist_len, - - .nbuf_alloc = zep_shim_nbuf_alloc, - .nbuf_free = zep_shim_nbuf_free, - .nbuf_headroom_res = zep_shim_nbuf_headroom_res, - .nbuf_headroom_get = zep_shim_nbuf_headroom_get, - .nbuf_data_size = zep_shim_nbuf_data_size, - .nbuf_data_get = zep_shim_nbuf_data_get, - .nbuf_data_put = zep_shim_nbuf_data_put, - .nbuf_data_push = zep_shim_nbuf_data_push, - .nbuf_data_pull = zep_shim_nbuf_data_pull, - .nbuf_get_priority = zep_shim_nbuf_get_priority, - .nbuf_get_chksum_done = zep_shim_nbuf_get_chksum_done, - .nbuf_set_chksum_done = zep_shim_nbuf_set_chksum_done, - - .tasklet_alloc = zep_shim_work_alloc, - .tasklet_free = zep_shim_work_free, - .tasklet_init = zep_shim_work_init, - .tasklet_schedule = zep_shim_work_schedule, - .tasklet_kill = zep_shim_work_kill, - - .sleep_ms = k_msleep, - .delay_us = k_usleep, - .time_get_curr_us = zep_shim_time_get_curr_us, - .time_elapsed_us = zep_shim_time_elapsed_us, - - .bus_qspi_init = zep_shim_bus_qspi_init, - .bus_qspi_deinit = zep_shim_bus_qspi_deinit, - .bus_qspi_dev_add = zep_shim_bus_qspi_dev_add, - .bus_qspi_dev_rem = zep_shim_bus_qspi_dev_rem, - .bus_qspi_dev_init = zep_shim_bus_qspi_dev_init, - .bus_qspi_dev_deinit = zep_shim_bus_qspi_dev_deinit, - .bus_qspi_dev_intr_reg = zep_shim_bus_qspi_intr_reg, - .bus_qspi_dev_intr_unreg = zep_shim_bus_qspi_intr_unreg, - .bus_qspi_dev_host_map_get = zep_shim_bus_qspi_dev_host_map_get, - -#ifdef CONFIG_NRF_WIFI_LOW_POWER - .timer_alloc = zep_shim_timer_alloc, - .timer_init = zep_shim_timer_init, - .timer_free = zep_shim_timer_free, - .timer_schedule = zep_shim_timer_schedule, - .timer_kill = zep_shim_timer_kill, - - .bus_qspi_ps_sleep = zep_shim_bus_qspi_ps_sleep, - .bus_qspi_ps_wake = zep_shim_bus_qspi_ps_wake, - .bus_qspi_ps_status = zep_shim_bus_qspi_ps_status, -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - - .assert = zep_shim_assert, - .strlen = zep_shim_strlen, -}; diff --git a/drivers/wifi/nrf700x/src/shim.h b/drivers/wifi/nrf700x/src/shim.h deleted file mode 100644 index ddddbe438674..000000000000 --- a/drivers/wifi/nrf700x/src/shim.h +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing OS interface specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __SHIM_H__ -#define __SHIM_H__ - -#include -#include -#include - -/** - * struct zep_shim_bus_qspi_priv - Structure to hold context information for the Linux OS - * shim. - * @opriv: Pointer to OSAL context. - * @pcie_callbk_data: Callback data to be passed to the PCIe callback functions. - * @pcie_prb_callbk: The callback function to be called when a PCIe device - * has been probed. - * @pcie_rem_callbk: The callback function to be called when a PCIe device - * has been removed. - * - * This structure maintains the context information necessary for the operation - * of the Linux shim. Some of the elements of the structure need to be - * initialized during the initialization of the Linux shim while others need to - * be kept updated over the duration of the Linux shim operation. - */ -struct zep_shim_bus_qspi_priv { - void *qspi_dev; - - bool dev_added; - bool dev_init; -}; - -struct zep_shim_intr_priv { - struct gpio_callback gpio_cb_data; - void *callbk_data; - int (*callbk_fn)(void *callbk_data); - struct k_work_delayable work; -}; - -struct zep_shim_llist_node { - sys_dnode_t head; - void *data; -}; - -struct zep_shim_llist { - sys_dlist_t head; - unsigned int len; -}; - -void *net_pkt_to_nbuf(struct net_pkt *pkt); -void *net_pkt_from_nbuf(void *iface, void *frm); -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) -void *net_raw_pkt_from_nbuf(void *iface, - void *frm, - unsigned short raw_hdr_len, - void *raw_rx_hdr, - bool pkt_free); -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ - -#endif /* __SHIM_H__ */ diff --git a/drivers/wifi/nrf700x/src/timer.c b/drivers/wifi/nrf700x/src/timer.c deleted file mode 100644 index 9f1070463342..000000000000 --- a/drivers/wifi/nrf700x/src/timer.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing timer specific definitons for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include -#include - -#include -#include -#include - -#include "timer.h" - -static void timer_expiry_function(struct k_work *work) -{ - struct timer_list *timer; - - timer = (struct timer_list *)CONTAINER_OF(work, struct timer_list, work.work); - - timer->function(timer->data); -} - -void init_timer(struct timer_list *timer) -{ - k_work_init_delayable(&timer->work, timer_expiry_function); -} - -void mod_timer(struct timer_list *timer, int msec) -{ - k_work_schedule(&timer->work, K_MSEC(msec)); -} - -void del_timer_sync(struct timer_list *timer) -{ - k_work_cancel_delayable(&timer->work); -} diff --git a/drivers/wifi/nrf700x/src/timer.h b/drivers/wifi/nrf700x/src/timer.h deleted file mode 100644 index 2fbea4b9e9c0..000000000000 --- a/drivers/wifi/nrf700x/src/timer.h +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing timer specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ -#ifndef __TIMER_H__ -#define __TIMER_H__ - -struct timer_list { - void (*function)(unsigned long data); - unsigned long data; - struct k_work_delayable work; -}; - -void init_timer(struct timer_list *timer); - -void mod_timer(struct timer_list *timer, int msec); - -void del_timer_sync(struct timer_list *timer); - -#endif /* __TIMER_H__ */ diff --git a/drivers/wifi/nrf700x/src/wifi_mgmt.c b/drivers/wifi/nrf700x/src/wifi_mgmt.c deleted file mode 100644 index 5cf0d1c41ea6..000000000000 --- a/drivers/wifi/nrf700x/src/wifi_mgmt.c +++ /dev/null @@ -1,1015 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing WiFi management operation implementations - * for the Zephyr OS. - */ - -#include - -#include -#include - -#include "util.h" -#include "fmac_api.h" -#include "fmac_tx.h" -#include "fmac_util.h" -#include "fmac_main.h" -#include "wifi_mgmt.h" - -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -extern struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; - -int nrf_wifi_set_power_save(const struct device *dev, - struct wifi_ps_params *params) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - int ret = -1; - unsigned int uapsd_queue = UAPSD_Q_MIN; /* Legacy mode */ - - if (!dev || !params) { - LOG_ERR("%s: dev or params is NULL", __func__); - return ret; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - switch (params->type) { - case WIFI_PS_PARAM_LISTEN_INTERVAL: - if ((params->listen_interval < - NRF_WIFI_LISTEN_INTERVAL_MIN) || - (params->listen_interval > - WIFI_LISTEN_INTERVAL_MAX)) { - params->fail_reason = - WIFI_PS_PARAM_LISTEN_INTERVAL_RANGE_INVALID; - return -EINVAL; - } - status = nrf_wifi_fmac_set_listen_interval( - rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - params->listen_interval); - break; - case WIFI_PS_PARAM_TIMEOUT: - if ((vif_ctx_zep->if_type != NRF_WIFI_IFTYPE_STATION) -#ifdef CONFIG_NRF700X_RAW_DATA_TX - && (vif_ctx_zep->if_type != NRF_WIFI_STA_TX_INJECTOR) -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ -#ifdef CONFIG_NRF700X_PROMISC_DATA_RX - && (vif_ctx_zep->if_type != NRF_WIFI_STA_PROMISC_TX_INJECTOR) -#endif /* CONFIG_NRF700X_PROMISC_DATA_RX */ - ) { - LOG_ERR("%s: Operation supported only in STA enabled mode", - __func__); - params->fail_reason = - WIFI_PS_PARAM_FAIL_CMD_EXEC_FAIL; - goto out; - } - - status = nrf_wifi_fmac_set_power_save_timeout( - rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - params->timeout_ms); - break; - case WIFI_PS_PARAM_MODE: - if (params->mode == WIFI_PS_MODE_WMM) { - uapsd_queue = UAPSD_Q_MAX; /* WMM mode */ - } - - status = nrf_wifi_fmac_set_uapsd_queue(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - uapsd_queue); - break; - case WIFI_PS_PARAM_STATE: - status = nrf_wifi_fmac_set_power_save(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - params->enabled); - break; - case WIFI_PS_PARAM_WAKEUP_MODE: - status = nrf_wifi_fmac_set_ps_wakeup_mode( - rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - params->wakeup_mode); - break; - default: - params->fail_reason = - WIFI_PS_PARAM_FAIL_CMD_EXEC_FAIL; - return -ENOTSUP; - } - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Confiuring PS param %d failed", - __func__, params->type); - params->fail_reason = - WIFI_PS_PARAM_FAIL_CMD_EXEC_FAIL; - goto out; - } - - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_get_power_save_config(const struct device *dev, - struct wifi_ps_config *ps_config) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - int ret = -1; - int count = 0; - - if (!dev || !ps_config) { - return ret; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - if ((vif_ctx_zep->if_type != NRF_WIFI_IFTYPE_STATION) -#ifdef CONFIG_NRF700X_RAW_DATA_TX - && (vif_ctx_zep->if_type != NRF_WIFI_STA_TX_INJECTOR) -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ -#ifdef CONFIG_NRF700X_PROMISC_DATA_RX - && (vif_ctx_zep->if_type != NRF_WIFI_STA_PROMISC_TX_INJECTOR) -#endif /* CONFIG_NRF700X_PROMISC_DATA_RX */ - ) { - LOG_ERR("%s: Operation supported only in STA enabled mode", - __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - goto out; - } - - vif_ctx_zep->ps_info = ps_config; - - vif_ctx_zep->ps_config_info_evnt = false; - - status = nrf_wifi_fmac_get_power_save_info(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_get_power_save_info failed", - __func__); - goto out; - } - - do { - nrf_wifi_osal_sleep_ms(1); - count++; - } while ((vif_ctx_zep->ps_config_info_evnt == false) && - (count < NRF_WIFI_FMAC_PS_CONF_EVNT_RECV_TIMEOUT)); - - if (count == NRF_WIFI_FMAC_PS_CONF_EVNT_RECV_TIMEOUT) { - nrf_wifi_osal_log_err("%s: Timed out", - __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -/* TWT interval conversion helpers: User <-> Protocol */ -static struct twt_interval_float nrf_wifi_twt_us_to_float(uint32_t twt_interval) -{ - double mantissa = 0.0; - int exponent = 0; - struct twt_interval_float twt_interval_float; - - double twt_interval_ms = twt_interval / 1000.0; - - mantissa = frexp(twt_interval_ms, &exponent); - /* Ceiling and conversion to milli seconds */ - twt_interval_float.mantissa = ceil(mantissa * 1000); - twt_interval_float.exponent = exponent; - - return twt_interval_float; -} - -static uint64_t nrf_wifi_twt_float_to_us(struct twt_interval_float twt_interval_float) -{ - /* Conversion to micro-seconds */ - return floor(ldexp(twt_interval_float.mantissa, twt_interval_float.exponent) / (1000)) * - 1000; -} - -static unsigned char twt_wifi_mgmt_to_rpu_neg_type(enum wifi_twt_negotiation_type neg_type) -{ - unsigned char rpu_neg_type = 0; - - switch (neg_type) { - case WIFI_TWT_INDIVIDUAL: - rpu_neg_type = NRF_WIFI_TWT_NEGOTIATION_TYPE_INDIVIDUAL; - break; - case WIFI_TWT_BROADCAST: - rpu_neg_type = NRF_WIFI_TWT_NEGOTIATION_TYPE_BROADCAST; - break; - default: - LOG_ERR("%s: Invalid negotiation type: %d", - __func__, neg_type); - break; - } - - return rpu_neg_type; -} - -static enum wifi_twt_negotiation_type twt_rpu_to_wifi_mgmt_neg_type(unsigned char neg_type) -{ - enum wifi_twt_negotiation_type wifi_neg_type = WIFI_TWT_INDIVIDUAL; - - switch (neg_type) { - case NRF_WIFI_TWT_NEGOTIATION_TYPE_INDIVIDUAL: - wifi_neg_type = WIFI_TWT_INDIVIDUAL; - break; - case NRF_WIFI_TWT_NEGOTIATION_TYPE_BROADCAST: - wifi_neg_type = WIFI_TWT_BROADCAST; - break; - default: - LOG_ERR("%s: Invalid negotiation type: %d", - __func__, neg_type); - break; - } - - return wifi_neg_type; -} - -/* Though setup_cmd enums have 1-1 mapping but due to data type different need these */ -static enum wifi_twt_setup_cmd twt_rpu_to_wifi_mgmt_setup_cmd(signed int setup_cmd) -{ - enum wifi_twt_setup_cmd wifi_setup_cmd = WIFI_TWT_SETUP_CMD_REQUEST; - - switch (setup_cmd) { - case NRF_WIFI_REQUEST_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_REQUEST; - break; - case NRF_WIFI_SUGGEST_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_SUGGEST; - break; - case NRF_WIFI_DEMAND_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_DEMAND; - break; - case NRF_WIFI_GROUPING_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_GROUPING; - break; - case NRF_WIFI_ACCEPT_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_ACCEPT; - break; - case NRF_WIFI_ALTERNATE_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_ALTERNATE; - break; - case NRF_WIFI_DICTATE_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_DICTATE; - break; - case NRF_WIFI_REJECT_TWT: - wifi_setup_cmd = WIFI_TWT_SETUP_CMD_REJECT; - break; - default: - LOG_ERR("%s: Invalid setup command: %d", - __func__, setup_cmd); - break; - } - - return wifi_setup_cmd; -} - -static signed int twt_wifi_mgmt_to_rpu_setup_cmd(enum wifi_twt_setup_cmd setup_cmd) -{ - signed int rpu_setup_cmd = NRF_WIFI_REQUEST_TWT; - - switch (setup_cmd) { - case WIFI_TWT_SETUP_CMD_REQUEST: - rpu_setup_cmd = NRF_WIFI_REQUEST_TWT; - break; - case WIFI_TWT_SETUP_CMD_SUGGEST: - rpu_setup_cmd = NRF_WIFI_SUGGEST_TWT; - break; - case WIFI_TWT_SETUP_CMD_DEMAND: - rpu_setup_cmd = NRF_WIFI_DEMAND_TWT; - break; - case WIFI_TWT_SETUP_CMD_GROUPING: - rpu_setup_cmd = NRF_WIFI_GROUPING_TWT; - break; - case WIFI_TWT_SETUP_CMD_ACCEPT: - rpu_setup_cmd = NRF_WIFI_ACCEPT_TWT; - break; - case WIFI_TWT_SETUP_CMD_ALTERNATE: - rpu_setup_cmd = NRF_WIFI_ALTERNATE_TWT; - break; - case WIFI_TWT_SETUP_CMD_DICTATE: - rpu_setup_cmd = NRF_WIFI_DICTATE_TWT; - break; - case WIFI_TWT_SETUP_CMD_REJECT: - rpu_setup_cmd = NRF_WIFI_REJECT_TWT; - break; - default: - LOG_ERR("%s: Invalid setup command: %d", - __func__, setup_cmd); - break; - } - - return rpu_setup_cmd; -} - -void nrf_wifi_event_proc_get_power_save_info(void *vif_ctx, - struct nrf_wifi_umac_event_power_save_info *ps_info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!vif_ctx || !ps_info) { - return; - } - - vif_ctx_zep = vif_ctx; - - vif_ctx_zep->ps_info->ps_params.mode = ps_info->ps_mode; - vif_ctx_zep->ps_info->ps_params.enabled = ps_info->enabled; - vif_ctx_zep->ps_info->num_twt_flows = ps_info->num_twt_flows; - vif_ctx_zep->ps_info->ps_params.timeout_ms = ps_info->ps_timeout; - vif_ctx_zep->ps_info->ps_params.listen_interval = ps_info->listen_interval; - vif_ctx_zep->ps_info->ps_params.wakeup_mode = ps_info->extended_ps; - - for (int i = 0; i < ps_info->num_twt_flows; i++) { - struct twt_interval_float twt_interval_float; - struct wifi_twt_flow_info *twt_zep = &vif_ctx_zep->ps_info->twt_flows[i]; - struct nrf_wifi_umac_config_twt_info *twt_rpu = &ps_info->twt_flow_info[i]; - - memset(twt_zep, 0, sizeof(struct wifi_twt_flow_info)); - - twt_zep->flow_id = twt_rpu->twt_flow_id; - twt_zep->implicit = twt_rpu->is_implicit ? 1 : 0; - twt_zep->trigger = twt_rpu->ap_trigger_frame ? 1 : 0; - twt_zep->announce = twt_rpu->twt_flow_type == NRF_WIFI_TWT_FLOW_TYPE_ANNOUNCED; - twt_zep->negotiation_type = twt_rpu_to_wifi_mgmt_neg_type(twt_rpu->neg_type); - twt_zep->dialog_token = twt_rpu->dialog_token; - twt_interval_float.mantissa = twt_rpu->twt_target_wake_interval_mantissa; - twt_interval_float.exponent = twt_rpu->twt_target_wake_interval_exponent; - twt_zep->twt_interval = nrf_wifi_twt_float_to_us(twt_interval_float); - twt_zep->twt_wake_interval = twt_rpu->nominal_min_twt_wake_duration; - } - - vif_ctx_zep->ps_config_info_evnt = true; -} - -static void nrf_wifi_twt_update_internal_state(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, - bool setup, unsigned char flow_id) -{ - if (setup) { - vif_ctx_zep->twt_flows_map |= BIT(flow_id); - vif_ctx_zep->twt_flow_in_progress_map &= ~BIT(flow_id); - } else { - vif_ctx_zep->twt_flows_map &= ~BIT(flow_id); - } -} - -int nrf_wifi_twt_teardown_flows(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, - unsigned char start_flow_id, unsigned char end_flow_id) -{ - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_config_twt_info twt_info = {0}; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = 0; - struct wifi_twt_params twt_params = {0}; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - for (int flow_id = start_flow_id; flow_id < end_flow_id; flow_id++) { - if (!(vif_ctx_zep->twt_flows_map & BIT(flow_id))) { - continue; - } - twt_info.twt_flow_id = flow_id; - status = nrf_wifi_fmac_twt_teardown(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &twt_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: TWT teardown for flow id %d failed", - __func__, flow_id); - ret = -1; - continue; - } - /* UMAC doesn't send TWT teardown event for host initiated teardown */ - nrf_wifi_twt_update_internal_state(vif_ctx_zep, false, flow_id); - /* TODO: Remove this once UMAC sends the status */ - twt_params.operation = WIFI_TWT_TEARDOWN; - twt_params.flow_id = flow_id; - twt_params.teardown_status = WIFI_TWT_TEARDOWN_SUCCESS; - wifi_mgmt_raise_twt_event(vif_ctx_zep->zep_net_if_ctx, &twt_params); - } - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_set_twt(const struct device *dev, - struct wifi_twt_params *twt_params) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_umac_config_twt_info twt_info = {0}; - int ret = -1; - - if (!dev || !twt_params) { - LOG_ERR("%s: dev or twt_params is NULL", __func__); - return ret; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - if (!(twt_params->operation == WIFI_TWT_TEARDOWN && twt_params->teardown.teardown_all) && - twt_params->flow_id >= WIFI_MAX_TWT_FLOWS) { - LOG_ERR("%s: Invalid flow id: %d", - __func__, twt_params->flow_id); - twt_params->fail_reason = WIFI_TWT_FAIL_INVALID_FLOW_ID; - goto out; - } - - switch (twt_params->operation) { - case WIFI_TWT_SETUP: - if (vif_ctx_zep->twt_flow_in_progress_map & BIT(twt_params->flow_id)) { - twt_params->fail_reason = WIFI_TWT_FAIL_OPERATION_IN_PROGRESS; - goto out; - } - - if (twt_params->setup_cmd == WIFI_TWT_SETUP_CMD_REQUEST) { - if (vif_ctx_zep->twt_flows_map & BIT(twt_params->flow_id)) { - twt_params->fail_reason = WIFI_TWT_FAIL_FLOW_ALREADY_EXISTS; - goto out; - } - } - - struct twt_interval_float twt_interval_float = - nrf_wifi_twt_us_to_float(twt_params->setup.twt_interval); - - twt_info.twt_flow_id = twt_params->flow_id; - twt_info.neg_type = twt_wifi_mgmt_to_rpu_neg_type(twt_params->negotiation_type); - twt_info.setup_cmd = twt_wifi_mgmt_to_rpu_setup_cmd(twt_params->setup_cmd); - twt_info.ap_trigger_frame = twt_params->setup.trigger; - twt_info.is_implicit = twt_params->setup.implicit; - if (twt_params->setup.announce) { - twt_info.twt_flow_type = NRF_WIFI_TWT_FLOW_TYPE_ANNOUNCED; - } else { - twt_info.twt_flow_type = NRF_WIFI_TWT_FLOW_TYPE_UNANNOUNCED; - } - - twt_info.nominal_min_twt_wake_duration = - twt_params->setup.twt_wake_interval; - twt_info.twt_target_wake_interval_mantissa = twt_interval_float.mantissa; - twt_info.twt_target_wake_interval_exponent = twt_interval_float.exponent; - - twt_info.dialog_token = twt_params->dialog_token; - twt_info.twt_wake_ahead_duration = twt_params->setup.twt_wake_ahead_duration; - - status = nrf_wifi_fmac_twt_setup(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &twt_info); - - break; - case WIFI_TWT_TEARDOWN: - unsigned char start_flow_id = 0; - unsigned char end_flow_id = WIFI_MAX_TWT_FLOWS; - - if (!twt_params->teardown.teardown_all) { - if (!(vif_ctx_zep->twt_flows_map & BIT(twt_params->flow_id))) { - twt_params->fail_reason = WIFI_TWT_FAIL_INVALID_FLOW_ID; - goto out; - } - start_flow_id = twt_params->flow_id; - end_flow_id = twt_params->flow_id + 1; - twt_info.twt_flow_id = twt_params->flow_id; - } - - status = nrf_wifi_twt_teardown_flows(vif_ctx_zep, - start_flow_id, - end_flow_id); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: TWT teardown failed: start_flow_id: %d, end_flow_id: %d", - __func__, start_flow_id, end_flow_id); - goto out; - } - break; - - default: - LOG_ERR("Unknown TWT operation"); - status = NRF_WIFI_STATUS_FAIL; - break; - } - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_set_twt failed", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -void nrf_wifi_event_proc_twt_setup_zep(void *vif_ctx, - struct nrf_wifi_umac_cmd_config_twt *twt_setup_info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct wifi_twt_params twt_params; - struct twt_interval_float twt_interval_float; - - if (!vif_ctx || !twt_setup_info) { - return; - } - - vif_ctx_zep = vif_ctx; - - twt_params.operation = WIFI_TWT_SETUP; - twt_params.flow_id = twt_setup_info->info.twt_flow_id; - twt_params.negotiation_type = twt_rpu_to_wifi_mgmt_neg_type(twt_setup_info->info.neg_type); - twt_params.setup_cmd = twt_rpu_to_wifi_mgmt_setup_cmd(twt_setup_info->info.setup_cmd); - twt_params.setup.trigger = twt_setup_info->info.ap_trigger_frame ? 1 : 0; - twt_params.setup.implicit = twt_setup_info->info.is_implicit ? 1 : 0; - twt_params.setup.announce = - twt_setup_info->info.twt_flow_type == NRF_WIFI_TWT_FLOW_TYPE_ANNOUNCED; - twt_params.setup.twt_wake_interval = - twt_setup_info->info.nominal_min_twt_wake_duration; - twt_interval_float.mantissa = twt_setup_info->info.twt_target_wake_interval_mantissa; - twt_interval_float.exponent = twt_setup_info->info.twt_target_wake_interval_exponent; - twt_params.setup.twt_interval = nrf_wifi_twt_float_to_us(twt_interval_float); - twt_params.dialog_token = twt_setup_info->info.dialog_token; - twt_params.resp_status = twt_setup_info->info.twt_resp_status; - - if ((twt_setup_info->info.twt_resp_status == 0) || - (twt_setup_info->info.neg_type == NRF_WIFI_ACCEPT_TWT)) { - nrf_wifi_twt_update_internal_state(vif_ctx_zep, true, twt_params.flow_id); - } - - wifi_mgmt_raise_twt_event(vif_ctx_zep->zep_net_if_ctx, &twt_params); -} - - -void nrf_wifi_event_proc_twt_teardown_zep(void *vif_ctx, - struct nrf_wifi_umac_cmd_teardown_twt *twt_teardown_info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct wifi_twt_params twt_params = {0}; - - if (!vif_ctx || !twt_teardown_info) { - return; - } - - vif_ctx_zep = vif_ctx; - - twt_params.operation = WIFI_TWT_TEARDOWN; - twt_params.flow_id = twt_teardown_info->info.twt_flow_id; - /* TODO: ADD reason code in the twt_params structure */ - nrf_wifi_twt_update_internal_state(vif_ctx_zep, false, twt_params.flow_id); - - wifi_mgmt_raise_twt_event(vif_ctx_zep->zep_net_if_ctx, &twt_params); -} - -void nrf_wifi_event_proc_twt_sleep_zep(void *vif_ctx, - struct nrf_wifi_umac_event_twt_sleep *sleep_evnt, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - struct nrf_wifi_fmac_priv_def *def_priv = NULL; -#ifdef CONFIG_NRF700X_DATA_TX - int desc = 0; - int ac = 0; -#endif - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - def_priv = wifi_fmac_priv(fmac_dev_ctx->fpriv); - - if (!sleep_evnt) { - LOG_ERR("%s: sleep_evnt is NULL", __func__); - return; - } - - switch (sleep_evnt->info.type) { - case TWT_BLOCK_TX: - nrf_wifi_osal_spinlock_take(def_dev_ctx->tx_config.tx_lock); - - def_dev_ctx->twt_sleep_status = NRF_WIFI_FMAC_TWT_STATE_SLEEP; - - wifi_mgmt_raise_twt_sleep_state(vif_ctx_zep->zep_net_if_ctx, - WIFI_TWT_STATE_SLEEP); - nrf_wifi_osal_spinlock_rel(def_dev_ctx->tx_config.tx_lock); - break; - case TWT_UNBLOCK_TX: - nrf_wifi_osal_spinlock_take(def_dev_ctx->tx_config.tx_lock); - def_dev_ctx->twt_sleep_status = NRF_WIFI_FMAC_TWT_STATE_AWAKE; - wifi_mgmt_raise_twt_sleep_state(vif_ctx_zep->zep_net_if_ctx, - WIFI_TWT_STATE_AWAKE); -#ifdef CONFIG_NRF700X_DATA_TX - for (ac = NRF_WIFI_FMAC_AC_BE; - ac <= NRF_WIFI_FMAC_AC_MAX; ++ac) { - desc = tx_desc_get(fmac_dev_ctx, ac); - if (desc < def_priv->num_tx_tokens) { - tx_pending_process(fmac_dev_ctx, desc, ac); - } - } -#endif - nrf_wifi_osal_spinlock_rel(def_dev_ctx->tx_config.tx_lock); - break; - default: - break; - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -} - -#ifdef CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES -int nrf_wifi_mode(const struct device *dev, - struct wifi_mode_info *mode) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - int ret = -1; - - if (!dev || !mode) { - LOG_ERR("%s: illegal input parameters", __func__); - return ret; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - - if (!device_is_ready(dev)) { - LOG_ERR("%s: Device %s is not ready", - __func__, dev->name); - goto out; - } - - if (mode->oper == WIFI_MGMT_SET) { - status = nrf_wifi_check_mode_validity(mode->mode); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: mode setting is not valid", __func__); - goto out; - } - - if (vif_ctx_zep->authorized && (mode->mode == NRF_WIFI_MONITOR_MODE)) { - LOG_ERR("%s: Cannot set monitor mode when station is connected", - __func__); - goto out; - } - - /** - * Send the driver vif_idx instead of upper layer sent if_index. - * we map network if_index 1 to vif_idx of 0 and so on. The vif_ctx_zep - * context maps the correct network interface index to current driver - * interface index. - */ - status = nrf_wifi_fmac_set_mode(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, mode->mode); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: mode set operation failed", __func__); - goto out; - } - - } else { - mode->mode = def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->mode; - /** - * This is a work-around to handle current UMAC mode handling. - * This might be removed in future versions when UMAC has more space. - */ -#ifdef CONFIG_NRF700X_RAW_DATA_TX - if (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->txinjection_mode == true) { - mode->mode ^= NRF_WIFI_TX_INJECTION_MODE; - } -#endif /* CONFIG_NRF700X_RAW_DATA_TX */ -#ifdef CONFIG_NRF700X_PROMISC_DATA_RX - if (def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->promisc_mode == true) { - mode->mode ^= NRF_WIFI_PROMISCUOUS_MODE; - } -#endif /* CONFIG_NRF700X_PROMISC_DATA_RX */ - } - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} -#endif /* CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES */ - -#if defined(CONFIG_NRF700X_RAW_DATA_TX) || defined(CONFIG_NRF700X_RAW_DATA_RX) -int nrf_wifi_channel(const struct device *dev, - struct wifi_channel_info *channel) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - int ret = -1; - - if (!dev || !channel) { - LOG_ERR("%s: illegal input parameters", __func__); - return ret; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - if (vif_ctx_zep->authorized) { - LOG_ERR("%s: Cannot change channel when in station connected mode", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - - if (channel->oper == WIFI_MGMT_SET) { - /** - * Send the driver vif_idx instead of upper layer sent if_index. - * we map network if_index 1 to vif_idx of 0 and so on. The vif_ctx_zep - * context maps the correct network interface index to current driver - * interface index. - */ - status = nrf_wifi_fmac_set_channel(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, - channel->channel); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: set channel failed", __func__); - goto out; - } - } else { - channel->channel = def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->channel; - } - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} -#endif /* CONFIG_NRF700X_RAW_DATA_TX || CONFIG_NRF700X_RAW_DATA_RX */ - -#if defined(CONFIG_NRF700X_RAW_DATA_RX) || defined(CONFIG_NRF700X_PROMISC_DATA_RX) -int nrf_wifi_filter(const struct device *dev, - struct wifi_filter_info *filter) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - int ret = -1; - - if (!dev || !filter) { - LOG_ERR("%s: Illegal input parameters", __func__); - goto out; - } - - vif_ctx_zep = dev->data; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL\n", __func__); - goto out; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - - if (filter->oper == WIFI_MGMT_SET) { - /** - * In case a user sets data + management + ctrl bits - * or all the filter bits. Map it to bit 0 set to - * enable "all" packet filter bit setting. - * In case only filter packet size is configured and filter - * setting is sent as zero, set the filter value to - * previously configured value. - */ - if (filter->filter == WIFI_MGMT_DATA_CTRL_FILTER_SETTING - || filter->filter == WIFI_ALL_FILTER_SETTING) { - filter->filter = 1; - } else if (filter->filter == 0) { - filter->filter = - def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->packet_filter; - } - - /** - * Send the driver vif_idx instead of upper layer sent if_index. - * we map network if_index 1 to vif_idx of 0 and so on. The vif_ctx_zep - * context maps the correct network interface index to current driver - * interface index - */ - status = nrf_wifi_fmac_set_packet_filter(rpu_ctx_zep->rpu_ctx, filter->filter, - vif_ctx_zep->vif_idx, filter->buffer_size); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Set filter operation failed\n", __func__); - goto out; - } - } else { - filter->filter = def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->packet_filter; - } - ret = 0; -out: - return ret; -} -#endif /* CONFIG_NRF700X_RAW_DATA_RX || CONFIG_NRF700X_PROMISC_DATA_RX */ - -int nrf_wifi_set_rts_threshold(const struct device *dev, - unsigned int rts_threshold) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_umac_set_wiphy_info wiphy_info; - int ret = -1; - - if (!dev) { - LOG_ERR("%s: dev is NULL", __func__); - return ret; - } - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - - if (!rpu_ctx_zep->rpu_ctx) { - LOG_ERR("%s: RPU context not initialized", __func__); - return ret; - } - - if ((int)rts_threshold < -1) { - /* 0 or any positive value is passed to f/w. - * For RTS off, -1 is passed to f/w. - * All other negative values considered as invalid. - */ - LOG_ERR("%s: Invalid threshold value : %d", __func__, (int)rts_threshold); - return ret; - } - - memset(&wiphy_info, 0, sizeof(struct nrf_wifi_umac_set_wiphy_info)); - - wiphy_info.rts_threshold = (int)rts_threshold; - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - - status = nrf_wifi_fmac_set_wiphy_params(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &wiphy_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Configuring rts threshold failed\n", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - - return ret; -} diff --git a/drivers/wifi/nrf700x/src/wifi_mgmt_scan.c b/drivers/wifi/nrf700x/src/wifi_mgmt_scan.c deleted file mode 100644 index d1d83aa026aa..000000000000 --- a/drivers/wifi/nrf700x/src/wifi_mgmt_scan.c +++ /dev/null @@ -1,440 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing display scan specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include - -#include -#include - -#include "util.h" -#include "fmac_api.h" -#include "fmac_tx.h" -#include "fmac_main.h" -#include "wifi_mgmt_scan.h" - -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -extern struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; - -static enum nrf_wifi_band nrf_wifi_map_zep_band_to_rpu(enum wifi_frequency_bands zep_band) -{ - switch (zep_band) { - case WIFI_FREQ_BAND_2_4_GHZ: - return NRF_WIFI_BAND_2GHZ; - case WIFI_FREQ_BAND_5_GHZ: - return NRF_WIFI_BAND_5GHZ; - default: - return NRF_WIFI_BAND_INVALID; - } -} - -int nrf_wifi_disp_scan_zep(const struct device *dev, struct wifi_scan_params *params, - scan_result_cb_t cb) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_umac_scan_info *scan_info = NULL; - enum nrf_wifi_band band = NRF_WIFI_BAND_INVALID; - uint8_t band_flags = 0xFF; - uint8_t i = 0; - uint8_t j = 0; - uint8_t k = 0; - uint16_t num_scan_channels = 0; - int ret = -1; - - vif_ctx_zep = dev->data; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return ret; - } - - if (vif_ctx_zep->if_op_state != NRF_WIFI_FMAC_IF_OP_STATE_UP) { - LOG_ERR("%s: Interface not UP", __func__); - return ret; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - - if (vif_ctx_zep->scan_in_progress) { - LOG_INF("%s: Scan already in progress", __func__); - ret = -EBUSY; - goto out; - } - - if (params) { - band_flags &= (~(1 << WIFI_FREQ_BAND_2_4_GHZ)); - -#ifndef CONFIG_NRF70_2_4G_ONLY - band_flags &= (~(1 << WIFI_FREQ_BAND_5_GHZ)); -#endif /* CONFIG_NRF70_2_4G_ONLY */ - - if (params->bands & band_flags) { - LOG_ERR("%s: Unsupported band(s) (0x%X)", __func__, params->bands); - ret = -EBUSY; - goto out; - } - - for (j = 0; j < CONFIG_WIFI_MGMT_SCAN_CHAN_MAX_MANUAL; j++) { - if (!params->band_chan[j].channel) { - break; - } - - num_scan_channels++; - } - } - - vif_ctx_zep->disp_scan_cb = cb; - - scan_info = k_calloc(sizeof(*scan_info) + - (num_scan_channels * - sizeof(scan_info->scan_params.center_frequency[0])), - sizeof(char)); - - if (!scan_info) { - LOG_ERR("%s: Unable to allocate memory for scan_info (size: %d bytes)", - __func__, - sizeof(*scan_info) + (num_scan_channels * - sizeof(scan_info->scan_params.center_frequency[0]))); - goto out; - } - - memset(scan_info, 0, sizeof(*scan_info) + (num_scan_channels * - sizeof(scan_info->scan_params.center_frequency[0]))); - - static uint8_t skip_local_admin_mac = IS_ENABLED(CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC); - - scan_info->scan_params.skip_local_admin_macs = skip_local_admin_mac; - - scan_info->scan_reason = SCAN_DISPLAY; - - if (params) { - if (params->scan_type == WIFI_SCAN_TYPE_PASSIVE) { - scan_info->scan_params.passive_scan = 1; - } - - scan_info->scan_params.bands = params->bands; - - if (params->dwell_time_active < 0) { - LOG_ERR("%s: Invalid dwell_time_active %d", __func__, - params->dwell_time_active); - goto out; - } else { - scan_info->scan_params.dwell_time_active = params->dwell_time_active; - } - - if (params->dwell_time_passive < 0) { - LOG_ERR("%s: Invalid dwell_time_passive %d", __func__, - params->dwell_time_passive); - goto out; - } else { - scan_info->scan_params.dwell_time_passive = params->dwell_time_passive; - } - - if ((params->max_bss_cnt < 0) || - (params->max_bss_cnt > WIFI_MGMT_SCAN_MAX_BSS_CNT)) { - LOG_ERR("%s: Invalid max_bss_cnt %d", __func__, - params->max_bss_cnt); - goto out; - } else { - vif_ctx_zep->max_bss_cnt = params->max_bss_cnt; - } - - for (i = 0; i < NRF_WIFI_SCAN_MAX_NUM_SSIDS; i++) { - if (!(params->ssids[i]) || !strlen(params->ssids[i])) { - break; - } - - memcpy(scan_info->scan_params.scan_ssids[i].nrf_wifi_ssid, - params->ssids[i], - sizeof(scan_info->scan_params.scan_ssids[i].nrf_wifi_ssid)); - - scan_info->scan_params.scan_ssids[i].nrf_wifi_ssid_len = - strlen(scan_info->scan_params.scan_ssids[i].nrf_wifi_ssid); - - scan_info->scan_params.num_scan_ssids++; - } - - for (i = 0; i < CONFIG_WIFI_MGMT_SCAN_CHAN_MAX_MANUAL; i++) { - if (!params->band_chan[i].channel) { - break; - } - - band = nrf_wifi_map_zep_band_to_rpu(params->band_chan[i].band); - - if (band == NRF_WIFI_BAND_INVALID) { - LOG_ERR("%s: Unsupported band %d", __func__, - params->band_chan[i].band); - goto out; - } - - scan_info->scan_params.center_frequency[k++] = nrf_wifi_utils_chan_to_freq( - band, params->band_chan[i].channel); - - if (scan_info->scan_params.center_frequency[k - 1] == -1) { - LOG_ERR("%s: Invalid channel %d", __func__, - params->band_chan[i].channel); - goto out; - } - } - - scan_info->scan_params.num_scan_channels = k; - } - - vif_ctx_zep->scan_res_cnt = 0; - - status = nrf_wifi_fmac_scan(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, scan_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_scan failed", __func__); - goto out; - } - - vif_ctx_zep->scan_type = SCAN_DISPLAY; - vif_ctx_zep->scan_in_progress = true; - - k_work_schedule(&vif_ctx_zep->scan_timeout_work, - K_SECONDS(CONFIG_WIFI_NRF700X_SCAN_TIMEOUT_S)); - - ret = 0; -out: - if (scan_info) { - k_free(scan_info); - } - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -enum nrf_wifi_status nrf_wifi_disp_scan_res_get_zep(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return NRF_WIFI_STATUS_FAIL; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - status = nrf_wifi_fmac_scan_res_get(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - SCAN_DISPLAY); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_scan failed", __func__); - goto out; - } - - status = NRF_WIFI_STATUS_SUCCESS; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return status; -} - -static inline enum wifi_mfp_options drv_to_wifi_mgmt_mfp(unsigned char mfp_flag) -{ - if (!mfp_flag) - return WIFI_MFP_DISABLE; - if (mfp_flag & NRF_WIFI_MFP_REQUIRED) - return WIFI_MFP_REQUIRED; - if (mfp_flag & NRF_WIFI_MFP_CAPABLE) - return WIFI_MFP_OPTIONAL; - - return WIFI_MFP_UNKNOWN; -} -static inline enum wifi_security_type drv_to_wifi_mgmt(int drv_security_type) -{ - switch (drv_security_type) { - case NRF_WIFI_OPEN: - return WIFI_SECURITY_TYPE_NONE; - case NRF_WIFI_WEP: - return WIFI_SECURITY_TYPE_WEP; - case NRF_WIFI_WPA: - return WIFI_SECURITY_TYPE_WPA_PSK; - case NRF_WIFI_WPA2: - return WIFI_SECURITY_TYPE_PSK; - case NRF_WIFI_WPA2_256: - return WIFI_SECURITY_TYPE_PSK_SHA256; - case NRF_WIFI_WPA3: - return WIFI_SECURITY_TYPE_SAE; - case NRF_WIFI_WAPI: - return WIFI_SECURITY_TYPE_WAPI; - case NRF_WIFI_EAP: - return WIFI_SECURITY_TYPE_EAP; - default: - return WIFI_SECURITY_TYPE_UNKNOWN; - } -} - -void nrf_wifi_event_proc_disp_scan_res_zep(void *vif_ctx, - struct nrf_wifi_umac_event_new_scan_display_results *scan_res, - unsigned int event_len, - bool more_res) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct umac_display_results *r = NULL; - struct wifi_scan_result res; - uint16_t max_bss_cnt = 0; - unsigned int i = 0; - scan_result_cb_t cb = NULL; - - vif_ctx_zep = vif_ctx; - - cb = (scan_result_cb_t)vif_ctx_zep->disp_scan_cb; - - /* Delayed event (after scan timeout) or rogue event after scan done */ - if (!cb) { - return; - } - - max_bss_cnt = vif_ctx_zep->max_bss_cnt ? - vif_ctx_zep->max_bss_cnt : CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT; - - for (i = 0; i < scan_res->event_bss_count; i++) { - /* Limit the scan results to the configured maximum */ - if ((max_bss_cnt > 0) && - (vif_ctx_zep->scan_res_cnt >= max_bss_cnt)) { - break; - } - - memset(&res, 0x0, sizeof(res)); - - r = &scan_res->display_results[i]; - - res.ssid_length = MIN(sizeof(res.ssid), r->ssid.nrf_wifi_ssid_len); - - res.band = r->nwk_band; - - res.channel = r->nwk_channel; - - res.security = drv_to_wifi_mgmt(r->security_type); - - res.mfp = drv_to_wifi_mgmt_mfp(r->mfp_flag); - - memcpy(res.ssid, - r->ssid.nrf_wifi_ssid, - res.ssid_length); - - memcpy(res.mac, r->mac_addr, NRF_WIFI_ETH_ADDR_LEN); - res.mac_length = NRF_WIFI_ETH_ADDR_LEN; - - if (r->signal.signal_type == NRF_WIFI_SIGNAL_TYPE_MBM) { - int val = (r->signal.signal.mbm_signal); - - res.rssi = (val / 100); - } else if (r->signal.signal_type == NRF_WIFI_SIGNAL_TYPE_UNSPEC) { - res.rssi = (r->signal.signal.unspec_signal); - } - - vif_ctx_zep->disp_scan_cb(vif_ctx_zep->zep_net_if_ctx, - 0, - &res); - - vif_ctx_zep->scan_res_cnt++; - - /* NET_MGMT dropping events if too many are queued */ - k_yield(); - } - - if (more_res == false) { - vif_ctx_zep->disp_scan_cb(vif_ctx_zep->zep_net_if_ctx, 0, NULL); - vif_ctx_zep->scan_in_progress = false; - vif_ctx_zep->disp_scan_cb = NULL; - k_work_cancel_delayable(&vif_ctx_zep->scan_timeout_work); - } -} - - -#ifdef CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS -void nrf_wifi_rx_bcn_prb_resp_frm(void *vif_ctx, - void *nwb, - unsigned short frequency, - signed short signal) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = vif_ctx; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct wifi_raw_scan_result bcn_prb_resp_info; - int frame_length = 0; - int val = signal; - - vif_ctx_zep = vif_ctx; - - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return; - } - - if (!vif_ctx_zep->scan_in_progress) { - /*LOG_INF("%s: Scan not in progress : raw scan data not available", __func__);*/ - return; - } - - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - frame_length = nrf_wifi_osal_nbuf_data_size(nwb); - - if (frame_length > CONFIG_WIFI_MGMT_RAW_SCAN_RESULT_LENGTH) { - nrf_wifi_osal_mem_cpy(&bcn_prb_resp_info.data, - nrf_wifi_osal_nbuf_data_get(nwb), - CONFIG_WIFI_MGMT_RAW_SCAN_RESULT_LENGTH); - - } else { - nrf_wifi_osal_mem_cpy(&bcn_prb_resp_info.data, - nrf_wifi_osal_nbuf_data_get(nwb), - frame_length); - } - - bcn_prb_resp_info.rssi = MBM_TO_DBM(val); - bcn_prb_resp_info.frequency = frequency; - bcn_prb_resp_info.frame_length = frame_length; - - wifi_mgmt_raise_raw_scan_result_event(vif_ctx_zep->zep_net_if_ctx, - &bcn_prb_resp_info); - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -} -#endif /* CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS */ diff --git a/drivers/wifi/nrf700x/src/wifi_util.c b/drivers/wifi/nrf700x/src/wifi_util.c deleted file mode 100644 index 2dae706695b8..000000000000 --- a/drivers/wifi/nrf700x/src/wifi_util.c +++ /dev/null @@ -1,1005 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* @file - * @brief NRF Wi-Fi util shell module - */ -#include -#include "host_rpu_umac_if.h" -#include "fmac_api.h" -#include "fmac_util.h" -#include "fmac_main.h" -#include "wifi_util.h" - -extern struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; -struct nrf_wifi_ctx_zep *ctx = &rpu_drv_priv_zep.rpu_ctx_zep; - -static bool check_valid_data_rate(const struct shell *shell, - unsigned char rate_flag, - unsigned int data_rate) -{ - bool ret = false; - - switch (rate_flag) { - case RPU_TPUT_MODE_LEGACY: - if ((data_rate == 1) || - (data_rate == 2) || - (data_rate == 55) || - (data_rate == 11) || - (data_rate == 6) || - (data_rate == 9) || - (data_rate == 12) || - (data_rate == 18) || - (data_rate == 24) || - (data_rate == 36) || - (data_rate == 48) || - (data_rate == 54)) { - ret = true; - } - break; - case RPU_TPUT_MODE_HT: - case RPU_TPUT_MODE_HE_SU: - case RPU_TPUT_MODE_VHT: - if ((data_rate >= 0) && (data_rate <= 7)) { - ret = true; - } - break; - case RPU_TPUT_MODE_HE_ER_SU: - if (data_rate >= 0 && data_rate <= 2) { - ret = true; - } - break; - default: - shell_fprintf(shell, - SHELL_ERROR, - "%s: Invalid rate_flag %d\n", - __func__, - rate_flag); - break; - } - - return ret; -} - - -int nrf_wifi_util_conf_init(struct rpu_conf_params *conf_params) -{ - if (!conf_params) { - return -ENOEXEC; - } - - memset(conf_params, 0, sizeof(*conf_params)); - - /* Initialize values which are other than 0 */ - conf_params->he_ltf = -1; - conf_params->he_gi = -1; - return 0; -} - - -static int nrf_wifi_util_set_he_ltf(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - char *ptr = NULL; - unsigned long he_ltf = 0; - - if (ctx->conf_params.set_he_ltf_gi) { - shell_fprintf(shell, - SHELL_ERROR, - "Disable 'set_he_ltf_gi', to set 'he_ltf'\n"); - return -ENOEXEC; - } - - he_ltf = strtoul(argv[1], &ptr, 10); - - if (he_ltf > 2) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid HE LTF value(%lu).\n", - he_ltf); - shell_help(shell); - return -ENOEXEC; - } - - ctx->conf_params.he_ltf = he_ltf; - - return 0; -} - - -static int nrf_wifi_util_set_he_gi(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - char *ptr = NULL; - unsigned long he_gi = 0; - - if (ctx->conf_params.set_he_ltf_gi) { - shell_fprintf(shell, - SHELL_ERROR, - "Disable 'set_he_ltf_gi', to set 'he_gi'\n"); - return -ENOEXEC; - } - - he_gi = strtoul(argv[1], &ptr, 10); - - if (he_gi > 2) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid HE GI value(%lu).\n", - he_gi); - shell_help(shell); - return -ENOEXEC; - } - - ctx->conf_params.he_gi = he_gi; - - return 0; -} - - -static int nrf_wifi_util_set_he_ltf_gi(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - char *ptr = NULL; - unsigned long val = 0; - - val = strtoul(argv[1], &ptr, 10); - - if ((val < 0) || (val > 1)) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid value(%lu).\n", - val); - shell_help(shell); - return -ENOEXEC; - } - - status = nrf_wifi_fmac_conf_ltf_gi(ctx->rpu_ctx, - ctx->conf_params.he_ltf, - ctx->conf_params.he_gi, - val); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_ERROR, - "Programming ltf_gi failed\n"); - return -ENOEXEC; - } - - ctx->conf_params.set_he_ltf_gi = val; - - return 0; -} - -#ifdef CONFIG_NRF700X_STA_MODE -static int nrf_wifi_util_set_uapsd_queue(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - char *ptr = NULL; - unsigned long val = 0; - - val = strtoul(argv[1], &ptr, 10); - - if ((val < UAPSD_Q_MIN) || (val > UAPSD_Q_MAX)) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid value(%lu).\n", - val); - shell_help(shell); - return -ENOEXEC; - } - - if (ctx->conf_params.uapsd_queue != val) { - status = nrf_wifi_fmac_set_uapsd_queue(ctx->rpu_ctx, - 0, - val); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_ERROR, - "Programming uapsd_queue failed\n"); - return -ENOEXEC; - } - - ctx->conf_params.uapsd_queue = val; - } - - return 0; -} -#endif /* CONFIG_NRF700X_STA_MODE */ - - -static int nrf_wifi_util_show_cfg(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - struct rpu_conf_params *conf_params = NULL; - - conf_params = &ctx->conf_params; - - shell_fprintf(shell, - SHELL_INFO, - "************* Configured Parameters ***********\n"); - shell_fprintf(shell, - SHELL_INFO, - "\n"); - - shell_fprintf(shell, - SHELL_INFO, - "he_ltf = %d\n", - conf_params->he_ltf); - - shell_fprintf(shell, - SHELL_INFO, - "he_gi = %u\n", - conf_params->he_gi); - - shell_fprintf(shell, - SHELL_INFO, - "set_he_ltf_gi = %d\n", - conf_params->set_he_ltf_gi); - - shell_fprintf(shell, - SHELL_INFO, - "uapsd_queue = %d\n", - conf_params->uapsd_queue); - - shell_fprintf(shell, - SHELL_INFO, - "rate_flag = %d, rate_val = %d\n", - ctx->conf_params.tx_pkt_tput_mode, - ctx->conf_params.tx_pkt_rate); - return 0; -} - -#ifdef CONFIG_NRF700X_STA_MODE -static int nrf_wifi_util_tx_stats(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - int vif_index = -1; - int peer_index = 0; - int max_vif_index = MAX(MAX_NUM_APS, MAX_NUM_STAS); - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - void *queue = NULL; - unsigned int tx_pending_pkts = 0; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - - vif_index = atoi(argv[1]); - if ((vif_index < 0) || (vif_index >= max_vif_index)) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid vif index(%d).\n", - vif_index); - shell_help(shell); - return -ENOEXEC; - } - - fmac_dev_ctx = ctx->rpu_ctx; - def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); - - /* TODO: Get peer_index from shell once AP mode is supported */ - shell_fprintf(shell, - SHELL_INFO, - "************* Tx Stats: vif(%d) peer(0) ***********\n", - vif_index); - - for (int i = 0; i < NRF_WIFI_FMAC_AC_MAX ; i++) { - queue = def_dev_ctx->tx_config.data_pending_txq[peer_index][i]; - tx_pending_pkts = nrf_wifi_utils_q_len(queue); - - shell_fprintf( - shell, - SHELL_INFO, - "Outstanding tokens: ac: %d -> %d (pending_q_len: %d)\n", - i, - def_dev_ctx->tx_config.outstanding_descs[i], - tx_pending_pkts); - } - - return 0; -} -#endif /* CONFIG_NRF700X_STA_MODE */ - - -static int nrf_wifi_util_tx_rate(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - char *ptr = NULL; - long rate_flag = -1; - long data_rate = -1; - - rate_flag = strtol(argv[1], &ptr, 10); - - if (rate_flag >= RPU_TPUT_MODE_MAX) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid value %ld for rate_flags\n", - rate_flag); - shell_help(shell); - return -ENOEXEC; - } - - - if (rate_flag == RPU_TPUT_MODE_HE_TB) { - data_rate = -1; - } else { - if (argc < 3) { - shell_fprintf(shell, - SHELL_ERROR, - "rate_val needed for rate_flag = %ld\n", - rate_flag); - shell_help(shell); - return -ENOEXEC; - } - - data_rate = strtol(argv[2], &ptr, 10); - - if (!(check_valid_data_rate(shell, - rate_flag, - data_rate))) { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid data_rate %ld for rate_flag %ld\n", - data_rate, - rate_flag); - return -ENOEXEC; - } - - } - - status = nrf_wifi_fmac_set_tx_rate(ctx->rpu_ctx, - rate_flag, - data_rate); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_ERROR, - "Programming tx_rate failed\n"); - return -ENOEXEC; - } - - ctx->conf_params.tx_pkt_tput_mode = rate_flag; - ctx->conf_params.tx_pkt_rate = data_rate; - - return 0; -} - - -#ifdef CONFIG_NRF_WIFI_LOW_POWER -static int nrf_wifi_util_show_host_rpu_ps_ctrl_state(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int rpu_ps_state = -1; - - status = nrf_wifi_fmac_get_host_rpu_ps_ctrl_state(ctx->rpu_ctx, - &rpu_ps_state); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_ERROR, - "Failed to get PS state\n"); - return -ENOEXEC; - } - - shell_fprintf(shell, - SHELL_INFO, - "RPU sleep status = %s\n", rpu_ps_state ? "AWAKE" : "SLEEP"); - return 0; -} -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - - -static int nrf_wifi_util_show_vers(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - unsigned int fw_ver; - - fmac_dev_ctx = ctx->rpu_ctx; - - shell_fprintf(shell, SHELL_INFO, "Driver version: %s\n", - NRF700X_DRIVER_VERSION); - - status = nrf_wifi_fmac_ver_get(fmac_dev_ctx, &fw_ver); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_INFO, - "Failed to get firmware version\n"); - return -ENOEXEC; - } - - shell_fprintf(shell, SHELL_INFO, - "Firmware version: %d.%d.%d.%d\n", - NRF_WIFI_UMAC_VER(fw_ver), - NRF_WIFI_UMAC_VER_MAJ(fw_ver), - NRF_WIFI_UMAC_VER_MIN(fw_ver), - NRF_WIFI_UMAC_VER_EXTRA(fw_ver)); - - return status; -} - -#ifndef CONFIG_NRF700X_RADIO_TEST -static int nrf_wifi_util_dump_rpu_stats(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - struct rpu_op_stats stats; - enum rpu_stats_type stats_type = RPU_STATS_TYPE_ALL; - - if (argc == 2) { - const char *type = argv[1]; - - if (!strcmp(type, "umac")) { - stats_type = RPU_STATS_TYPE_UMAC; - } else if (!strcmp(type, "lmac")) { - stats_type = RPU_STATS_TYPE_LMAC; - } else if (!strcmp(type, "phy")) { - stats_type = RPU_STATS_TYPE_PHY; - } else if (!strcmp(type, "all")) { - stats_type = RPU_STATS_TYPE_ALL; - } else { - shell_fprintf(shell, - SHELL_ERROR, - "Invalid stats type %s\n", - type); - return -ENOEXEC; - } - } - - fmac_dev_ctx = ctx->rpu_ctx; - - memset(&stats, 0, sizeof(struct rpu_op_stats)); - status = nrf_wifi_fmac_stats_get(fmac_dev_ctx, 0, &stats); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_ERROR, - "Failed to get stats\n"); - return -ENOEXEC; - } - - if (stats_type == RPU_STATS_TYPE_UMAC || stats_type == RPU_STATS_TYPE_ALL) { - struct rpu_umac_stats *umac = &stats.fw.umac; - - shell_fprintf(shell, SHELL_INFO, - "UMAC TX debug stats:\n" - "======================\n" - "tx_cmd: %u\n" - "tx_non_coalesce_pkts_rcvd_from_host: %u\n" - "tx_coalesce_pkts_rcvd_from_host: %u\n" - "tx_max_coalesce_pkts_rcvd_from_host: %u\n" - "tx_cmds_max_used: %u\n" - "tx_cmds_currently_in_use: %u\n" - "tx_done_events_send_to_host: %u\n" - "tx_done_success_pkts_to_host: %u\n" - "tx_done_failure_pkts_to_host: %u\n" - "tx_cmds_with_crypto_pkts_rcvd_from_host: %u\n" - "tx_cmds_with_non_crypto_pkts_rcvd_from_host: %u\n" - "tx_cmds_with_broadcast_pkts_rcvd_from_host: %u\n" - "tx_cmds_with_multicast_pkts_rcvd_from_host: %u\n" - "tx_cmds_with_unicast_pkts_rcvd_from_host: %u\n" - "xmit: %u\n" - "send_addba_req: %u\n" - "addba_resp: %u\n" - "softmac_tx: %u\n" - "internal_pkts: %u\n" - "external_pkts: %u\n" - "tx_cmds_to_lmac: %u\n" - "tx_dones_from_lmac: %u\n" - "total_cmds_to_lmac: %u\n" - "tx_packet_data_count: %u\n" - "tx_packet_mgmt_count: %u\n" - "tx_packet_beacon_count: %u\n" - "tx_packet_probe_req_count: %u\n" - "tx_packet_auth_count: %u\n" - "tx_packet_deauth_count: %u\n" - "tx_packet_assoc_req_count: %u\n" - "tx_packet_disassoc_count: %u\n" - "tx_packet_action_count: %u\n" - "tx_packet_other_mgmt_count: %u\n" - "tx_packet_non_mgmt_data_count: %u\n\n", - umac->tx_dbg_params.tx_cmd, - umac->tx_dbg_params.tx_non_coalesce_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_coalesce_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_max_coalesce_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_cmds_max_used, - umac->tx_dbg_params.tx_cmds_currently_in_use, - umac->tx_dbg_params.tx_done_events_send_to_host, - umac->tx_dbg_params.tx_done_success_pkts_to_host, - umac->tx_dbg_params.tx_done_failure_pkts_to_host, - umac->tx_dbg_params.tx_cmds_with_crypto_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_cmds_with_non_crypto_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_cmds_with_broadcast_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_cmds_with_multicast_pkts_rcvd_from_host, - umac->tx_dbg_params.tx_cmds_with_unicast_pkts_rcvd_from_host, - umac->tx_dbg_params.xmit, - umac->tx_dbg_params.send_addba_req, - umac->tx_dbg_params.addba_resp, - umac->tx_dbg_params.softmac_tx, - umac->tx_dbg_params.internal_pkts, - umac->tx_dbg_params.external_pkts, - umac->tx_dbg_params.tx_cmds_to_lmac, - umac->tx_dbg_params.tx_dones_from_lmac, - umac->tx_dbg_params.total_cmds_to_lmac, - umac->tx_dbg_params.tx_packet_data_count, - umac->tx_dbg_params.tx_packet_mgmt_count, - umac->tx_dbg_params.tx_packet_beacon_count, - umac->tx_dbg_params.tx_packet_probe_req_count, - umac->tx_dbg_params.tx_packet_auth_count, - umac->tx_dbg_params.tx_packet_deauth_count, - umac->tx_dbg_params.tx_packet_assoc_req_count, - umac->tx_dbg_params.tx_packet_disassoc_count, - umac->tx_dbg_params.tx_packet_action_count, - umac->tx_dbg_params.tx_packet_other_mgmt_count, - umac->tx_dbg_params.tx_packet_non_mgmt_data_count); - - shell_fprintf(shell, SHELL_INFO, - "UMAC RX debug stats\n" - "======================\n" - "lmac_events: %u\n" - "rx_events: %u\n" - "rx_coalesce_events: %u\n" - "total_rx_pkts_from_lmac: %u\n" - "max_refill_gap: %u\n" - "current_refill_gap: %u\n" - "out_of_order_mpdus: %u\n" - "reorder_free_mpdus: %u\n" - "umac_consumed_pkts: %u\n" - "host_consumed_pkts: %u\n" - "rx_mbox_post: %u\n" - "rx_mbox_receive: %u\n" - "reordering_ampdu: %u\n" - "timer_mbox_post: %u\n" - "timer_mbox_rcv: %u\n" - "work_mbox_post: %u\n" - "work_mbox_rcv: %u\n" - "tasklet_mbox_post: %u\n" - "tasklet_mbox_rcv: %u\n" - "userspace_offload_frames: %u\n" - "alloc_buf_fail: %u\n" - "rx_packet_total_count: %u\n" - "rx_packet_data_count: %u\n" - "rx_packet_qos_data_count: %u\n" - "rx_packet_protected_data_count: %u\n" - "rx_packet_mgmt_count: %u\n" - "rx_packet_beacon_count: %u\n" - "rx_packet_probe_resp_count: %u\n" - "rx_packet_auth_count: %u\n" - "rx_packet_deauth_count: %u\n" - "rx_packet_assoc_resp_count: %u\n" - "rx_packet_disassoc_count: %u\n" - "rx_packet_action_count: %u\n" - "rx_packet_probe_req_count: %u\n" - "rx_packet_other_mgmt_count: %u\n" - "max_coalesce_pkts: %d\n" - "null_skb_pointer_from_lmac: %u\n" - "unexpected_mgmt_pkt: %u\n\n", - umac->rx_dbg_params.lmac_events, - umac->rx_dbg_params.rx_events, - umac->rx_dbg_params.rx_coalesce_events, - umac->rx_dbg_params.total_rx_pkts_from_lmac, - umac->rx_dbg_params.max_refill_gap, - umac->rx_dbg_params.current_refill_gap, - umac->rx_dbg_params.out_of_order_mpdus, - umac->rx_dbg_params.reorder_free_mpdus, - umac->rx_dbg_params.umac_consumed_pkts, - umac->rx_dbg_params.host_consumed_pkts, - umac->rx_dbg_params.rx_mbox_post, - umac->rx_dbg_params.rx_mbox_receive, - umac->rx_dbg_params.reordering_ampdu, - umac->rx_dbg_params.timer_mbox_post, - umac->rx_dbg_params.timer_mbox_rcv, - umac->rx_dbg_params.work_mbox_post, - umac->rx_dbg_params.work_mbox_rcv, - umac->rx_dbg_params.tasklet_mbox_post, - umac->rx_dbg_params.tasklet_mbox_rcv, - umac->rx_dbg_params.userspace_offload_frames, - umac->rx_dbg_params.alloc_buf_fail, - umac->rx_dbg_params.rx_packet_total_count, - umac->rx_dbg_params.rx_packet_data_count, - umac->rx_dbg_params.rx_packet_qos_data_count, - umac->rx_dbg_params.rx_packet_protected_data_count, - umac->rx_dbg_params.rx_packet_mgmt_count, - umac->rx_dbg_params.rx_packet_beacon_count, - umac->rx_dbg_params.rx_packet_probe_resp_count, - umac->rx_dbg_params.rx_packet_auth_count, - umac->rx_dbg_params.rx_packet_deauth_count, - umac->rx_dbg_params.rx_packet_assoc_resp_count, - umac->rx_dbg_params.rx_packet_disassoc_count, - umac->rx_dbg_params.rx_packet_action_count, - umac->rx_dbg_params.rx_packet_probe_req_count, - umac->rx_dbg_params.rx_packet_other_mgmt_count, - umac->rx_dbg_params.max_coalesce_pkts, - umac->rx_dbg_params.null_skb_pointer_from_lmac, - umac->rx_dbg_params.unexpected_mgmt_pkt); - - shell_fprintf(shell, SHELL_INFO, - "UMAC control path stats\n" - "======================\n" - "cmd_init: %u\n" - "event_init_done: %u\n" - "cmd_rf_test: %u\n" - "cmd_connect: %u\n" - "cmd_get_stats: %u\n" - "event_ps_state: %u\n" - "cmd_set_reg: %u\n" - "cmd_get_reg: %u\n" - "cmd_req_set_reg: %u\n" - "cmd_trigger_scan: %u\n" - "event_scan_done: %u\n" - "cmd_get_scan: %u\n" - "umac_scan_req: %u\n" - "umac_scan_complete: %u\n" - "umac_scan_busy: %u\n" - "cmd_auth: %u\n" - "cmd_assoc: %u\n" - "cmd_deauth: %u\n" - "cmd_register_frame: %u\n" - "cmd_frame: %u\n" - "cmd_del_key: %u\n" - "cmd_new_key: %u\n" - "cmd_set_key: %u\n" - "cmd_get_key: %u\n" - "event_beacon_hint: %u\n" - "event_reg_change: %u\n" - "event_wiphy_reg_change: %u\n" - "cmd_set_station: %u\n" - "cmd_new_station: %u\n" - "cmd_del_station: %u\n" - "cmd_new_interface: %u\n" - "cmd_set_interface: %u\n" - "cmd_get_interface: %u\n" - "cmd_set_ifflags: %u\n" - "cmd_set_ifflags_done: %u\n" - "cmd_set_bss: %u\n" - "cmd_set_wiphy: %u\n" - "cmd_start_ap: %u\n" - "LMAC_CMD_PS: %u\n" - "CURR_STATE: %u\n\n", - umac->cmd_evnt_dbg_params.cmd_init, - umac->cmd_evnt_dbg_params.event_init_done, - umac->cmd_evnt_dbg_params.cmd_rf_test, - umac->cmd_evnt_dbg_params.cmd_connect, - umac->cmd_evnt_dbg_params.cmd_get_stats, - umac->cmd_evnt_dbg_params.event_ps_state, - umac->cmd_evnt_dbg_params.cmd_set_reg, - umac->cmd_evnt_dbg_params.cmd_get_reg, - umac->cmd_evnt_dbg_params.cmd_req_set_reg, - umac->cmd_evnt_dbg_params.cmd_trigger_scan, - umac->cmd_evnt_dbg_params.event_scan_done, - umac->cmd_evnt_dbg_params.cmd_get_scan, - umac->cmd_evnt_dbg_params.umac_scan_req, - umac->cmd_evnt_dbg_params.umac_scan_complete, - umac->cmd_evnt_dbg_params.umac_scan_busy, - umac->cmd_evnt_dbg_params.cmd_auth, - umac->cmd_evnt_dbg_params.cmd_assoc, - umac->cmd_evnt_dbg_params.cmd_deauth, - umac->cmd_evnt_dbg_params.cmd_register_frame, - umac->cmd_evnt_dbg_params.cmd_frame, - umac->cmd_evnt_dbg_params.cmd_del_key, - umac->cmd_evnt_dbg_params.cmd_new_key, - umac->cmd_evnt_dbg_params.cmd_set_key, - umac->cmd_evnt_dbg_params.cmd_get_key, - umac->cmd_evnt_dbg_params.event_beacon_hint, - umac->cmd_evnt_dbg_params.event_reg_change, - umac->cmd_evnt_dbg_params.event_wiphy_reg_change, - umac->cmd_evnt_dbg_params.cmd_set_station, - umac->cmd_evnt_dbg_params.cmd_new_station, - umac->cmd_evnt_dbg_params.cmd_del_station, - umac->cmd_evnt_dbg_params.cmd_new_interface, - umac->cmd_evnt_dbg_params.cmd_set_interface, - umac->cmd_evnt_dbg_params.cmd_get_interface, - umac->cmd_evnt_dbg_params.cmd_set_ifflags, - umac->cmd_evnt_dbg_params.cmd_set_ifflags_done, - umac->cmd_evnt_dbg_params.cmd_set_bss, - umac->cmd_evnt_dbg_params.cmd_set_wiphy, - umac->cmd_evnt_dbg_params.cmd_start_ap, - umac->cmd_evnt_dbg_params.LMAC_CMD_PS, - umac->cmd_evnt_dbg_params.CURR_STATE); - - shell_fprintf(shell, SHELL_INFO, - "UMAC interface stats\n" - "======================\n" - "tx_unicast_pkt_count: %u\n" - "tx_multicast_pkt_count: %u\n" - "tx_broadcast_pkt_count: %u\n" - "tx_bytes: %u\n" - "rx_unicast_pkt_count: %u\n" - "rx_multicast_pkt_count: %u\n" - "rx_broadcast_pkt_count: %u\n" - "rx_beacon_success_count: %u\n" - "rx_beacon_miss_count: %u\n" - "rx_bytes: %u\n" - "rx_checksum_error_count: %u\n\n" - "replay_attack_drop_cnt: %u\n\n", - umac->interface_data_stats.tx_unicast_pkt_count, - umac->interface_data_stats.tx_multicast_pkt_count, - umac->interface_data_stats.tx_broadcast_pkt_count, - umac->interface_data_stats.tx_bytes, - umac->interface_data_stats.rx_unicast_pkt_count, - umac->interface_data_stats.rx_multicast_pkt_count, - umac->interface_data_stats.rx_broadcast_pkt_count, - umac->interface_data_stats.rx_beacon_success_count, - umac->interface_data_stats.rx_beacon_miss_count, - umac->interface_data_stats.rx_bytes, - umac->interface_data_stats.rx_checksum_error_count, - umac->interface_data_stats.replay_attack_drop_cnt); - } - - if (stats_type == RPU_STATS_TYPE_LMAC || stats_type == RPU_STATS_TYPE_ALL) { - struct rpu_lmac_stats *lmac = &stats.fw.lmac; - - shell_fprintf(shell, SHELL_INFO, - "LMAC stats\n" - "======================\n" - "reset_cmd_cnt: %u\n" - "reset_complete_event_cnt: %u\n" - "unable_gen_event: %u\n" - "ch_prog_cmd_cnt: %u\n" - "channel_prog_done: %u\n" - "tx_pkt_cnt: %u\n" - "tx_pkt_done_cnt: %u\n" - "scan_pkt_cnt: %u\n" - "internal_pkt_cnt: %u\n" - "internal_pkt_done_cnt: %u\n" - "ack_resp_cnt: %u\n" - "tx_timeout: %u\n" - "deagg_isr: %u\n" - "deagg_inptr_desc_empty: %u\n" - "deagg_circular_buffer_full: %u\n" - "lmac_rxisr_cnt: %u\n" - "rx_decryptcnt: %u\n" - "process_decrypt_fail: %u\n" - "prepa_rx_event_fail: %u\n" - "rx_core_pool_full_cnt: %u\n" - "rx_mpdu_crc_success_cnt: %u\n" - "rx_mpdu_crc_fail_cnt: %u\n" - "rx_ofdm_crc_success_cnt: %u\n" - "rx_ofdm_crc_fail_cnt: %u\n" - "rxDSSSCrcSuccessCnt: %u\n" - "rxDSSSCrcFailCnt: %u\n" - "rx_crypto_start_cnt: %u\n" - "rx_crypto_done_cnt: %u\n" - "rx_event_buf_full: %u\n" - "rx_extram_buf_full: %u\n" - "scan_req: %u\n" - "scan_complete: %u\n" - "scan_abort_req: %u\n" - "scan_abort_complete: %u\n" - "internal_buf_pool_null: %u\n" - "rpu_hw_lockup_count: %u\n" - "rpu_hw_lockup_recovery_done: %u\n\n", - lmac->reset_cmd_cnt, - lmac->reset_complete_event_cnt, - lmac->unable_gen_event, - lmac->ch_prog_cmd_cnt, - lmac->channel_prog_done, - lmac->tx_pkt_cnt, - lmac->tx_pkt_done_cnt, - lmac->scan_pkt_cnt, - lmac->internal_pkt_cnt, - lmac->internal_pkt_done_cnt, - lmac->ack_resp_cnt, - lmac->tx_timeout, - lmac->deagg_isr, - lmac->deagg_inptr_desc_empty, - lmac->deagg_circular_buffer_full, - lmac->lmac_rxisr_cnt, - lmac->rx_decryptcnt, - lmac->process_decrypt_fail, - lmac->prepa_rx_event_fail, - lmac->rx_core_pool_full_cnt, - lmac->rx_mpdu_crc_success_cnt, - lmac->rx_mpdu_crc_fail_cnt, - lmac->rx_ofdm_crc_success_cnt, - lmac->rx_ofdm_crc_fail_cnt, - lmac->rxDSSSCrcSuccessCnt, - lmac->rxDSSSCrcFailCnt, - lmac->rx_crypto_start_cnt, - lmac->rx_crypto_done_cnt, - lmac->rx_event_buf_full, - lmac->rx_extram_buf_full, - lmac->scan_req, - lmac->scan_complete, - lmac->scan_abort_req, - lmac->scan_abort_complete, - lmac->internal_buf_pool_null, - lmac->rpu_hw_lockup_count, - lmac->rpu_hw_lockup_recovery_done); - } - - if (stats_type == RPU_STATS_TYPE_PHY || stats_type == RPU_STATS_TYPE_ALL) { - struct rpu_phy_stats *phy = &stats.fw.phy; - - shell_fprintf(shell, SHELL_INFO, - "PHY stats\n" - "======================\n" - "rssi_avg: %d\n" - "pdout_val: %u\n" - "ofdm_crc32_pass_cnt: %u\n" - "ofdm_crc32_fail_cnt: %u\n" - "dsss_crc32_pass_cnt: %u\n" - "dsss_crc32_fail_cnt: %u\n\n", - phy->rssi_avg, - phy->pdout_val, - phy->ofdm_crc32_pass_cnt, - phy->ofdm_crc32_fail_cnt, - phy->dsss_crc32_pass_cnt, - phy->dsss_crc32_fail_cnt); - } - - return 0; -} -#endif /* CONFIG_NRF700X_RADIO_TEST */ - -#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY -static int nrf_wifi_util_trigger_rpu_recovery(const struct shell *shell, - size_t argc, - const char *argv[]) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - - if (!ctx || !ctx->rpu_ctx) { - shell_fprintf(shell, - SHELL_ERROR, - "RPU context not initialized\n"); - return -ENOEXEC; - } - - fmac_dev_ctx = ctx->rpu_ctx; - - status = nrf_wifi_fmac_rpu_recovery_callback(fmac_dev_ctx, NULL, 0); - if (status != NRF_WIFI_STATUS_SUCCESS) { - shell_fprintf(shell, - SHELL_ERROR, - "Failed to trigger RPU recovery\n"); - return -ENOEXEC; - } - - shell_fprintf(shell, - SHELL_INFO, - "RPU recovery triggered\n"); - - return 0; -} -#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ - -SHELL_STATIC_SUBCMD_SET_CREATE( - nrf_wifi_util_subcmds, - SHELL_CMD_ARG(he_ltf, - NULL, - "0 - 1x HE LTF\n" - "1 - 2x HE LTF\n" - "2 - 4x HE LTF ", - nrf_wifi_util_set_he_ltf, - 2, - 0), - SHELL_CMD_ARG(he_gi, - NULL, - "0 - 0.8 us\n" - "1 - 1.6 us\n" - "2 - 3.2 us ", - nrf_wifi_util_set_he_gi, - 2, - 0), - SHELL_CMD_ARG(set_he_ltf_gi, - NULL, - "0 - Disable\n" - "1 - Enable", - nrf_wifi_util_set_he_ltf_gi, - 2, - 0), -#ifdef CONFIG_NRF700X_STA_MODE - SHELL_CMD_ARG(uapsd_queue, - NULL, - " - 0 to 15", - nrf_wifi_util_set_uapsd_queue, - 2, - 0), -#endif /* CONFIG_NRF700X_STA_MODE */ - SHELL_CMD_ARG(show_config, - NULL, - "Display the current configuration values", - nrf_wifi_util_show_cfg, - 1, - 0), -#ifdef CONFIG_NRF700X_STA_MODE - SHELL_CMD_ARG(tx_stats, - NULL, - "Displays transmit statistics\n" - "vif_index: 0 - 1\n", - nrf_wifi_util_tx_stats, - 2, - 0), -#endif /* CONFIG_NRF700X_STA_MODE */ - SHELL_CMD_ARG(tx_rate, - NULL, - "Sets TX data rate to either a fixed value or AUTO\n" - "Parameters:\n" - " : The TX data rate type to be set, where:\n" - " 0 - LEGACY\n" - " 1 - HT\n" - " 2 - VHT\n" - " 3 - HE_SU\n" - " 4 - HE_ER_SU\n" - " 5 - AUTO\n" - " : The TX data rate value to be set, valid values are:\n" - " Legacy : <1, 2, 55, 11, 6, 9, 12, 18, 24, 36, 48, 54>\n" - " Non-legacy: \n" - " AUTO: \n", - nrf_wifi_util_tx_rate, - 2, - 1), -#ifdef CONFIG_NRF_WIFI_LOW_POWER - SHELL_CMD_ARG(sleep_state, - NULL, - "Display current sleep status", - nrf_wifi_util_show_host_rpu_ps_ctrl_state, - 1, - 0), -#endif /* CONFIG_NRF_WIFI_LOW_POWER */ - SHELL_CMD_ARG(show_vers, - NULL, - "Display the driver and the firmware versions", - nrf_wifi_util_show_vers, - 1, - 0), -#ifndef CONFIG_NRF700X_RADIO_TEST - SHELL_CMD_ARG(rpu_stats, - NULL, - "Display RPU stats " - "Parameters: umac or lmac or phy or all (default)", - nrf_wifi_util_dump_rpu_stats, - 1, - 1), -#endif /* CONFIG_NRF700X_RADIO_TEST */ -#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY - SHELL_CMD_ARG(rpu_recovery_test, - NULL, - "Trigger RPU recovery", - nrf_wifi_util_trigger_rpu_recovery, - 1, - 0), -#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ - SHELL_SUBCMD_SET_END); - - -SHELL_CMD_REGISTER(wifi_util, - &nrf_wifi_util_subcmds, - "nRF Wi-Fi utility shell commands", - NULL); - - -static int nrf_wifi_util_init(void) -{ - - if (nrf_wifi_util_conf_init(&ctx->conf_params) < 0) - return -1; - - return 0; -} - - -SYS_INIT(nrf_wifi_util_init, - APPLICATION, - CONFIG_APPLICATION_INIT_PRIORITY); diff --git a/drivers/wifi/nrf700x/src/wifi_util.h b/drivers/wifi/nrf700x/src/wifi_util.h deleted file mode 100644 index afe67c86901e..000000000000 --- a/drivers/wifi/nrf700x/src/wifi_util.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* @file - * @brief nRF Wi-Fi radio-test mode shell module - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -struct nrf_wifi_ctx_zep_rt { - struct nrf_wifi_fmac_priv *fmac_priv; - struct rpu_conf_params conf_params; -}; diff --git a/drivers/wifi/nrf700x/src/work.c b/drivers/wifi/nrf700x/src/work.c deleted file mode 100644 index 2106c629f62f..000000000000 --- a/drivers/wifi/nrf700x/src/work.c +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing work specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#include -#include -#include -#include - -#include "work.h" - -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -K_THREAD_STACK_DEFINE(bh_wq_stack_area, CONFIG_NRF700X_BH_WQ_STACK_SIZE); -struct k_work_q zep_wifi_bh_q; - -K_THREAD_STACK_DEFINE(irq_wq_stack_area, CONFIG_NRF700X_IRQ_WQ_STACK_SIZE); -struct k_work_q zep_wifi_intr_q; - -#ifdef CONFIG_NRF700X_TX_DONE_WQ_ENABLED -K_THREAD_STACK_DEFINE(tx_done_wq_stack_area, CONFIG_NRF700X_TX_DONE_WQ_STACK_SIZE); -struct k_work_q zep_wifi_tx_done_q; -#endif /* CONFIG_NRF700X_TX_DONE_WQ_ENABLED */ - -#ifdef CONFIG_NRF700X_RX_WQ_ENABLED -K_THREAD_STACK_DEFINE(rx_wq_stack_area, CONFIG_NRF700X_RX_WQ_STACK_SIZE); -struct k_work_q zep_wifi_rx_q; -#endif /* CONFIG_NRF700X_RX_WQ_ENABLED */ - -struct zep_work_item zep_work_item[CONFIG_NRF700X_WORKQ_MAX_ITEMS]; - -int get_free_work_item_index(void) -{ - int i; - - for (i = 0; i < CONFIG_NRF700X_WORKQ_MAX_ITEMS; i++) { - if (zep_work_item[i].in_use) - continue; - return i; - } - - return -1; -} - -void workqueue_callback(struct k_work *work) -{ - struct zep_work_item *item = CONTAINER_OF(work, struct zep_work_item, work); - - item->callback(item->data); -} - -struct zep_work_item *work_alloc(enum zep_work_type type) -{ - int free_work_index = get_free_work_item_index(); - - if (free_work_index < 0) { - LOG_ERR("%s: Reached maximum work items", __func__); - return NULL; - } - - zep_work_item[free_work_index].in_use = true; - zep_work_item[free_work_index].type = type; - - return &zep_work_item[free_work_index]; -} - -static int workqueue_init(void) -{ - k_work_queue_init(&zep_wifi_bh_q); - - k_work_queue_start(&zep_wifi_bh_q, - bh_wq_stack_area, - K_THREAD_STACK_SIZEOF(bh_wq_stack_area), - CONFIG_NRF700X_BH_WQ_PRIORITY, - NULL); - - k_thread_name_set(&zep_wifi_bh_q.thread, "nrf700x_bh_wq"); - - k_work_queue_init(&zep_wifi_intr_q); - - k_work_queue_start(&zep_wifi_intr_q, - irq_wq_stack_area, - K_THREAD_STACK_SIZEOF(irq_wq_stack_area), - CONFIG_NRF700X_IRQ_WQ_PRIORITY, - NULL); - - k_thread_name_set(&zep_wifi_intr_q.thread, "nrf700x_intr_wq"); -#ifdef CONFIG_NRF700X_TX_DONE_WQ_ENABLED - k_work_queue_init(&zep_wifi_tx_done_q); - - k_work_queue_start(&zep_wifi_tx_done_q, - tx_done_wq_stack_area, - K_THREAD_STACK_SIZEOF(tx_done_wq_stack_area), - CONFIG_NRF700X_TX_DONE_WQ_PRIORITY, - NULL); - - k_thread_name_set(&zep_wifi_tx_done_q.thread, "nrf700x_tx_done_wq"); -#endif /* CONFIG_NRF700X_TX_DONE_WQ_ENABLED */ - -#ifdef CONFIG_NRF700X_RX_WQ_ENABLED - k_work_queue_init(&zep_wifi_rx_q); - - k_work_queue_start(&zep_wifi_rx_q, - rx_wq_stack_area, - K_THREAD_STACK_SIZEOF(rx_wq_stack_area), - CONFIG_NRF700X_RX_WQ_PRIORITY, - NULL); - - k_thread_name_set(&zep_wifi_rx_q.thread, "nrf700x_rx_wq"); -#endif /* CONFIG_NRF700X_RX_WQ_ENABLED */ - - return 0; -} - -void work_init(struct zep_work_item *item, void (*callback)(unsigned long), - unsigned long data) -{ - item->callback = callback; - item->data = data; - - k_work_init(&item->work, workqueue_callback); -} - -void work_schedule(struct zep_work_item *item) -{ - if (item->type == ZEP_WORK_TYPE_IRQ) - k_work_submit_to_queue(&zep_wifi_intr_q, &item->work); - else if (item->type == ZEP_WORK_TYPE_BH) - k_work_submit_to_queue(&zep_wifi_bh_q, &item->work); -#ifdef CONFIG_NRF700X_TX_DONE_WQ_ENABLED - else if (item->type == ZEP_WORK_TYPE_TX_DONE) - k_work_submit_to_queue(&zep_wifi_tx_done_q, &item->work); -#endif /* CONFIG_NRF700X_TX_DONE_WQ_ENABLED */ -#ifdef CONFIG_NRF700X_RX_WQ_ENABLED - else if (item->type == ZEP_WORK_TYPE_RX) - k_work_submit_to_queue(&zep_wifi_rx_q, &item->work); -#endif /* CONFIG_NRF700X_RX_WQ_ENABLED */ -} - -void work_kill(struct zep_work_item *item) -{ - /* TODO: Based on context, use _sync version */ - k_work_cancel(&item->work); -} - -void work_free(struct zep_work_item *item) -{ - item->in_use = 0; -} - -SYS_INIT(workqueue_init, POST_KERNEL, 0); diff --git a/drivers/wifi/nrf700x/src/work.h b/drivers/wifi/nrf700x/src/work.h deleted file mode 100644 index 1af7f97bc633..000000000000 --- a/drivers/wifi/nrf700x/src/work.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief Header containing work specific declarations for the - * Zephyr OS layer of the Wi-Fi driver. - */ - -#ifndef __WORK_H__ -#define __WORK_H__ - - -extern struct k_work_q zep_wifi_bh_q; - -enum zep_work_type { - ZEP_WORK_TYPE_BH, - ZEP_WORK_TYPE_IRQ, - ZEP_WORK_TYPE_TX_DONE, - ZEP_WORK_TYPE_RX, -}; - -struct zep_work_item { - bool in_use; - struct k_work work; - unsigned long data; - void (*callback)(unsigned long data); - enum zep_work_type type; -}; - -struct zep_work_item *work_alloc(enum zep_work_type); - -void work_init(struct zep_work_item *work, void (*callback)(unsigned long callbk_data), - unsigned long data); - -void work_schedule(struct zep_work_item *work); - -void work_kill(struct zep_work_item *work); - -void work_free(struct zep_work_item *work); - -#endif /* __WORK_H__ */ diff --git a/drivers/wifi/nrf700x/src/wpa_supp_if.c b/drivers/wifi/nrf700x/src/wpa_supp_if.c deleted file mode 100644 index 149c9a32bf71..000000000000 --- a/drivers/wifi/nrf700x/src/wpa_supp_if.c +++ /dev/null @@ -1,2761 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/** - * @brief File containing WPA supplicant interface specific definitions for the - * Zephyr OS layer of the Wi-Fi driver. - */ -#include - -#include -#include - -#include "fmac_main.h" -#include "fmac_util.h" -#include "wifi_mgmt.h" -#include "wpa_supp_if.h" - -LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF700X_LOG_LEVEL); - -K_SEM_DEFINE(wait_for_event_sem, 0, 1); -K_SEM_DEFINE(wait_for_scan_resp_sem, 0, 1); -static K_MUTEX_DEFINE(mgmt_tx_lock); - -#define ACTION_FRAME_RESP_TIMEOUT_MS 5000 -#define SET_IFACE_EVENT_TIMEOUT_MS 5000 -#define CARR_ON_TIMEOUT_MS 5000 - -static int get_nrf_wifi_auth_type(int wpa_auth_alg) -{ - if (wpa_auth_alg & WPA_AUTH_ALG_OPEN) { - return NRF_WIFI_AUTHTYPE_OPEN_SYSTEM; - } - if (wpa_auth_alg & WPA_AUTH_ALG_SHARED) { - return NRF_WIFI_AUTHTYPE_SHARED_KEY; - } - if (wpa_auth_alg & WPA_AUTH_ALG_LEAP) { - return NRF_WIFI_AUTHTYPE_NETWORK_EAP; - } - if (wpa_auth_alg & WPA_AUTH_ALG_FT) { - return NRF_WIFI_AUTHTYPE_FT; - } - if (wpa_auth_alg & WPA_AUTH_ALG_SAE) { - return NRF_WIFI_AUTHTYPE_SAE; - } - - return NRF_WIFI_AUTHTYPE_MAX; -} - -static unsigned int wpa_alg_to_cipher_suite(enum wpa_alg alg, size_t key_len) -{ - switch (alg) { - case WPA_ALG_WEP: - if (key_len == 5) { - return RSN_CIPHER_SUITE_WEP40; - } - return RSN_CIPHER_SUITE_WEP104; - case WPA_ALG_TKIP: - return RSN_CIPHER_SUITE_TKIP; - case WPA_ALG_CCMP: - return RSN_CIPHER_SUITE_CCMP; - case WPA_ALG_GCMP: - return RSN_CIPHER_SUITE_GCMP; - case WPA_ALG_CCMP_256: - return RSN_CIPHER_SUITE_CCMP_256; - case WPA_ALG_GCMP_256: - return RSN_CIPHER_SUITE_GCMP_256; - case WPA_ALG_BIP_CMAC_128: - return RSN_CIPHER_SUITE_AES_128_CMAC; - case WPA_ALG_BIP_GMAC_128: - return RSN_CIPHER_SUITE_BIP_GMAC_128; - case WPA_ALG_BIP_GMAC_256: - return RSN_CIPHER_SUITE_BIP_GMAC_256; - case WPA_ALG_BIP_CMAC_256: - return RSN_CIPHER_SUITE_BIP_CMAC_256; - case WPA_ALG_SMS4: - return RSN_CIPHER_SUITE_SMS4; - case WPA_ALG_KRK: - return RSN_CIPHER_SUITE_KRK; - case WPA_ALG_NONE: - LOG_ERR("%s: Unexpected encryption algorithm %d", __func__, alg); - return 0; - } - - LOG_ERR("%s: Unsupported encryption algorithm %d", __func__, alg); - return 0; -} - -static enum chan_width drv2supp_chan_width(int width) -{ - switch (width) { - case NRF_WIFI_CHAN_WIDTH_20_NOHT: - return CHAN_WIDTH_20_NOHT; - case NRF_WIFI_CHAN_WIDTH_20: - return CHAN_WIDTH_20; - case NRF_WIFI_CHAN_WIDTH_40: - return CHAN_WIDTH_40; - case NRF_WIFI_CHAN_WIDTH_80: - return CHAN_WIDTH_80; - case NRF_WIFI_CHAN_WIDTH_80P80: - return CHAN_WIDTH_80P80; - case NRF_WIFI_CHAN_WIDTH_160: - return CHAN_WIDTH_160; - default: - break; - } - return CHAN_WIDTH_UNKNOWN; -} - -void nrf_wifi_wpa_supp_event_proc_scan_start(void *if_priv) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - vif_ctx_zep = if_priv; - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.scan_start) { - vif_ctx_zep->supp_callbk_fns.scan_start(vif_ctx_zep->supp_drv_if_ctx); - } -} - -void nrf_wifi_wpa_supp_event_proc_scan_done(void *if_priv, - struct nrf_wifi_umac_event_trigger_scan *scan_done_event, - unsigned int event_len, - int aborted) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - union wpa_event_data event; - struct scan_info *info = NULL; - - vif_ctx_zep = if_priv; - - memset(&event, 0, sizeof(event)); - - info = &event.scan_info; - - info->aborted = aborted; - info->external_scan = 0; - info->nl_scan_event = 1; - - if (vif_ctx_zep->supp_drv_if_ctx && - vif_ctx_zep->supp_callbk_fns.scan_done) { - vif_ctx_zep->supp_callbk_fns.scan_done(vif_ctx_zep->supp_drv_if_ctx, - &event); - } - k_work_cancel_delayable(&vif_ctx_zep->scan_timeout_work); - vif_ctx_zep->scan_in_progress = false; - k_sem_give(&wait_for_scan_resp_sem); -} - -void nrf_wifi_wpa_supp_event_proc_scan_res(void *if_priv, - struct nrf_wifi_umac_event_new_scan_results *scan_res, - unsigned int event_len, - bool more_res) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct wpa_scan_res *r = NULL; - const unsigned char *ie = NULL; - const unsigned char *beacon_ie = NULL; - unsigned int ie_len = 0; - unsigned int beacon_ie_len = 0; - unsigned char *pos = NULL; - - vif_ctx_zep = if_priv; - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_IES_VALID) { - ie = scan_res->ies; - ie_len = scan_res->ies_len; - } - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_BEACON_IES_VALID) { - beacon_ie = scan_res->ies + scan_res->ies_len; - beacon_ie_len = scan_res->beacon_ies_len; - } - - r = k_calloc(sizeof(*r) + ie_len + beacon_ie_len, sizeof(char)); - - if (!r) { - LOG_ERR("%s: Unable to allocate memory for scan result", __func__); - return; - } - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_MAC_ADDR_VALID) { - memcpy(r->bssid, scan_res->mac_addr, ETH_ALEN); - } - - r->freq = scan_res->frequency; - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_BEACON_INTERVAL_VALID) { - r->beacon_int = scan_res->beacon_interval; - } - - r->caps = scan_res->capability; - - r->flags |= WPA_SCAN_NOISE_INVALID; - - if (scan_res->signal.signal_type == NRF_WIFI_SIGNAL_TYPE_MBM) { - r->level = scan_res->signal.signal.mbm_signal; - r->level /= 100; /* mBm to dBm */ - r->flags |= (WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID); - } else if (scan_res->signal.signal_type == NRF_WIFI_SIGNAL_TYPE_UNSPEC) { - r->level = scan_res->signal.signal.unspec_signal; - r->flags |= WPA_SCAN_QUAL_INVALID; - } else { - r->flags |= (WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID); - } - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_IES_TSF_VALID) { - r->tsf = scan_res->ies_tsf; - } - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_BEACON_IES_TSF_VALID) { - if (scan_res->beacon_ies_tsf > r->tsf) { - r->tsf = scan_res->beacon_ies_tsf; - } - } - - if (scan_res->seen_ms_ago) { - r->age = scan_res->seen_ms_ago; - } - - r->ie_len = ie_len; - - pos = (unsigned char *)(r + 1); - - if (ie) { - memcpy(pos, ie, ie_len); - - pos += ie_len; - } - - r->beacon_ie_len = beacon_ie_len; - - if (beacon_ie) { - memcpy(pos, beacon_ie, beacon_ie_len); - } - - if (scan_res->valid_fields & NRF_WIFI_EVENT_NEW_SCAN_RESULTS_STATUS_VALID) { - switch (scan_res->status) { - case NRF_WIFI_BSS_STATUS_ASSOCIATED: - r->flags |= WPA_SCAN_ASSOCIATED; - break; - default: - break; - } - } - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.scan_res) { - vif_ctx_zep->supp_callbk_fns.scan_res(vif_ctx_zep->supp_drv_if_ctx, r, more_res); - } - - if (!more_res) { - vif_ctx_zep->scan_in_progress = false; - } - - k_free(r); -} - -void nrf_wifi_wpa_supp_event_proc_auth_resp(void *if_priv, - struct nrf_wifi_umac_event_mlme *auth_resp, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - union wpa_event_data event; - const struct ieee80211_mgmt *mgmt = NULL; - const unsigned char *frame = NULL; - unsigned int frame_len = 0; - - vif_ctx_zep = if_priv; - - frame = auth_resp->frame.frame; - frame_len = auth_resp->frame.frame_len; - mgmt = (const struct ieee80211_mgmt *)frame; - - if (frame_len < 4 + (2 * NRF_WIFI_ETH_ADDR_LEN)) { - LOG_ERR("%s: MLME event too short", __func__); - return; - } - - - if (frame_len < 24 + sizeof(mgmt->u.auth)) { - LOG_ERR("%s: Authentication response frame too short", __func__); - return; - } - - memset(&event, 0, sizeof(event)); - - memcpy(event.auth.peer, mgmt->sa, ETH_ALEN); - - event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg); - - event.auth.auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction); - - event.auth.status_code = le_to_host16(mgmt->u.auth.status_code); - - if (frame_len > 24 + sizeof(mgmt->u.auth)) { - event.auth.ies = mgmt->u.auth.variable; - event.auth.ies_len = (frame_len - 24 - sizeof(mgmt->u.auth)); - } - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.auth_resp) { - vif_ctx_zep->supp_callbk_fns.auth_resp(vif_ctx_zep->supp_drv_if_ctx, &event); - } -} - -void nrf_wifi_wpa_supp_event_proc_assoc_resp(void *if_priv, - struct nrf_wifi_umac_event_mlme *assoc_resp, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - union wpa_event_data event; - const struct ieee80211_mgmt *mgmt = NULL; - const unsigned char *frame = NULL; - unsigned int frame_len = 0; - unsigned short status = WLAN_STATUS_UNSPECIFIED_FAILURE; - - vif_ctx_zep = if_priv; - - frame = assoc_resp->frame.frame; - frame_len = assoc_resp->frame.frame_len; - mgmt = (const struct ieee80211_mgmt *)frame; - - if (frame_len < 24 + sizeof(mgmt->u.assoc_resp)) { - LOG_ERR("%s: Association response frame too short", __func__); - return; - } - - memset(&event, 0, sizeof(event)); - - status = le_to_host16(mgmt->u.assoc_resp.status_code); - - if (status != WLAN_STATUS_SUCCESS) { - event.assoc_reject.bssid = mgmt->bssid; - - if (frame_len > 24 + sizeof(mgmt->u.assoc_resp)) { - event.assoc_reject.resp_ies = (unsigned char *)mgmt->u.assoc_resp.variable; - event.assoc_reject.resp_ies_len = - (frame_len - 24 - sizeof(mgmt->u.assoc_resp)); - } - - event.assoc_reject.status_code = status; - } else { - event.assoc_info.addr = mgmt->bssid; - event.assoc_info.resp_frame = frame; - event.assoc_info.resp_frame_len = frame_len; - event.assoc_info.freq = vif_ctx_zep->assoc_freq; - - if (frame_len > 24 + sizeof(mgmt->u.assoc_resp)) { - event.assoc_info.resp_ies = (unsigned char *)mgmt->u.assoc_resp.variable; - event.assoc_info.resp_ies_len = - (frame_len - 24 - sizeof(mgmt->u.assoc_resp)); - } - - if (assoc_resp->req_ie_len > 0) { - event.assoc_info.req_ies = (unsigned char *)assoc_resp->req_ie; - event.assoc_info.req_ies_len = assoc_resp->req_ie_len; - } - - } - - if (vif_ctx_zep->supp_drv_if_ctx && - vif_ctx_zep->supp_callbk_fns.assoc_resp) { - vif_ctx_zep->supp_callbk_fns.assoc_resp(vif_ctx_zep->supp_drv_if_ctx, - &event, status); - } -} - -void nrf_wifi_wpa_supp_event_proc_deauth(void *if_priv, - struct nrf_wifi_umac_event_mlme *deauth, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - union wpa_event_data event; - const struct ieee80211_mgmt *mgmt = NULL; - const unsigned char *frame = NULL; - unsigned int frame_len = 0; - - vif_ctx_zep = if_priv; - - frame = deauth->frame.frame; - frame_len = deauth->frame.frame_len; - mgmt = (const struct ieee80211_mgmt *)frame; - - if (frame_len < 24 + sizeof(mgmt->u.deauth)) { - LOG_ERR("%s: Deauthentication frame too short", __func__); - return; - } - - memset(&event, 0, sizeof(event)); - - event.deauth_info.addr = &mgmt->sa[0]; - event.deauth_info.reason_code = le_to_host16(mgmt->u.deauth.reason_code); - if (frame + frame_len > mgmt->u.deauth.variable) { - event.deauth_info.ie = mgmt->u.deauth.variable; - event.deauth_info.ie_len = (frame + frame_len - mgmt->u.deauth.variable); - } - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.deauth) { - vif_ctx_zep->supp_callbk_fns.deauth(vif_ctx_zep->supp_drv_if_ctx, - &event, mgmt); - } -} - -void nrf_wifi_wpa_supp_event_proc_disassoc(void *if_priv, - struct nrf_wifi_umac_event_mlme *disassoc, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - union wpa_event_data event; - const struct ieee80211_mgmt *mgmt = NULL; - const unsigned char *frame = NULL; - unsigned int frame_len = 0; - - vif_ctx_zep = if_priv; - - frame = disassoc->frame.frame; - frame_len = disassoc->frame.frame_len; - mgmt = (const struct ieee80211_mgmt *)frame; - - if (frame_len < 24 + sizeof(mgmt->u.disassoc)) { - LOG_ERR("%s: Disassociation frame too short", __func__); - return; - } - - memset(&event, 0, sizeof(event)); - - event.disassoc_info.addr = &mgmt->sa[0]; - event.disassoc_info.reason_code = le_to_host16(mgmt->u.disassoc.reason_code); - if (frame + frame_len > mgmt->u.disassoc.variable) { - event.disassoc_info.ie = mgmt->u.disassoc.variable; - event.disassoc_info.ie_len = (frame + frame_len - mgmt->u.disassoc.variable); - } - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.disassoc) { - vif_ctx_zep->supp_callbk_fns.disassoc(vif_ctx_zep->supp_drv_if_ctx, &event); - } - - (void) nrf_wifi_twt_teardown_flows(vif_ctx_zep, 0, NRF_WIFI_MAX_TWT_FLOWS); -} - -void *nrf_wifi_wpa_supp_dev_init(void *supp_drv_if_ctx, const char *iface_name, - struct zep_wpa_supp_dev_callbk_fns *supp_callbk_fns) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - const struct device *device = device_get_binding(iface_name); - - if (!device) { - LOG_ERR("%s: Interface %s not found", __func__, iface_name); - return NULL; - } - - vif_ctx_zep = device->data; - - if (!vif_ctx_zep || !vif_ctx_zep->rpu_ctx_zep) { - LOG_ERR("%s: Interface %s not properly initialized", __func__, iface_name); - return NULL; - } - - /* Needed to make sure that during initialization, commands like setting regdomain - * does not access it. - */ - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - vif_ctx_zep->supp_drv_if_ctx = supp_drv_if_ctx; - - memcpy(&vif_ctx_zep->supp_callbk_fns, supp_callbk_fns, - sizeof(vif_ctx_zep->supp_callbk_fns)); - - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return vif_ctx_zep; -} - -void nrf_wifi_wpa_supp_dev_deinit(void *if_priv) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - vif_ctx_zep = if_priv; - - vif_ctx_zep->supp_drv_if_ctx = NULL; -} - -int nrf_wifi_wpa_supp_scan2(void *if_priv, struct wpa_driver_scan_params *params) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_scan_info *scan_info = NULL; - int indx = 0; - int ret = -1; - int num_freqs = 0; - - if (!if_priv || !params) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep->rpu_ctx) { - LOG_ERR("%s: RPU context not initialized", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - if (vif_ctx_zep->scan_in_progress) { - LOG_ERR("%s: Scan already in progress", __func__); - ret = -EBUSY; - goto out; - } - - if (params->freqs) { - for (indx = 0; params->freqs[indx]; indx++) - num_freqs++; - } - - scan_info = k_calloc(sizeof(*scan_info) + (num_freqs * sizeof(unsigned int)), - sizeof(char)); - - if (!scan_info) { - LOG_ERR("%s: Unable to allocate memory for scan info", __func__); - ret = -ENOMEM; - goto out; - } - - memset(scan_info, 0x0, sizeof(*scan_info)); - - if (params->freqs) { - for (indx = 0; params->freqs[indx]; indx++) { - scan_info->scan_params.center_frequency[indx] = - params->freqs[indx]; - } - scan_info->scan_params.num_scan_channels = indx; - } - - if (params->filter_ssids) { - scan_info->scan_params.num_scan_ssids = params->num_filter_ssids; - - for (indx = 0; indx < params->num_filter_ssids; indx++) { - memcpy(scan_info->scan_params.scan_ssids[indx].nrf_wifi_ssid, - params->filter_ssids[indx].ssid, - params->filter_ssids[indx].ssid_len); - - scan_info->scan_params.scan_ssids[indx].nrf_wifi_ssid_len = - params->filter_ssids[indx].ssid_len; - } - } - - scan_info->scan_reason = SCAN_CONNECT; - - /* Copy extra_ies */ - if (params->extra_ies_len && params->extra_ies_len <= NRF_WIFI_MAX_IE_LEN) { - memcpy(scan_info->scan_params.ie.ie, params->extra_ies, params->extra_ies_len); - scan_info->scan_params.ie.ie_len = params->extra_ies_len; - } else if (params->extra_ies_len) { - LOG_ERR("%s: extra_ies_len %d is greater than max IE len %d", - __func__, params->extra_ies_len, NRF_WIFI_MAX_IE_LEN); - goto out; - } - - status = nrf_wifi_fmac_scan(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, scan_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Scan trigger failed", __func__); - goto out; - } - - vif_ctx_zep->scan_type = SCAN_CONNECT; - vif_ctx_zep->scan_in_progress = true; - - k_work_schedule(&vif_ctx_zep->scan_timeout_work, - K_SECONDS(CONFIG_WIFI_NRF700X_SCAN_TIMEOUT_S)); - - ret = 0; -out: - if (scan_info) - k_free(scan_info); - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_scan_abort(void *if_priv) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int sem_ret; - - vif_ctx_zep = if_priv; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - return -1; - } - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return -1; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - if (!vif_ctx_zep->scan_in_progress) { - LOG_ERR("%s:Ignore scan abort, no scan in progress", __func__); - goto out; - } - - status = nrf_wifi_fmac_abort_scan(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_abort_scan failed", __func__); - goto out; - } - - k_sem_reset(&wait_for_scan_resp_sem); - sem_ret = k_sem_take(&wait_for_scan_resp_sem, K_MSEC(RPU_RESP_EVENT_TIMEOUT)); - if (sem_ret) { - LOG_ERR("%s: Timedout waiting for scan abort response, ret = %d", - __func__, sem_ret); - status = NRF_WIFI_STATUS_FAIL; - goto out; - } - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return status; -} - -int nrf_wifi_wpa_supp_scan_results_get(void *if_priv) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret = -1; - - if (!if_priv) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - status = nrf_wifi_fmac_scan_res_get(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, - SCAN_CONNECT); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_scan_res_get failed", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_deauthenticate(void *if_priv, const char *addr, unsigned short reason_code) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_disconn_info deauth_info; - int ret = -1; - - if ((!if_priv) || (!addr)) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - memset(&deauth_info, 0, sizeof(deauth_info)); - - deauth_info.reason_code = reason_code; - - memcpy(deauth_info.mac_addr, addr, sizeof(deauth_info.mac_addr)); - - status = nrf_wifi_fmac_deauth(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &deauth_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_deauth failed", __func__); - goto out; - } - - ret = nrf_wifi_twt_teardown_flows(vif_ctx_zep, 0, NRF_WIFI_MAX_TWT_FLOWS); -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_add_key(struct nrf_wifi_umac_key_info *key_info, enum wpa_alg alg, - int key_idx, - int defkey, const unsigned char *seq, size_t seq_len, - const unsigned char *key, size_t key_len) -{ - unsigned int suite = 0; - - suite = wpa_alg_to_cipher_suite(alg, key_len); - - if (!suite) { - return -1; - } - - if (defkey && alg == WPA_ALG_BIP_CMAC_128) { - key_info->nrf_wifi_flags = NRF_WIFI_KEY_DEFAULT_MGMT; - } else if (defkey) { - key_info->nrf_wifi_flags = NRF_WIFI_KEY_DEFAULT; - } - - key_info->key_idx = key_idx; - key_info->cipher_suite = suite; - - if (key && key_len) { - memcpy(key_info->key.nrf_wifi_key, key, key_len); - key_info->key.nrf_wifi_key_len = key_len; - } - if (seq && seq_len) { - memcpy(key_info->seq.nrf_wifi_seq, seq, seq_len); - key_info->seq.nrf_wifi_seq_len = seq_len; - } - - return 0; -} - -int nrf_wifi_wpa_supp_authenticate(void *if_priv, struct wpa_driver_auth_params *params, - struct wpa_bss *curr_bss) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_auth_info auth_info; - int ret = -1; - int type; - int count = 0; - int max_ie_len = 0; - - if ((!if_priv) || (!params)) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - -#ifdef CONFIG_NRF700X_RAW_DATA_RX - if (vif_ctx_zep->if_type == NRF_WIFI_IFTYPE_MONITOR) { - LOG_ERR("%s: Interface is in Monitor mode - cannot connect to a BSS", __func__); - goto out; - } -#endif /* CONFIG_NRF700X_RAW_DATA_RX */ - - memset(&auth_info, 0, sizeof(auth_info)); - - - if (params->bssid) { - memcpy(auth_info.nrf_wifi_bssid, params->bssid, ETH_ALEN); - } - - if (params->freq) { - auth_info.frequency = params->freq; - } - - if (params->ssid) { - memcpy(auth_info.ssid.nrf_wifi_ssid, params->ssid, params->ssid_len); - - auth_info.ssid.nrf_wifi_ssid_len = params->ssid_len; - } - - if (params->ie) { - max_ie_len = (params->ie_len > NRF_WIFI_MAX_IE_LEN) ? - NRF_WIFI_MAX_IE_LEN : params->ie_len; - memcpy(&auth_info.ie.ie, params->ie, max_ie_len); - auth_info.ie.ie_len = max_ie_len; - } else { - auth_info.scan_width = 0; /* hard coded */ - auth_info.nrf_wifi_signal = curr_bss->level; - auth_info.capability = curr_bss->caps; - auth_info.beacon_interval = curr_bss->beacon_int; - auth_info.tsf = curr_bss->tsf; - auth_info.from_beacon = 0; /* hard coded */ - } - - if (params->auth_data) { - auth_info.sae.sae_data_len = params->auth_data_len; - - memcpy(auth_info.sae.sae_data, params->auth_data, params->auth_data_len); - } - - type = get_nrf_wifi_auth_type(params->auth_alg); - - if (type != NRF_WIFI_AUTHTYPE_MAX) { - auth_info.auth_type = type; - } - - if (type == NRF_WIFI_AUTHTYPE_SHARED_KEY) { - size_t key_len = params->wep_key_len[params->wep_tx_keyidx]; - struct nrf_wifi_umac_key_info *key_info = &auth_info.key_info; - - key_info->cipher_suite = wpa_alg_to_cipher_suite(params->auth_alg, key_len); - memcpy(key_info->key.nrf_wifi_key, - params->wep_key[params->wep_tx_keyidx], - key_len); - key_info->key.nrf_wifi_key_len = key_len; - key_info->valid_fields |= NRF_WIFI_KEY_VALID | NRF_WIFI_KEY_IDX_VALID | - NRF_WIFI_CIPHER_SUITE_VALID; - } - - if (params->local_state_change) { - auth_info.nrf_wifi_flags |= NRF_WIFI_CMD_AUTHENTICATE_LOCAL_STATE_CHANGE; - } - - status = nrf_wifi_fmac_auth(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &auth_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: MLME command failed (auth): count=%d ret=%d", __func__, count, ret); - count++; - ret = -1; - } else { - LOG_DBG("%s:Authentication request sent successfully", __func__); - ret = 0; - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_associate(void *if_priv, struct wpa_driver_associate_params *params) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_assoc_info assoc_info; - int ret = -1; - - if ((!if_priv) || (!params)) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - memset(&assoc_info, 0, sizeof(assoc_info)); - - if (params->bssid) { - memcpy(assoc_info.nrf_wifi_bssid, params->bssid, sizeof(assoc_info.nrf_wifi_bssid)); - } - - if (params->freq.freq) { - assoc_info.center_frequency = params->freq.freq; - vif_ctx_zep->assoc_freq = params->freq.freq; - } else { - vif_ctx_zep->assoc_freq = 0; - } - - if (params->prev_bssid) { - assoc_info.prev_bssid_flag = 1; - memcpy(assoc_info.prev_bssid, params->prev_bssid, ETH_ALEN); - } - - if (params->ssid) { - assoc_info.ssid.nrf_wifi_ssid_len = params->ssid_len; - - memcpy(assoc_info.ssid.nrf_wifi_ssid, params->ssid, params->ssid_len); - - } - - if (params->wpa_ie) { - assoc_info.wpa_ie.ie_len = params->wpa_ie_len; - memcpy(assoc_info.wpa_ie.ie, params->wpa_ie, params->wpa_ie_len); - } - - assoc_info.control_port = 1; - - if (params->mgmt_frame_protection == MGMT_FRAME_PROTECTION_REQUIRED) { - assoc_info.use_mfp = NRF_WIFI_MFP_REQUIRED; - } - - if (params->bss_max_idle_period) { - assoc_info.bss_max_idle_time = params->bss_max_idle_period; - } - - status = nrf_wifi_fmac_assoc(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &assoc_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: MLME command failed (assoc)", __func__); - } else { - LOG_DBG("%s: Association request sent successfully", __func__); - ret = 0; - } - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_set_key(void *if_priv, const unsigned char *ifname, enum wpa_alg alg, - const unsigned char *addr, int key_idx, int set_tx, - const unsigned char *seq, size_t seq_len, const unsigned char *key, - size_t key_len) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_key_info key_info; - const unsigned char *mac_addr = NULL; - unsigned int suite; - int ret = -1; - - - if ((!if_priv) || (!ifname)) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep->rpu_ctx) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - /* Can happen in a positive case where "net if down" is completed, but WPA - * supplicant is still deleting keys. - */ - if (!rpu_ctx_zep->rpu_ctx) { - goto out; - } - - memset(&key_info, 0, sizeof(key_info)); - - if (alg != WPA_ALG_NONE) { - suite = wpa_alg_to_cipher_suite(alg, key_len); - - if (!suite) { - goto out; - } - - memcpy(key_info.key.nrf_wifi_key, key, key_len); - - key_info.key.nrf_wifi_key_len = key_len; - key_info.cipher_suite = suite; - - key_info.valid_fields |= (NRF_WIFI_CIPHER_SUITE_VALID | NRF_WIFI_KEY_VALID); - } - - if (seq && seq_len) { - memcpy(key_info.seq.nrf_wifi_seq, seq, seq_len); - - key_info.seq.nrf_wifi_seq_len = seq_len; - key_info.valid_fields |= NRF_WIFI_SEQ_VALID; - } - - - /* TODO: Implement/check set_tx */ - if (addr && !is_broadcast_ether_addr(addr)) { - mac_addr = addr; - key_info.key_type = NRF_WIFI_KEYTYPE_PAIRWISE; - key_info.valid_fields |= NRF_WIFI_KEY_TYPE_VALID; - } else if (addr && is_broadcast_ether_addr(addr)) { - mac_addr = NULL; - key_info.key_type = NRF_WIFI_KEYTYPE_GROUP; - key_info.valid_fields |= NRF_WIFI_KEY_TYPE_VALID; - key_info.nrf_wifi_flags |= NRF_WIFI_KEY_DEFAULT_TYPE_MULTICAST; - } - - key_info.key_idx = key_idx; - key_info.valid_fields |= NRF_WIFI_KEY_IDX_VALID; - - if (alg == WPA_ALG_NONE) { - status = nrf_wifi_fmac_del_key(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, - &key_info, mac_addr); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_del_key failed", __func__); - } else { - ret = 0; - } - } else { - status = nrf_wifi_fmac_add_key(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, - &key_info, mac_addr); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_add_key failed", __func__); - } else { - ret = 0; - } - } - - /* - * If we failed or don't need to set the default TX key (below), - * we're done here. - */ - if (ret || !set_tx || alg == WPA_ALG_NONE) { - goto out; - } - - - memset(&key_info, 0, sizeof(key_info)); - - key_info.key_idx = key_idx; - key_info.valid_fields |= NRF_WIFI_KEY_IDX_VALID; - - if (alg == WPA_ALG_BIP_CMAC_128 || alg == WPA_ALG_BIP_GMAC_128 || - alg == WPA_ALG_BIP_GMAC_256 || alg == WPA_ALG_BIP_CMAC_256) { - key_info.nrf_wifi_flags = NRF_WIFI_KEY_DEFAULT_MGMT; - } else { - key_info.nrf_wifi_flags = NRF_WIFI_KEY_DEFAULT; - } - - if (addr && is_broadcast_ether_addr(addr)) { - key_info.nrf_wifi_flags |= NRF_WIFI_KEY_DEFAULT_TYPE_MULTICAST; - } else if (addr) { - key_info.nrf_wifi_flags |= NRF_WIFI_KEY_DEFAULT_TYPE_UNICAST; - } - - status = nrf_wifi_fmac_set_key(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &key_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_set_key failed", __func__); - ret = -1; - } else { - ret = 0; - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_set_supp_port(void *if_priv, int authorized, char *bssid) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_umac_chg_sta_info chg_sta_info; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - if (!if_priv || !bssid) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - if (vif_ctx_zep->if_op_state != NRF_WIFI_FMAC_IF_OP_STATE_UP) { - LOG_DBG("%s: Interface not UP, ignoring", __func__); - ret = 0; - goto out; - } - - memset(&chg_sta_info, 0x0, sizeof(chg_sta_info)); - - memcpy(chg_sta_info.mac_addr, bssid, ETH_ALEN); - - vif_ctx_zep->authorized = authorized; - - if (authorized) { - /* BIT(NL80211_STA_FLAG_AUTHORIZED) */ - chg_sta_info.sta_flags2.nrf_wifi_mask = 1 << 1; - /* BIT(NL80211_STA_FLAG_AUTHORIZED) */ - chg_sta_info.sta_flags2.nrf_wifi_set = 1 << 1; - } - - status = nrf_wifi_fmac_chg_sta(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &chg_sta_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_sta failed", __func__); - ret = -1; - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_signal_poll(void *if_priv, struct wpa_signal_info *si, unsigned char *bssid) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - enum nrf_wifi_status ret = NRF_WIFI_STATUS_FAIL; - int sem_ret; - int rssi_record_elapsed_time_ms = 0; - - if (!if_priv || !si || !bssid) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - vif_ctx_zep->signal_info = si; - - rssi_record_elapsed_time_ms = - nrf_wifi_osal_time_elapsed_us(vif_ctx_zep->rssi_record_timestamp_us) / 1000; - - if (rssi_record_elapsed_time_ms > CONFIG_NRF700X_RSSI_STALE_TIMEOUT_MS) { - ret = nrf_wifi_fmac_get_station(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, bssid); - if (ret != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Failed to send get station info command", __func__); - goto out; - } - - sem_ret = k_sem_take(&wait_for_event_sem, K_MSEC(RPU_RESP_EVENT_TIMEOUT)); - if (sem_ret) { - LOG_ERR("%s: Failed to get station info, ret = %d", __func__, sem_ret); - ret = NRF_WIFI_STATUS_FAIL; - goto out; - } - } else { - si->current_signal = (int)vif_ctx_zep->rssi; - } - - ret = nrf_wifi_fmac_get_interface(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx); - if (ret != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Failed to send get interface info command", __func__); - goto out; - } - - sem_ret = k_sem_take(&wait_for_event_sem, K_MSEC(RPU_RESP_EVENT_TIMEOUT)); - if (sem_ret) { - LOG_ERR("%s: Failed to get interface info, ret = %d", __func__, sem_ret); - ret = NRF_WIFI_STATUS_FAIL; - goto out; - } - vif_ctx_zep->signal_info->frequency = vif_ctx_zep->assoc_freq; -out: - vif_ctx_zep->signal_info = NULL; - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -void nrf_wifi_wpa_supp_event_proc_get_sta(void *if_priv, - struct nrf_wifi_umac_event_new_station *info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct wpa_signal_info *signal_info = NULL; - - if (!if_priv || !info) { - LOG_ERR("%s: Invalid params", __func__); - goto out; - } - - vif_ctx_zep = if_priv; - if (!vif_ctx_zep) { - LOG_ERR("%s: vif_ctx_zep is NULL", __func__); - goto out; - } - -#ifdef CONFIG_NRF700X_AP_MODE - vif_ctx_zep->inactive_time_sec = info->sta_info.inactive_time; -#endif /* CONFIG_NRF700X_AP_MODE */ - - signal_info = vif_ctx_zep->signal_info; - /* Semaphore timedout */ - if (!signal_info) { - goto out; - } - - if (info->sta_info.valid_fields & NRF_WIFI_STA_INFO_SIGNAL_VALID) { - signal_info->current_signal = info->sta_info.signal; - } else { - signal_info->current_signal = -WPA_INVALID_NOISE; - } - - if (info->sta_info.valid_fields & NRF_WIFI_STA_INFO_SIGNAL_AVG_VALID) { - signal_info->avg_signal = info->sta_info.signal_avg; - } else { - signal_info->avg_signal = -WPA_INVALID_NOISE; - } - - if (info->sta_info.valid_fields & NRF_WIFI_STA_INFO_RX_BEACON_SIGNAL_AVG_VALID) { - signal_info->avg_beacon_signal = info->sta_info.rx_beacon_signal_avg; - } else { - signal_info->avg_beacon_signal = -WPA_INVALID_NOISE; - } - - signal_info->current_txrate = 0; - - if (info->sta_info.valid_fields & NRF_WIFI_STA_INFO_TX_BITRATE_VALID) { - if (info->sta_info.tx_bitrate.valid_fields & NRF_WIFI_RATE_INFO_BITRATE_VALID) { - signal_info->current_txrate = info->sta_info.tx_bitrate.bitrate * 100; - } - } -out: - k_sem_give(&wait_for_event_sem); -} - -void nrf_wifi_wpa_supp_event_proc_get_if(void *if_priv, - struct nrf_wifi_interface_info *info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_chan_definition *chan_def_info = NULL; - struct wpa_signal_info *signal_info = NULL; - - if (!if_priv || !info) { - LOG_ERR("%s: Invalid params", __func__); - k_sem_give(&wait_for_event_sem); - return; - } - - vif_ctx_zep = if_priv; - signal_info = vif_ctx_zep->signal_info; - - /* Semaphore timedout */ - if (!signal_info) { - LOG_DBG("%s: Get interface Semaphore timedout", __func__); - return; - } - - chan_def_info = (struct nrf_wifi_chan_definition *)(&info->chan_def); - signal_info->chanwidth = drv2supp_chan_width(chan_def_info->width); - signal_info->center_frq1 = chan_def_info->center_frequency1; - signal_info->center_frq2 = chan_def_info->center_frequency2; - - k_sem_give(&wait_for_event_sem); -} - -void nrf_wifi_wpa_supp_event_mgmt_tx_status(void *if_priv, - struct nrf_wifi_umac_event_mlme *mlme_event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - bool acked = false; - - if (!if_priv) { - LOG_ERR("%s: Missing interface context", __func__); - return; - } - - vif_ctx_zep = if_priv; - - if (!mlme_event) { - LOG_ERR("%s: Missing MLME event data", __func__); - return; - } - - acked = mlme_event->nrf_wifi_flags & NRF_WIFI_EVENT_MLME_ACK ? true : false; - LOG_DBG("%s: Mgmt frame %llx tx status: %s", - __func__, mlme_event->cookie, acked ? "ACK" : "NOACK"); - - if (vif_ctx_zep->supp_drv_if_ctx && - vif_ctx_zep->supp_callbk_fns.mgmt_tx_status) { - vif_ctx_zep->supp_callbk_fns.mgmt_tx_status(vif_ctx_zep->supp_drv_if_ctx, - mlme_event->frame.frame, - mlme_event->frame.frame_len, - acked); - } -} - -void nrf_wifi_wpa_supp_event_proc_unprot_mgmt(void *if_priv, - struct nrf_wifi_umac_event_mlme *unprot_mgmt, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - union wpa_event_data event; - const struct ieee80211_mgmt *mgmt = NULL; - const unsigned char *frame = NULL; - unsigned int frame_len = 0; - int cmd_evnt = 0; - - vif_ctx_zep = if_priv; - - frame = unprot_mgmt->frame.frame; - frame_len = unprot_mgmt->frame.frame_len; - - mgmt = (const struct ieee80211_mgmt *)frame; - cmd_evnt = ((struct nrf_wifi_umac_hdr *)unprot_mgmt)->cmd_evnt; - - if (frame_len < 24 + sizeof(mgmt->u.deauth)) { - LOG_ERR("%s: Unprotected mgmt frame too short", __func__); - return; - } - - memset(&event, 0, sizeof(event)); - - event.unprot_deauth.sa = &mgmt->sa[0]; - event.unprot_deauth.da = &mgmt->da[0]; - - if (cmd_evnt == NRF_WIFI_UMAC_EVENT_UNPROT_DEAUTHENTICATE) { - event.unprot_deauth.reason_code = le_to_host16(mgmt->u.deauth.reason_code); - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.unprot_deauth) { - vif_ctx_zep->supp_callbk_fns.unprot_deauth(vif_ctx_zep->supp_drv_if_ctx, - &event); - } - } else if (cmd_evnt == NRF_WIFI_UMAC_EVENT_UNPROT_DISASSOCIATE) { - event.unprot_disassoc.reason_code = le_to_host16(mgmt->u.deauth.reason_code); - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.unprot_disassoc) { - vif_ctx_zep->supp_callbk_fns.unprot_disassoc(vif_ctx_zep->supp_drv_if_ctx, - &event); - } - } -} - -int nrf_wifi_nl80211_send_mlme(void *if_priv, const u8 *data, - size_t data_len, int noack, - unsigned int freq, int no_cck, - int offchanok, - unsigned int wait_time, - int cookie) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_mgmt_tx_info *mgmt_tx_info = NULL; - unsigned int timeout = 0; - - if (!if_priv || !data) { - LOG_ERR("%s: Invalid params", __func__); - return -1; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return -1; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - k_mutex_lock(&mgmt_tx_lock, K_FOREVER); - - mgmt_tx_info = k_calloc(sizeof(*mgmt_tx_info), sizeof(char)); - - if (!mgmt_tx_info) { - LOG_ERR("%s: Unable to allocate memory", __func__); - goto out; - } - - if (offchanok) - mgmt_tx_info->nrf_wifi_flags |= NRF_WIFI_CMD_FRAME_OFFCHANNEL_TX_OK; - - if (noack) - mgmt_tx_info->nrf_wifi_flags |= NRF_WIFI_CMD_FRAME_DONT_WAIT_FOR_ACK; - - if (no_cck) - mgmt_tx_info->nrf_wifi_flags |= NRF_WIFI_CMD_FRAME_TX_NO_CCK_RATE; - - if (freq) - mgmt_tx_info->frequency = freq; - - if (wait_time) - mgmt_tx_info->dur = wait_time; - - if (data_len) { - memcpy(mgmt_tx_info->frame.frame, data, data_len); - mgmt_tx_info->frame.frame_len = data_len; - } - - mgmt_tx_info->freq_params.frequency = freq; - mgmt_tx_info->freq_params.channel_width = NRF_WIFI_CHAN_WIDTH_20; - mgmt_tx_info->freq_params.center_frequency1 = freq; - mgmt_tx_info->freq_params.center_frequency2 = 0; - mgmt_tx_info->freq_params.channel_type = NRF_WIFI_CHAN_HT20; - - /* Going to RPU */ - mgmt_tx_info->host_cookie = cookie; - vif_ctx_zep->cookie_resp_received = false; - - LOG_DBG("%s: Sending frame to RPU: cookie=%d wait_time=%d no_ack=%d", __func__, - cookie, wait_time, noack); - status = nrf_wifi_fmac_mgmt_tx(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - mgmt_tx_info); - - if (status == NRF_WIFI_STATUS_FAIL) { - LOG_ERR("%s: nrf_wifi_fmac_mgmt_tx failed", __func__); - goto out; - } - - /* Both are needed as we use this to send_action where noack is hardcoded - * to 0 always. - */ - if (wait_time || !noack) { - if (!noack && !wait_time) { - wait_time = ACTION_FRAME_RESP_TIMEOUT_MS; - } - - while (!vif_ctx_zep->cookie_resp_received && - timeout++ < wait_time) { - k_sleep(K_MSEC(1)); - } - - if (!vif_ctx_zep->cookie_resp_received) { - LOG_ERR("%s: cookie response not received (%dms)", __func__, - timeout); - status = NRF_WIFI_STATUS_FAIL; - goto out; - } - status = NRF_WIFI_STATUS_SUCCESS; - } - -out: - if (mgmt_tx_info) - k_free(mgmt_tx_info); - k_mutex_unlock(&mgmt_tx_lock); - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return status; -} - -enum nrf_wifi_status nrf_wifi_parse_sband( - struct nrf_wifi_event_supported_band *event, - struct wpa_supp_event_supported_band *band - ) -{ - int count; - - if (event && (event->nrf_wifi_n_bitrates == 0 || event->nrf_wifi_n_channels == 0)) { - return NRF_WIFI_STATUS_FAIL; - } - memset(band, 0, sizeof(*band)); - - band->wpa_supp_n_channels = event->nrf_wifi_n_channels; - band->wpa_supp_n_bitrates = event->nrf_wifi_n_bitrates; - - for (count = 0; count < band->wpa_supp_n_channels; count++) { - struct wpa_supp_event_channel *chan = &band->channels[count]; - - if (count >= WPA_SUPP_SBAND_MAX_CHANNELS) { - LOG_ERR("%s: Failed to add channel", __func__); - break; - } - - chan->wpa_supp_flags = event->channels[count].nrf_wifi_flags; - chan->wpa_supp_max_power = event->channels[count].nrf_wifi_max_power; - chan->wpa_supp_time = event->channels[count].nrf_wifi_time; - chan->dfs_cac_msec = event->channels[count].dfs_cac_msec; - chan->ch_valid = event->channels[count].ch_valid; - chan->center_frequency = event->channels[count].center_frequency; - chan->dfs_state = event->channels[count].dfs_state; - } - - for (count = 0; count < band->wpa_supp_n_bitrates; count++) { - struct wpa_supp_event_rate *rate = &band->bitrates[count]; - - if (count >= WPA_SUPP_SBAND_MAX_RATES) { - LOG_ERR("%s: Failed to add bitrate", __func__); - break; - } - - rate->wpa_supp_flags = event->bitrates[count].nrf_wifi_flags; - rate->wpa_supp_bitrate = event->bitrates[count].nrf_wifi_bitrate; - } - - band->ht_cap.wpa_supp_ht_supported = event->ht_cap.nrf_wifi_ht_supported; - band->ht_cap.wpa_supp_cap = event->ht_cap.nrf_wifi_cap; - band->ht_cap.mcs.wpa_supp_rx_highest = event->ht_cap.mcs.nrf_wifi_rx_highest; - - for (count = 0; count < WPA_SUPP_HT_MCS_MASK_LEN; count++) { - band->ht_cap.mcs.wpa_supp_rx_mask[count] = - event->ht_cap.mcs.nrf_wifi_rx_mask[count]; - } - - band->ht_cap.mcs.wpa_supp_tx_params = event->ht_cap.mcs.nrf_wifi_tx_params; - - for (count = 0; count < NRF_WIFI_HT_MCS_RES_LEN; count++) { - - if (count >= WPA_SUPP_HT_MCS_RES_LEN) { - LOG_ERR("%s: Failed to add reserved bytes", __func__); - break; - } - - band->ht_cap.mcs.wpa_supp_reserved[count] = - event->ht_cap.mcs.nrf_wifi_reserved[count]; - } - - band->ht_cap.wpa_supp_ampdu_factor = event->ht_cap.nrf_wifi_ampdu_factor; - band->ht_cap.wpa_supp_ampdu_density = event->ht_cap.nrf_wifi_ampdu_density; - - band->vht_cap.wpa_supp_vht_supported = event->vht_cap.nrf_wifi_vht_supported; - band->vht_cap.wpa_supp_cap = event->vht_cap.nrf_wifi_cap; - - band->vht_cap.vht_mcs.rx_mcs_map = event->vht_cap.vht_mcs.rx_mcs_map; - band->vht_cap.vht_mcs.rx_highest = event->vht_cap.vht_mcs.rx_highest; - band->vht_cap.vht_mcs.tx_mcs_map = event->vht_cap.vht_mcs.tx_mcs_map; - band->vht_cap.vht_mcs.tx_highest = event->vht_cap.vht_mcs.tx_highest; - - band->band = event->band; - - return WLAN_STATUS_SUCCESS; -} - -void nrf_wifi_wpa_supp_event_get_wiphy(void *if_priv, - struct nrf_wifi_event_get_wiphy *wiphy_info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct wpa_supp_event_supported_band band; - - if (!if_priv || !wiphy_info || !event_len) { - LOG_ERR("%s: Invalid parameters", __func__); - return; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - - memset(&band, 0, sizeof(band)); - - for (int i = 0; i < NRF_WIFI_EVENT_GET_WIPHY_NUM_BANDS; i++) { - if (nrf_wifi_parse_sband(&wiphy_info->sband[i], &band) != WLAN_STATUS_SUCCESS) { - continue; - } - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.get_wiphy_res) { - vif_ctx_zep->supp_callbk_fns.get_wiphy_res(vif_ctx_zep->supp_drv_if_ctx, - &band); - } - } - - if ((wiphy_info->params_valid & NRF_WIFI_GET_WIPHY_VALID_EXTENDED_CAPABILITIES) && - rpu_ctx_zep->extended_capa == NULL) { - - rpu_ctx_zep->extended_capa = k_malloc(wiphy_info->extended_capabilities_len); - - if (rpu_ctx_zep->extended_capa) { - memcpy(rpu_ctx_zep->extended_capa, wiphy_info->extended_capabilities, - wiphy_info->extended_capabilities_len); - } - - rpu_ctx_zep->extended_capa_mask = k_malloc(wiphy_info->extended_capabilities_len); - - if (rpu_ctx_zep->extended_capa_mask) { - memcpy(rpu_ctx_zep->extended_capa_mask, - wiphy_info->extended_capabilities_mask, - wiphy_info->extended_capabilities_len); - } else { - free(rpu_ctx_zep->extended_capa); - rpu_ctx_zep->extended_capa = NULL; - rpu_ctx_zep->extended_capa_len = 0; - } - } - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.get_wiphy_res) { - vif_ctx_zep->supp_callbk_fns.get_wiphy_res(vif_ctx_zep->supp_drv_if_ctx, NULL); - } -} - -int nrf_wifi_supp_get_wiphy(void *if_priv) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - - if (!if_priv) { - LOG_ERR("%s: Missing interface context", __func__); - return -1; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return -1; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - status = nrf_wifi_fmac_get_wiphy(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_get_wiphy failed", __func__); - goto out; - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return status; -} - -int nrf_wifi_supp_register_frame(void *if_priv, - u16 type, const u8 *match, size_t match_len, - bool multicast) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_mgmt_frame_info frame_info; - - if (!if_priv || !match || !match_len) { - LOG_ERR("%s: Invalid parameters", __func__); - return -1; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return -1; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - memset(&frame_info, 0, sizeof(frame_info)); - - frame_info.frame_type = type; - frame_info.frame_match.frame_match_len = match_len; - memcpy(frame_info.frame_match.frame_match, match, match_len); - - status = nrf_wifi_fmac_register_frame(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, - &frame_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_register_frame failed", __func__); - goto out; - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return status; -} - -void nrf_wifi_wpa_supp_event_mgmt_rx_callbk_fn(void *if_priv, - struct nrf_wifi_umac_event_mlme *mlme_event, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!if_priv) { - LOG_ERR("%s: Missing interface context", __func__); - return; - } - - vif_ctx_zep = if_priv; - - if (!mlme_event || !event_len) { - LOG_ERR("%s: Missing MLME event data", __func__); - return; - } - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.mgmt_rx) { - vif_ctx_zep->supp_callbk_fns.mgmt_rx(vif_ctx_zep->supp_drv_if_ctx, - mlme_event->frame.frame, - mlme_event->frame.frame_len, - mlme_event->frequency, - mlme_event->rx_signal_dbm); - } -} - -int nrf_wifi_supp_get_capa(void *if_priv, struct wpa_driver_capa *capa) -{ - enum nrf_wifi_status status = NRF_WIFI_STATUS_SUCCESS; - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - - if (!if_priv || !capa) { - LOG_ERR("%s: Invalid parameters", __func__); - return -1; - } - - memset(capa, 0, sizeof(*capa)); - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return -1; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - /* TODO: Get these from RPU*/ - /* Use SME */ - capa->flags = 0; - capa->flags |= WPA_DRIVER_FLAGS_SME; - capa->flags |= WPA_DRIVER_FLAGS_SAE; - capa->flags |= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE; - capa->rrm_flags |= WPA_DRIVER_FLAGS_SUPPORT_RRM; - capa->rrm_flags |= WPA_DRIVER_FLAGS_SUPPORT_BEACON_REPORT; - if (IS_ENABLED(CONFIG_NRF700X_AP_MODE)) { - capa->flags |= WPA_DRIVER_FLAGS_AP; - } - - capa->enc |= WPA_DRIVER_CAPA_ENC_WEP40 | - WPA_DRIVER_CAPA_ENC_WEP104 | - WPA_DRIVER_CAPA_ENC_TKIP | - WPA_DRIVER_CAPA_ENC_CCMP | - WPA_DRIVER_CAPA_ENC_CCMP | - WPA_DRIVER_CAPA_ENC_CCMP_256 | - WPA_DRIVER_CAPA_ENC_GCMP_256; - - if (rpu_ctx_zep->extended_capa && rpu_ctx_zep->extended_capa_mask) { - capa->extended_capa = rpu_ctx_zep->extended_capa; - capa->extended_capa_mask = rpu_ctx_zep->extended_capa_mask; - capa->extended_capa_len = rpu_ctx_zep->extended_capa_len; - } -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return status; -} - - -void nrf_wifi_wpa_supp_event_mac_chgd(void *if_priv) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - - if (!if_priv) { - LOG_ERR("%s: Invalid parameters", __func__); - return; - } - - vif_ctx_zep = if_priv; - - if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.mac_changed) { - vif_ctx_zep->supp_callbk_fns.mac_changed(vif_ctx_zep->supp_drv_if_ctx); - } - -} - - -int nrf_wifi_supp_get_conn_info(void *if_priv, struct wpa_conn_info *info) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; - enum nrf_wifi_status ret = NRF_WIFI_STATUS_FAIL; - int sem_ret; - - if (!if_priv || !info) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - fmac_dev_ctx = rpu_ctx_zep->rpu_ctx; - - vif_ctx_zep->conn_info = info; - ret = nrf_wifi_fmac_get_conn_info(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx); - if (ret != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_get_conn_info failed", __func__); - goto out; - } - - sem_ret = k_sem_take(&wait_for_event_sem, K_MSEC(RPU_RESP_EVENT_TIMEOUT)); - if (sem_ret) { - LOG_ERR("%s: Timeout: failed to get connection info, ret = %d", __func__, sem_ret); - ret = NRF_WIFI_STATUS_FAIL; - goto out; - } - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - - -void nrf_wifi_supp_event_proc_get_conn_info(void *if_priv, - struct nrf_wifi_umac_event_conn_info *info, - unsigned int event_len) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct wpa_conn_info *conn_info = NULL; - - if (!if_priv || !info) { - LOG_ERR("%s: Invalid params", __func__); - k_sem_give(&wait_for_event_sem); - return; - } - vif_ctx_zep = if_priv; - conn_info = vif_ctx_zep->conn_info; - - conn_info->beacon_interval = info->beacon_interval; - conn_info->dtim_period = info->dtim_interval; - conn_info->twt_capable = info->twt_capable; - k_sem_give(&wait_for_event_sem); -} - -#ifdef CONFIG_NRF700X_AP_MODE -static int nrf_wifi_vif_state_change(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, - enum nrf_wifi_fmac_if_op_state state) -{ - struct nrf_wifi_umac_chg_vif_state_info vif_state_info = {0}; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - unsigned int timeout = 0; - struct nrf_wifi_fmac_vif_ctx *vif_ctx = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; - int ret = -1; - - if (!vif_ctx_zep) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - def_dev_ctx = wifi_dev_priv(rpu_ctx_zep->rpu_ctx); - vif_ctx = def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]; - - vif_state_info.state = state; - vif_state_info.if_index = vif_ctx_zep->vif_idx; - vif_ctx->ifflags = false; - status = nrf_wifi_fmac_chg_vif_state(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &vif_state_info); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_vif_state failed", - __func__); - goto out; - } - - while (!vif_ctx->ifflags && timeout++ < SET_IFACE_EVENT_TIMEOUT_MS) { - k_sleep(K_MSEC(1)); - } - - if (!vif_ctx->ifflags) { - LOG_ERR("%s: set interface state event not received (%dms)", __func__, timeout); - goto out; - } - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -static int nrf_wifi_iftype_change(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, int iftype) -{ - struct nrf_wifi_umac_chg_vif_attr_info chg_vif_info = {0}; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret = -1; - unsigned int timeout = 0; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - - if (!vif_ctx_zep) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - ret = nrf_wifi_vif_state_change(vif_ctx_zep, NRF_WIFI_FMAC_IF_OP_STATE_DOWN); - if (ret) { - LOG_ERR("%s: Failed to set interface down", __func__); - goto out; - } - - chg_vif_info.iftype = iftype; - vif_ctx_zep->set_if_event_received = false; - vif_ctx_zep->set_if_status = 0; - status = nrf_wifi_fmac_chg_vif(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &chg_vif_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_vif failed", __func__); - goto out; - } - - while (!vif_ctx_zep->set_if_event_received && - timeout++ < SET_IFACE_EVENT_TIMEOUT_MS) { - k_sleep(K_MSEC(1)); - } - - if (!vif_ctx_zep->set_if_event_received) { - LOG_ERR("%s: set interface event not received (%dms)", __func__, timeout); - goto out; - } - - if (vif_ctx_zep->set_if_status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: set interface failed: %d", __func__, vif_ctx_zep->set_if_status); - goto out; - } - - ret = nrf_wifi_vif_state_change(vif_ctx_zep, NRF_WIFI_FMAC_IF_OP_STATE_UP); - if (ret) { - LOG_ERR("%s: Failed to set interface up", __func__); - goto out; - } - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -static int nrf_wifi_wait_for_carrier_status(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, - enum nrf_wifi_fmac_if_carr_state carrier_status) -{ - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret = -1; - unsigned int timeout = 0; - - if (!vif_ctx_zep) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - while (vif_ctx_zep->if_carr_state != carrier_status && - timeout++ < CARR_ON_TIMEOUT_MS) { - k_sleep(K_MSEC(1)); - } - - if (vif_ctx_zep->if_carr_state != carrier_status) { - LOG_ERR("%s: Carrier %s event not received in %dms", __func__, - carrier_status == NRF_WIFI_FMAC_IF_CARR_STATE_ON ? "ON" : "OFF", - timeout); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_init_ap(void *if_priv, struct wpa_driver_associate_params *params) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - - int ret = -1; - - if (!if_priv || !params) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - if (params->mode != IEEE80211_MODE_AP) { - LOG_ERR("%s: Invalid mode", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - ret = nrf_wifi_iftype_change(vif_ctx_zep, NRF_WIFI_IFTYPE_AP); - if (ret) { - LOG_ERR("%s: Failed to set interface type to AP: %d", __func__, ret); - goto out; - } - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -static int wpas_cipher_to_nrf(int cipher) -{ - switch (cipher) { - case WPA_CIPHER_NONE: - return 0; - case WPA_CIPHER_WEP40: - return NRF_WIFI_FMAC_CIPHER_SUITE_WEP40; - case WPA_CIPHER_WEP104: - return NRF_WIFI_FMAC_CIPHER_SUITE_WEP104; - case WPA_CIPHER_TKIP: - return NRF_WIFI_FMAC_CIPHER_SUITE_TKIP; - case WPA_CIPHER_CCMP: - return NRF_WIFI_FMAC_CIPHER_SUITE_CCMP; - case WPA_CIPHER_CCMP_256: - return NRF_WIFI_FMAC_CIPHER_SUITE_CCMP_256; - default: - return -1; - } -} - -static int nrf_wifi_set_beacon_data(const struct wpa_driver_ap_params *params, - struct nrf_wifi_beacon_data *beacon_data) -{ - int ret = -1; - - if (params->head_len > ARRAY_SIZE(beacon_data->head)) { - LOG_ERR("%s: head_len too big", __func__); - goto out; - } - - if (params->tail_len > ARRAY_SIZE(beacon_data->tail)) { - LOG_ERR("%s: tail_len too big", __func__); - goto out; - } - - if (params->proberesp_len > ARRAY_SIZE(beacon_data->probe_resp)) { - LOG_ERR("%s: proberesp_len too big", __func__); - goto out; - } - - beacon_data->head_len = params->head_len; - beacon_data->tail_len = params->tail_len; - beacon_data->probe_resp_len = params->proberesp_len; - - if (params->head_len) { - memcpy(&beacon_data->head, params->head, - params->head_len); - } - - if (params->tail_len) { - memcpy(&beacon_data->tail, params->tail, - params->tail_len); - } - - if (params->proberesp_len) { - memcpy(&beacon_data->probe_resp, params->proberesp_ies, - params->proberesp_len); - } - - ret = 0; -out: - return ret; -} - -int nrf_wifi_supp_register_mgmt_frame(void *if_priv, - u16 frame_type, size_t match_len, const u8 *match) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - struct nrf_wifi_umac_mgmt_frame_info mgmt_frame_info = {0}; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - if (!if_priv || (match_len && !match)) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - mgmt_frame_info.frame_type = frame_type; - mgmt_frame_info.frame_match.frame_match_len = match_len; - if (match_len >= NRF_WIFI_FRAME_MATCH_MAX_LEN) { - LOG_ERR("%s: match_len too big: %d (max %d)", __func__, match_len, - NRF_WIFI_FRAME_MATCH_MAX_LEN); - goto out; - } - memcpy(mgmt_frame_info.frame_match.frame_match, match, match_len); - - status = nrf_wifi_fmac_mgmt_frame_reg(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &mgmt_frame_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_mgmt_frame_reg failed", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -/* As per current design default is always STA */ -static int is_ap_dynamic_iface(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep) -{ - return (vif_ctx_zep->vif_idx != 0); -} - -static int nrf_wifi_set_bss(struct nrf_wifi_vif_ctx_zep *vif_ctx_zep, - struct wpa_driver_ap_params *params) -{ - struct nrf_wifi_umac_bss_info bss_info = {0}; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret = -1; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int i; - - if (!vif_ctx_zep || !params) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - if (params->basic_rates) { - for (i = 0; params->basic_rates[i] != -1; i++) { - if (i >= ARRAY_SIZE(bss_info.basic_rates)) { - LOG_ERR("%s: basic_rates too big: %d (max %d)", __func__, i, - ARRAY_SIZE(bss_info.basic_rates)); - goto out; - } - bss_info.basic_rates[i] = params->basic_rates[i]; - } - bss_info.num_basic_rates = i; - } - bss_info.p2p_go_ctwindow = params->p2p_go_ctwindow; - bss_info.ht_opmode = params->ht_opmode; - bss_info.nrf_wifi_cts = params->cts_protect; - bss_info.preamble = params->preamble; - bss_info.nrf_wifi_slot = params->short_slot_time; - bss_info.ap_isolate = params->isolate; - - status = nrf_wifi_fmac_set_bss(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &bss_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_set_bss failed", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - - -static enum nrf_wifi_chan_width wpa_supp_chan_width_to_nrf(enum hostapd_hw_mode mode, - int bandwidth, int cfreq1, int cfreq2) -{ - switch (bandwidth) { - case 20: - if (mode == HOSTAPD_MODE_IEEE80211B) { - return NRF_WIFI_CHAN_WIDTH_20_NOHT; - } else { - return NRF_WIFI_CHAN_WIDTH_20; - }; - case 40: - return NRF_WIFI_CHAN_WIDTH_40; - case 80: - if (cfreq2) { - return NRF_WIFI_CHAN_WIDTH_80P80; - } else { - return NRF_WIFI_CHAN_WIDTH_80; - } - case 160: - return NRF_WIFI_CHAN_WIDTH_160; - }; - - return NRF_WIFI_CHAN_WIDTH_20; -} - -int nrf_wifi_wpa_supp_start_ap(void *if_priv, struct wpa_driver_ap_params *params) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret = -1; - struct nrf_wifi_umac_start_ap_info start_ap_info = {0}; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ch_width = 0; - - if (!if_priv || !params) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - nrf_wifi_set_beacon_data(params, &start_ap_info.beacon_data); - start_ap_info.beacon_interval = params->beacon_int; - start_ap_info.dtim_period = params->dtim_period; - start_ap_info.ssid.nrf_wifi_ssid_len = params->ssid_len; - memcpy(start_ap_info.ssid.nrf_wifi_ssid, params->ssid, params->ssid_len); - for (int i = 0; i < 32; i++) { - if ((params->pairwise_ciphers & BIT(i)) && - start_ap_info.connect_common_info.num_cipher_suites_pairwise < 7) { - if (wpas_cipher_to_nrf(i) < 0) { - LOG_DBG("%s: Unsupported cipher %d ignored", __func__, i); - continue; - } - start_ap_info.connect_common_info.cipher_suites_pairwise[i] = - wpas_cipher_to_nrf(i); - start_ap_info.connect_common_info.num_cipher_suites_pairwise++; - } - } - - ch_width = wpa_supp_chan_width_to_nrf(params->freq->mode, params->freq->bandwidth, - params->freq->center_freq1, params->freq->center_freq2); - - start_ap_info.freq_params.frequency = params->freq->freq; - start_ap_info.freq_params.channel_width = ch_width; - start_ap_info.freq_params.center_frequency1 = params->freq->center_freq1; - start_ap_info.freq_params.center_frequency2 = params->freq->center_freq2; - start_ap_info.freq_params.channel_type = params->freq->ht_enabled ? NRF_WIFI_CHAN_HT20 : - NRF_WIFI_CHAN_NO_HT; - start_ap_info.freq_params.valid_fields = NRF_WIFI_SET_FREQ_PARAMS_FREQ_VALID | - NRF_WIFI_SET_FREQ_PARAMS_CHANNEL_WIDTH_VALID | - NRF_WIFI_SET_FREQ_PARAMS_CENTER_FREQ1_VALID | - NRF_WIFI_SET_FREQ_PARAMS_CENTER_FREQ2_VALID | - NRF_WIFI_SET_FREQ_PARAMS_CHANNEL_TYPE_VALID; - - vif_ctx_zep->if_carr_state = NRF_WIFI_FMAC_IF_CARR_STATE_OFF; - status = nrf_wifi_fmac_start_ap(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &start_ap_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_start_ap failed", __func__); - goto out; - } - - ret = nrf_wifi_wait_for_carrier_status(vif_ctx_zep, NRF_WIFI_FMAC_IF_CARR_STATE_ON); - if (ret) { - goto out; - } - - ret = nrf_wifi_set_bss(vif_ctx_zep, params); - if (ret) { - LOG_ERR("%s: Failed to set BSS", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_change_beacon(void *if_priv, struct wpa_driver_ap_params *params) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - int ret = -1; - struct nrf_wifi_umac_set_beacon_info chg_bcn_info = {0}; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - - if (!if_priv || !params) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - nrf_wifi_set_beacon_data(params, &chg_bcn_info.beacon_data); - - status = nrf_wifi_fmac_chg_bcn(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &chg_bcn_info); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_bcn failed", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_stop_ap(void *if_priv) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - if (!if_priv) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - status = nrf_wifi_fmac_stop_ap(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx); - - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_stop_ap failed", __func__); - goto out; - } - - ret = nrf_wifi_wait_for_carrier_status(vif_ctx_zep, NRF_WIFI_FMAC_IF_CARR_STATE_OFF); - if (ret) { - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_deinit_ap(void *if_priv) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - if (!if_priv) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_DBG("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - status = nrf_wifi_wpa_supp_stop_ap(if_priv); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: Failed to stop AP", __func__); - goto out; - } - - if (!is_ap_dynamic_iface(vif_ctx_zep)) { - ret = nrf_wifi_iftype_change(vif_ctx_zep, NRF_WIFI_IFTYPE_STATION); - if (ret) { - LOG_ERR("%s: Failed to set interface type to STATION: %d", __func__, ret); - goto out; - } - } - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_sta_flags_to_nrf(int wpas_sta_flags) -{ - int nrf_sta_flags = 0; - - if (wpas_sta_flags & WPA_STA_AUTHORIZED) { - nrf_sta_flags |= NRF_WIFI_STA_FLAG_AUTHORIZED; - } - if (wpas_sta_flags & WPA_STA_WMM) { - nrf_sta_flags |= NRF_WIFI_STA_FLAG_WME; - } - if (wpas_sta_flags & WPA_STA_SHORT_PREAMBLE) { - nrf_sta_flags |= NRF_WIFI_STA_FLAG_SHORT_PREAMBLE; - } - if (wpas_sta_flags & WPA_STA_MFP) { - nrf_sta_flags |= NRF_WIFI_STA_FLAG_MFP; - } - if (wpas_sta_flags & WPA_STA_TDLS_PEER) { - nrf_sta_flags |= NRF_WIFI_STA_FLAG_TDLS_PEER; - } - /* Note: Do not set flags > NRF_WIFI_STA_FLAG_TDLS_PEER, else - * nrf_wifi_fmac_chg_sta will fail. This is equivalent to not - * setting WPA_DRIVER_FLAGS_FULL_AP_CLIENT_STATE flag. - */ - - return nrf_sta_flags; -} - -int nrf_wifi_wpa_supp_sta_add(void *if_priv, struct hostapd_sta_add_params *params) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - struct nrf_wifi_umac_add_sta_info sta_info = {0}; - int ret = -1; - int i; - - if (!if_priv || !params) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - sta_info.nrf_wifi_listen_interval = params->listen_interval; - sta_info.aid = params->aid; - sta_info.sta_capability = params->capability; - sta_info.supp_rates.nrf_wifi_num_rates = params->supp_rates_len; - /* TODO: sta_info.supp_rates.band */ - for (i = 0; i < params->supp_rates_len; i++) { - sta_info.supp_rates.rates[i] = params->supp_rates[i] & 0x7f; - } - - sta_info.ext_capability.ext_capability_len = params->ext_capab_len; - if (params->ext_capab_len >= NRF_WIFI_EXT_CAPABILITY_MAX_LEN) { - LOG_ERR("%s: ext_capab_len too big: %d (max %d)", __func__, - params->ext_capab_len, NRF_WIFI_EXT_CAPABILITY_MAX_LEN); - goto out; - } - memcpy(sta_info.ext_capability.ext_capability, params->ext_capab, - params->ext_capab_len); - - sta_info.supported_channels.supported_channels_len = params->supp_channels_len; - if (params->supp_channels_len >= NRF_WIFI_SUPPORTED_CHANNELS_MAX_LEN) { - LOG_ERR("%s: supp_channels_len too big: %d (max %d)", __func__, - params->supp_channels_len, NRF_WIFI_SUPPORTED_CHANNELS_MAX_LEN); - goto out; - } - memcpy(sta_info.supported_channels.supported_channels, params->supp_channels, - params->supp_channels_len); - - sta_info.supported_oper_classes.supported_oper_classes_len = params->supp_oper_classes_len; - if (params->supp_oper_classes_len >= NRF_WIFI_OPER_CLASSES_MAX_LEN) { - LOG_ERR("%s: supp_oper_classes_len too big: %d (max %d)", __func__, - params->supp_oper_classes_len, NRF_WIFI_OPER_CLASSES_MAX_LEN); - goto out; - } - memcpy(sta_info.supported_oper_classes.supported_oper_classes, params->supp_oper_classes, - params->supp_oper_classes_len); - - sta_info.sta_flags2.nrf_wifi_set = nrf_wifi_sta_flags_to_nrf(params->flags); - sta_info.sta_flags2.nrf_wifi_mask = sta_info.sta_flags2.nrf_wifi_set | - nrf_wifi_sta_flags_to_nrf(params->flags_mask); - - if (params->ht_capabilities) { - memcpy(sta_info.ht_capability, - params->ht_capabilities, - sizeof(sta_info.ht_capability)); - } - - if (params->vht_capabilities) { - memcpy(sta_info.vht_capability, - params->vht_capabilities, - sizeof(sta_info.vht_capability)); - } - - memcpy(sta_info.mac_addr, params->addr, sizeof(sta_info.mac_addr)); - - LOG_DBG("nrf_wifi_wpa_supp_sta_add: %x, %x", - sta_info.sta_flags2.nrf_wifi_set, sta_info.sta_flags2.nrf_wifi_mask); - - if (params->set) { - status = nrf_wifi_fmac_chg_sta(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - (struct nrf_wifi_umac_chg_sta_info *)&sta_info); - } else { - status = nrf_wifi_fmac_add_sta(rpu_ctx_zep->rpu_ctx, - vif_ctx_zep->vif_idx, - &sta_info); - } - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_add_sta failed", __func__); - goto out; - } - - ret = 0; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_sta_remove(void *if_priv, const u8 *addr) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_umac_del_sta_info del_sta = {0}; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - if (!if_priv || !addr) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_DBG("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - memcpy(del_sta.mac_addr, addr, sizeof(del_sta.mac_addr)); - - status = nrf_wifi_fmac_del_sta(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &del_sta); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_del_sta failed", __func__); - goto out; - } - - ret = 0; - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_sta_set_flags(void *if_priv, const u8 *addr, - unsigned int total_flags, unsigned int flags_or, - unsigned int flags_and) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_umac_chg_sta_info chg_sta = {0}; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1; - - if (!if_priv || !addr) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_DBG("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - memcpy(chg_sta.mac_addr, addr, sizeof(chg_sta.mac_addr)); - - chg_sta.sta_flags2.nrf_wifi_mask = nrf_wifi_sta_flags_to_nrf(flags_or | ~flags_and); - chg_sta.sta_flags2.nrf_wifi_set = nrf_wifi_sta_flags_to_nrf(flags_or); - - LOG_DBG("nrf_wifi_wpa_supp_sta_set_flags %x, %x", - chg_sta.sta_flags2.nrf_wifi_set, chg_sta.sta_flags2.nrf_wifi_mask); - - status = nrf_wifi_fmac_chg_sta(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, &chg_sta); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_chg_sta failed", __func__); - goto out; - } - - ret = 0; - -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return ret; -} - -int nrf_wifi_wpa_supp_sta_get_inact_sec(void *if_priv, const u8 *addr) -{ - struct nrf_wifi_vif_ctx_zep *vif_ctx_zep = NULL; - struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; - enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; - int ret = -1, sem_ret; - int inactive_time_sec = -1; - - if (!if_priv || !addr) { - LOG_ERR("%s: Invalid params", __func__); - return ret; - } - - vif_ctx_zep = if_priv; - rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { - LOG_DBG("%s: rpu_ctx_zep is NULL", __func__); - return ret; - } - - k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); - if (!rpu_ctx_zep->rpu_ctx) { - LOG_DBG("%s: RPU context not initialized", __func__); - goto out; - } - - status = nrf_wifi_fmac_get_station(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, - (unsigned char *) addr); - if (status != NRF_WIFI_STATUS_SUCCESS) { - LOG_ERR("%s: nrf_wifi_fmac_get_station failed", __func__); - goto out; - } - - sem_ret = k_sem_take(&wait_for_event_sem, K_MSEC(RPU_RESP_EVENT_TIMEOUT)); - if (sem_ret) { - LOG_ERR("%s: Timed out to get station info, ret = %d", __func__, sem_ret); - ret = NRF_WIFI_STATUS_FAIL; - goto out; - } - - inactive_time_sec = vif_ctx_zep->inactive_time_sec; -out: - k_mutex_unlock(&vif_ctx_zep->vif_lock); - return inactive_time_sec; -} -#endif /* CONFIG_NRF700X_AP_MODE */ From da1f66ade1ba70aa0c8ad56ca8b1591d505969ee Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 5 Aug 2024 20:42:56 +0530 Subject: [PATCH 034/217] manifest: Use Zephyr hostap Now that nRF70 support is upstream, switch to upstream hostap. Signed-off-by: Chaitanya Tata --- west.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/west.yml b/west.yml index 8321530d5ce5..f923b36b5d8e 100644 --- a/west.yml +++ b/west.yml @@ -97,6 +97,7 @@ manifest: - hal_nordic - hal_st # required for ST sensors (unrelated to STM32 MCUs) - hal_wurthelektronik + - hostap - liblc3 - libmetal - littlefs @@ -120,15 +121,6 @@ manifest: # # Some of these are also Zephyr modules which have NCS-specific # changes. - - name: hostap - repo-path: sdk-hostap - path: modules/lib/hostap - revision: 3b64b3bf9957f3b1515d58429b89589d234dcaaf - userdata: - ncs: - upstream-url: https://w1.fi/cgit/hostap/ - upstream-sha: e792f38db8471f35ee94f109a4093dece8f78c6a - compare-by-default: true - name: wfa-qt-control-app repo-path: sdk-wi-fiquicktrack-controlappc path: modules/lib/wfa-qt-control-app From 5c8e0a2d183f17b5e1712d55472009a160826eec Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 5 Aug 2024 20:49:19 +0530 Subject: [PATCH 035/217] treewide: Migrate to nRF70 upstream driver Upstream driver namespace is renamed from nrf700x -> nrf70. Signed-off-by: Chaitanya Tata --- .../asset_tracker_v2/Kconfig.sysbuild | 2 +- .../boards/thingy91x_nrf9151_ns.conf | 4 +- .../overlay-nrf7002ek-wifi-scan-only.conf | 4 +- applications/asset_tracker_v2/sample.yaml | 8 +- .../doc/matter_bridge_description.rst | 21 ++- applications/matter_bridge/sample.yaml | 2 +- .../matter_weather_station/Kconfig.sysbuild | 2 +- .../matter_weather_station/README.rst | 4 +- .../matter_weather_station/sample.yaml | 2 +- boards/nordic/nrf7002dk/Kconfig.sysbuild | 2 +- boards/nordic/thingy91x/CMakeLists.txt | 2 +- .../nrf700x_nrf54h20dk/Kconfig.defconfig | 2 +- .../nrf700x_nrf54l15dk/Kconfig.defconfig | 2 +- .../nrf700x_nrf54l15pdk/Kconfig.defconfig | 2 +- cmake/partition_manager.cmake | 2 +- cmake/sysbuild/nrf700x.cmake | 8 +- .../software_maturity_features.yaml | 20 +-- .../software_maturity_scanner.py | 2 +- .../sysbuild/sysbuild_forced_options.rst | 10 +- doc/nrf/drivers.rst | 1 - doc/nrf/drivers/wifi/nrf700x/nrf700x.rst | 154 ------------------ .../getting_started/memory_optimization.rst | 4 +- .../advanced_modes/promiscuous_operation.rst | 4 +- .../wifi/advanced_modes/raw_tx_operation.rst | 2 +- .../advanced_modes/sniffer_rx_operation.rst | 4 +- doc/nrf/protocols/wifi/regulatory_support.rst | 2 +- doc/nrf/protocols/wifi/sap_mode/sap.rst | 2 +- .../wifi/scan_mode/scan_operation.rst | 2 +- .../protocols/wifi/stack_configuration.rst | 94 +++++------ .../migration/migration_sysbuild.rst | 18 +- .../releases/release-notes-2.4.0.rst | 2 +- .../releases/release-notes-2.6.0.rst | 2 +- lib/location/scan_wifi.c | 2 +- samples/Kconfig | 16 +- .../overlay-nrf700x-wifi-scan-only.conf | 4 +- samples/cellular/location/sample.yaml | 10 +- .../lwm2m_client/overlay-assist-wifi.conf | 2 +- samples/cellular/modem_shell/README.rst | 8 +- .../overlay-nrf700x-wifi-scan-only.conf | 4 +- samples/cellular/modem_shell/sample.yaml | 24 +-- .../overlay-nrf7002ek-wifi-scan-only.conf | 4 +- .../overlay_nrf700x_wifi_coap_no_lte.conf | 4 +- .../overlay_nrf700x_wifi_mqtt_no_lte.conf | 4 +- .../sysbuild_nrf700x-wifi-conn.conf | 4 +- .../sysbuild_nrf700x-wifi-scan.conf | 4 +- .../boards/nrf7002dk_nrf5340_cpuapp.conf | 4 +- .../dfu/ota/ota_image_processor_base_impl.h | 4 +- samples/matter/light_bulb/Kconfig.sysbuild | 2 +- samples/matter/light_switch/Kconfig.sysbuild | 2 +- samples/matter/lock/Kconfig.sysbuild | 2 +- samples/matter/lock/README.rst | 6 +- samples/matter/lock/sample.yaml | 2 +- samples/matter/template/Kconfig.sysbuild | 2 +- samples/matter/template/README.rst | 2 +- samples/matter/template/sample.yaml | 2 +- samples/matter/thermostat/Kconfig.sysbuild | 2 +- .../matter/window_covering/Kconfig.sysbuild | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 6 +- samples/net/azure_iot_hub/README.rst | 1 - .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 8 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 6 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 8 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 6 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 8 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 8 +- .../mqtt/src/modules/network/Kconfig.network | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 6 +- samples/wifi/ble_coex/prj.conf | 6 +- samples/wifi/ble_coex/src/main.c | 12 +- samples/wifi/ble_coex/sysbuild.conf | 2 +- samples/wifi/monitor/prj.conf | 4 +- samples/wifi/monitor/sysbuild.conf | 4 +- samples/wifi/promiscuous/prj.conf | 4 +- samples/wifi/promiscuous/sysbuild.conf | 4 +- samples/wifi/provisioning/ble/prj.conf | 2 +- samples/wifi/provisioning/ble/sysbuild.conf | 2 +- samples/wifi/provisioning/softap/prj.conf | 8 +- samples/wifi/radio_test/prj.conf | 4 +- samples/wifi/radio_test/sample.yaml | 4 +- .../src/nrf_wifi_radio_test_shell.c | 8 +- samples/wifi/radio_test/sysbuild.conf | 4 +- samples/wifi/raw_tx_packet/prj.conf | 4 +- samples/wifi/raw_tx_packet/sysbuild.conf | 4 +- samples/wifi/scan/prj.conf | 2 +- samples/wifi/scan/src/main.c | 8 +- samples/wifi/scan/sysbuild.conf | 4 +- samples/wifi/shell/CMakeLists.txt | 4 +- samples/wifi/shell/overlay-monitor-mode.conf | 2 +- .../wifi/shell/overlay-promiscuous-mode.conf | 2 +- samples/wifi/shell/overlay-raw-tx.conf | 2 +- samples/wifi/shell/overlay-sap.conf | 4 +- samples/wifi/shell/overlay-zperf.conf | 4 +- samples/wifi/shell/prj.conf | 6 +- samples/wifi/shell/sample.yaml | 18 +- samples/wifi/shell/sysbuild.conf | 2 +- samples/wifi/shutdown/prj.conf | 2 +- samples/wifi/shutdown/sysbuild.conf | 2 +- samples/wifi/softap/README.rst | 2 +- samples/wifi/softap/prj.conf | 4 +- samples/wifi/softap/sysbuild.conf | 2 +- samples/wifi/sta/Kconfig | 2 +- samples/wifi/sta/README.rst | 4 +- samples/wifi/sta/prj.conf | 4 +- samples/wifi/sta/src/main.c | 4 +- samples/wifi/sta/sysbuild.conf | 2 +- samples/wifi/thread_coex/prj.conf | 6 +- samples/wifi/thread_coex/src/main.c | 10 +- .../wifi/thread_coex/src/ot_coex_functions.c | 4 +- samples/wifi/thread_coex/sysbuild.conf | 2 +- .../throughput/overlay-high-performance.conf | 12 +- .../wifi/throughput/overlay-iot-devices.conf | 14 +- .../throughput/overlay-memory-optimized.conf | 14 +- samples/wifi/throughput/overlay-rx-prio.conf | 14 +- samples/wifi/throughput/overlay-tx-prio.conf | 14 +- samples/wifi/throughput/prj.conf | 6 +- samples/wifi/throughput/sysbuild.conf | 2 +- samples/wifi/twt/prj.conf | 6 +- samples/wifi/twt/sysbuild.conf | 2 +- samples/wifi/wfa_qt_app/prj.conf | 2 +- samples/wifi/wfa_qt_app/sysbuild.conf | 2 +- .../overlay-nrf70-driver-debug.conf | 2 +- subsys/mpsl/cx/Kconfig | 4 +- subsys/net/lib/softap_wifi_provision/Kconfig | 2 +- sysbuild/CMakeLists.txt | 6 +- sysbuild/Kconfig.dfu | 2 +- sysbuild/Kconfig.wifi | 24 +-- sysbuild/Kconfig.zip | 2 +- .../lib/location/location_lib_autoconf_ext.h | 2 +- 128 files changed, 371 insertions(+), 518 deletions(-) delete mode 100644 doc/nrf/drivers/wifi/nrf700x/nrf700x.rst diff --git a/applications/asset_tracker_v2/Kconfig.sysbuild b/applications/asset_tracker_v2/Kconfig.sysbuild index d256f5e26330..39426561f59b 100644 --- a/applications/asset_tracker_v2/Kconfig.sysbuild +++ b/applications/asset_tracker_v2/Kconfig.sysbuild @@ -13,7 +13,7 @@ config SECURE_BOOT_APPCORE || BOARD_NRF9151DK_NRF9151_NS \ || BOARD_NRF9161DK_NRF9161_NS -config WIFI_NRF700X +config WIFI_NRF70 default y if BOARD_THINGY91X_NRF9151_NS config PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY diff --git a/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf b/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf index 3096f5ef7848..7e995f9841e2 100644 --- a/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf +++ b/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf @@ -30,8 +30,8 @@ CONFIG_ADXL367_ACTIVITY_TIME=0 # configs for Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y # Align this with CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=10 diff --git a/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf b/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf index 35d1507e4df1..ff7daa2e4709 100644 --- a/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf +++ b/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf @@ -19,8 +19,8 @@ CONFIG_DK_LIBRARY=n # Actual configs for the Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y # Align this with CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=20 diff --git a/applications/asset_tracker_v2/sample.yaml b/applications/asset_tracker_v2/sample.yaml index e310535a21fe..879dfbc71298 100644 --- a/applications/asset_tracker_v2/sample.yaml +++ b/applications/asset_tracker_v2/sample.yaml @@ -329,7 +329,7 @@ tests: - nrf9160dk/nrf9160/ns platform_allow: nrf9160dk/nrf9160/ns extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.nrf7002ek_wifi.nrf9161dk: sysbuild: true @@ -338,7 +338,7 @@ tests: - nrf9161dk/nrf9161/ns platform_allow: nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.nrf7002ek_wifi.nrf9151dk: sysbuild: true @@ -347,7 +347,7 @@ tests: - nrf9151dk/nrf9151/ns platform_allow: nrf9151dk/nrf9151/ns extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.nrf7002ek_wifi-debug: sysbuild: true @@ -362,7 +362,7 @@ tests: - nrf9151dk/nrf9151/ns extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE="overlay-nrf7002ek-wifi-scan-only.conf;overlay-debug.conf" - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 # Configuration which will be used by the positioning CI integration job to verify PRs diff --git a/applications/matter_bridge/doc/matter_bridge_description.rst b/applications/matter_bridge/doc/matter_bridge_description.rst index ff39ab12df72..6065d866cdad 100644 --- a/applications/matter_bridge/doc/matter_bridge_description.rst +++ b/applications/matter_bridge/doc/matter_bridge_description.rst @@ -552,7 +552,7 @@ The current maximum number of Bluetooth LE connections that can be selected usin .. parsed-literal:: :class: highlight - west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dmatter_bridge_SHIELD=nrf7002ek -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y -DSB_CONFIG_WIFI_NRF700X=y -Dmcuboot_CONFIG_UPDATEABLE_IMAGE_NUMBER=3 -DCONFIG_BRIDGED_DEVICE_BT=y -DEXTRA_CONF_FILE="overlay-bt_max_connections_app.conf" -Dipc_radio_EXTRA_CONF_FILE="overlay-bt_max_connections_net.conf" -DFILE_SUFFIX=nrf70ek + west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dmatter_bridge_SHIELD=nrf7002ek -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y -DSB_CONFIG_WIFI_NRF70=y -Dmcuboot_CONFIG_UPDATEABLE_IMAGE_NUMBER=3 -DCONFIG_BRIDGED_DEVICE_BT=y -DEXTRA_CONF_FILE="overlay-bt_max_connections_app.conf" -Dipc_radio_EXTRA_CONF_FILE="overlay-bt_max_connections_net.conf" -DFILE_SUFFIX=nrf70ek .. group-tab:: Matter bridge over Thread @@ -576,7 +576,7 @@ The current maximum number of Bluetooth LE connections that can be selected usin .. parsed-literal:: :class: highlight - west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF700X=y -DCONFIG_CHIP_WIFI=y -Dmatter_bridge_SHIELD=nrf700x_nrf54h20dk -DCONFIG_BRIDGED_DEVICE_BT=y -DEXTRA_CONF_FILE="overlay-bt_max_connections_app.conf" -Dipc_radio_EXTRA_CONF_FILE="overlay-bt_max_connections_net.conf" + west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF70=y -DCONFIG_CHIP_WIFI=y -Dmatter_bridge_SHIELD=nrf700x_nrf54h20dk -DCONFIG_BRIDGED_DEVICE_BT=y -DEXTRA_CONF_FILE="overlay-bt_max_connections_app.conf" -Dipc_radio_EXTRA_CONF_FILE="overlay-bt_max_connections_net.conf" .. group-tab:: Matter bridge over Thread @@ -712,15 +712,14 @@ For example: .. code-block:: console - west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dmatter_bridge_SHIELD=nrf7002ek -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y -DSB_CONFIG_WIFI_NRF700X=y -Dmcuboot_CONFIG_UPDATEABLE_IMAGE_NUMBER=3 -DFILE_SUFFIX=nrf70ek - + west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dmatter_bridge_SHIELD=nrf7002ek -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y -DSB_CONFIG_WIFI_NRF70=y -Dmcuboot_CONFIG_UPDATEABLE_IMAGE_NUMBER=3 -DFILE_SUFFIX=nrf70ek To use the nRF54H20 DK with the ``nrf7002ek`` shield (2.4 GHz or 5 GHz), follow the :ref:`ug_nrf7002eb_nrf54h20dk_gs` user guide to connect all required pins. Once connected, run the following command to build the sample: .. code-block:: console - west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF700X=y -DCONFIG_CHIP_WIFI=y -Dmatter_bridge_SHIELD=nrf700x_nrf54h20dk + west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF70=y -DCONFIG_CHIP_WIFI=y -Dmatter_bridge_SHIELD=nrf700x_nrf54h20dk Selecting a configuration ========================= @@ -738,7 +737,17 @@ To enable the Matter smart plugin functionality, run the following command with .. parsed-literal:: :class: highlight - west build -b *board_target* -p -- -Dmatter_bridge_SNIPPET=onoff_plug + .. group-tab:: nRF54 DKs + + .. code-block:: console + + west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF70=y -DCONFIG_CHIP_WIFI=y -Dmatter_bridge_SHIELD=nrf700x_nrf54h20dk -DCONFIG_BRIDGED_DEVICE_BT=y -Dmatter_bridge_SNIPPET=onoff_plug + + .. group-tab:: nRF70 DKs + + .. code-block:: console + + west build -b nrf7002dk/nrf5340/cpuapp -p -- -DCONFIG_BRIDGED_DEVICE_BT=y -Dmatter_bridge_SNIPPET=onoff_plug .. _matter_bridge_testing: diff --git a/applications/matter_bridge/sample.yaml b/applications/matter_bridge/sample.yaml index ced33ab9e155..d122ca59c7d6 100644 --- a/applications/matter_bridge/sample.yaml +++ b/applications/matter_bridge/sample.yaml @@ -67,7 +67,7 @@ tests: sysbuild: true build_only: true extra_args: matter_bridge_SHIELD=nrf7002ek SB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y - mcuboot_CONFIG_UPDATEABLE_IMAGE_NUMBER=3 SB_CONFIG_WIFI_NRF700X=y + mcuboot_CONFIG_UPDATEABLE_IMAGE_NUMBER=3 SB_CONFIG_WIFI_NRF70=y SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y CONFIG_CHIP_DFU_OVER_BT_SMP=y FILE_SUFFIX=nrf70ek diff --git a/applications/matter_weather_station/Kconfig.sysbuild b/applications/matter_weather_station/Kconfig.sysbuild index 326edcf3032d..0676f40964f1 100644 --- a/applications/matter_weather_station/Kconfig.sysbuild +++ b/applications/matter_weather_station/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if !WIFI_NRF700X + default y if !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/applications/matter_weather_station/README.rst b/applications/matter_weather_station/README.rst index f916bc8d1b8b..eb603dc18a12 100644 --- a/applications/matter_weather_station/README.rst +++ b/applications/matter_weather_station/README.rst @@ -210,7 +210,7 @@ To build this application to work with the nRF7002 Wi-Fi expansion board: .. group-tab:: nRF Connect for VS Code To build the application in the nRF Connect for VS Code IDE for Thingy:53 with the nRF7002 EB attached, add the expansion board and the file suffix variables in the build configuration's :guilabel:`Extra CMake arguments` and rebuild the build configuration. - For example: ``-- -Dmatter_weather_station_SHIELD=nrf7002eb -DFILE_SUFFIX=release -DSB_CONFIG_WIFI_NRF700X=y``. + For example: ``-- -Dmatter_weather_station_SHIELD=nrf7002eb -DFILE_SUFFIX=release -DSB_CONFIG_WIFI_NRF70=y``. .. group-tab:: Command line @@ -218,7 +218,7 @@ To build this application to work with the nRF7002 Wi-Fi expansion board: .. code-block:: console - west build -b thingy53/nrf5340/cpuapp -- -Dmatter_weather_station_SHIELD=nrf7002eb -DFILE_SUFFIX=release -DSB_CONFIG_WIFI_NRF700X=y + west build -b thingy53/nrf5340/cpuapp -- -Dmatter_weather_station_SHIELD=nrf7002eb -DFILE_SUFFIX=release -DSB_CONFIG_WIFI_NRF70=y Generating factory data ======================= diff --git a/applications/matter_weather_station/sample.yaml b/applications/matter_weather_station/sample.yaml index a8d5a35abf72..816ff21cdfdd 100644 --- a/applications/matter_weather_station/sample.yaml +++ b/applications/matter_weather_station/sample.yaml @@ -50,7 +50,7 @@ tests: sysbuild: true build_only: true extra_args: matter_weather_station_SHIELD=nrf7002eb FILE_SUFFIX=release - SB_CONFIG_WIFI_NRF700X=y CONFIG_CHIP_WIFI=y + SB_CONFIG_WIFI_NRF70=y CONFIG_CHIP_WIFI=y platform_allow: thingy53/nrf5340/cpuapp platform_exclude: thingy53/nrf5340/cpuapp/ns integration_platforms: diff --git a/boards/nordic/nrf7002dk/Kconfig.sysbuild b/boards/nordic/nrf7002dk/Kconfig.sysbuild index 0d57b33a58f4..852dd74a9459 100644 --- a/boards/nordic/nrf7002dk/Kconfig.sysbuild +++ b/boards/nordic/nrf7002dk/Kconfig.sysbuild @@ -1,5 +1,5 @@ # Copyright (c) 2024 Nordic Semiconductor ASA # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -config WIFI_NRF700X +config WIFI_NRF70 default y if SOC_NRF5340_CPUAPP_QKAA diff --git a/boards/nordic/thingy91x/CMakeLists.txt b/boards/nordic/thingy91x/CMakeLists.txt index 646e277bd9ec..6d35060c6039 100644 --- a/boards/nordic/thingy91x/CMakeLists.txt +++ b/boards/nordic/thingy91x/CMakeLists.txt @@ -3,7 +3,7 @@ # Copyright (c) 2024 Nordic Semiconductor # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -if(CONFIG_WIFI_NRF700X) +if(CONFIG_WIFI_NRF70) if(CONFIG_BOARD_THINGY91X_NRF9151 OR CONFIG_BOARD_THINGY91X_NRF9151_NS) zephyr_library() zephyr_library_sources(nrf70_support.c) diff --git a/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig b/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig index b7120a284924..3de124ae9ce1 100644 --- a/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig +++ b/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig @@ -12,7 +12,7 @@ config NETWORKING config WIFI default y -config WIFI_NRF700X +config WIFI_NRF70 default y config NRFX_GPIOTE diff --git a/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig b/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig index b75b1f669609..c63d7c2f214e 100644 --- a/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig +++ b/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig @@ -12,7 +12,7 @@ config NETWORKING config WIFI default y -config WIFI_NRF700X +config WIFI_NRF70 default y config NRFX_GPIOTE diff --git a/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig b/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig index 0fe7c7b115ba..9336253fd8f8 100644 --- a/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig +++ b/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig @@ -12,7 +12,7 @@ config NETWORKING config WIFI default y -config WIFI_NRF700X +config WIFI_NRF70 default y config NRFX_GPIOTE diff --git a/cmake/partition_manager.cmake b/cmake/partition_manager.cmake index 235e4b820698..30f1fe006e46 100644 --- a/cmake/partition_manager.cmake +++ b/cmake/partition_manager.cmake @@ -519,7 +519,7 @@ if (CONFIG_SECURE_BOOT AND CONFIG_BOOTLOADER_MCUBOOT) endif() # Calculate absolute address for the wi-fi firmware patch location. -if (CONFIG_WIFI_NRF700X AND CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_STORE) +if (CONFIG_WIFI_NRF70 AND CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_STORE) if(DEFINED ext_flash_dev) get_filename_component(qspi_node ${ext_flash_dev} DIRECTORY) else() diff --git a/cmake/sysbuild/nrf700x.cmake b/cmake/sysbuild/nrf700x.cmake index 77edb6a6801b..cab2389dba80 100644 --- a/cmake/sysbuild/nrf700x.cmake +++ b/cmake/sysbuild/nrf700x.cmake @@ -10,13 +10,13 @@ function(setup_nrf700x_xip_data) set(OS_AGNOSTIC_BASE ${ZEPHYR_NRFXLIB_MODULE_DIR}/nrf_wifi) - if(SB_CONFIG_WIFI_NRF700X_SYSTEM_MODE) + if(SB_CONFIG_WIFI_NRF70_SYSTEM_MODE) set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/default/nrf70.bin) - elseif(SB_CONFIG_WIFI_NRF700X_RADIO_TEST) + elseif(SB_CONFIG_WIFI_NRF70_RADIO_TEST) set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/radio_test/nrf70.bin) - elseif(SB_CONFIG_WIFI_NRF700X_SCAN_ONLY) + elseif(SB_CONFIG_WIFI_NRF70_SCAN_ONLY) set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/scan_only/nrf70.bin) - elseif(SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES) + elseif(SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES) set(NRF70_PATCH ${OS_AGNOSTIC_BASE}/fw_bins/system_with_raw/nrf70.bin) else() # Error diff --git a/doc/_scripts/software_maturity/software_maturity_features.yaml b/doc/_scripts/software_maturity/software_maturity_features.yaml index 2f1ca9ac19ed..e8460b589a8f 100644 --- a/doc/_scripts/software_maturity/software_maturity_features.yaml +++ b/doc/_scripts/software_maturity/software_maturity_features.yaml @@ -12,7 +12,7 @@ top_table: - BOARD_NRF9151DK_NRF9151_NS Matter: CHIP Wi-Fi: - rule: WIFI && WIFI_NRF700X + rule: WIFI && WIFI_NRF70 boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 @@ -67,7 +67,7 @@ features: Thread TCP: OPENTHREAD_TCP_ENABLE matter: Matter over Thread: CHIP && NET_L2_OPENTHREAD - Matter over Wi-Fi: CHIP && WIFI_NRF700X + Matter over Wi-Fi: CHIP && WIFI_NRF70 Matter commissioning over IP: CHIP Matter commissioning over Bluetooth LE with QR code onboarding: CHIP && BT Matter commissioning over Bluetooth LE with NFC onboarding: CHIP && BT && CHIP_NFC_COMMISSIONING @@ -77,7 +77,7 @@ features: NET_L2_OPENTHREAD && OPENTHREAD_MTD_SED wifi: STA Mode: - rule: WPA_SUPP && WIFI_NRF700X + rule: WPA_SUPP && WIFI_NRF70 boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 @@ -88,7 +88,7 @@ features: - BOARD_NRF7002DK_NRF5340_CPUAPP - BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 Scan only (for location accuracy): - rule: WIFI_NRF700X && !WPA_SUPP + rule: WIFI_NRF70 && !WPA_SUPP boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 @@ -97,7 +97,7 @@ features: - BOARD_NRF7002DK_NRF5340_CPUAPP - BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 Bluetooth LE coexistence: - rule: WIFI_NRF700X && NRF700X_SR_COEX + rule: WIFI_NRF70 && NRF700X_SR_COEX boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7001 @@ -105,11 +105,11 @@ features: - BOARD_NRF7002DK_NRF5340_CPUAPP - BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 Thread coexistence: - rule: WIFI_NRF700X && OPENTHREAD + rule: WIFI_NRF70 && OPENTHREAD boards_and_shields: - BOARD_NRF7002DK_NRF5340_CPUAPP SoftAP Mode (for Wi-Fi provisioning): - rule: WIFI_NRF700X && NRF700X_AP_MODE && WPA_SUPP_AP + rule: WIFI_NRF70 && NRF700X_AP_MODE && WPA_SUPP_AP boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 @@ -118,7 +118,7 @@ features: - BOARD_NRF7002DK_NRF5340_CPUAPP - BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 Monitor Mode: - rule: WIFI_NRF700X && NRF700X_RAW_DATA_RX + rule: WIFI_NRF70 && NRF700X_RAW_DATA_RX boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 @@ -127,7 +127,7 @@ features: - BOARD_NRF7002DK_NRF5340_CPUAPP - BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 TX injection Mode: - rule: WIFI_NRF700X && NRF700X_RAW_DATA_TX + rule: WIFI_NRF70 && NRF700X_RAW_DATA_TX boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 @@ -136,7 +136,7 @@ features: - BOARD_NRF7002DK_NRF5340_CPUAPP - BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 Promiscuous Mode: - rule: WIFI_NRF700X && NRF700X_PROMISC_DATA_RX + rule: WIFI_NRF70 && NRF700X_PROMISC_DATA_RX boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7001 diff --git a/doc/_scripts/software_maturity/software_maturity_scanner.py b/doc/_scripts/software_maturity/software_maturity_scanner.py index 6743824077c7..7f08df51d2ba 100644 --- a/doc/_scripts/software_maturity/software_maturity_scanner.py +++ b/doc/_scripts/software_maturity/software_maturity_scanner.py @@ -59,7 +59,7 @@ Matter over Thread: CHIP && NET_L2_OPENTHREAD wifi: STA Mode: - rule: WPA_SUPP && WIFI_NRF700X + rule: WPA_SUPP && WIFI_NRF70 boards_and_shields: - SHIELD_NRF7002EK - BOARD_NRF7002DK_NRF5340_CPUAPP diff --git a/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_forced_options.rst b/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_forced_options.rst index feab02855037..2768ae589ff0 100644 --- a/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_forced_options.rst +++ b/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_forced_options.rst @@ -18,7 +18,7 @@ Trying to change them directly in an image will result in the new value being ov +-------------------------------------------------------------------------+---------------------------------------------------------------------------+-------------------------+ | :kconfig:option:`CONFIG_BT_FAST_PAIR` + ``SB_CONFIG_BT_FAST_PAIR`` | Main application | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | -| :kconfig:option:`CONFIG_WIFI_NRF700X` + ``SB_CONFIG_WIFI_NRF700X`` | | +| :kconfig:option:`CONFIG_WIFI_NRF70` + ``SB_CONFIG_WIFI_NRF70`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | | :kconfig:option:`CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_DISABLED` + ``SB_CONFIG_WIFI_PATCHES_EXT_FLASH_DISABLED`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | @@ -26,13 +26,13 @@ Trying to change them directly in an image will result in the new value being ov +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | | :kconfig:option:`CONFIG_NRF_WIFI_PATCHES_EXT_FLASH_STORE` + ``SB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | -| :kconfig:option:`CONFIG_NRF700X_SYSTEM_MODE` + ``SB_CONFIG_WIFI_NRF700X_SYSTEM_MODE`` | | +| :kconfig:option:`CONFIG_NRF70_SYSTEM_MODE` + ``SB_CONFIG_WIFI_NRF70_SYSTEM_MODE`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | -| :kconfig:option:`CONFIG_NRF700X_SCAN_ONLY` + ``SB_CONFIG_WIFI_NRF700X_SCAN_ONLY`` | | +| :kconfig:option:`CONFIG_NRF70_SCAN_ONLY` + ``SB_CONFIG_WIFI_NRF70_SCAN_ONLY`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | -| :kconfig:option:`CONFIG_NRF700X_RADIO_TEST` + ``SB_CONFIG_WIFI_NRF700X_RADIO_TEST`` | | +| :kconfig:option:`CONFIG_NRF70_RADIO_TEST` + ``SB_CONFIG_WIFI_NRF70_RADIO_TEST`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | -| :kconfig:option:`CONFIG_NRF700X_SYSTEM_WITH_RAW_MODES` + ``SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES`` | | +| :kconfig:option:`CONFIG_NRF70_SYSTEM_WITH_RAW_MODES` + ``SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | | :kconfig:option:`CONFIG_NRF_WIFI_FW_PATCH_DFU` + ``SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH`` | | +-------------------------------------------------------------------------+---------------------------------------------------------------------------+ | diff --git a/doc/nrf/drivers.rst b/doc/nrf/drivers.rst index 3f646c0eee04..683863e6fcfb 100644 --- a/doc/nrf/drivers.rst +++ b/doc/nrf/drivers.rst @@ -16,4 +16,3 @@ Here you can find documentation for drivers in the |NCS|, including API document :glob: drivers/* - drivers/wifi/nrf700x/* diff --git a/doc/nrf/drivers/wifi/nrf700x/nrf700x.rst b/doc/nrf/drivers/wifi/nrf700x/nrf700x.rst deleted file mode 100644 index 14f1ebcc84e9..000000000000 --- a/doc/nrf/drivers/wifi/nrf700x/nrf700x.rst +++ /dev/null @@ -1,154 +0,0 @@ -.. _nrf700x_wifi: - -nRF Wi-Fi driver -################ - -.. contents:: - :local: - :depth: 2 - -The nRF Wi-Fi driver implements the Wi-Fi® protocol for the nRF70 FullMAC Series of devices. -FullMAC devices implement the Wi-Fi protocol in the chipset. -The driver configures the chipset and transfers the frames to and from the device to the networking stack. - -nRF70 Series device is a companion IC and can be used with any Nordic Semiconductor System-on-Chips (SoCs), such as the nRF53 and nRF91 Series SoCs. - -You can enable the driver by using the :kconfig:option:`CONFIG_WIFI_NRF700X` Kconfig option. - -Architecture -************* - -The following figure illustrates the architecture of the nRF Wi-Fi driver. - -.. figure:: /images/nrf700x_wifi_driver.svg - :alt: nRF Wi-Fi driver block diagram - :align: center - :figclass: align-center - - nRF Wi-Fi driver architecture overview - -Design overview -*************** - -The nRF Wi-Fi driver follows an OS agnostic design, and the driver implementation is split into OS agnostic and OS (Zephyr) specific code. -The OS agnostic code is located in the :file:`sdk-nrfxlib/nrf_wifi/` folder and the Zephyr OS port is located in the :file:`drivers/wifi/nrf700x/` folder. - -The driver supports two modes of operation: - -Wi-Fi mode -========== -In this mode, the driver is designed to be used with the Zephyr networking stack. -It is implemented as a network interface driver. - -The driver supports the following IEEE 802.11 features: - -* Wi-Fi 6 (802.11ax) support -* WPA3™/WPA2™ personal security -* IEEE 802.11 Power Save modes -* Scan-only mode -* IEEE 802.11 :term:`Station mode (STA)` -* :term:`Software-enabled Access Point (SoftAP or SAP)` mode - -The Wi-Fi Direct® mode feature is in the driver code but is not yet supported. - -Except for scan-only mode, the driver uses the host access point daemon (hostapd) to implement AP Media Access Control (MAC) Sublayer Management Entity (AP MLME) and wpa_supplicant to implement 802.1X supplicant. - -Radio Test mode -=============== -The nRF Wi-Fi driver supports Radio Test mode, which you can use to test the RF performance of the nRF70 Series device. -This is a build time option that you can enable using the :kconfig:option:`CONFIG_NRF700X_RADIO_TEST` Kconfig option. - -For more details about using this driver in Radio Test mode, see :ref:`wifi_radio_test`. - -Driver to nRF70 Series device communication -******************************************* - -The driver communicates with the nRF70 Series device using the QSPI/SPI interface. -The driver uses the QSPI/SPI interface to send commands to the nRF70 Series device, and to transfer data to and from the device. -The nRF7002 DK uses QSPI, whereas the nRF7002 EK uses SPI. - -To connect the nRF7002 EK to the SoC, the ``nrf7002ek`` shield is required. - -Configuration -************* - -The nRF Wi-Fi driver has the following configuration options: - -Kconfig configuration -===================== - -.. options-from-kconfig:: - :show-type: - -Devicetree Specification configuration -====================================== - -The maximum transmit power achieved on a nRF70 Series device-based product depends on the frequency band and operating channel. -This varies from chip to chip as well as over different :term:`Printed Circuit Board (PCB)` designs. - -Multiple calibrations and checks are implemented to ensure consistency across channels and devices. -However, these values have a dependency on PCB design, which may result in Error Vector Magnitude (EVM) and spectral mask failures. -To avoid this problem, you can specify the power ceiling at which the EVM and spectral mask are met for a given PCB design. -Additionally, build-time parameters are made available to drivers through the DTS overlay file. - -The following code snippet shows an example of the DTS overlay file: - -.. code-block:: devicetree - - / - { - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x38>; - max-pwr-5g-low-mcs7 = <0x38>; - max-pwr-5g-mid-mcs0 = <0x38>; - max-pwr-5g-mid-mcs7 = <0x38>; - max-pwr-5g-high-mcs0 = <0x38>; - max-pwr-5g-high-mcs7 = <0x38>; - }; - - }; - - -The following table lists the parameters (8-bit unsigned values) defined in the DTS overlay board files: - -.. list-table:: DTS file parameters - :header-rows: 1 - - * - DTS parameter - - Description - * - max-pwr-2g-dsss - - Transmit power ceiling for DSSS data rate in 0.25 dBm steps. - This is applicable for all DSSS data rates. - * - max-pwr-2g-mcs0 - - Transmit power ceiling for MCS0 data rate in 2.4 GHz band in steps of 0.25 dBm steps. - * - max-pwr-2g-mcs7 - - Transmit power ceiling for MCS7 data rate in 2.4 GHz band in steps of 0.25 dBm steps. - * - max-pwr-5g-low-mcs0 - - Transmit power ceiling for MCS0 in lower 5 GHz frequency band in steps of 0.25 dBm. - Lower 5 GHz frequency band refers to channels from 36 to 64. - * - max-pwr-5g-low-mcs7 - - Transmit power ceiling for MCS7 in lower 5 GHz frequency band in steps of 0.25 dBm. - * - max-pwr-5g-mid-mcs0 - - Transmit power ceiling for MCS0 in mid 5 GHz frequency band in steps of 0.25 dBm. - Mid 5 GHz frequency band refers to channels from 100 to 132. - * - max-pwr-5g-mid-mcs7 - - Transmit power ceiling for MCS7 in mid 5 GHz frequency band in steps of 0.25 dBm. - * - max-pwr-5g-high-mcs0 - - Transmit power ceiling for MCS0 in high 5 GHz frequency band in steps of 0.25 dBm. - High 5 GHz frequency band refers to channels from 136 to 177. - * - max-pwr-5g-mid-mcs7 - - Transmit power ceiling for MCS7 in mid 5 GHz frequency band in steps of 0.25 dBm. - - -API documentation -***************** - -After the nRF Wi-Fi driver has been initialized, the application will see it as an Ethernet interface. -To use the Ethernet interface, the application can use `Zephyr Network APIs`_. - -See the :ref:`nrfxlib:nrf_wifi_driver` to learn more about various modes of low-level API. diff --git a/doc/nrf/protocols/matter/getting_started/memory_optimization.rst b/doc/nrf/protocols/matter/getting_started/memory_optimization.rst index 229ebc4404bf..1b2b7bef66c4 100644 --- a/doc/nrf/protocols/matter/getting_started/memory_optimization.rst +++ b/doc/nrf/protocols/matter/getting_started/memory_optimization.rst @@ -401,9 +401,9 @@ The following table presents the possible threads used in a Matter application a | | | Processing Wi-Fi task queue | | | | For Matter over Wi-Fi only. | +---------------------+------------------------------------------------------------------+----------------------------------------------------------------+ -| nrf700x_bh_wq | :kconfig:option:`CONFIG_NRF700X_BH_WQ_STACK_SIZE` | nRF700x Wi-Fi driver work queue. | +| nrf700x_bh_wq | :kconfig:option:`CONFIG_NRF70_BH_WQ_STACK_SIZE` | nRF700x Wi-Fi driver work queue. | +---------------------+------------------------------------------------------------------+----------------------------------------------------------------+ -| nrf700x_intr_wq | :kconfig:option:`CONFIG_NRF700X_IRQ_WQ_STACK_SIZE` | Interrupts processing generated by the nRF700X Wi-Fi radio. | +| nrf700x_intr_wq | :kconfig:option:`CONFIG_NRF70_IRQ_WQ_STACK_SIZE` | Interrupts processing generated by the nRF700X Wi-Fi radio. | +---------------------+------------------------------------------------------------------+----------------------------------------------------------------+ | mbox_wq | :kconfig:option:`CONFIG_IPC_SERVICE_BACKEND_RPMSG_WQ_STACK_SIZE` | Inter Processor Communication. | | | | For multi-processors targets only. | diff --git a/doc/nrf/protocols/wifi/advanced_modes/promiscuous_operation.rst b/doc/nrf/protocols/wifi/advanced_modes/promiscuous_operation.rst index 846ac1d3a26b..0e0ef1067c39 100644 --- a/doc/nrf/protocols/wifi/advanced_modes/promiscuous_operation.rst +++ b/doc/nrf/protocols/wifi/advanced_modes/promiscuous_operation.rst @@ -16,7 +16,7 @@ In Promiscuous mode of operation, all received IEEE 802.11 packets that belong t Enabling Promiscuous mode ************************* -To use the Promiscuous mode feature in your applications, you must enable the :kconfig:option:`CONFIG_NRF700X_PROMISC_DATA_RX` Kconfig option in the project configuration. +To use the Promiscuous mode feature in your applications, you must enable the :kconfig:option:`CONFIG_NRF70_PROMISC_DATA_RX` Kconfig option in the project configuration. .. _ug_nrf70_developing_promiscuous_mode_operation: @@ -138,7 +138,7 @@ TX injection mode can be enabled concurrently with Promiscuous mode on the nRF70 TX injection mode allows the transmission of a raw 802.11 transmit packet. Raw IEEE 802.11 packets are packets that are not modified by the 802.11 Medium Access Control (MAC) layer during transmission by the nRF70 Series device. -To use the TX injection mode in your application, you need to enable the :kconfig:option:`CONFIG_NRF700X_RAW_DATA_TX` Kconfig option in the project configuration. +To use the TX injection mode in your application, you need to enable the :kconfig:option:`CONFIG_NRF70_RAW_DATA_TX` Kconfig option in the project configuration. TX injection mode can be enabled during runtime by invoking the API ``net_eth_txinjection_mode``. The API has the following parameters as described below. diff --git a/doc/nrf/protocols/wifi/advanced_modes/raw_tx_operation.rst b/doc/nrf/protocols/wifi/advanced_modes/raw_tx_operation.rst index 824087ac2f4e..a94e9aa43641 100644 --- a/doc/nrf/protocols/wifi/advanced_modes/raw_tx_operation.rst +++ b/doc/nrf/protocols/wifi/advanced_modes/raw_tx_operation.rst @@ -18,7 +18,7 @@ The MAC layer on the nRF70 Series device will transmit the raw 802.11 packets ov Enabling raw packet transmit feature ************************************ -To use the raw packet transmit feature in your applications, you must enable the :kconfig:option:`CONFIG_NRF700X_RAW_DATA_TX` Kconfig option in the project configuration. +To use the raw packet transmit feature in your applications, you must enable the :kconfig:option:`CONFIG_NRF70_RAW_DATA_TX` Kconfig option in the project configuration. .. _ug_nrf70_developing_tx_injection_mode: diff --git a/doc/nrf/protocols/wifi/advanced_modes/sniffer_rx_operation.rst b/doc/nrf/protocols/wifi/advanced_modes/sniffer_rx_operation.rst index 4b1c3fa4a37e..4bcc3ee298ba 100644 --- a/doc/nrf/protocols/wifi/advanced_modes/sniffer_rx_operation.rst +++ b/doc/nrf/protocols/wifi/advanced_modes/sniffer_rx_operation.rst @@ -19,7 +19,7 @@ The raw RX header contains parameters of the received packet, including data rat Enabling Monitor mode ********************* -To use the Monitor mode in your application, you need to enable the :kconfig:option:`CONFIG_NRF700X_RAW_DATA_RX` Kconfig option in the project configuration. +To use the Monitor mode in your application, you need to enable the :kconfig:option:`CONFIG_NRF70_RAW_DATA_RX` Kconfig option in the project configuration. .. _ug_nrf70_developing_monitor_mode_operation: @@ -153,7 +153,7 @@ TX injection mode can be enabled for operation when the nRF70 Series device is c TX injection mode allows the transmission of a raw 802.11 transmit packet. Raw IEEE 802.11 packets are packets that are not modified by the 802.11 Medium Access Control (MAC) layer during transmission by the nRF70 Series device. -To use the TX injection mode in your application, you need to enable the :kconfig:option:`CONFIG_NRF700X_RAW_DATA_TX` Kconfig option in the project configuration. +To use the TX injection mode in your application, you need to enable the :kconfig:option:`CONFIG_NRF70_RAW_DATA_TX` Kconfig option in the project configuration. TX injection mode can be enabled during runtime by invoking the API ``net_eth_txinjection_mode``. The API has the following parameters as described below. diff --git a/doc/nrf/protocols/wifi/regulatory_support.rst b/doc/nrf/protocols/wifi/regulatory_support.rst index 53b4b28e84e6..49699da2f70e 100644 --- a/doc/nrf/protocols/wifi/regulatory_support.rst +++ b/doc/nrf/protocols/wifi/regulatory_support.rst @@ -272,7 +272,7 @@ You can configure the regulatory domain through build time or run time. Build time ========== -Use the :kconfig:option:`CONFIG_NRF700X_REG_DOMAIN` Kconfig option to set the regulatory region. +Use the :kconfig:option:`CONFIG_NRF70_REG_DOMAIN` Kconfig option to set the regulatory region. The regulatory region will take an ISO/IEC alpha-2 country code for the country in which the device is expected to operate. The beacon's regulatory region (if present) will be given higher precedence over the Kconfig option. diff --git a/doc/nrf/protocols/wifi/sap_mode/sap.rst b/doc/nrf/protocols/wifi/sap_mode/sap.rst index 2c5942fcfeac..ea90037c3d16 100644 --- a/doc/nrf/protocols/wifi/sap_mode/sap.rst +++ b/doc/nrf/protocols/wifi/sap_mode/sap.rst @@ -30,7 +30,7 @@ The SAP mode in the nRF70 Series devices provides SoftAP support with the follow Enabling the SAP mode ********************* -You can enable the SAP mode by setting the :kconfig:option:`CONFIG_NRF700X_AP_MODE` and :kconfig:option:`CONFIG_WPA_SUPP_AP` Kconfig options in the application project configuration file. +You can enable the SAP mode by setting the :kconfig:option:`CONFIG_NRF70_AP_MODE` and :kconfig:option:`CONFIG_WPA_SUPP_AP` Kconfig options in the application project configuration file. SAP mode configuration diff --git a/doc/nrf/protocols/wifi/scan_mode/scan_operation.rst b/doc/nrf/protocols/wifi/scan_mode/scan_operation.rst index 38e835c1b7de..202acec1da4b 100644 --- a/doc/nrf/protocols/wifi/scan_mode/scan_operation.rst +++ b/doc/nrf/protocols/wifi/scan_mode/scan_operation.rst @@ -145,7 +145,7 @@ The following controls can fine-tune the time taken and power consumed by a scan | :c:member:`wifi_scan_params.chan` * - Skip locally administered MAC addresses - | Build time: - | :kconfig:option:`CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC` + | :kconfig:option:`CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC` Scan robustness *************** diff --git a/doc/nrf/protocols/wifi/stack_configuration.rst b/doc/nrf/protocols/wifi/stack_configuration.rst index f72fbcec9b21..511eac9daecd 100644 --- a/doc/nrf/protocols/wifi/stack_configuration.rst +++ b/doc/nrf/protocols/wifi/stack_configuration.rst @@ -69,19 +69,19 @@ The nRF Wi-Fi driver provides the following software configurations to fine-tune - Memory savings - This specifies the inclusion of the WPA supplicant module. Disabling this flag restricts the nRF Wi-Fi driver's functionality to STA scan only. - * - :kconfig:option:`CONFIG_NRF700X_AP_MODE` + * - :kconfig:option:`CONFIG_NRF70_AP_MODE` - ``y`` or ``n`` - Enable or disable Access Point (AP) mode - Memory savings - This specifies the inclusion of the AP mode module. Disabling this flag restricts the nRF Wi-Fi driver's functionality to :term:`Station mode (STA)` only. - * - :kconfig:option:`CONFIG_NRF700X_P2P_MODE` + * - :kconfig:option:`CONFIG_NRF70_P2P_MODE` - ``y`` or ``n`` - Enable or disable Wi-Fi direct mode - Memory Savings - This specifies the inclusion of the P2P mode module. Disabling this flag restricts the nRF Wi-Fi driver's functionality to STA or AP mode only. - * - :kconfig:option:`CONFIG_NRF700X_MAX_TX_TOKENS` + * - :kconfig:option:`CONFIG_NRF70_MAX_TX_TOKENS` - ``5``, ``10``, ``11``, ``12`` - Maximum number of TX tokens. These are distributed across all WMM® access categories (including a pool for all). @@ -90,27 +90,27 @@ The nRF Wi-Fi driver provides the following software configurations to fine-tune More tokens imply more concurrent transmit opportunities for RPU but can lead to poor aggregation performance if the pipeline is not saturated. But to saturate the pipeline, a greater number of networking stack buffers, or queue depth, is required. - * - :kconfig:option:`CONFIG_NRF700X_MAX_TX_AGGREGATION` + * - :kconfig:option:`CONFIG_NRF70_MAX_TX_AGGREGATION` - ``1`` to ``Unlimited`` (based on available memory in nRF70 Series device) - Maximum number of frames that are coalesced into a single Wi-Fi frame (for example, MPDU's in an A-MPDU, or MSDU's in an A-MSDU). The coalescing greatly improves the throughput for small frames or under high traffic load. - Performance tuning and Memory savings - This specifies the maximum number of frames that can be coalesced into a single Wi-Fi frame. More frames imply more coalescing opportunities but can add latency to the TX path as we wait for more frames to arrive. - * - :kconfig:option:`CONFIG_NRF700X_RX_NUM_BUFS` + * - :kconfig:option:`CONFIG_NRF70_RX_NUM_BUFS` - ``1`` to ``Unlimited`` (based on available memory in nRF70 Series device) - Number of RX buffers - Memory savings - This specifies the number of RX buffers that can be used by the nRF Wi-Fi driver. The number of buffers must be enough to keep up with the RX traffic, otherwise packets might be dropped. - * - :kconfig:option:`CONFIG_NRF700X_TX_MAX_DATA_SIZE` + * - :kconfig:option:`CONFIG_NRF70_TX_MAX_DATA_SIZE` - ``64`` to ``1600`` - Maximum TX data size - Memory savings - This specifies the maximum size of Wi-Fi protocol frames that can be transmitted. Large frame sizes imply more memory usage but can efficiently utilize the bandwidth. If the application does not need to send large frames, then this can be reduced to save memory. - * - :kconfig:option:`CONFIG_NRF700X_RX_MAX_DATA_SIZE` + * - :kconfig:option:`CONFIG_NRF70_RX_MAX_DATA_SIZE` - ``64`` to ``1600`` - Maximum RX data size - Memory savings @@ -129,30 +129,30 @@ nRF70 Series packet memory The nRF70 Series device chipset has a special memory called the packet memory to store the Wi-Fi protocol frames for both TX and RX. The various configuration options that control the size of the packet memory are listed below: -* :kconfig:option:`CONFIG_NRF700X_TX_MAX_DATA_SIZE` -* :kconfig:option:`CONFIG_NRF700X_RX_MAX_DATA_SIZE` -* :kconfig:option:`CONFIG_NRF700X_MAX_TX_TOKENS` -* :kconfig:option:`CONFIG_NRF700X_MAX_TX_AGGREGATION` -* :kconfig:option:`CONFIG_NRF700X_RX_NUM_BUFS` +* :kconfig:option:`CONFIG_NRF70_TX_MAX_DATA_SIZE` +* :kconfig:option:`CONFIG_NRF70_RX_MAX_DATA_SIZE` +* :kconfig:option:`CONFIG_NRF70_MAX_TX_TOKENS` +* :kconfig:option:`CONFIG_NRF70_MAX_TX_AGGREGATION` +* :kconfig:option:`CONFIG_NRF70_RX_NUM_BUFS` The packet memory is divided into two parts, one for TX and one for RX. The size of the TX packet memory is calculated as follows: .. code-block:: none - (CONFIG_NRF700X_TX_MAX_DATA_SIZE + 52 ) * CONFIG_NRF700X_MAX_TX_TOKENS * CONFIG_NRF700X_MAX_TX_AGGREGATION + (CONFIG_NRF70_TX_MAX_DATA_SIZE + 52 ) * CONFIG_NRF70_MAX_TX_TOKENS * CONFIG_NRF70_MAX_TX_AGGREGATION The size of the RX packet memory is calculated as follows: .. code-block:: none - CONFIG_NRF700X_RX_MAX_DATA_SIZE * CONFIG_NRF700X_RX_NUM_BUFS + CONFIG_NRF70_RX_MAX_DATA_SIZE * CONFIG_NRF70_RX_NUM_BUFS The total packet memory size is calculated as follows: .. code-block:: none - (CONFIG_NRF700X_TX_MAX_DATA_SIZE + 52 ) * CONFIG_NRF700X_MAX_TX_TOKENS * CONFIG_NRF700X_MAX_TX_AGGREGATION + - CONFIG_NRF700X_RX_MAX_DATA_SIZE * CONFIG_NRF700X_RX_NUM_BUFS + (CONFIG_NRF70_TX_MAX_DATA_SIZE + 52 ) * CONFIG_NRF70_MAX_TX_TOKENS * CONFIG_NRF70_MAX_TX_AGGREGATION + + CONFIG_NRF70_RX_MAX_DATA_SIZE * CONFIG_NRF70_RX_NUM_BUFS There is a build time check to ensure that the total packet memory size does not exceed the available packet memory size in the nRF70 Series chip. @@ -177,8 +177,8 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li * - STA scan only - Scan only - ``CONFIG_WPA_SUPP=n`` - ``CONFIG_NRF700X_AP_MODE=n`` - ``CONFIG_NRF700X_P2P_MODE=n`` + ``CONFIG_NRF70_AP_MODE=n`` + ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=1`` ``CONFIG_NET_PKT_RX_COUNT=1`` ``CONFIG_NET_BUF_TX_COUNT=1`` @@ -188,19 +188,19 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li * - :abbr:`STA (Station)` mode - IoT devices - ``CONFIG_WPA_SUPP=y`` - ``CONFIG_NRF700X_AP_MODE=n`` - ``CONFIG_NRF700X_P2P_MODE=n`` + ``CONFIG_NRF70_AP_MODE=n`` + ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=6`` ``CONFIG_NET_PKT_RX_COUNT=6`` ``CONFIG_NET_BUF_TX_COUNT=12`` ``CONFIG_NET_BUF_RX_COUNT=6`` - ``CONFIG_NRF700X_RX_NUM_BUFS=6`` + ``CONFIG_NRF70_RX_NUM_BUFS=6`` ``CONFIG_NET_BUF_DATA_SIZE=800`` ``CONFIG_HEAP_MEM_POOL_SIZE=230000`` ``CONFIG_SPEED_OPTIMIZATIONS=y`` - ``CONFIG_NRF700X_UTIL=n`` - ``CONFIG_NRF700X_MAX_TX_AGGREGATION=1`` - ``CONFIG_NRF700X_MAX_TX_TOKENS=5`` + ``CONFIG_NRF70_UTIL=n`` + ``CONFIG_NRF70_MAX_TX_AGGREGATION=1`` + ``CONFIG_NRF70_MAX_TX_TOKENS=5`` - IoT devices - ``TCP-TX: 5.2 Mbps`` ``TCP-RX: 3.4 Mbps`` @@ -209,19 +209,19 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li * - :abbr:`STA (Station)` mode - Memory optimized :abbr:`STA (Station)` mode - ``CONFIG_WPA_SUPP=y`` - ``CONFIG_NRF700X_AP_MODE=n`` - ``CONFIG_NRF700X_P2P_MODE=n`` + ``CONFIG_NRF70_AP_MODE=n`` + ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=6`` ``CONFIG_NET_PKT_RX_COUNT=6`` ``CONFIG_NET_BUF_TX_COUNT=12`` ``CONFIG_NET_BUF_RX_COUNT=6`` - ``CONFIG_NRF700X_RX_NUM_BUFS=6`` + ``CONFIG_NRF70_RX_NUM_BUFS=6`` ``CONFIG_NET_BUF_DATA_SIZE=500`` ``CONFIG_HEAP_MEM_POOL_SIZE=230000`` ``CONFIG_SPEED_OPTIMIZATIONS=y`` - ``CONFIG_NRF700X_UTIL=n`` - ``CONFIG_NRF700X_MAX_TX_AGGREGATION=1`` - ``CONFIG_NRF700X_MAX_TX_TOKENS=5`` + ``CONFIG_NRF70_UTIL=n`` + ``CONFIG_NRF70_MAX_TX_AGGREGATION=1`` + ``CONFIG_NRF70_MAX_TX_TOKENS=5`` - Sensors with low data requirements - ``TCP-TX: 0.3 Mbps`` ``TCP-RX: 1.5 Mbps`` @@ -230,8 +230,8 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li * - :abbr:`STA (Station)` mode - High performance :abbr:`STA (Station)` mode - ``CONFIG_WPA_SUPP=y`` - ``CONFIG_NRF700X_AP_MODE=n`` - ``CONFIG_NRF700X_P2P_MODE=n`` + ``CONFIG_NRF70_AP_MODE=n`` + ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=30`` ``CONFIG_NET_PKT_RX_COUNT=30`` ``CONFIG_NET_BUF_TX_COUNT=60`` @@ -239,9 +239,9 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li ``CONFIG_NET_BUF_DATA_SIZE=1100`` ``CONFIG_HEAP_MEM_POOL_SIZE=230000`` ``CONFIG_SPEED_OPTIMIZATIONS=y`` - ``CONFIG_NRF700X_UTIL=n`` - ``CONFIG_NRF700X_MAX_TX_AGGREGATION=9`` - ``CONFIG_NRF700X_MAX_TX_TOKENS=12`` + ``CONFIG_NRF70_UTIL=n`` + ``CONFIG_NRF70_MAX_TX_AGGREGATION=9`` + ``CONFIG_NRF70_MAX_TX_TOKENS=12`` - High data rate IoT devices - ``TCP-TX: 14.2 Mbps`` ``TCP-RX: 7.4 Mbps`` @@ -250,19 +250,19 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li * - :abbr:`STA (Station)` mode - TX prioritized :abbr:`STA (Station)` mode - ``CONFIG_WPA_SUPP=y`` - ``CONFIG_NRF700X_AP_MODE=n`` - ``CONFIG_NRF700X_P2P_MODE=n`` + ``CONFIG_NRF70_AP_MODE=n`` + ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=32`` ``CONFIG_NET_PKT_RX_COUNT=10`` ``CONFIG_NET_BUF_TX_COUNT=64`` ``CONFIG_NET_BUF_RX_COUNT=10`` - ``CONFIG_NRF700X_RX_NUM_BUFS=10`` + ``CONFIG_NRF70_RX_NUM_BUFS=10`` ``CONFIG_NET_BUF_DATA_SIZE=1100`` ``CONFIG_HEAP_MEM_POOL_SIZE=230000`` ``CONFIG_SPEED_OPTIMIZATIONS=y`` - ``CONFIG_NRF700X_UTIL=n`` - ``CONFIG_NRF700X_MAX_TX_AGGREGATION=9`` - ``CONFIG_NRF700X_MAX_TX_TOKENS=12`` + ``CONFIG_NRF70_UTIL=n`` + ``CONFIG_NRF70_MAX_TX_AGGREGATION=9`` + ``CONFIG_NRF70_MAX_TX_TOKENS=12`` - Sensors with high data rate - ``TCP-TX: 9.2 Mbps`` ``TCP-RX: 3.6 Mbps`` @@ -271,19 +271,19 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li * - :abbr:`STA (Station)` mode - RX prioritized :abbr:`STA (Station)` mode - ``CONFIG_WPA_SUPP=y`` - ``CONFIG_NRF700X_AP_MODE=n`` - ``CONFIG_NRF700X_P2P_MODE=n`` + ``CONFIG_NRF70_AP_MODE=n`` + ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=5`` ``CONFIG_NET_PKT_RX_COUNT=64`` ``CONFIG_NET_BUF_TX_COUNT=10`` ``CONFIG_NET_BUF_RX_COUNT=64`` - ``CONFIG_NRF700X_RX_NUM_BUFS=64`` + ``CONFIG_NRF70_RX_NUM_BUFS=64`` ``CONFIG_NET_BUF_DATA_SIZE=1100`` ``CONFIG_HEAP_MEM_POOL_SIZE=230000`` ``CONFIG_SPEED_OPTIMIZATIONS=y`` - ``CONFIG_NRF700X_UTIL=n`` - ``CONFIG_NRF700X_MAX_TX_AGGREGATION=2`` - ``CONFIG_NRF700X_MAX_TX_TOKENS=5`` + ``CONFIG_NRF70_UTIL=n`` + ``CONFIG_NRF70_MAX_TX_AGGREGATION=2`` + ``CONFIG_NRF70_MAX_TX_TOKENS=5`` - Display devices streaming data - ``TCP-TX: 5.3 Mbps`` ``TCP-RX: 7.9 Mbps`` diff --git a/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst b/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst index 9784975f1bf3..459937ea0629 100644 --- a/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst +++ b/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst @@ -255,24 +255,24 @@ Applications must enable these options if they generate factory data or need an .. _child_parent_to_sysbuild_migration_nrf700x: -nRF700x -======= +nRF70 Series +============ -Support for nRF700x operating mode and firmware storage has moved to sysbuild. +Support for the nRF70 Series operating mode and firmware storage has moved to sysbuild. The following Kconfig options are available: +----------------------------------------------------------------+-----------------------------------------------------------------------------+ | Kconfig option | Description | +================================================================+=============================================================================+ -| ``SB_CONFIG_WIFI_NRF700X`` | Enable Wifi support for nRF700x | +| ``SB_CONFIG_WIFI_NRF70`` | Enable Wifi support for the nRF70 Series devices | +----------------------------------------------------------------+-----------------------------------------------------------------------------+ -| ``SB_CONFIG_WIFI_NRF700X_SYSTEM_MODE`` | Use system mode firmware patches and set application to this mode | +| ``SB_CONFIG_WIFI_NRF70_SYSTEM_MODE`` | Use system mode firmware patches and set application to this mode | +----------------------------------------------------------------+-----------------------------------------------------------------------------+ -| ``SB_CONFIG_WIFI_NRF700X_SCAN_ONLY`` | Use scan-only mode firmware patches and set application to this mode | +| ``SB_CONFIG_WIFI_NRF70_SCAN_ONLY`` | Use Scan-only mode firmware patches and set application to this mode | +----------------------------------------------------------------+-----------------------------------------------------------------------------+ -| ``SB_CONFIG_WIFI_NRF700X_RADIO_TEST`` | Use radio test mode firmware patches and set application to this mode | +| ``SB_CONFIG_WIFI_NRF70_RADIO_TEST`` | Use Radio Test mode firmware patches and set application to this mode | +----------------------------------------------------------------+-----------------------------------------------------------------------------+ -| ``SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES`` | Use system with raw modes firmware patches and set application to this mode | +| ``SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES`` | Use system with Raw modes firmware patches and set application to this mode | +----------------------------------------------------------------+-----------------------------------------------------------------------------+ | ``SB_CONFIG_WIFI_PATCHES_EXT_FLASH_DISABLED`` | Load firmware patches directly from ram (default) | +----------------------------------------------------------------+-----------------------------------------------------------------------------+ @@ -304,7 +304,7 @@ The following Kconfig options are available: +-------------------------------------------------------------------+---------------------------------------------------+ | ``SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_MCUBOOT`` | Include MCUboot update in package | +-------------------------------------------------------------------+---------------------------------------------------+ -| ``SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH`` | Include nRF7000x firmware patch update in package | +| ``SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH`` | Include nRF70 firmware patch update in package | +-------------------------------------------------------------------+---------------------------------------------------+ You must update your application to select the required Kconfig options at the sysbuild level to have this file generated. diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.4.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.4.0.rst index 630697cd785a..6f5724bd6647 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.4.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.4.0.rst @@ -653,7 +653,7 @@ Drivers This section provides detailed lists of changes by :ref:`driver `. -* Added :ref:`nrf700x_wifi`. +* Added nRF Wi-Fi driver. Libraries ========= diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst index 3076320558c2..572172aa6a91 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst @@ -998,7 +998,7 @@ Wi-Fi drivers * OS agnostic code is moved to |NCS| (``sdk-nrfxlib``) repository. - * Low-level API documentation is now available on the :ref:`Wi-Fi driver API `. + * Low-level API documentation is now available on the ``Wi-Fi driver API``. * The Wi-Fi interface is now renamed and registered as a devicetree instance. diff --git a/lib/location/scan_wifi.c b/lib/location/scan_wifi.c index 5b6285f4d2f7..f667664b5c4a 100644 --- a/lib/location/scan_wifi.c +++ b/lib/location/scan_wifi.c @@ -214,7 +214,7 @@ int scan_wifi_init(void) const struct device *wifi_dev; wifi_iface = NULL; -#if defined(CONFIG_WIFI_NRF700X) +#if defined(CONFIG_WIFI_NRF70) wifi_dev = DEVICE_DT_GET(DT_CHOSEN(zephyr_wifi)); #else wifi_dev = DEVICE_DT_GET(DT_CHOSEN(ncs_location_wifi)); diff --git a/samples/Kconfig b/samples/Kconfig index 8ebec34b1070..4b9b6eb6c6b5 100644 --- a/samples/Kconfig +++ b/samples/Kconfig @@ -19,7 +19,7 @@ config NCS_SAMPLES_DEFAULTS if SOC_SERIES_NRF53X -config NRF700X_RADIO_TEST_COMBO +config NRF70_RADIO_TEST_COMBO bool "Enable radio test combo build for nRF5340" depends on SOC_NRF5340_CPUAPP select BOARD_ENABLE_CPUNET @@ -34,9 +34,9 @@ config NCS_SAMPLE_EMPTY_APP_CORE_CHILD_IMAGE config NCS_INCLUDE_RPMSG_CHILD_IMAGE bool "Include RPMsg sample on netcore" - depends on SOC_NRF5340_CPUAPP && (BT_HCI_IPC || NRF_802154_SER_HOST || BT_RPC || NRF700X_RADIO_TEST_COMBO) + depends on SOC_NRF5340_CPUAPP && (BT_HCI_IPC || NRF_802154_SER_HOST || BT_RPC || NRF70_RADIO_TEST_COMBO) select PARTITION_MANAGER_ENABLED - default y if BT_HCI_IPC || NRF_802154_SER_HOST || BT_RPC || NRF700X_RADIO_TEST_COMBO + default y if BT_HCI_IPC || NRF_802154_SER_HOST || BT_RPC || NRF70_RADIO_TEST_COMBO help Enabling this setting will include a network stack to run on the network core and communicate over RPMsg with the application core. @@ -74,35 +74,35 @@ if NCS_INCLUDE_RPMSG_CHILD_IMAGE config NCS_SAMPLE_MULTIPROTOCOL_RPMSG_CHILD_IMAGE bool - depends on BT_HCI_IPC && NRF_802154_SER_HOST && !BT_RPC && !NRF700X_RADIO_TEST_COMBO + depends on BT_HCI_IPC && NRF_802154_SER_HOST && !BT_RPC && !NRF70_RADIO_TEST_COMBO default y help multiprotocol_rpmsg sample as a child image (network core). config NCS_SAMPLE_HCI_IPC_CHILD_IMAGE bool - depends on BT_HCI_IPC && !NRF_802154_SER_HOST && !BT_RPC && !NRF700X_RADIO_TEST_COMBO + depends on BT_HCI_IPC && !NRF_802154_SER_HOST && !BT_RPC && !NRF70_RADIO_TEST_COMBO default y help hci_ipc sample as a child image (network core). config NCS_SAMPLE_802154_RPMSG_CHILD_IMAGE bool - depends on NRF_802154_SER_HOST && !BT_HCI_IPC && !BT_RPC && !NRF700X_RADIO_TEST_COMBO + depends on NRF_802154_SER_HOST && !BT_HCI_IPC && !BT_RPC && !NRF70_RADIO_TEST_COMBO default y help 802154_rpmsg sample as a child image (network core). config NCS_SAMPLE_RPC_HOST_CHILD_IMAGE bool - depends on BT_RPC && !NRF700X_RADIO_TEST_COMBO + depends on BT_RPC && !NRF70_RADIO_TEST_COMBO default y help rpc_host sample as a child image (network core). config NCS_SAMPLE_PERIPHERAL_RADIO_TEST_CHILD_IMAGE bool "Add peripheral radio_test sample as a child image" - depends on NRF700X_RADIO_TEST_COMBO + depends on NRF70_RADIO_TEST_COMBO default y select PARTITION_MANAGER_ENABLED help diff --git a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf index 04a94d6d4263..b00d65a3f0a9 100644 --- a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf @@ -21,8 +21,8 @@ CONFIG_LOCATION_WORKQUEUE_STACK_SIZE=8192 # Actual configs for the Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y # Align this with CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT. # Also see comments for CONFIG_HEAP_MEM_POOL_SIZE. CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=60 diff --git a/samples/cellular/location/sample.yaml b/samples/cellular/location/sample.yaml index b19f663aeaae..9f5160789fcf 100644 --- a/samples/cellular/location/sample.yaml +++ b/samples/cellular/location/sample.yaml @@ -42,7 +42,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.location.nrf7000ek_wifi: sysbuild: true @@ -56,8 +56,8 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek_nrf7000 OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf - CONFIG_WPA_SUPP=n SB_CONFIG_WIFI_NRF700X=y - SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + CONFIG_WPA_SUPP=n SB_CONFIG_WIFI_NRF70=y + SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.location.nrf7001ek_wifi: sysbuild: true @@ -71,7 +71,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek_nrf7001 OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.location.thingy91x_wifi: sysbuild: true @@ -82,7 +82,7 @@ tests: - thingy91x/nrf9151/ns extra_args: OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf DTC_OVERLAY_FILE=thingy91x_wifi.overlay - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular # Configuration which will be used by the CI positioning integration job to verify PRs diff --git a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf index 789e9bd3af25..e3af40f6620f 100644 --- a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf +++ b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf @@ -37,7 +37,7 @@ CONFIG_DK_LIBRARY=n # Actual configs for the Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_NET_L2_WIFI_MGMT=y # Scan only using offload API diff --git a/samples/cellular/modem_shell/README.rst b/samples/cellular/modem_shell/README.rst index ade404af38c8..bc100dd2c92c 100644 --- a/samples/cellular/modem_shell/README.rst +++ b/samples/cellular/modem_shell/README.rst @@ -1066,13 +1066,13 @@ To program the certificates and connect to nRF Cloud, complete the following ste nRF91 Series DK with nRF7002 EK Wi-Fi support ============================================= -To build the MoSh sample for an nRF91 Series DK with nRF7002 EK Wi-Fi support, use the ``-DSHIELD=nrf7002ek``, ``-DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf``, ``-DSB_CONFIG_WIFI_NRF700X=y`` and ``-DSB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y`` options. +To build the MoSh sample for an nRF91 Series DK with nRF7002 EK Wi-Fi support, use the ``-DSHIELD=nrf7002ek``, ``-DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf``, ``-DSB_CONFIG_WIFI_NRF70=y`` and ``-DSB_CONFIG_WIFI_NRF70_SCAN_ONLY=y`` options. For example: .. parsed-literal:: :class: highlight - west build -p -b *board_target* -- -DSHIELD=nrf7002ek -DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf -DSB_CONFIG_WIFI_NRF700X=y -DSB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + west build -p -b *board_target* -- -DSHIELD=nrf7002ek -DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf -DSB_CONFIG_WIFI_NRF70=y -DSB_CONFIG_WIFI_NRF70_SCAN_ONLY=y |board_target| @@ -1081,12 +1081,12 @@ See :ref:`cmake_options` for more instructions on how to add these options. Thingy:91 X Wi-Fi support ========================= -To build the MoSh sample with Thingy:91 X Wi-Fi support, use the ``-DDTC_OVERLAY_FILE=thingy91x_wifi.overlay``, ``-DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf``, ``-DSB_CONFIG_WIFI_NRF700X=y``, and ``-DSB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y`` options. +To build the MoSh sample with Thingy:91 X Wi-Fi support, use the ``-DDTC_OVERLAY_FILE=thingy91x_wifi.overlay``, ``-DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf``, ``-DSB_CONFIG_WIFI_NRF70=y``, and ``-DSB_CONFIG_WIFI_NRF70_SCAN_ONLY=y`` options. For example: .. code-block:: console - west build -p -b thingy91x/nrf9151/ns -- -DDTC_OVERLAY_FILE=thingy91x_wifi.overlay -DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf -DSB_CONFIG_WIFI_NRF700X=y -DSB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + west build -p -b thingy91x/nrf9151/ns -- -DDTC_OVERLAY_FILE=thingy91x_wifi.overlay -DEXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf -DSB_CONFIG_WIFI_NRF70=y -DSB_CONFIG_WIFI_NRF70_SCAN_ONLY=y See :ref:`cmake_options` for more instructions on how to add these options. diff --git a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf index 0f363595f258..68726dca5305 100644 --- a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf @@ -31,8 +31,8 @@ CONFIG_MOSH_CURL=n # Actual configs for the Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y # Align this with CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT. # Also see comments for CONFIG_HEAP_MEM_POOL_SIZE. CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=50 diff --git a/samples/cellular/modem_shell/sample.yaml b/samples/cellular/modem_shell/sample.yaml index 1f25b1802bbc..9f44090c16c9 100644 --- a/samples/cellular/modem_shell/sample.yaml +++ b/samples/cellular/modem_shell/sample.yaml @@ -96,7 +96,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.nrf7000ek_wifi: sysbuild: true @@ -110,8 +110,8 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - CONFIG_WPA_SUPP=n SB_CONFIG_WIFI_NRF700X=y - SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + CONFIG_WPA_SUPP=n SB_CONFIG_WIFI_NRF70=y + SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.nrf7001ek_wifi: sysbuild: true @@ -125,7 +125,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek_nrf7001 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.nrf7002ek_wifi-debug: sysbuild: true @@ -140,7 +140,7 @@ tests: - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE="overlay-nrf700x-wifi-scan-only.conf;overlay-debug.conf" - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.app_fota: sysbuild: true @@ -271,7 +271,7 @@ tests: - CONFIG_NRF_CLOUD_PGPS_TRANSPORT_NONE=y extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE="overlay-cloud_mqtt.conf;overlay-pgps.conf;overlay-nrf700x-wifi-scan-only.conf" - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y integration_platforms: - nrf9151dk/nrf9151/ns - nrf9160dk/nrf9160/ns @@ -334,7 +334,7 @@ tests: - thingy91x/nrf9151/ns extra_args: EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf DTC_OVERLAY_FILE=thingy91x_wifi.overlay - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.modem_trace_shell_ext_flash: sysbuild: true @@ -382,7 +382,7 @@ tests: - CONFIG_LOCATION_METHOD_CELLULAR=n - CONFIG_LOCATION_METHOD_WIFI=y extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_wifi_cellular_no_gnss: sysbuild: true @@ -400,7 +400,7 @@ tests: - CONFIG_LOCATION_METHOD_CELLULAR=y - CONFIG_LOCATION_METHOD_WIFI=y extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_wifi_no_cellular_no_gnss: sysbuild: true @@ -418,7 +418,7 @@ tests: - CONFIG_LOCATION_METHOD_CELLULAR=n - CONFIG_LOCATION_METHOD_WIFI=y extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_gnss_no_wifi_no_cellular: sysbuild: true @@ -471,7 +471,7 @@ tests: - CONFIG_LOCATION_METHOD_CELLULAR=y - CONFIG_LOCATION_METHOD_WIFI=y extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_gnss_no_wifi_no_cellular_details: sysbuild: true @@ -507,7 +507,7 @@ tests: - CONFIG_LOCATION_METHOD_CELLULAR=y - CONFIG_LOCATION_METHOD_WIFI=y extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_gnss_cellular_no_wifi_details: sysbuild: true diff --git a/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf b/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf index 3ee50a1f7c46..77cdc2bd5d55 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf @@ -16,8 +16,8 @@ CONFIG_LOCATION_WORKQUEUE_STACK_SIZE=8192 # Enable Wi-Fi drivers CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y # Align this with CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT. # Also see comments for CONFIG_HEAP_MEM_POOL_SIZE. CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=10 diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf index de848dd95c58..d6a6f8780b0b 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf @@ -98,8 +98,8 @@ CONFIG_NET_SOCKETS_DNS_TIMEOUT=30000 ## Enable Wi-Fi drivers, (and the native NET stack so that the location library can access them) CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y ## Enable Wi-Fi conn_mgr bindings CONFIG_L2_WIFI_CONNECTIVITY=y diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf index b9b8da5cdb0f..89ee61bc2d84 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf @@ -97,8 +97,8 @@ CONFIG_NET_SOCKETS_DNS_TIMEOUT=30000 ## Enable Wi-Fi drivers, (and the native NET stack so that the location library can access them) CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y ## Enable Wi-Fi conn_mgr bindings CONFIG_L2_WIFI_CONNECTIVITY=y diff --git a/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-conn.conf b/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-conn.conf index e7faf6f71cc4..4d19da213751 100644 --- a/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-conn.conf +++ b/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-conn.conf @@ -4,8 +4,8 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=n +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_SCAN_ONLY=n # MCUboot disabled for Wi-Fi connectivity builds in order to save flash SB_CONFIG_BOOTLOADER_NONE=y diff --git a/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-scan.conf b/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-scan.conf index 09662438152d..66837a35384d 100644 --- a/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-scan.conf +++ b/samples/cellular/nrf_cloud_multi_service/sysbuild_nrf700x-wifi-scan.conf @@ -4,8 +4,8 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y # MCUboot enabled for scan-only Wi-Fi builds SB_CONFIG_BOOTLOADER_MCUBOOT=y diff --git a/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf b/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf index 7699fc95b93a..32db8ab62f32 100644 --- a/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf +++ b/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf @@ -55,8 +55,8 @@ CONFIG_NET_TC_TX_COUNT=1 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_ERR=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_LOG_LEVEL_ERR=y CONFIG_WIFI_MGMT_EXT=y CONFIG_NET_L2_WIFI_SHELL=y CONFIG_NET_SHELL=y diff --git a/samples/matter/common/src/dfu/ota/ota_image_processor_base_impl.h b/samples/matter/common/src/dfu/ota/ota_image_processor_base_impl.h index 8a56a4449989..209658e5703f 100644 --- a/samples/matter/common/src/dfu/ota/ota_image_processor_base_impl.h +++ b/samples/matter/common/src/dfu/ota/ota_image_processor_base_impl.h @@ -6,10 +6,10 @@ #pragma once -#ifdef CONFIG_WIFI_NRF700X +#ifdef CONFIG_WIFI_NRF70 #include using OTAImageProcessorBaseImpl = chip::DeviceLayer::OTAImageProcessorImplWiFi; #else #include using OTAImageProcessorBaseImpl = chip::DeviceLayer::OTAImageProcessorImpl; -#endif /* CONFIG_WIFI_NRF700X */ +#endif /* CONFIG_WIFI_NRF70 */ diff --git a/samples/matter/light_bulb/Kconfig.sysbuild b/samples/matter/light_bulb/Kconfig.sysbuild index de94c227ac19..f31a4153c194 100644 --- a/samples/matter/light_bulb/Kconfig.sysbuild +++ b/samples/matter/light_bulb/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if SOC_SERIES_NRF53X && !WIFI_NRF700X + default y if SOC_SERIES_NRF53X && !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/samples/matter/light_switch/Kconfig.sysbuild b/samples/matter/light_switch/Kconfig.sysbuild index de94c227ac19..f31a4153c194 100644 --- a/samples/matter/light_switch/Kconfig.sysbuild +++ b/samples/matter/light_switch/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if SOC_SERIES_NRF53X && !WIFI_NRF700X + default y if SOC_SERIES_NRF53X && !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/samples/matter/lock/Kconfig.sysbuild b/samples/matter/lock/Kconfig.sysbuild index 0456fc6af5ca..fa947ed46004 100644 --- a/samples/matter/lock/Kconfig.sysbuild +++ b/samples/matter/lock/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if (SOC_SERIES_NRF53X || SOC_SERIES_NRF54HX) && !WIFI_NRF700X + default y if (SOC_SERIES_NRF53X || SOC_SERIES_NRF54HX) && !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/samples/matter/lock/README.rst b/samples/matter/lock/README.rst index cc61cfa26b58..2b8298851e88 100644 --- a/samples/matter/lock/README.rst +++ b/samples/matter/lock/README.rst @@ -134,7 +134,7 @@ For example: .. code-block:: console - west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dlock_SHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex -DFILE_SUFFIX=thread_wifi_switched -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=3 -DCONFIG_CHIP_DFU_OVER_BT_SMP=y -DSB_CONFIG_WIFI_NRF700X=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y + west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dlock_SHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex -DFILE_SUFFIX=thread_wifi_switched -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=3 -DCONFIG_CHIP_DFU_OVER_BT_SMP=y -DSB_CONFIG_WIFI_NRF70=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y .. _matter_lock_sample_ble_nus: @@ -441,7 +441,7 @@ See `Configuration`_ for information about building the sample with the DFU supp .. code-block:: console - west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF700X=y -DCONFIG_CHIP_WIFI=y -Dlock_SHIELD=nrf700x_nrf54h20dk + west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF70=y -DCONFIG_CHIP_WIFI=y -Dlock_SHIELD=nrf700x_nrf54h20dk Selecting a configuration ========================= @@ -773,7 +773,7 @@ To test this feature, complete the following steps: .. code-block:: console - west build -b nrf5340dk/nrf5340/cpuapp -- -DFILE_SUFFIX=thread_wifi_switched -Dlock_SHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex -DSB_CONFIG_WIFI_NRF700X=y + west build -b nrf5340dk/nrf5340/cpuapp -- -DFILE_SUFFIX=thread_wifi_switched -Dlock_SHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex -DSB_CONFIG_WIFI_NRF70=y #. |connect_terminal_ANSI| #. Program the application to the kit using the following command: diff --git a/samples/matter/lock/sample.yaml b/samples/matter/lock/sample.yaml index 6bde017accb2..b29a6a124cdd 100644 --- a/samples/matter/lock/sample.yaml +++ b/samples/matter/lock/sample.yaml @@ -72,7 +72,7 @@ tests: extra_args: lock_SHIELD=nrf7002ek multiprotocol_rpmsg_SHIELD=nrf7002ek_coex FILE_SUFFIX=thread_wifi_switched SB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y SB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=3 CONFIG_CHIP_DFU_OVER_BT_SMP=y - SB_CONFIG_WIFI_NRF700X=y SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y + SB_CONFIG_WIFI_NRF70=y SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y integration_platforms: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp diff --git a/samples/matter/template/Kconfig.sysbuild b/samples/matter/template/Kconfig.sysbuild index 0456fc6af5ca..fa947ed46004 100644 --- a/samples/matter/template/Kconfig.sysbuild +++ b/samples/matter/template/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if (SOC_SERIES_NRF53X || SOC_SERIES_NRF54HX) && !WIFI_NRF700X + default y if (SOC_SERIES_NRF53X || SOC_SERIES_NRF54HX) && !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/samples/matter/template/README.rst b/samples/matter/template/README.rst index 1b6db0b626af..425a611005c6 100644 --- a/samples/matter/template/README.rst +++ b/samples/matter/template/README.rst @@ -202,7 +202,7 @@ To use nrf54H20 DK with the ``nrf7002ek`` shield attached (2.4 GHz or 5 GHz), fo .. code-block:: console - west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF700X=y -DCONFIG_CHIP_WIFI=y -Dtemplate_SHIELD=nrf700x_nrf54h20dk + west build -b nrf54h20dk/nrf54h20/cpuapp -p -- -DSB_CONFIG_WIFI_NRF70=y -DCONFIG_CHIP_WIFI=y -Dtemplate_SHIELD=nrf700x_nrf54h20dk Selecting a configuration ========================= diff --git a/samples/matter/template/sample.yaml b/samples/matter/template/sample.yaml index 77671609ab84..584cdd3fd938 100644 --- a/samples/matter/template/sample.yaml +++ b/samples/matter/template/sample.yaml @@ -62,7 +62,7 @@ tests: sample.matter.template.nrf54h20.nrf7002eb: sysbuild: true build_only: true - extra_args: SB_CONFIG_WIFI_NRF700X=y template_SHIELD=nrf700x_nrf54h20dk + extra_args: SB_CONFIG_WIFI_NRF70=y template_SHIELD=nrf700x_nrf54h20dk CONFIG_CHIP_WIFI=y CONFIG_CHIP_BOOTLOADER_NONE=y CONFIG_CHIP_OTA_REQUESTOR=n SB_CONFIG_MATTER_OTA=n CONFIG_LTO=y CONFIG_ISR_TABLES_LOCAL_DECLARATION=y diff --git a/samples/matter/thermostat/Kconfig.sysbuild b/samples/matter/thermostat/Kconfig.sysbuild index 0a0ecc365061..d250f1fc943f 100644 --- a/samples/matter/thermostat/Kconfig.sysbuild +++ b/samples/matter/thermostat/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if SOC_SERIES_NRF53X && !WIFI_NRF700X + default y if SOC_SERIES_NRF53X && !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/samples/matter/window_covering/Kconfig.sysbuild b/samples/matter/window_covering/Kconfig.sysbuild index de94c227ac19..f31a4153c194 100644 --- a/samples/matter/window_covering/Kconfig.sysbuild +++ b/samples/matter/window_covering/Kconfig.sysbuild @@ -11,7 +11,7 @@ config NRF_DEFAULT_IPC_RADIO # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if SOC_SERIES_NRF53X && !WIFI_NRF700X + default y if SOC_SERIES_NRF53X && !WIFI_NRF70 # Enable Bluetooth serialization to network core # This config automatically pulls in the `overlay-bt_hci_ipc.conf` in the ipc_radio image diff --git a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index cccd88943313..a6cc39aa683d 100644 --- a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -18,12 +18,12 @@ CONFIG_HW_ID_LIBRARY_SOURCE_NET_MAC=y CONFIG_POSIX_MAX_FDS=25 # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y CONFIG_FLASH=y diff --git a/samples/net/azure_iot_hub/README.rst b/samples/net/azure_iot_hub/README.rst index b5243e45d0d4..0b547a26d7fc 100644 --- a/samples/net/azure_iot_hub/README.rst +++ b/samples/net/azure_iot_hub/README.rst @@ -260,5 +260,4 @@ It uses the following libraries and secure firmware component for nRF91 Series b It uses the following libraries for nRF7 Series builds: * :ref:`nrf_security` -* :ref:`nrf700x_wifi` * :ref:`lib_wifi_credentials` diff --git a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index aa6f3a4f595d..28345e1b64a3 100644 --- a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -18,13 +18,13 @@ CONFIG_HEAP_MEM_POOL_SIZE=81920 CONFIG_NET_RX_STACK_SIZE=2048 # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_ERR=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_LOG_LEVEL_ERR=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y CONFIG_FLASH_PAGE_LAYOUT=y diff --git a/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index fea05a47d07e..1c5f9067a09e 100644 --- a/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -19,12 +19,12 @@ CONFIG_PM_PARTITION_SIZE_TFM_SRAM=0xc000 CONFIG_PM_PARTITION_SIZE_TFM=0x20000 # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y CONFIG_NET_L2_WIFI_SHELL=y diff --git a/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index a54ae580caa8..7dd2cd728096 100644 --- a/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -13,8 +13,8 @@ CONFIG_MAIN_STACK_SIZE=4096 CONFIG_LOG=y # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Zephyr NET Connection Manager connectivity layer. CONFIG_L2_WIFI_CONNECTIVITY=y @@ -23,8 +23,8 @@ CONFIG_L2_WIFI_CONNECTIVITY_AUTO_CONNECT=n # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_ERR=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_LOG_LEVEL_ERR=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 2dbbe74ae62a..1e011480db61 100644 --- a/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -11,12 +11,12 @@ CONFIG_PM_PARTITION_SIZE_TFM=0x20000 # Optimize Wi-Fi stack to save some memory CONFIG_HEAP_MEM_POOL_SIZE=81920 -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_WPA_SUPP=y CONFIG_NET_L2_ETHERNET=y diff --git a/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index bd12d2ed3a83..9bed9d0074cc 100644 --- a/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -11,13 +11,13 @@ CONFIG_HEAP_MEM_POOL_SIZE=81920 CONFIG_NET_RX_STACK_SIZE=2048 # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_ERR=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_LOG_LEVEL_ERR=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 5c51873853a3..45edaeb3fa3d 100644 --- a/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -19,13 +19,13 @@ CONFIG_HW_ID_LIBRARY_SOURCE_NET_MAC=y CONFIG_DK_LIBRARY=y # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_ERR=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_LOG_LEVEL_ERR=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/net/mqtt/src/modules/network/Kconfig.network b/samples/net/mqtt/src/modules/network/Kconfig.network index 0e9d52ed7578..ec0d7ae21822 100644 --- a/samples/net/mqtt/src/modules/network/Kconfig.network +++ b/samples/net/mqtt/src/modules/network/Kconfig.network @@ -5,7 +5,7 @@ # menu "Network" - depends on NRF_MODEM_LIB_NET_IF || (WIFI_NRF700X && WIFI_MGMT_EXT) || BOARD_NATIVE_SIM + depends on NRF_MODEM_LIB_NET_IF || (WIFI_NRF70 && WIFI_MGMT_EXT) || BOARD_NATIVE_SIM config MQTT_SAMPLE_NETWORK_THREAD_STACK_SIZE int "Thread stack size" diff --git a/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index ccdd2b1f86b3..cafcf374f7da 100644 --- a/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -10,13 +10,13 @@ CONFIG_HEAP_MEM_POOL_SIZE=81920 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y # Optimize Wi-Fi stack to save some memory -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Shell CONFIG_SHELL=y diff --git a/samples/wifi/ble_coex/prj.conf b/samples/wifi/ble_coex/prj.conf index ac8185c69583..dab141cf094e 100644 --- a/samples/wifi/ble_coex/prj.conf +++ b/samples/wifi/ble_coex/prj.conf @@ -5,7 +5,7 @@ # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y @@ -110,8 +110,8 @@ CONFIG_BT_L2CAP_DYNAMIC_CHANNEL=y CONFIG_DK_LIBRARY=y CONFIG_DK_LIBRARY_DYNAMIC_BUTTON_HANDLERS=y -CONFIG_NRF700X_MAX_TX_PENDING_QLEN=12 -CONFIG_NRF700X_QSPI_LOW_POWER=n +CONFIG_NRF70_MAX_TX_PENDING_QLEN=12 +CONFIG_NRF70_QSPI_LOW_POWER=n #Added to fix BLE crash in coex enable cases. CONFIG_NRF_RPC=n diff --git a/samples/wifi/ble_coex/src/main.c b/samples/wifi/ble_coex/src/main.c index 0c362b48eb16..782ca2d73732 100644 --- a/samples/wifi/ble_coex/src/main.c +++ b/samples/wifi/ble_coex/src/main.c @@ -332,10 +332,10 @@ int main(void) int ret = 0; bool test_wlan = IS_ENABLED(CONFIG_TEST_TYPE_WLAN); bool test_ble = IS_ENABLED(CONFIG_TEST_TYPE_BLE); -#ifdef CONFIG_NRF700X_SR_COEX +#ifdef CONFIG_NRF70_SR_COEX enum nrf_wifi_pta_wlan_op_band wlan_band; bool separate_antennas = IS_ENABLED(CONFIG_COEX_SEP_ANTENNAS); -#endif /* CONFIG_NRF700X_SR_COEX */ +#endif /* CONFIG_NRF70_SR_COEX */ bool is_sr_protocol_ble = IS_ENABLED(CONFIG_SR_PROTOCOL_BLE); #if !defined(CONFIG_COEX_SEP_ANTENNAS) && \ @@ -368,14 +368,14 @@ int main(void) LOG_INF("test_wlan = %d and test_ble = %d\n", test_wlan, test_ble); -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH +#ifdef CONFIG_NRF70_SR_COEX_RF_SWITCH /* Configure SR side (nRF5340 side) switch for nRF700x DK */ ret = nrf_wifi_config_sr_switch(separate_antennas); if (ret != 0) { LOG_ERR("Unable to configure SR side switch: %d\n", ret); goto err; } -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ +#endif /* CONFIG_NRF70_SR_COEX_RF_SWITCH */ if (test_wlan) { /* Wi-Fi connection */ @@ -389,7 +389,7 @@ int main(void) goto err; } -#ifdef CONFIG_NRF700X_SR_COEX +#ifdef CONFIG_NRF70_SR_COEX /* Configure Coexistence Hardware */ LOG_INF("\n"); LOG_INF("Configuring non-PTA registers.\n"); @@ -411,7 +411,7 @@ int main(void) LOG_ERR("Failed to configure PTA coex hardware: %d\n", ret); goto err; } -#endif /* CONFIG_NRF700X_SR_COEX */ +#endif /* CONFIG_NRF70_SR_COEX */ } if (test_ble) { diff --git a/samples/wifi/ble_coex/sysbuild.conf b/samples/wifi/ble_coex/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/ble_coex/sysbuild.conf +++ b/samples/wifi/ble_coex/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/monitor/prj.conf b/samples/wifi/monitor/prj.conf index 1e6270728cd2..6f064ed5626a 100644 --- a/samples/wifi/monitor/prj.conf +++ b/samples/wifi/monitor/prj.conf @@ -4,11 +4,11 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_NRF_WIFI_LOW_POWER=n # Enable raw data RX for nRF700x for monitor mode -CONFIG_NRF700X_RAW_DATA_RX=y +CONFIG_NRF70_RAW_DATA_RX=y # WPA supplicant CONFIG_WPA_SUPP=y diff --git a/samples/wifi/monitor/sysbuild.conf b/samples/wifi/monitor/sysbuild.conf index 9baef711d1ff..7a8ca50b9fb0 100644 --- a/samples/wifi/monitor/sysbuild.conf +++ b/samples/wifi/monitor/sysbuild.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y diff --git a/samples/wifi/promiscuous/prj.conf b/samples/wifi/promiscuous/prj.conf index c960d27ab7a1..cda26d268723 100644 --- a/samples/wifi/promiscuous/prj.conf +++ b/samples/wifi/promiscuous/prj.conf @@ -4,14 +4,14 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y # Promiscuous mode CONFIG_NET_PROMISCUOUS_MODE=y -CONFIG_NRF700X_PROMISC_DATA_RX=y +CONFIG_NRF70_PROMISC_DATA_RX=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/wifi/promiscuous/sysbuild.conf b/samples/wifi/promiscuous/sysbuild.conf index 9baef711d1ff..7a8ca50b9fb0 100644 --- a/samples/wifi/promiscuous/sysbuild.conf +++ b/samples/wifi/promiscuous/sysbuild.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y diff --git a/samples/wifi/provisioning/ble/prj.conf b/samples/wifi/provisioning/ble/prj.conf index a31ca1ea07cf..a3e456bdf29c 100644 --- a/samples/wifi/provisioning/ble/prj.conf +++ b/samples/wifi/provisioning/ble/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y diff --git a/samples/wifi/provisioning/ble/sysbuild.conf b/samples/wifi/provisioning/ble/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/provisioning/ble/sysbuild.conf +++ b/samples/wifi/provisioning/ble/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/provisioning/softap/prj.conf b/samples/wifi/provisioning/softap/prj.conf index bed3bb262534..d2a7dcd2e3de 100644 --- a/samples/wifi/provisioning/softap/prj.conf +++ b/samples/wifi/provisioning/softap/prj.conf @@ -11,13 +11,13 @@ CONFIG_PM_PARTITION_SIZE_TFM=0x1c000 # Optimize Wi-Fi stack to save some memory. CONFIG_HEAP_MEM_POOL_SIZE=81920 -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_NRF700X_AP_MODE=y +CONFIG_WIFI_NRF70=y +CONFIG_NRF70_AP_MODE=y CONFIG_WPA_SUPP=y CONFIG_WPA_SUPP_AP=y CONFIG_NET_L2_ETHERNET=y diff --git a/samples/wifi/radio_test/prj.conf b/samples/wifi/radio_test/prj.conf index 5039b7c6d249..efc2ad3aeca1 100644 --- a/samples/wifi/radio_test/prj.conf +++ b/samples/wifi/radio_test/prj.conf @@ -4,8 +4,8 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_NRF700X_RADIO_TEST=y +CONFIG_WIFI_NRF70=y +CONFIG_NRF70_RADIO_TEST=y #CONFIG_INIT_STACKS=y diff --git a/samples/wifi/radio_test/sample.yaml b/samples/wifi/radio_test/sample.yaml index 112ac3e8a6fd..98d582af81d2 100644 --- a/samples/wifi/radio_test/sample.yaml +++ b/samples/wifi/radio_test/sample.yaml @@ -21,7 +21,7 @@ tests: sample.nrf7002.radio_test_combo: sysbuild: true build_only: true - extra_args: CONFIG_NRF700X_RADIO_TEST_COMBO=y + extra_args: CONFIG_NRF70_RADIO_TEST_COMBO=y integration_platforms: - nrf7002dk/nrf5340/cpuapp platform_allow: nrf7002dk/nrf5340/cpuapp @@ -29,7 +29,7 @@ tests: sample.nrf5340.radio_test_combo: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek CONFIG_NRF700X_RADIO_TEST_COMBO=y + extra_args: SHIELD=nrf7002ek CONFIG_NRF70_RADIO_TEST_COMBO=y integration_platforms: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp diff --git a/samples/wifi/radio_test/src/nrf_wifi_radio_test_shell.c b/samples/wifi/radio_test/src/nrf_wifi_radio_test_shell.c index fb82256c44d8..a7ac1adcbc1f 100644 --- a/samples/wifi/radio_test/src/nrf_wifi_radio_test_shell.c +++ b/samples/wifi/radio_test/src/nrf_wifi_radio_test_shell.c @@ -1376,7 +1376,7 @@ static int nrf_wifi_radio_test_set_rx(const struct shell *shell, return 0; } -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH +#ifdef CONFIG_NRF70_SR_COEX_RF_SWITCH static int nrf_wifi_radio_test_sr_ant_switch_ctrl(const struct shell *shell, size_t argc, const char *argv[]) @@ -1394,7 +1394,7 @@ static int nrf_wifi_radio_test_sr_ant_switch_ctrl(const struct shell *shell, return sr_ant_switch(val); } -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ +#endif /* CONFIG_NRF70_SR_COEX_RF_SWITCH */ static int nrf_wifi_radio_test_rx_cap(const struct shell *shell, size_t argc, @@ -2379,7 +2379,7 @@ SHELL_STATIC_SUBCMD_SET_CREATE( nrf_wifi_radio_test_set_rx, 2, 0), -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH +#ifdef CONFIG_NRF70_SR_COEX_RF_SWITCH SHELL_CMD_ARG(sr_ant_switch_ctrl, NULL, "0 - Switch set to use the BLE antenna\n" @@ -2387,7 +2387,7 @@ SHELL_STATIC_SUBCMD_SET_CREATE( nrf_wifi_radio_test_sr_ant_switch_ctrl, 2, 0), -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ +#endif /* CONFIG_NRF70_SR_COEX_RF_SWITCH */ SHELL_CMD_ARG(rx_lna_gain, NULL, " - LNA gain to be configured.\n" diff --git a/samples/wifi/radio_test/sysbuild.conf b/samples/wifi/radio_test/sysbuild.conf index 30e84c648c69..a5af2663d0db 100644 --- a/samples/wifi/radio_test/sysbuild.conf +++ b/samples/wifi/radio_test/sysbuild.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_RADIO_TEST=y +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_RADIO_TEST=y diff --git a/samples/wifi/raw_tx_packet/prj.conf b/samples/wifi/raw_tx_packet/prj.conf index 2742f7e34616..0d8a54cbea87 100644 --- a/samples/wifi/raw_tx_packet/prj.conf +++ b/samples/wifi/raw_tx_packet/prj.conf @@ -4,9 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_NRF_WIFI_LOW_POWER=n -CONFIG_NRF700X_RAW_DATA_TX=y +CONFIG_NRF70_RAW_DATA_TX=y # WPA supplicant CONFIG_WPA_SUPP=y diff --git a/samples/wifi/raw_tx_packet/sysbuild.conf b/samples/wifi/raw_tx_packet/sysbuild.conf index 9baef711d1ff..7a8ca50b9fb0 100644 --- a/samples/wifi/raw_tx_packet/sysbuild.conf +++ b/samples/wifi/raw_tx_packet/sysbuild.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y diff --git a/samples/wifi/scan/prj.conf b/samples/wifi/scan/prj.conf index 5087fe476d79..7edae9f7b7bb 100644 --- a/samples/wifi/scan/prj.conf +++ b/samples/wifi/scan/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_NET_L2_WIFI_MGMT=y CONFIG_HEAP_MEM_POOL_SIZE=25000 diff --git a/samples/wifi/scan/src/main.c b/samples/wifi/scan/src/main.c index 7598675f8a9f..5bcfdea2a4d5 100644 --- a/samples/wifi/scan/src/main.c +++ b/samples/wifi/scan/src/main.c @@ -106,13 +106,13 @@ static struct net_mgmt_event_callback wifi_shell_mgmt_cb; K_SEM_DEFINE(scan_sem, 0, 1); -#if defined CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC +#if defined CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC static bool local_mac_check(const uint8_t *const mac) { return ((mac[0] & 0x02) || ((mac[0] == 0x00) && (mac[1] == 0x00) && (mac[2] == 0x5E))); } -#endif /* CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC */ +#endif /* CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC */ static void handle_wifi_scan_result(struct net_mgmt_event_callback *cb) { @@ -131,9 +131,9 @@ static void handle_wifi_scan_result(struct net_mgmt_event_callback *cb) strncpy(ssid_print, entry->ssid, sizeof(ssid_print) - 1); ssid_print[sizeof(ssid_print) - 1] = '\0'; -#if defined CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC +#if defined CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC __ASSERT(!local_mac_check(entry->mac), "Locally administered MAC found: %s\n", ssid_print); -#endif /* CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC */ +#endif /* CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC */ printk("%-4d | %-32s %-5u | %-4u | %-4d | %-5s | %s\n", scan_result, ssid_print, entry->ssid_length, diff --git a/samples/wifi/scan/sysbuild.conf b/samples/wifi/scan/sysbuild.conf index cb753f32ccc8..1f6da431255e 100644 --- a/samples/wifi/scan/sysbuild.conf +++ b/samples/wifi/scan/sysbuild.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y -SB_CONFIG_WIFI_NRF700X_SCAN_ONLY=y +SB_CONFIG_WIFI_NRF70=y +SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y diff --git a/samples/wifi/shell/CMakeLists.txt b/samples/wifi/shell/CMakeLists.txt index 3d5156b65943..a0230bfd1857 100644 --- a/samples/wifi/shell/CMakeLists.txt +++ b/samples/wifi/shell/CMakeLists.txt @@ -14,12 +14,12 @@ target_include_directories( PRIVATE ${ZEPHYR_BASE}/../nrfxlib/) -target_sources_ifdef(CONFIG_NRF700X_RAW_DATA_TX +target_sources_ifdef(CONFIG_NRF70_RAW_DATA_TX app PRIVATE src/wifi_raw_tx_pkt_shell.c) -target_sources_ifdef(CONFIG_NRF700X_PROMISC_DATA_RX +target_sources_ifdef(CONFIG_NRF70_PROMISC_DATA_RX app PRIVATE src/wifi_promiscuous_shell.c) diff --git a/samples/wifi/shell/overlay-monitor-mode.conf b/samples/wifi/shell/overlay-monitor-mode.conf index a226a8f96db5..ca380ef6d797 100644 --- a/samples/wifi/shell/overlay-monitor-mode.conf +++ b/samples/wifi/shell/overlay-monitor-mode.conf @@ -1 +1 @@ -CONFIG_NRF700X_RAW_DATA_RX=y +CONFIG_NRF70_RAW_DATA_RX=y diff --git a/samples/wifi/shell/overlay-promiscuous-mode.conf b/samples/wifi/shell/overlay-promiscuous-mode.conf index f2b161fc5f8c..7c43d074c396 100644 --- a/samples/wifi/shell/overlay-promiscuous-mode.conf +++ b/samples/wifi/shell/overlay-promiscuous-mode.conf @@ -1,2 +1,2 @@ -CONFIG_NRF700X_PROMISC_DATA_RX=y +CONFIG_NRF70_PROMISC_DATA_RX=y CONFIG_NET_PROMISCUOUS_MODE=y diff --git a/samples/wifi/shell/overlay-raw-tx.conf b/samples/wifi/shell/overlay-raw-tx.conf index db5853dc54bc..b7064ffcfd28 100644 --- a/samples/wifi/shell/overlay-raw-tx.conf +++ b/samples/wifi/shell/overlay-raw-tx.conf @@ -1,2 +1,2 @@ -CONFIG_NRF700X_RAW_DATA_TX=y +CONFIG_NRF70_RAW_DATA_TX=y CONFIG_LOG_MODE_IMMEDIATE=y diff --git a/samples/wifi/shell/overlay-sap.conf b/samples/wifi/shell/overlay-sap.conf index 7d1bdc32b529..5d98cdc2f405 100644 --- a/samples/wifi/shell/overlay-sap.conf +++ b/samples/wifi/shell/overlay-sap.conf @@ -1,4 +1,4 @@ -CONFIG_NRF700X_AP_MODE=y +CONFIG_NRF70_AP_MODE=y CONFIG_WPA_SUPP_AP=y CONFIG_NET_ZPERF=y @@ -10,7 +10,7 @@ CONFIG_NET_BUF_RX_COUNT=10 CONFIG_NET_BUF_TX_COUNT=20 CONFIG_HEAP_MEM_POOL_SIZE=180000 CONFIG_NET_BUF_DATA_SIZE=1500 -CONFIG_NRF700X_QSPI_LOW_POWER=n +CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_NET_ZPERF_MAX_PACKET_SIZE=1500 # Necessary for zperf_tcp_receiver.c diff --git a/samples/wifi/shell/overlay-zperf.conf b/samples/wifi/shell/overlay-zperf.conf index 885a9e3e2fa4..fc06590d4525 100644 --- a/samples/wifi/shell/overlay-zperf.conf +++ b/samples/wifi/shell/overlay-zperf.conf @@ -14,7 +14,7 @@ CONFIG_NET_BUF_RX_COUNT=30 CONFIG_NET_BUF_TX_COUNT=58 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_NET_BUF_DATA_SIZE=1100 -CONFIG_NRF700X_QSPI_LOW_POWER=n +CONFIG_NRF70_QSPI_LOW_POWER=n # To enable optimization configuration options CONFIG_PICOLIBC_USE_MODULE=y CONFIG_SPEED_OPTIMIZATIONS=y @@ -28,4 +28,4 @@ CONFIG_WIFI_CREDENTIALS=n CONFIG_FLASH=n CONFIG_NVS=n CONFIG_SETTINGS=n -CONFIG_NRF700X_UTIL=y +CONFIG_NRF70_UTIL=y diff --git a/samples/wifi/shell/prj.conf b/samples/wifi/shell/prj.conf index f3368d237e3c..b692b42e4cc6 100644 --- a/samples/wifi/shell/prj.conf +++ b/samples/wifi/shell/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y @@ -33,8 +33,8 @@ CONFIG_NET_PKT_TX_COUNT=8 CONFIG_NET_BUF_RX_COUNT=16 CONFIG_NET_BUF_TX_COUNT=16 CONFIG_NET_BUF_DATA_SIZE=128 -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # nRF700x is main consumer: (16 + 8) * 1600 = ~40KB + ~40KB control path (experimental) CONFIG_HEAP_MEM_POOL_SIZE=80000 CONFIG_NET_TC_TX_COUNT=1 diff --git a/samples/wifi/shell/sample.yaml b/samples/wifi/shell/sample.yaml index 927660662a62..924f403b8902 100644 --- a/samples/wifi/shell/sample.yaml +++ b/samples/wifi/shell/sample.yaml @@ -213,7 +213,7 @@ tests: build_only: true extra_args: EXTRA_CONF_FILE=overlay-zperf.conf - CONFIG_NRF700X_UTIL=y + CONFIG_NRF70_UTIL=y CONFIG_WPA_CLI=y CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_PKT=24 @@ -228,7 +228,7 @@ tests: extra_args: SHIELD=nrf7002ek_nrf7001 EXTRA_CONF_FILE=overlay-zperf.conf - CONFIG_NRF700X_UTIL=y + CONFIG_NRF70_UTIL=y CONFIG_WPA_CLI=y CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_PKT=24 @@ -242,7 +242,7 @@ tests: build_only: true extra_args: EXTRA_CONF_FILE=overlay-zperf.conf - CONFIG_NRF700X_UTIL=y + CONFIG_NRF70_UTIL=y CONFIG_WPA_CLI=y CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_PKT=24 @@ -257,7 +257,7 @@ tests: extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-zperf.conf - CONFIG_NRF700X_UTIL=y + CONFIG_NRF70_UTIL=y CONFIG_WPA_CLI=y CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_PKT=24 @@ -271,7 +271,7 @@ tests: extra_args: nrf_wifi_shell_SNIPPET="nrf70-driver-verbose-debug;wpa-supplicant-debug" EXTRA_CONF_FILE=overlay-zperf.conf - CONFIG_NRF700X_UTIL=y + CONFIG_NRF70_UTIL=y CONFIG_WPA_CLI=y CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_PKT=24 @@ -292,7 +292,7 @@ tests: build_only: true extra_args: EXTRA_CONF_FILE=overlay-raw-tx.conf - SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y + SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y integration_platforms: - nrf7002dk/nrf5340/cpuapp platform_allow: nrf7002dk/nrf5340/cpuapp @@ -302,7 +302,7 @@ tests: build_only: true extra_args: EXTRA_CONF_FILE=overlay-monitor-mode.conf - SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y + SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y integration_platforms: - nrf7002dk/nrf5340/cpuapp platform_allow: nrf7002dk/nrf5340/cpuapp @@ -312,7 +312,7 @@ tests: build_only: true extra_args: EXTRA_CONF_FILE=overlay-promiscuous-mode.conf - SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y + SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y integration_platforms: - nrf7002dk/nrf5340/cpuapp platform_allow: nrf7002dk/nrf5340/cpuapp @@ -322,7 +322,7 @@ tests: build_only: true extra_args: EXTRA_CONF_FILE=overlay-promiscuous-mode.conf - SB_CONFIG_WIFI_NRF700X_SYSTEM_WITH_RAW_MODES=y + SB_CONFIG_WIFI_NRF70_SYSTEM_WITH_RAW_MODES=y integration_platforms: - nrf7002dk/nrf5340/cpuapp/nrf7001 platform_allow: nrf7002dk/nrf5340/cpuapp/nrf7001 diff --git a/samples/wifi/shell/sysbuild.conf b/samples/wifi/shell/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/shell/sysbuild.conf +++ b/samples/wifi/shell/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/shutdown/prj.conf b/samples/wifi/shutdown/prj.conf index 36864978b084..bf679a42c729 100644 --- a/samples/wifi/shutdown/prj.conf +++ b/samples/wifi/shutdown/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_NET_L2_WIFI_MGMT=y CONFIG_HEAP_MEM_POOL_SIZE=25000 diff --git a/samples/wifi/shutdown/sysbuild.conf b/samples/wifi/shutdown/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/shutdown/sysbuild.conf +++ b/samples/wifi/shutdown/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/softap/README.rst b/samples/wifi/softap/README.rst index 870351da6418..2896ca8e0000 100644 --- a/samples/wifi/softap/README.rst +++ b/samples/wifi/softap/README.rst @@ -25,7 +25,7 @@ Then, the sample lists the connected devices. You can enable the SoftAP mode by setting the below configuration options in the sample project configuration file: -* :kconfig:option:`CONFIG_NRF700X_AP_MODE`: Enables access point mode support. +* :kconfig:option:`CONFIG_NRF70_AP_MODE`: Enables access point mode support. * :kconfig:option:`CONFIG_WPA_SUPP_AP`: Enables access point support. The sample uses the :ref:`lib_wifi_ready` library to check Wi-Fi readiness. diff --git a/samples/wifi/softap/prj.conf b/samples/wifi/softap/prj.conf index f07532498438..25868db00547 100644 --- a/samples/wifi/softap/prj.conf +++ b/samples/wifi/softap/prj.conf @@ -4,14 +4,14 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y CONFIG_WIFI_READY_LIB=y # Soft AP -CONFIG_NRF700X_AP_MODE=y +CONFIG_NRF70_AP_MODE=y CONFIG_WPA_SUPP_AP=y CONFIG_WPA_SUPP_LOG_LEVEL_INF=y diff --git a/samples/wifi/softap/sysbuild.conf b/samples/wifi/softap/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/softap/sysbuild.conf +++ b/samples/wifi/softap/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/sta/Kconfig b/samples/wifi/sta/Kconfig index 2f738998501e..be7900a68680 100644 --- a/samples/wifi/sta/Kconfig +++ b/samples/wifi/sta/Kconfig @@ -12,7 +12,7 @@ config CONNECTION_IDLE_TIMEOUT int "Time to be waited for a station to connect" default 30 -config NRF700X_QSPI_ENCRYPTION_KEY +config NRF70_QSPI_ENCRYPTION_KEY string "16 bytes QSPI encryption key, only for testing purposes" depends on BOARD_NRF7002DK_NRF5340_CPUAPP help diff --git a/samples/wifi/sta/README.rst b/samples/wifi/sta/README.rst index fed113b4ab54..6cf312358438 100644 --- a/samples/wifi/sta/README.rst +++ b/samples/wifi/sta/README.rst @@ -62,7 +62,7 @@ Quad Serial Peripheral Interface (QSPI) encryption ************************************************** This sample demonstrates QSPI encryption API usage. -You can set the key using the :kconfig:option:`CONFIG_NRF700X_QSPI_ENCRYPTION_KEY` Kconfig option. +You can set the key using the :kconfig:option:`CONFIG_NRF70_QSPI_ENCRYPTION_KEY` Kconfig option. If encryption of the QSPI traffic is required for the production devices, matching keys must be programmed in both the nRF7002 OTP and non-volatile storage associated with the host. The key from non-volatile storage must be set as the encryption key using the APIs. @@ -193,7 +193,7 @@ Application's network connection will be lost during the recovery process, and i Testing ======= -To test RPU recovery, you must build the sample with :kconfig:option:`CONFIG_SHELL` and :kconfig:option:`CONFIG_NRF700X_UTIL` Kconfig options. +To test RPU recovery, you must build the sample with :kconfig:option:`CONFIG_SHELL` and :kconfig:option:`CONFIG_NRF70_UTIL` Kconfig options. #. Trigger RPU recovery using the following command: diff --git a/samples/wifi/sta/prj.conf b/samples/wifi/sta/prj.conf index 665afd1c190c..4690076e44d0 100644 --- a/samples/wifi/sta/prj.conf +++ b/samples/wifi/sta/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y @@ -34,7 +34,7 @@ CONFIG_NET_PKT_TX_COUNT=8 CONFIG_NET_BUF_RX_COUNT=8 CONFIG_NET_BUF_TX_COUNT=16 CONFIG_NET_BUF_DATA_SIZE=128 -CONFIG_NRF700X_RX_NUM_BUFS=16 +CONFIG_NRF70_RX_NUM_BUFS=16 CONFIG_HEAP_MEM_POOL_SIZE=90000 CONFIG_NET_TC_TX_COUNT=1 diff --git a/samples/wifi/sta/src/main.c b/samples/wifi/sta/src/main.c index f5e2b709f564..bb2f586d6993 100644 --- a/samples/wifi/sta/src/main.c +++ b/samples/wifi/sta/src/main.c @@ -256,11 +256,11 @@ int start_app(void) { #if defined(CONFIG_BOARD_NRF7002DK_NRF7001_NRF5340_CPUAPP) || \ defined(CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP) - if (strlen(CONFIG_NRF700X_QSPI_ENCRYPTION_KEY)) { + if (strlen(CONFIG_NRF70_QSPI_ENCRYPTION_KEY)) { int ret; char key[QSPI_KEY_LEN_BYTES]; - ret = bytes_from_str(CONFIG_NRF700X_QSPI_ENCRYPTION_KEY, key, sizeof(key)); + ret = bytes_from_str(CONFIG_NRF70_QSPI_ENCRYPTION_KEY, key, sizeof(key)); if (ret) { LOG_ERR("Failed to parse encryption key: %d\n", ret); return 0; diff --git a/samples/wifi/sta/sysbuild.conf b/samples/wifi/sta/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/sta/sysbuild.conf +++ b/samples/wifi/sta/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/thread_coex/prj.conf b/samples/wifi/thread_coex/prj.conf index fdd9946e574b..9247452fd7b8 100644 --- a/samples/wifi/thread_coex/prj.conf +++ b/samples/wifi/thread_coex/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y @@ -72,9 +72,9 @@ CONFIG_NET_CONFIG_MY_IPV4_GW="192.168.1.1" CONFIG_WIFI_ZPERF_PKT_SIZE=1024 CONFIG_WIFI_ZPERF_RATE=10000 -CONFIG_NRF700X_MAX_TX_PENDING_QLEN=12 +CONFIG_NRF70_MAX_TX_PENDING_QLEN=12 CONFIG_NRF_WIFI_LOW_POWER=y -CONFIG_NRF700X_QSPI_LOW_POWER=n +CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_LOG_BUFFER_SIZE=2048 CONFIG_NET_MGMT_EVENT_QUEUE_TIMEOUT=5000 diff --git a/samples/wifi/thread_coex/src/main.c b/samples/wifi/thread_coex/src/main.c index 358c068cd10a..5d470d218311 100644 --- a/samples/wifi/thread_coex/src/main.c +++ b/samples/wifi/thread_coex/src/main.c @@ -43,14 +43,14 @@ int main(void) return -1; } -#if !defined(CONFIG_COEX_SEP_ANTENNAS) && !(CONFIG_NRF700X_SR_COEX_RF_SWITCH) +#if !defined(CONFIG_COEX_SEP_ANTENNAS) && !(CONFIG_NRF70_SR_COEX_RF_SWITCH) BUILD_ASSERT("Shared antenna support is not available with nRF7002 shields"); #endif /* register callback functions */ wifi_init(); -#ifdef CONFIG_NRF700X_SR_COEX_RF_SWITCH +#ifdef CONFIG_NRF70_SR_COEX_RF_SWITCH /* Configure SR side (nRF5340 side) switch in nRF700x */ /* LOG_INF("Configure SR side switch"); */ ret = nrf_wifi_config_sr_switch(is_ant_mode_sep); @@ -58,9 +58,9 @@ int main(void) LOG_ERR("Unable to configure SR side switch: %d", ret); return ret; } -#endif /* CONFIG_NRF700X_SR_COEX_RF_SWITCH */ +#endif /* CONFIG_NRF70_SR_COEX_RF_SWITCH */ -#if defined(CONFIG_NRF700X_SR_COEX) +#if defined(CONFIG_NRF70_SR_COEX) /* Configure non-PTA registers of Coexistence Hardware */ /* LOG_INF("Configuring non-PTA registers."); */ ret = nrf_wifi_coex_config_non_pta(is_ant_mode_sep, is_sr_protocol_ble); @@ -68,7 +68,7 @@ int main(void) LOG_ERR("Configuring non-PTA registers of CoexHardware FAIL"); return ret; } -#endif /* CONFIG_NRF700X_SR_COEX */ +#endif /* CONFIG_NRF70_SR_COEX */ ret = wifi_tput_ot_tput(test_wifi, is_ant_mode_sep, test_thread, is_ot_client, is_wifi_server, is_wifi_zperf_udp, is_ot_zperf_udp, diff --git a/samples/wifi/thread_coex/src/ot_coex_functions.c b/samples/wifi/thread_coex/src/ot_coex_functions.c index 7826c88c0b3e..96a2b94e4041 100644 --- a/samples/wifi/thread_coex/src/ot_coex_functions.c +++ b/samples/wifi/thread_coex/src/ot_coex_functions.c @@ -701,9 +701,9 @@ int wifi_tput_ot_tput(bool test_wifi, bool is_ant_mode_sep, bool test_thread, bo LOG_ERR("further is not meaningful. So, exiting the test"); return ret; } -#if defined(CONFIG_NRF700X_SR_COEX) +#if defined(CONFIG_NRF70_SR_COEX) config_pta(is_ant_mode_sep, is_ot_client, is_wifi_server, is_sr_protocol_ble); -#endif/* CONFIG_NRF700X_SR_COEX */ +#endif/* CONFIG_NRF70_SR_COEX */ } if (test_thread) { LOG_INF("Thread operating channel = %d", CONFIG_OT_CHANNEL); diff --git a/samples/wifi/thread_coex/sysbuild.conf b/samples/wifi/thread_coex/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/thread_coex/sysbuild.conf +++ b/samples/wifi/thread_coex/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/throughput/overlay-high-performance.conf b/samples/wifi/throughput/overlay-high-performance.conf index 76976d86ce87..918fae392509 100644 --- a/samples/wifi/throughput/overlay-high-performance.conf +++ b/samples/wifi/throughput/overlay-high-performance.conf @@ -1,5 +1,5 @@ -CONFIG_NRF700X_AP_MODE=n -CONFIG_NRF700X_P2P_MODE=n +CONFIG_NRF70_AP_MODE=n +CONFIG_NRF70_P2P_MODE=n CONFIG_NET_PKT_TX_COUNT=30 CONFIG_NET_PKT_RX_COUNT=30 CONFIG_NET_BUF_TX_COUNT=60 @@ -7,10 +7,10 @@ CONFIG_NET_BUF_RX_COUNT=30 CONFIG_NET_BUF_DATA_SIZE=1100 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_SPEED_OPTIMIZATIONS=y -CONFIG_NRF700X_QSPI_LOW_POWER=n -CONFIG_NRF700X_UTIL=n -CONFIG_NRF700X_MAX_TX_AGGREGATION=9 -CONFIG_NRF700X_MAX_TX_TOKENS=12 +CONFIG_NRF70_QSPI_LOW_POWER=n +CONFIG_NRF70_UTIL=n +CONFIG_NRF70_MAX_TX_AGGREGATION=9 +CONFIG_NRF70_MAX_TX_TOKENS=12 CONFIG_POSIX_MAX_FDS=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack diff --git a/samples/wifi/throughput/overlay-iot-devices.conf b/samples/wifi/throughput/overlay-iot-devices.conf index 01826244dca5..1c6ab2231723 100644 --- a/samples/wifi/throughput/overlay-iot-devices.conf +++ b/samples/wifi/throughput/overlay-iot-devices.conf @@ -1,17 +1,17 @@ -CONFIG_NRF700X_AP_MODE=n -CONFIG_NRF700X_P2P_MODE=n +CONFIG_NRF70_AP_MODE=n +CONFIG_NRF70_P2P_MODE=n CONFIG_NET_PKT_TX_COUNT=6 CONFIG_NET_PKT_RX_COUNT=6 CONFIG_NET_BUF_TX_COUNT=12 CONFIG_NET_BUF_RX_COUNT=6 -CONFIG_NRF700X_RX_NUM_BUFS=6 +CONFIG_NRF70_RX_NUM_BUFS=6 CONFIG_NET_BUF_DATA_SIZE=800 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_SPEED_OPTIMIZATIONS=y -CONFIG_NRF700X_QSPI_LOW_POWER=n -CONFIG_NRF700X_UTIL=n -CONFIG_NRF700X_MAX_TX_AGGREGATION=1 -CONFIG_NRF700X_MAX_TX_TOKENS=5 +CONFIG_NRF70_QSPI_LOW_POWER=n +CONFIG_NRF70_UTIL=n +CONFIG_NRF70_MAX_TX_AGGREGATION=1 +CONFIG_NRF70_MAX_TX_TOKENS=5 CONFIG_POSIX_MAX_FDS=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack diff --git a/samples/wifi/throughput/overlay-memory-optimized.conf b/samples/wifi/throughput/overlay-memory-optimized.conf index a9fef166df7d..e5fa6ca28bf9 100644 --- a/samples/wifi/throughput/overlay-memory-optimized.conf +++ b/samples/wifi/throughput/overlay-memory-optimized.conf @@ -1,17 +1,17 @@ -CONFIG_NRF700X_AP_MODE=n -CONFIG_NRF700X_P2P_MODE=n +CONFIG_NRF70_AP_MODE=n +CONFIG_NRF70_P2P_MODE=n CONFIG_NET_PKT_TX_COUNT=6 CONFIG_NET_PKT_RX_COUNT=6 CONFIG_NET_BUF_TX_COUNT=12 CONFIG_NET_BUF_RX_COUNT=6 -CONFIG_NRF700X_RX_NUM_BUFS=6 +CONFIG_NRF70_RX_NUM_BUFS=6 CONFIG_NET_BUF_DATA_SIZE=500 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_SPEED_OPTIMIZATIONS=y -CONFIG_NRF700X_QSPI_LOW_POWER=n -CONFIG_NRF700X_UTIL=n -CONFIG_NRF700X_MAX_TX_AGGREGATION=1 -CONFIG_NRF700X_MAX_TX_TOKENS=5 +CONFIG_NRF70_QSPI_LOW_POWER=n +CONFIG_NRF70_UTIL=n +CONFIG_NRF70_MAX_TX_AGGREGATION=1 +CONFIG_NRF70_MAX_TX_TOKENS=5 CONFIG_POSIX_MAX_FDS=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack diff --git a/samples/wifi/throughput/overlay-rx-prio.conf b/samples/wifi/throughput/overlay-rx-prio.conf index bbe8edd3576a..5184ba081339 100644 --- a/samples/wifi/throughput/overlay-rx-prio.conf +++ b/samples/wifi/throughput/overlay-rx-prio.conf @@ -1,17 +1,17 @@ -CONFIG_NRF700X_AP_MODE=n -CONFIG_NRF700X_P2P_MODE=n +CONFIG_NRF70_AP_MODE=n +CONFIG_NRF70_P2P_MODE=n CONFIG_NET_PKT_TX_COUNT=5 CONFIG_NET_PKT_RX_COUNT=64 CONFIG_NET_BUF_TX_COUNT=10 CONFIG_NET_BUF_RX_COUNT=64 -CONFIG_NRF700X_RX_NUM_BUFS=64 +CONFIG_NRF70_RX_NUM_BUFS=64 CONFIG_NET_BUF_DATA_SIZE=1100 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_SPEED_OPTIMIZATIONS=y -CONFIG_NRF700X_QSPI_LOW_POWER=n -CONFIG_NRF700X_UTIL=n -CONFIG_NRF700X_MAX_TX_AGGREGATION=2 -CONFIG_NRF700X_MAX_TX_TOKENS=5 +CONFIG_NRF70_QSPI_LOW_POWER=n +CONFIG_NRF70_UTIL=n +CONFIG_NRF70_MAX_TX_AGGREGATION=2 +CONFIG_NRF70_MAX_TX_TOKENS=5 CONFIG_POSIX_MAX_FDS=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack diff --git a/samples/wifi/throughput/overlay-tx-prio.conf b/samples/wifi/throughput/overlay-tx-prio.conf index bf46d78f624b..2c97254bc5ce 100644 --- a/samples/wifi/throughput/overlay-tx-prio.conf +++ b/samples/wifi/throughput/overlay-tx-prio.conf @@ -1,17 +1,17 @@ -CONFIG_NRF700X_AP_MODE=n -CONFIG_NRF700X_P2P_MODE=n +CONFIG_NRF70_AP_MODE=n +CONFIG_NRF70_P2P_MODE=n CONFIG_NET_PKT_TX_COUNT=32 CONFIG_NET_PKT_RX_COUNT=10 CONFIG_NET_BUF_TX_COUNT=64 CONFIG_NET_BUF_RX_COUNT=10 -CONFIG_NRF700X_RX_NUM_BUFS=10 +CONFIG_NRF70_RX_NUM_BUFS=10 CONFIG_NET_BUF_DATA_SIZE=1100 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_SPEED_OPTIMIZATIONS=y -CONFIG_NRF700X_QSPI_LOW_POWER=n -CONFIG_NRF700X_UTIL=n -CONFIG_NRF700X_MAX_TX_AGGREGATION=9 -CONFIG_NRF700X_MAX_TX_TOKENS=12 +CONFIG_NRF70_QSPI_LOW_POWER=n +CONFIG_NRF70_UTIL=n +CONFIG_NRF70_MAX_TX_AGGREGATION=9 +CONFIG_NRF70_MAX_TX_TOKENS=12 CONFIG_POSIX_MAX_FDS=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack diff --git a/samples/wifi/throughput/prj.conf b/samples/wifi/throughput/prj.conf index 3f8e9e3ce343..2f208645e376 100644 --- a/samples/wifi/throughput/prj.conf +++ b/samples/wifi/throughput/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y @@ -35,8 +35,8 @@ CONFIG_NET_PKT_TX_COUNT=8 CONFIG_NET_BUF_RX_COUNT=16 CONFIG_NET_BUF_TX_COUNT=16 CONFIG_NET_BUF_DATA_SIZE=128 -CONFIG_NRF700X_RX_NUM_BUFS=16 -CONFIG_NRF700X_MAX_TX_AGGREGATION=4 +CONFIG_NRF70_RX_NUM_BUFS=16 +CONFIG_NRF70_MAX_TX_AGGREGATION=4 # nRF700x is main consumer: (16 + 8) * 1600 = ~40KB + ~40KB control path (experimental) CONFIG_HEAP_MEM_POOL_SIZE=80000 CONFIG_NET_TC_TX_COUNT=1 diff --git a/samples/wifi/throughput/sysbuild.conf b/samples/wifi/throughput/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/throughput/sysbuild.conf +++ b/samples/wifi/throughput/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/twt/prj.conf b/samples/wifi/twt/prj.conf index 1d9ff2c43526..159c8010d879 100644 --- a/samples/wifi/twt/prj.conf +++ b/samples/wifi/twt/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y # WPA supplicant CONFIG_WPA_SUPP=y @@ -33,8 +33,8 @@ CONFIG_NET_BUF_RX_COUNT=16 CONFIG_NET_BUF_DATA_SIZE=1500 CONFIG_HEAP_MEM_POOL_SIZE=180000 #CONFIG_SPEED_OPTIMIZATIONS=y -#CONFIG_NRF700X_MAX_TX_AGGREGATION=9 -#CONFIG_NRF700X_MAX_TX_TOKENS=12 +#CONFIG_NRF70_MAX_TX_AGGREGATION=9 +#CONFIG_NRF70_MAX_TX_TOKENS=12 CONFIG_NET_TC_TX_COUNT=1 # Below configs will increase tcp connection timeout diff --git a/samples/wifi/twt/sysbuild.conf b/samples/wifi/twt/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/twt/sysbuild.conf +++ b/samples/wifi/twt/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/wifi/wfa_qt_app/prj.conf b/samples/wifi/wfa_qt_app/prj.conf index 51c958373076..8edc3280237c 100644 --- a/samples/wifi/wfa_qt_app/prj.conf +++ b/samples/wifi/wfa_qt_app/prj.conf @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y +CONFIG_WIFI_NRF70=y CONFIG_WFA_QT_CONTROL_APP=y # Ideally this has to be done in the QT module, but we already override this in the # hostap module (7), so, hostap will override QT module's settings, so, we have to diff --git a/samples/wifi/wfa_qt_app/sysbuild.conf b/samples/wifi/wfa_qt_app/sysbuild.conf index 32948cdda47c..d9e7bee8f47b 100644 --- a/samples/wifi/wfa_qt_app/sysbuild.conf +++ b/samples/wifi/wfa_qt_app/sysbuild.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -SB_CONFIG_WIFI_NRF700X=y +SB_CONFIG_WIFI_NRF70=y diff --git a/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf b/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf index 51633ff7ef53..ae4a07865cc9 100644 --- a/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf +++ b/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf @@ -9,7 +9,7 @@ CONFIG_SHELL_STACK_SIZE=4600 CONFIG_NET_SHELL=y CONFIG_SHELL_GETOPT=y CONFIG_SHELL_CMDS_RESIZE=n -CONFIG_NRF700X_UTIL=y +CONFIG_NRF70_UTIL=y CONFIG_NET_L2_WIFI_SHELL=y CONFIG_NET_STATISTICS=y CONFIG_NET_STATISTICS_WIFI=y diff --git a/subsys/mpsl/cx/Kconfig b/subsys/mpsl/cx/Kconfig index da062a3352a1..6e4b157df42d 100644 --- a/subsys/mpsl/cx/Kconfig +++ b/subsys/mpsl/cx/Kconfig @@ -13,7 +13,7 @@ config MPSL_CX_ANY_SUPPORT help Indicates that the device tree contains a nrf_radio_coex node. -config MPSL_CX_NRF700X_SUPPORT +config MPSL_CX_NRF70_SUPPORT bool default $(dt_nodelabel_has_compat,nrf_radio_coex,$(DT_COMPAT_CX_NRF700X)) help @@ -57,7 +57,7 @@ choice MPSL_CX_CHOICE prompt "Radio Coexistence interface implementation" config MPSL_CX_NRF700X - depends on MPSL_CX_NRF700X_SUPPORT + depends on MPSL_CX_NRF70_SUPPORT select NRFX_GPIOTE if !MPSL_CX_PIN_FORWARDER select GPIO if !MPSL_CX_PIN_FORWARDER imply NRF_RPC if SOC_SERIES_NRF53X diff --git a/subsys/net/lib/softap_wifi_provision/Kconfig b/subsys/net/lib/softap_wifi_provision/Kconfig index a2e5fedded95..515d569818cb 100644 --- a/subsys/net/lib/softap_wifi_provision/Kconfig +++ b/subsys/net/lib/softap_wifi_provision/Kconfig @@ -8,7 +8,7 @@ menuconfig SOFTAP_WIFI_PROVISION bool "SoftAP Wi-Fi provision library [EXPERIMENTAL]" select EXPERIMENTAL depends on NANOPB - depends on NRF700X_AP_MODE + depends on NRF70_AP_MODE depends on WPA_SUPP_AP depends on SMF depends on NET_DHCPV4_SERVER diff --git a/sysbuild/CMakeLists.txt b/sysbuild/CMakeLists.txt index 910df4253bdd..48db9417867f 100644 --- a/sysbuild/CMakeLists.txt +++ b/sysbuild/CMakeLists.txt @@ -421,8 +421,8 @@ function(${SYSBUILD_CURRENT_MODULE_NAME}_pre_cmake) set_config_bool(${DEFAULT_IMAGE} CONFIG_BT_FAST_PAIR n) endif() - if(SB_CONFIG_WIFI_NRF700X) - set_config_bool(${DEFAULT_IMAGE} CONFIG_WIFI_NRF700X y) + if(SB_CONFIG_WIFI_NRF70) + set_config_bool(${DEFAULT_IMAGE} CONFIG_WIFI_NRF70 y) foreach(config WIFI_PATCHES_EXT_FLASH_DISABLED WIFI_PATCHES_EXT_FLASH_XIP WIFI_PATCHES_EXT_FLASH_STORE) @@ -444,7 +444,7 @@ function(${SYSBUILD_CURRENT_MODULE_NAME}_pre_cmake) set_config_bool(${DEFAULT_IMAGE} CONFIG_NRF_WIFI_FW_PATCH_DFU ${SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH}) endif() else() - set_config_bool(${DEFAULT_IMAGE} CONFIG_WIFI_NRF700X n) + set_config_bool(${DEFAULT_IMAGE} CONFIG_WIFI_NRF70 n) endif() if(SB_CONFIG_ZEPHYR_CONNECTEDHOMEIP_MODULE) diff --git a/sysbuild/Kconfig.dfu b/sysbuild/Kconfig.dfu index 50e6c868ecd0..f66a612eccd9 100644 --- a/sysbuild/Kconfig.dfu +++ b/sysbuild/Kconfig.dfu @@ -33,7 +33,7 @@ config DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH bool "nRF70 firmware patch" depends on PARTITION_MANAGER depends on BOOTLOADER_MCUBOOT - depends on WIFI_NRF700X + depends on WIFI_NRF70 depends on (WIFI_PATCHES_EXT_FLASH_XIP || WIFI_PATCHES_EXT_FLASH_STORE) help Enabling this option adds support for Device Firmware Update (DFU) for the nRF70 Series diff --git a/sysbuild/Kconfig.wifi b/sysbuild/Kconfig.wifi index 398033674bf6..937166fbed11 100644 --- a/sysbuild/Kconfig.wifi +++ b/sysbuild/Kconfig.wifi @@ -4,32 +4,32 @@ menu "Wi-Fi" -menuconfig WIFI_NRF700X +menuconfig WIFI_NRF70 bool "nRF700x" -if WIFI_NRF700X +if WIFI_NRF70 -choice WIFI_NRF700X_OPER_MODES +choice WIFI_NRF70_OPER_MODES bool "nRF700x operating mode" - default WIFI_NRF700X_SYSTEM_MODE + default WIFI_NRF70_SYSTEM_MODE help Select the operating mode of the nRF700x driver -config WIFI_NRF700X_SYSTEM_MODE - bool "Enable nRF700X system mode" +config WIFI_NRF70_SYSTEM_MODE + bool "Enable nRF70 system mode" help Select this option to enable system mode of the nRF700x driver -config WIFI_NRF700X_SCAN_ONLY - bool "Enable nRF700X scan only mode" +config WIFI_NRF70_SCAN_ONLY + bool "Enable nRF70 scan only mode" help Select this option to enable scan only mode of the nRF700x driver -config WIFI_NRF700X_RADIO_TEST +config WIFI_NRF70_RADIO_TEST bool "Radio test mode of the nRF700x driver" -config WIFI_NRF700X_SYSTEM_WITH_RAW_MODES - bool "Enable nRF700X system mode with raw modes" +config WIFI_NRF70_SYSTEM_WITH_RAW_MODES + bool "Enable nRF70 system mode with raw modes" help Select this option to enable system mode of the nRF700x driver with raw modes @@ -60,6 +60,6 @@ config WIFI_PATCHES_EXT_FLASH_STORE endchoice -endif # WIFI_NRF700X +endif # WIFI_NRF70 endmenu diff --git a/sysbuild/Kconfig.zip b/sysbuild/Kconfig.zip index 6dceed6e33a5..0d50fcfc1ab1 100644 --- a/sysbuild/Kconfig.zip +++ b/sysbuild/Kconfig.zip @@ -33,7 +33,7 @@ config DFU_ZIP_NET config DFU_ZIP_WIFI_FW_PATCH bool "nRF70 firmware patch" depends on PARTITION_MANAGER - depends on WIFI_NRF700X + depends on WIFI_NRF70 depends on (WIFI_PATCHES_EXT_FLASH_XIP || WIFI_PATCHES_EXT_FLASH_STORE) default y help diff --git a/tests/lib/location/location_lib_autoconf_ext.h b/tests/lib/location/location_lib_autoconf_ext.h index 83f7cbb8d29c..43cefac9c382 100644 --- a/tests/lib/location/location_lib_autoconf_ext.h +++ b/tests/lib/location/location_lib_autoconf_ext.h @@ -9,7 +9,7 @@ */ #define CONFIG_NRF_MODEM_LIB 1 -#define CONFIG_WIFI_NRF700X 1 +#define CONFIG_WIFI_NRF70 1 #define CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS 0 #define CONFIG_WIFI_MGMT_RAW_SCAN_RESULT_LENGTH 10 #define CONFIG_NET_MGMT_EVENT 1 From 151540de679c3dfdf124f3ec773ab03e4374fc4e Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 5 Aug 2024 20:50:44 +0530 Subject: [PATCH 036/217] boards: shields: Use upstream nRF7002EK shields nRF70 EK shields are now upstreamed. Signed-off-by: Chaitanya Tata --- boards/shields/nrf7002ek/Kconfig.shield | 8 ---- .../boards/nrf52840dk_nrf52840.overlay | 5 --- .../boards/nrf5340dk_nrf5340_cpuapp.overlay | 16 ------- .../boards/nrf9151dk_nrf9151.overlay | 6 --- .../boards/nrf9151dk_nrf9151_ns.overlay | 6 --- .../boards/nrf9160dk_nrf9160_ns.overlay | 39 ---------------- .../boards/nrf9161dk_nrf9161.overlay | 6 --- .../boards/nrf9161dk_nrf9161_ns.overlay | 6 --- .../boards/thingy53_nrf5340_cpuapp.overlay | 5 --- boards/shields/nrf7002ek/nrf7002ek.overlay | 45 ------------------- .../shields/nrf7002ek/nrf7002ek_coex.overlay | 16 ------- .../shields/nrf7002ek_nrf7000/Kconfig.shield | 13 ------ .../boards/nrf52840dk_nrf52840.overlay | 5 --- .../boards/nrf5340dk_nrf5340_cpuapp.overlay | 16 ------- .../boards/nrf9151dk_nrf9151.overlay | 6 --- .../boards/nrf9151dk_nrf9151_ns.overlay | 6 --- .../boards/nrf9160dk_nrf9160_ns.overlay | 39 ---------------- .../boards/nrf9161dk_nrf9161.overlay | 6 --- .../boards/nrf9161dk_nrf9161_ns.overlay | 6 --- .../boards/thingy53_nrf5340_cpuapp.overlay | 5 --- .../nrf7002ek_nrf7000.overlay | 45 ------------------- .../nrf7002ek_nrf7000_coex.overlay | 16 ------- .../shields/nrf7002ek_nrf7001/Kconfig.shield | 11 ----- .../boards/nrf52840dk_nrf52840.overlay | 5 --- .../boards/nrf5340dk_nrf5340_cpuapp.overlay | 16 ------- .../boards/nrf9151dk_nrf9151.overlay | 6 --- .../boards/nrf9151dk_nrf9151_ns.overlay | 6 --- .../boards/nrf9160dk_nrf9160_ns.overlay | 39 ---------------- .../boards/nrf9161dk_nrf9161.overlay | 6 --- .../boards/nrf9161dk_nrf9161_ns.overlay | 6 --- .../boards/thingy53_nrf5340_cpuapp.overlay | 5 --- .../nrf7002ek_nrf7001.overlay | 45 ------------------- .../nrf7002ek_nrf7001_coex.overlay | 16 ------- samples/matter/lock/README.rst | 4 +- samples/matter/lock/sample.yaml | 2 +- samples/wifi/ble_coex/README.rst | 4 +- samples/wifi/ble_coex/sample.yaml | 6 +-- samples/wifi/thread_coex/README.rst | 4 +- samples/wifi/thread_coex/prj.conf | 2 + samples/wifi/thread_coex/sample.yaml | 4 +- 40 files changed, 14 insertions(+), 494 deletions(-) delete mode 100644 boards/shields/nrf7002ek/Kconfig.shield delete mode 100644 boards/shields/nrf7002ek/boards/nrf52840dk_nrf52840.overlay delete mode 100644 boards/shields/nrf7002ek/boards/nrf5340dk_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151.overlay delete mode 100644 boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151_ns.overlay delete mode 100644 boards/shields/nrf7002ek/boards/nrf9160dk_nrf9160_ns.overlay delete mode 100644 boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161.overlay delete mode 100644 boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161_ns.overlay delete mode 100644 boards/shields/nrf7002ek/boards/thingy53_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002ek/nrf7002ek.overlay delete mode 100644 boards/shields/nrf7002ek/nrf7002ek_coex.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/Kconfig.shield delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf52840dk_nrf52840.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf5340dk_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151_ns.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf9160dk_nrf9160_ns.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161_ns.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/boards/thingy53_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000_coex.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/Kconfig.shield delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf52840dk_nrf52840.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf5340dk_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151_ns.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf9160dk_nrf9160_ns.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161_ns.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/boards/thingy53_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001.overlay delete mode 100644 boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001_coex.overlay diff --git a/boards/shields/nrf7002ek/Kconfig.shield b/boards/shields/nrf7002ek/Kconfig.shield deleted file mode 100644 index e041e8f44057..000000000000 --- a/boards/shields/nrf7002ek/Kconfig.shield +++ /dev/null @@ -1,8 +0,0 @@ -# -# Copyright (c) 2023 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -config SHIELD_NRF7002EK - def_bool $(shields_list_contains,nrf7002ek) diff --git a/boards/shields/nrf7002ek/boards/nrf52840dk_nrf52840.overlay b/boards/shields/nrf7002ek/boards/nrf52840dk_nrf52840.overlay deleted file mode 100644 index da54dfdde269..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf52840dk_nrf52840.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_coex.overlay" diff --git a/boards/shields/nrf7002ek/boards/nrf5340dk_nrf5340_cpuapp.overlay b/boards/shields/nrf7002ek/boards/nrf5340dk_nrf5340_cpuapp.overlay deleted file mode 100644 index 06770a0bc229..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf5340dk_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include "../nrf7002ek_coex.overlay" - -/* This node by default forwards the UART1 pins to CPUNET, but as UART1 uses - * same pins as bucken and iovdd-ctrl, we need these pins to be controlled by - * the CPUAPP. Since a child node of gpio_fwd cannot be disabled, hence - * the entire node is disabled. If the application needs to forward other pins - * to the CPUNET, it should create a separate instance of nrf-gpio-forwarder - * and use it instead. - */ -&gpio_fwd { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151.overlay b/boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151.overlay deleted file mode 100644 index 7ebbb062c193..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151_ns.overlay b/boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151_ns.overlay deleted file mode 100644 index 7ebbb062c193..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf9151dk_nrf9151_ns.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek/boards/nrf9160dk_nrf9160_ns.overlay b/boards/shields/nrf7002ek/boards/nrf9160dk_nrf9160_ns.overlay deleted file mode 100644 index b84f12d3dc76..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf9160dk_nrf9160_ns.overlay +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* Disabled because of conflicts on P0.00 and P0.01 - Arduino pins D0 and D1 - * (iovdd-ctrl-gpios and bucken-gpios in nrf7002ek, respectively). */ -&uart1 { - status = "disabled"; -}; - -/* Typically we use GPIO extender to resolve these conflicts but the - * GPIO pin used by extender itself conflicts with Wi-Fi (0.6), so, - * disable LEDs and Button0/1. - */ -&led0 { - status = "disabled"; -}; - -&led1 { - status = "disabled"; -}; - -&led2 { - status = "disabled"; -}; - -&led3 { - status = "disabled"; -}; - -&button0 { - status = "disabled"; -}; - -&button1 { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161.overlay b/boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161.overlay deleted file mode 100644 index b9b798252066..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161_ns.overlay b/boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161_ns.overlay deleted file mode 100644 index b9b798252066..000000000000 --- a/boards/shields/nrf7002ek/boards/nrf9161dk_nrf9161_ns.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek/boards/thingy53_nrf5340_cpuapp.overlay b/boards/shields/nrf7002ek/boards/thingy53_nrf5340_cpuapp.overlay deleted file mode 100644 index da54dfdde269..000000000000 --- a/boards/shields/nrf7002ek/boards/thingy53_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_coex.overlay" diff --git a/boards/shields/nrf7002ek/nrf7002ek.overlay b/boards/shields/nrf7002ek/nrf7002ek.overlay deleted file mode 100644 index dc34d9245fdf..000000000000 --- a/boards/shields/nrf7002ek/nrf7002ek.overlay +++ /dev/null @@ -1,45 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include - -/ { - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; -}; - -&arduino_spi { - status = "okay"; - - nrf700x: nrf7002@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - - iovdd-ctrl-gpios = <&arduino_header 6 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D0 */ - bucken-gpios = <&arduino_header 7 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D1 */ - host-irq-gpios = <&arduino_header 13 GPIO_ACTIVE_HIGH>; /* D7 */ - }; -}; diff --git a/boards/shields/nrf7002ek/nrf7002ek_coex.overlay b/boards/shields/nrf7002ek/nrf7002ek_coex.overlay deleted file mode 100644 index d6489dee9800..000000000000 --- a/boards/shields/nrf7002ek/nrf7002ek_coex.overlay +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/ { - nrf_radio_coex: nrf7002-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - status0-gpios = <&arduino_header 8 GPIO_ACTIVE_HIGH>; /* D2 */ - req-gpios = <&arduino_header 9 GPIO_ACTIVE_HIGH>; /* D3 */ - grant-gpios = <&arduino_header 10 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; /* D4 */ - swctrl1-gpios = <&arduino_header 12 GPIO_ACTIVE_HIGH>; /* D6 */ - srrf-switch-gpios = <&arduino_header 14 GPIO_ACTIVE_HIGH>; /* D8 */ - }; -}; diff --git a/boards/shields/nrf7002ek_nrf7000/Kconfig.shield b/boards/shields/nrf7002ek_nrf7000/Kconfig.shield deleted file mode 100644 index 324389f498ab..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/Kconfig.shield +++ /dev/null @@ -1,13 +0,0 @@ -# -# Copyright (c) 2023 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -config SHIELD_NRF7002EK_NRF7000 - def_bool $(shields_list_contains,nrf7002ek_nrf7000) - depends on !WPA_SUPP - -config BOARD_NRF7000 - bool - default y if SHIELD_NRF7002EK_NRF7000 diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf52840dk_nrf52840.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf52840dk_nrf52840.overlay deleted file mode 100644 index 89219e71d3a8..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf52840dk_nrf52840.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_nrf7000_coex.overlay" diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf5340dk_nrf5340_cpuapp.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf5340dk_nrf5340_cpuapp.overlay deleted file mode 100644 index 9d888bd42755..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf5340dk_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_nrf7000_coex.overlay" - -/* This node by default forwards the UART1 pins to CPUNET, but as UART1 uses - * same pins as bucken and iovdd-ctrl, we need these pins to be controlled by - * the CPUAPP. Since a child node of gpio_fwd cannot be disabled, hence - * the entire node is disabled. If the application needs to forward other pins - * to the CPUNET, it should create a separate instance of nrf-gpio-forwarder - * and use it instead. - */ -&gpio_fwd { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151.overlay deleted file mode 100644 index 7ebbb062c193..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151_ns.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151_ns.overlay deleted file mode 100644 index 7ebbb062c193..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf9151dk_nrf9151_ns.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf9160dk_nrf9160_ns.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf9160dk_nrf9160_ns.overlay deleted file mode 100644 index b84f12d3dc76..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf9160dk_nrf9160_ns.overlay +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* Disabled because of conflicts on P0.00 and P0.01 - Arduino pins D0 and D1 - * (iovdd-ctrl-gpios and bucken-gpios in nrf7002ek, respectively). */ -&uart1 { - status = "disabled"; -}; - -/* Typically we use GPIO extender to resolve these conflicts but the - * GPIO pin used by extender itself conflicts with Wi-Fi (0.6), so, - * disable LEDs and Button0/1. - */ -&led0 { - status = "disabled"; -}; - -&led1 { - status = "disabled"; -}; - -&led2 { - status = "disabled"; -}; - -&led3 { - status = "disabled"; -}; - -&button0 { - status = "disabled"; -}; - -&button1 { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161.overlay deleted file mode 100644 index b9b798252066..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161_ns.overlay b/boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161_ns.overlay deleted file mode 100644 index b9b798252066..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/nrf9161dk_nrf9161_ns.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7000/boards/thingy53_nrf5340_cpuapp.overlay b/boards/shields/nrf7002ek_nrf7000/boards/thingy53_nrf5340_cpuapp.overlay deleted file mode 100644 index 89219e71d3a8..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/boards/thingy53_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_nrf7000_coex.overlay" diff --git a/boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000.overlay b/boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000.overlay deleted file mode 100644 index 6c900a684432..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000.overlay +++ /dev/null @@ -1,45 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include - -/ { - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; -}; - -&arduino_spi { - status = "okay"; - - nrf700x: nrf7000@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - - iovdd-ctrl-gpios = <&arduino_header 6 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D0 */ - bucken-gpios = <&arduino_header 7 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D1 */ - host-irq-gpios = <&arduino_header 13 GPIO_ACTIVE_HIGH>; /* D7 */ - }; -}; diff --git a/boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000_coex.overlay b/boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000_coex.overlay deleted file mode 100644 index 31173eb1e76d..000000000000 --- a/boards/shields/nrf7002ek_nrf7000/nrf7002ek_nrf7000_coex.overlay +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/ { - nrf_radio_coex: nrf7000-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - status0-gpios = <&arduino_header 8 GPIO_ACTIVE_HIGH>; /* D2 */ - req-gpios = <&arduino_header 9 GPIO_ACTIVE_HIGH>; /* D3 */ - grant-gpios = <&arduino_header 10 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; /* D4 */ - swctrl1-gpios = <&arduino_header 12 GPIO_ACTIVE_HIGH>; /* D6 */ - srrf-switch-gpios = <&arduino_header 14 GPIO_ACTIVE_HIGH>; /* D8 */ - }; -}; diff --git a/boards/shields/nrf7002ek_nrf7001/Kconfig.shield b/boards/shields/nrf7002ek_nrf7001/Kconfig.shield deleted file mode 100644 index f157e0208456..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/Kconfig.shield +++ /dev/null @@ -1,11 +0,0 @@ -# -# Copyright (c) 2023 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -config SHIELD_NRF7002EK_NRF7001 - def_bool $(shields_list_contains,nrf7002ek_nrf7001) - -config NRF70_2_4G_ONLY - bool - default y if SHIELD_NRF7002EK_NRF7001 diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf52840dk_nrf52840.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf52840dk_nrf52840.overlay deleted file mode 100644 index 00d734c80d55..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf52840dk_nrf52840.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_nrf7001_coex.overlay" diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf5340dk_nrf5340_cpuapp.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf5340dk_nrf5340_cpuapp.overlay deleted file mode 100644 index eab245fc372b..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf5340dk_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_nrf7001_coex.overlay" - -/* This node by default forwards the UART1 pins to CPUNET, but as UART1 uses - * same pins as bucken and iovdd-ctrl, we need these pins to be controlled by - * the CPUAPP. Since a child node of gpio_fwd cannot be disabled, hence - * the entire node is disabled. If the application needs to forward other pins - * to the CPUNET, it should create a separate instance of nrf-gpio-forwarder - * and use it instead. - */ -&gpio_fwd { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151.overlay deleted file mode 100644 index 7ebbb062c193..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151_ns.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151_ns.overlay deleted file mode 100644 index 7ebbb062c193..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf9151dk_nrf9151_ns.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf9160dk_nrf9160_ns.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf9160dk_nrf9160_ns.overlay deleted file mode 100644 index b84f12d3dc76..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf9160dk_nrf9160_ns.overlay +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* Disabled because of conflicts on P0.00 and P0.01 - Arduino pins D0 and D1 - * (iovdd-ctrl-gpios and bucken-gpios in nrf7002ek, respectively). */ -&uart1 { - status = "disabled"; -}; - -/* Typically we use GPIO extender to resolve these conflicts but the - * GPIO pin used by extender itself conflicts with Wi-Fi (0.6), so, - * disable LEDs and Button0/1. - */ -&led0 { - status = "disabled"; -}; - -&led1 { - status = "disabled"; -}; - -&led2 { - status = "disabled"; -}; - -&led3 { - status = "disabled"; -}; - -&button0 { - status = "disabled"; -}; - -&button1 { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161.overlay deleted file mode 100644 index b9b798252066..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161_ns.overlay b/boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161_ns.overlay deleted file mode 100644 index b9b798252066..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/nrf9161dk_nrf9161_ns.overlay +++ /dev/null @@ -1,6 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include diff --git a/boards/shields/nrf7002ek_nrf7001/boards/thingy53_nrf5340_cpuapp.overlay b/boards/shields/nrf7002ek_nrf7001/boards/thingy53_nrf5340_cpuapp.overlay deleted file mode 100644 index 00d734c80d55..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/boards/thingy53_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002ek_nrf7001_coex.overlay" diff --git a/boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001.overlay b/boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001.overlay deleted file mode 100644 index 9722b22bc71b..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001.overlay +++ /dev/null @@ -1,45 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include - -/ { - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; -}; - -&arduino_spi { - status = "okay"; - - nrf700x: nrf7001@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - - iovdd-ctrl-gpios = <&arduino_header 6 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D0 */ - bucken-gpios = <&arduino_header 7 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D1 */ - host-irq-gpios = <&arduino_header 13 GPIO_ACTIVE_HIGH>; /* D7 */ - }; -}; diff --git a/boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001_coex.overlay b/boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001_coex.overlay deleted file mode 100644 index a6f208a7b510..000000000000 --- a/boards/shields/nrf7002ek_nrf7001/nrf7002ek_nrf7001_coex.overlay +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/ { - nrf_radio_coex: nrf7001-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - status0-gpios = <&arduino_header 8 GPIO_ACTIVE_HIGH>; /* D2 */ - req-gpios = <&arduino_header 9 GPIO_ACTIVE_HIGH>; /* D3 */ - grant-gpios = <&arduino_header 10 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; /* D4 */ - swctrl1-gpios = <&arduino_header 12 GPIO_ACTIVE_HIGH>; /* D6 */ - srrf-switch-gpios = <&arduino_header 14 GPIO_ACTIVE_HIGH>; /* D8 */ - }; -}; diff --git a/samples/matter/lock/README.rst b/samples/matter/lock/README.rst index 2b8298851e88..47915480e85d 100644 --- a/samples/matter/lock/README.rst +++ b/samples/matter/lock/README.rst @@ -134,7 +134,7 @@ For example: .. code-block:: console - west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dlock_SHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex -DFILE_SUFFIX=thread_wifi_switched -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=3 -DCONFIG_CHIP_DFU_OVER_BT_SMP=y -DSB_CONFIG_WIFI_NRF70=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y + west build -b nrf5340dk/nrf5340/cpuapp -p -- -Dlock_SHIELD=nrf7002ek -DFILE_SUFFIX=thread_wifi_switched -DSB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y -DSB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=3 -DCONFIG_CHIP_DFU_OVER_BT_SMP=y -DSB_CONFIG_WIFI_NRF70=y -DSB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y .. _matter_lock_sample_ble_nus: @@ -773,7 +773,7 @@ To test this feature, complete the following steps: .. code-block:: console - west build -b nrf5340dk/nrf5340/cpuapp -- -DFILE_SUFFIX=thread_wifi_switched -Dlock_SHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex -DSB_CONFIG_WIFI_NRF70=y + west build -b nrf5340dk/nrf5340/cpuapp -- -DFILE_SUFFIX=thread_wifi_switched -Dlock_SHIELD=nrf7002ek -DSB_CONFIG_WIFI_NRF70=y #. |connect_terminal_ANSI| #. Program the application to the kit using the following command: diff --git a/samples/matter/lock/sample.yaml b/samples/matter/lock/sample.yaml index b29a6a124cdd..79448fd0c8e2 100644 --- a/samples/matter/lock/sample.yaml +++ b/samples/matter/lock/sample.yaml @@ -69,7 +69,7 @@ tests: sample.matter.lock.thread_wifi_switched.lto.smp_dfu: sysbuild: true build_only: true - extra_args: lock_SHIELD=nrf7002ek multiprotocol_rpmsg_SHIELD=nrf7002ek_coex + extra_args: lock_SHIELD=nrf7002ek FILE_SUFFIX=thread_wifi_switched SB_CONFIG_WIFI_PATCHES_EXT_FLASH_STORE=y SB_CONFIG_MCUBOOT_UPDATEABLE_IMAGES=3 CONFIG_CHIP_DFU_OVER_BT_SMP=y SB_CONFIG_WIFI_NRF70=y SB_CONFIG_DFU_MULTI_IMAGE_PACKAGE_WIFI_FW_PATCH=y diff --git a/samples/wifi/ble_coex/README.rst b/samples/wifi/ble_coex/README.rst index 3a69c0c395e1..8be8588f71ef 100644 --- a/samples/wifi/ble_coex/README.rst +++ b/samples/wifi/ble_coex/README.rst @@ -164,13 +164,13 @@ Add the following SHIELD options for the nRF7002 EK and nRF7001 EK. .. code-block:: console - -DSHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex + -DSHIELD=nrf7002ek * For nRF7001 EK: .. code-block:: console - -DSHIELD=nrf7002ek_nrf7001 -Dipc_radio_SHIELD=nrf7002ek_nrf7001_coex + -DSHIELD=nrf7002ek_nrf7001 The generated HEX file to be used is :file:`ble_coex/build/merged.hex`. diff --git a/samples/wifi/ble_coex/sample.yaml b/samples/wifi/ble_coex/sample.yaml index 52c60460aec8..543b01df8bfc 100644 --- a/samples/wifi/ble_coex/sample.yaml +++ b/samples/wifi/ble_coex/sample.yaml @@ -35,7 +35,7 @@ tests: build_only: true integration_platforms: - nrf5340dk/nrf5340/cpuapp - extra_args: SHIELD=nrf7002ek ipc_radio_SHIELD=nrf7002ek_coex + extra_args: SHIELD=nrf7002ek CONFIG_MPSL_CX=y ipc_radio_CONFIG_MPSL_CX=y CONFIG_COEX_SEP_ANTENNAS=y platform_allow: nrf5340dk/nrf5340/cpuapp @@ -45,7 +45,7 @@ tests: build_only: true integration_platforms: - nrf5340dk/nrf5340/cpuapp - extra_args: SHIELD=nrf7002ek_nrf7001 ipc_radio_SHIELD=nrf7002ek_nrf7001_coex + extra_args: SHIELD=nrf7002ek_nrf7001 CONFIG_MPSL_CX=y ipc_radio_CONFIG_MPSL_CX=y CONFIG_COEX_SEP_ANTENNAS=y platform_allow: nrf5340dk/nrf5340/cpuapp @@ -53,7 +53,7 @@ tests: sample.nrf7002_eb.thingy53.ble_coex: sysbuild: true build_only: true - extra_args: ble_coex_SHIELD=nrf7002eb ipc_radio_SHIELD=nrf7002eb_coex + extra_args: ble_coex_SHIELD=nrf7002eb CONFIG_MPSL_CX=y ipc_radio_CONFIG_MPSL_CX=y CONFIG_COEX_SEP_ANTENNAS=y integration_platforms: diff --git a/samples/wifi/thread_coex/README.rst b/samples/wifi/thread_coex/README.rst index 0a2cd4c98820..51349f56ec8b 100644 --- a/samples/wifi/thread_coex/README.rst +++ b/samples/wifi/thread_coex/README.rst @@ -151,13 +151,13 @@ Add the following SHIELD options for the nRF7002 EK and nRF7001 EK. .. code-block:: console - -DSHIELD=nrf7002ek -Dipc_radio_SHIELD=nrf7002ek_coex + -DSHIELD=nrf7002ek * For nRF7001 EK: .. code-block:: console - -DSHIELD=nrf7002ek_nrf7001 -Dipc_radio_SHIELD=nrf7002ek_nrf7001_coex + -DSHIELD=nrf7002ek_nrf7001 * Overlay files diff --git a/samples/wifi/thread_coex/prj.conf b/samples/wifi/thread_coex/prj.conf index 9247452fd7b8..424c0f9fb4fb 100644 --- a/samples/wifi/thread_coex/prj.conf +++ b/samples/wifi/thread_coex/prj.conf @@ -5,6 +5,8 @@ # CONFIG_WIFI=y CONFIG_WIFI_NRF70=y +CONFIG_NRF70_SR_COEX=y +CONFIG_NRF70_SR_COEX_RF_SWITCH=y # WPA supplicant CONFIG_WPA_SUPP=y diff --git a/samples/wifi/thread_coex/sample.yaml b/samples/wifi/thread_coex/sample.yaml index 86f81c78fcff..0d54a1e47acd 100644 --- a/samples/wifi/thread_coex/sample.yaml +++ b/samples/wifi/thread_coex/sample.yaml @@ -28,7 +28,7 @@ tests: build_only: true integration_platforms: - nrf5340dk/nrf5340/cpuapp - extra_args: SHIELD=nrf7002ek ipc_radio_SHIELD=nrf7002ek_coex + extra_args: SHIELD=nrf7002ek CONFIG_MPSL_CX=y ipc_radio_CONFIG_MPSL_CX=y CONFIG_COEX_SEP_ANTENNAS=y EXTRA_CONF_FILE="overlay-wifi-udp-client-thread-udp-client.conf" @@ -39,7 +39,7 @@ tests: build_only: true integration_platforms: - nrf5340dk/nrf5340/cpuapp - extra_args: SHIELD=nrf7002ek_nrf7001 ipc_radio_SHIELD=nrf7002ek_nrf7001_coex + extra_args: SHIELD=nrf7002ek_nrf7001 CONFIG_MPSL_CX=y ipc_radio_CONFIG_MPSL_CX=y CONFIG_COEX_SEP_ANTENNAS=y EXTRA_CONF_FILE="overlay-wifi-udp-client-thread-udp-client.conf" From a36b1f927bccc7ecf1ac7a2f32f78df95fb40305 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 5 Aug 2024 22:56:23 +0530 Subject: [PATCH 037/217] treewide: Migrate to upstream Zephyr WPA supplicant nRF70 now uses upstream Zephyr WPA supplicant. Signed-off-by: Chaitanya Tata --- .../boards/thingy91x_nrf9151_ns.conf | 2 +- .../overlay-nrf7002ek-wifi-scan-only.conf | 2 +- .../software_maturity_features.yaml | 2 +- .../getting_started/memory_optimization.rst | 4 ++-- doc/nrf/protocols/wifi/sap_mode/sap.rst | 2 +- doc/nrf/protocols/wifi/stack_configuration.rst | 14 +++++++------- .../releases/release-notes-2.6.0.rst | 2 +- modules/hostap/Kconfig | 8 ++++---- modules/wfa-qt/src/wpas_events.c | 8 ++++---- .../overlay-nrf700x-wifi-scan-only.conf | 2 +- samples/cellular/location/sample.yaml | 2 +- .../lwm2m_client/overlay-assist-wifi.conf | 2 +- .../overlay-nrf700x-wifi-scan-only.conf | 2 +- samples/cellular/modem_shell/sample.yaml | 2 +- .../overlay-nrf7002ek-wifi-scan-only.conf | 2 +- .../overlay_nrf700x_wifi_coap_no_lte.conf | 2 +- .../overlay_nrf700x_wifi_mqtt_no_lte.conf | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp.conf | 4 ++-- .../matter/lock/prj_thread_wifi_switched.conf | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 4 ++-- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 4 ++-- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 4 ++-- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 4 ++-- .../boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- samples/wifi/ble_coex/prj.conf | 2 +- samples/wifi/monitor/prj.conf | 2 +- samples/wifi/promiscuous/prj.conf | 2 +- samples/wifi/provisioning/ble/prj.conf | 2 +- samples/wifi/provisioning/softap/prj.conf | 4 ++-- samples/wifi/raw_tx_packet/prj.conf | 2 +- samples/wifi/scan/sample.yaml | 2 +- samples/wifi/shell/overlay-sap.conf | 2 +- samples/wifi/shell/overlay-scan-only.conf | 2 +- samples/wifi/shell/prj.conf | 4 ++-- samples/wifi/shell/sample.yaml | 18 ++++++++++++------ samples/wifi/softap/README.rst | 2 +- samples/wifi/softap/prj.conf | 6 +++--- samples/wifi/sta/prj.conf | 2 +- samples/wifi/thread_coex/prj.conf | 2 +- samples/wifi/throughput/prj.conf | 4 ++-- samples/wifi/twt/prj.conf | 2 +- samples/wifi/wfa_qt_app/prj.conf | 6 +++--- .../overlay-nrf70-driver-debug.conf | 2 +- subsys/net/l2_wifi_if_conn/l2_wifi_conn.c | 4 ++-- subsys/net/lib/softap_wifi_provision/Kconfig | 2 +- subsys/net/lib/wifi_mgmt_ext/Kconfig | 2 +- subsys/net/lib/wifi_ready/Kconfig | 2 +- subsys/net/lib/wifi_ready/wifi_ready.c | 8 ++++---- 51 files changed, 91 insertions(+), 85 deletions(-) diff --git a/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf b/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf index 7e995f9841e2..921d74856023 100644 --- a/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf +++ b/applications/asset_tracker_v2/boards/thingy91x_nrf9151_ns.conf @@ -50,7 +50,7 @@ CONFIG_NRF_MODEM_LIB_SHMEM_TX_SIZE=4096 CONFIG_NRF_MODEM_LIB_SHMEM_RX_SIZE=4096 # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y diff --git a/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf b/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf index ff7daa2e4709..92bda281627b 100644 --- a/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf +++ b/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf @@ -41,7 +41,7 @@ CONFIG_NRF_MODEM_LIB_SHMEM_TX_SIZE=4096 CONFIG_NRF_MODEM_LIB_SHMEM_RX_SIZE=4096 # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y diff --git a/doc/_scripts/software_maturity/software_maturity_features.yaml b/doc/_scripts/software_maturity/software_maturity_features.yaml index e8460b589a8f..0a5737cea4eb 100644 --- a/doc/_scripts/software_maturity/software_maturity_features.yaml +++ b/doc/_scripts/software_maturity/software_maturity_features.yaml @@ -109,7 +109,7 @@ features: boards_and_shields: - BOARD_NRF7002DK_NRF5340_CPUAPP SoftAP Mode (for Wi-Fi provisioning): - rule: WIFI_NRF70 && NRF700X_AP_MODE && WPA_SUPP_AP + rule: WIFI_NRF70 && NRF700X_AP_MODE && WIFI_NM_WPA_SUPPLICANT_AP boards_and_shields: - SHIELD_NRF7002EK - SHIELD_NRF7002EK_NRF7000 diff --git a/doc/nrf/protocols/matter/getting_started/memory_optimization.rst b/doc/nrf/protocols/matter/getting_started/memory_optimization.rst index 1b2b7bef66c4..1cca9750399d 100644 --- a/doc/nrf/protocols/matter/getting_started/memory_optimization.rst +++ b/doc/nrf/protocols/matter/getting_started/memory_optimization.rst @@ -393,11 +393,11 @@ The following table presents the possible threads used in a Matter application a | net_mgmt | :kconfig:option:`CONFIG_NET_MGMT_EVENT_STACK_SIZE` | Zephyr network management event processing thread stack. | | | | For Matter over Wi-Fi only. | +---------------------+------------------------------------------------------------------+----------------------------------------------------------------+ -| wpa_supplicant_main | :kconfig:option:`CONFIG_WPA_SUPP_THREAD_STACK_SIZE` | WPA supplicant main thread. | +| wpa_supplicant_main | :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT_THREAD_STACK_SIZE`| WPA supplicant main thread. | | | | Processing Wi-Fi requests and connections. | | | | For Matter over Wi-Fi only. | +---------------------+------------------------------------------------------------------+----------------------------------------------------------------+ -| wpa_supplicant_wq | :kconfig:option:`CONFIG_WPA_SUPP_WQ_STACK_SIZE` | WPA supplicant work queue thread. | +| wpa_supplicant_wq | :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT_WQ_STACK_SIZE` | WPA supplicant work queue thread. | | | | Processing Wi-Fi task queue | | | | For Matter over Wi-Fi only. | +---------------------+------------------------------------------------------------------+----------------------------------------------------------------+ diff --git a/doc/nrf/protocols/wifi/sap_mode/sap.rst b/doc/nrf/protocols/wifi/sap_mode/sap.rst index ea90037c3d16..1a3fcdea4d7c 100644 --- a/doc/nrf/protocols/wifi/sap_mode/sap.rst +++ b/doc/nrf/protocols/wifi/sap_mode/sap.rst @@ -30,7 +30,7 @@ The SAP mode in the nRF70 Series devices provides SoftAP support with the follow Enabling the SAP mode ********************* -You can enable the SAP mode by setting the :kconfig:option:`CONFIG_NRF70_AP_MODE` and :kconfig:option:`CONFIG_WPA_SUPP_AP` Kconfig options in the application project configuration file. +You can enable the SAP mode by setting the :kconfig:option:`CONFIG_NRF70_AP_MODE` and :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT_AP` Kconfig options in the application project configuration file. SAP mode configuration diff --git a/doc/nrf/protocols/wifi/stack_configuration.rst b/doc/nrf/protocols/wifi/stack_configuration.rst index 511eac9daecd..4e85c2921515 100644 --- a/doc/nrf/protocols/wifi/stack_configuration.rst +++ b/doc/nrf/protocols/wifi/stack_configuration.rst @@ -63,7 +63,7 @@ The nRF Wi-Fi driver provides the following software configurations to fine-tune - Description - Impact - Purpose - * - :kconfig:option:`CONFIG_WPA_SUPP` + * - :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT` - ``y`` or ``n`` - Enable or disable Wi-Fi Protected Access (WPA™) supplicant - Memory savings @@ -176,7 +176,7 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li - Throughputs * - STA scan only - Scan only - - ``CONFIG_WPA_SUPP=n`` + - ``CONFIG_WIFI_NM_WPA_SUPPLICANT=n`` ``CONFIG_NRF70_AP_MODE=n`` ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=1`` @@ -187,7 +187,7 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li - ``N/A`` * - :abbr:`STA (Station)` mode - IoT devices - - ``CONFIG_WPA_SUPP=y`` + - ``CONFIG_WIFI_NM_WPA_SUPPLICANT=y`` ``CONFIG_NRF70_AP_MODE=n`` ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=6`` @@ -208,7 +208,7 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li ``UDP-RX: 4.1 Mbps`` * - :abbr:`STA (Station)` mode - Memory optimized :abbr:`STA (Station)` mode - - ``CONFIG_WPA_SUPP=y`` + - ``CONFIG_WIFI_NM_WPA_SUPPLICANT=y`` ``CONFIG_NRF70_AP_MODE=n`` ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=6`` @@ -229,7 +229,7 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li ``UDP-RX: 0.5 Mbps`` * - :abbr:`STA (Station)` mode - High performance :abbr:`STA (Station)` mode - - ``CONFIG_WPA_SUPP=y`` + - ``CONFIG_WIFI_NM_WPA_SUPPLICANT=y`` ``CONFIG_NRF70_AP_MODE=n`` ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=30`` @@ -249,7 +249,7 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li ``UDP-RX: 12.4 Mbps`` * - :abbr:`STA (Station)` mode - TX prioritized :abbr:`STA (Station)` mode - - ``CONFIG_WPA_SUPP=y`` + - ``CONFIG_WIFI_NM_WPA_SUPPLICANT=y`` ``CONFIG_NRF70_AP_MODE=n`` ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=32`` @@ -270,7 +270,7 @@ The nRF Wi-Fi driver can be used in the following profiles (not an exhaustive li ``UDP-RX: 12.8 Mbps`` * - :abbr:`STA (Station)` mode - RX prioritized :abbr:`STA (Station)` mode - - ``CONFIG_WPA_SUPP=y`` + - ``CONFIG_WIFI_NM_WPA_SUPPLICANT=y`` ``CONFIG_NRF70_AP_MODE=n`` ``CONFIG_NRF70_P2P_MODE=n`` ``CONFIG_NET_PKT_TX_COUNT=5`` diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst index 572172aa6a91..6385206f3d38 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.0.rst @@ -845,7 +845,7 @@ Matter samples * Disabled the following features: * :ref:`ug_matter_configuring_read_client` in most Matter samples using the new :kconfig:option:`CONFIG_CHIP_ENABLE_READ_CLIENT` Kconfig option. - * WPA supplicant advanced features in all Matter samples using the :kconfig:option:`CONFIG_WPA_SUPP_ADVANCED_FEATURES` Kconfig option. + * WPA supplicant advanced features in all Matter samples using the ``CONFIG_WPA_SUPP_ADVANCED_FEATURES`` Kconfig option. This saves roughly 25 KB of flash memory for firmware images with Wi-Fi support. * Added ``matter_shell`` shell commands set to gather the current information about the NVS settings backend, such as current usage, free space, and peak usage value. diff --git a/modules/hostap/Kconfig b/modules/hostap/Kconfig index 7ffbc0eeb2b3..b4c2eaa0714f 100644 --- a/modules/hostap/Kconfig +++ b/modules/hostap/Kconfig @@ -5,7 +5,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -menuconfig WPA_SUPP +menuconfig WIFI_NM_WPA_SUPPLICANT bool "WPA supplicant support" # Need full POSIX from libc, Zephyr's POSIX support is only partial select POSIX_CLOCK @@ -21,7 +21,7 @@ menuconfig WPA_SUPP help WPA supplicant implements 802.1X related functions. -if WPA_SUPP +if WIFI_NM_WPA_SUPPLICANT config COMMON_LIBC_MALLOC_ARENA_SIZE default 40000 if WPA_SUPP_AP @@ -216,7 +216,7 @@ config NET_MGMT_EVENT_STACK_SIZE config NET_SOCKETS_POLL_MAX default 6 -module = WPA_SUPP +module = WIFI_NM_WPA_SUPPLICANT module-str = WPA supplicant source "subsys/logging/Kconfig.template.log_config" @@ -266,4 +266,4 @@ config WPA_SUPP_NW_SEL_RELIABILITY Select the network based on reliability. endchoice -endif # WPA_SUPP +endif # WIFI_NM_WPA_SUPPLICANT diff --git a/modules/wfa-qt/src/wpas_events.c b/modules/wfa-qt/src/wpas_events.c index 41f6d2426f87..f9660ed9f0ec 100644 --- a/modules/wfa-qt/src/wpas_events.c +++ b/modules/wfa-qt/src/wpas_events.c @@ -28,7 +28,7 @@ LOG_MODULE_REGISTER(wpas_event, CONFIG_WFA_QT_LOG_LEVEL); /* TODO: Handle other events */ -#define WPA_SUPP_EVENTS (NET_EVENT_WPA_SUPP_READY) +#define WPA_SUPP_EVENTS (NET_EVENT_SUPPLICANT_READY) static struct net_mgmt_event_callback net_wpa_supp_cb; @@ -44,7 +44,7 @@ static void wpa_supp_event_handler(struct net_mgmt_event_callback *cb, { /* TODO: Handle other events */ switch (mgmt_event) { - case NET_EVENT_WPA_SUPP_READY: + case NET_EVENT_SUPPLICANT_READY: handle_wpa_supp_ready(cb); break; default: @@ -55,7 +55,7 @@ static void wpa_supp_event_handler(struct net_mgmt_event_callback *cb, int wait_for_wpa_s_ready(void) { - struct wpa_supplicant *wpa_s = z_wpas_get_handle_by_ifname(CONFIG_WFA_QT_DEFAULT_INTERFACE); + struct wpa_supplicant *wpa_s = zephyr_get_handle_by_ifname(CONFIG_WFA_QT_DEFAULT_INTERFACE); int ret; if (wpa_s) { @@ -70,7 +70,7 @@ int wait_for_wpa_s_ready(void) return -1; } - wpa_s = z_wpas_get_handle_by_ifname(CONFIG_WFA_QT_DEFAULT_INTERFACE); + wpa_s = zephyr_get_handle_by_ifname(CONFIG_WFA_QT_DEFAULT_INTERFACE); if (!wpa_s) { LOG_INF("WPA Supplicant ready event received, but no handle found for %s", CONFIG_WFA_QT_DEFAULT_INTERFACE); diff --git a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf index b00d65a3f0a9..84c9d09ca697 100644 --- a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf @@ -31,7 +31,7 @@ CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=60 CONFIG_NEWLIB_LIBC=y # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y diff --git a/samples/cellular/location/sample.yaml b/samples/cellular/location/sample.yaml index 9f5160789fcf..fd87d9bfe11f 100644 --- a/samples/cellular/location/sample.yaml +++ b/samples/cellular/location/sample.yaml @@ -56,7 +56,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek_nrf7000 OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf - CONFIG_WPA_SUPP=n SB_CONFIG_WIFI_NRF70=y + CONFIG_WIFI_NM_WPA_SUPPLICANT=n SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.location.nrf7001ek_wifi: diff --git a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf index e3af40f6620f..4b9dd361718b 100644 --- a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf +++ b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf @@ -41,7 +41,7 @@ CONFIG_WIFI_NRF70=y CONFIG_NET_L2_WIFI_MGMT=y # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y diff --git a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf index 68726dca5305..9dcce93d1c38 100644 --- a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf @@ -49,7 +49,7 @@ CONFIG_NET_MGMT_EVENT_QUEUE_SIZE=50 CONFIG_NEWLIB_LIBC=y # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y diff --git a/samples/cellular/modem_shell/sample.yaml b/samples/cellular/modem_shell/sample.yaml index 9f44090c16c9..299c1928fbf3 100644 --- a/samples/cellular/modem_shell/sample.yaml +++ b/samples/cellular/modem_shell/sample.yaml @@ -110,7 +110,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - CONFIG_WPA_SUPP=n SB_CONFIG_WIFI_NRF70=y + CONFIG_WIFI_NM_WPA_SUPPLICANT=n SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.nrf7001ek_wifi: diff --git a/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf b/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf index 77cdc2bd5d55..5fd5298b993a 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf @@ -27,7 +27,7 @@ CONFIG_NET_IF_MAX_IPV4_COUNT=2 CONFIG_NET_IF_MAX_IPV6_COUNT=2 # But disable the supplicant, since we don't need connectivity -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n CONFIG_MBEDTLS=n # Stack/heap tweaks needed to support Wi-Fi. diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf index d6a6f8780b0b..b337a0103542 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf @@ -120,7 +120,7 @@ CONFIG_FLASH_MAP=y ## Enable Wi-Fi networking and native networking stack # Note: WPA_SUPP requires 24kB of unused RAM in the final build. # Memory allocations in this overlay are fine-tuned with that fact in mind. -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_NET_L2_ETHERNET=y CONFIG_NET_NATIVE=y CONFIG_NRF_SECURITY=y diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf index 89ee61bc2d84..dc770750531d 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf @@ -122,7 +122,7 @@ CONFIG_FLASH_MAP=y ## Enable Wi-Fi networking and native networking stack # Note: WPA_SUPP requires 24kB of unused RAM in the final build. # Memory allocations in this overlay are fine-tuned with that fact in mind. -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_NET_L2_ETHERNET=y CONFIG_NET_NATIVE=y CONFIG_NRF_SECURITY=y diff --git a/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf b/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf index 32db8ab62f32..24269e040bcf 100644 --- a/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf +++ b/samples/debug/memfault/boards/nrf7002dk_nrf5340_cpuapp.conf @@ -67,8 +67,8 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA -CONFIG_WPA_SUPP=y -CONFIG_WPA_SUPP_LOG_LEVEL_INF=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF=y # Settings subsystem CONFIG_NVS=y diff --git a/samples/matter/lock/prj_thread_wifi_switched.conf b/samples/matter/lock/prj_thread_wifi_switched.conf index adfc330405ff..5b4d8c6ec7fd 100644 --- a/samples/matter/lock/prj_thread_wifi_switched.conf +++ b/samples/matter/lock/prj_thread_wifi_switched.conf @@ -38,7 +38,7 @@ CONFIG_CHIP_FACTORY_RESET_ERASE_NVS=n # Do not restore initial transport on fact # Reduce application size CONFIG_USE_SEGGER_RTT=n -CONFIG_WPA_SUPP_ADVANCED_FEATURES=n +CONFIG_WIFI_NM_WPA_SUPPLICANT_ADVANCED_FEATURES=n CONFIG_CHIP_NFC_COMMISSIONING=n CONFIG_MATTER_LOG_LEVEL_INF=y CONFIG_CHIP_APP_LOG_LEVEL=3 diff --git a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index a6cc39aa683d..377d5f7e84fb 100644 --- a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -35,7 +35,7 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y # NET sockets CONFIG_NET_L2_ETHERNET=y diff --git a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 28345e1b64a3..681ec49f7226 100644 --- a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -34,8 +34,8 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA -CONFIG_WPA_SUPP=y -CONFIG_WPA_SUPP_LOG_LEVEL_ERR=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_ERR=y # Zephyr NET Connection Manager Connectivity layer. CONFIG_L2_WIFI_CONNECTIVITY=y diff --git a/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 1c5f9067a09e..38676b40e7f4 100644 --- a/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/coap_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -40,7 +40,7 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_MBEDTLS_HEAP_SIZE=16384 # NET sockets diff --git a/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 7dd2cd728096..2e83d7217f7c 100644 --- a/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/download/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -33,8 +33,8 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA -CONFIG_WPA_SUPP=y -CONFIG_WPA_SUPP_LOG_LEVEL_ERR=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_ERR=y # NET sockets CONFIG_NET_L2_ETHERNET=y diff --git a/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 1e011480db61..ca0672866271 100644 --- a/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -17,7 +17,7 @@ CONFIG_NRF70_MAX_TX_AGGREGATION=4 # Wi-Fi CONFIG_WIFI=y CONFIG_WIFI_NRF70=y -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_NET_L2_ETHERNET=y # IP address config diff --git a/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 9bed9d0074cc..bf7a8ddb35c3 100644 --- a/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/https_client/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -26,8 +26,8 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA supplicant -CONFIG_WPA_SUPP=y -CONFIG_WPA_SUPP_LOG_LEVEL_ERR=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_ERR=y # Zephyr NET Connection Manager connectivity layer CONFIG_L2_WIFI_CONNECTIVITY=y diff --git a/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 45edaeb3fa3d..7bdc5993e58a 100644 --- a/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/mqtt/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -39,8 +39,8 @@ CONFIG_L2_WIFI_CONNECTIVITY_AUTO_CONNECT=n CONFIG_L2_WIFI_CONNECTIVITY_AUTO_DOWN=n # WPA -CONFIG_WPA_SUPP=y -CONFIG_WPA_SUPP_LOG_LEVEL_ERR=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_ERR=y CONFIG_MBEDTLS_HEAP_SIZE=16384 # NET sockets diff --git a/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index cafcf374f7da..b2ce9a977de0 100644 --- a/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/udp/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -23,7 +23,7 @@ CONFIG_SHELL=y CONFIG_SHELL_STACK_SIZE=6144 # WPA -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_MBEDTLS_HEAP_SIZE=16384 # NET sockets diff --git a/samples/wifi/ble_coex/prj.conf b/samples/wifi/ble_coex/prj.conf index dab141cf094e..b439d67070e8 100644 --- a/samples/wifi/ble_coex/prj.conf +++ b/samples/wifi/ble_coex/prj.conf @@ -8,7 +8,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y # Networking CONFIG_NETWORKING=y diff --git a/samples/wifi/monitor/prj.conf b/samples/wifi/monitor/prj.conf index 6f064ed5626a..1bff86b8e8e2 100644 --- a/samples/wifi/monitor/prj.conf +++ b/samples/wifi/monitor/prj.conf @@ -11,7 +11,7 @@ CONFIG_NRF_WIFI_LOW_POWER=n CONFIG_NRF70_RAW_DATA_RX=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y # Networking CONFIG_NETWORKING=y diff --git a/samples/wifi/promiscuous/prj.conf b/samples/wifi/promiscuous/prj.conf index cda26d268723..54767ae464fb 100644 --- a/samples/wifi/promiscuous/prj.conf +++ b/samples/wifi/promiscuous/prj.conf @@ -7,7 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y # Promiscuous mode CONFIG_NET_PROMISCUOUS_MODE=y diff --git a/samples/wifi/provisioning/ble/prj.conf b/samples/wifi/provisioning/ble/prj.conf index a3e456bdf29c..33c9eda1fd35 100644 --- a/samples/wifi/provisioning/ble/prj.conf +++ b/samples/wifi/provisioning/ble/prj.conf @@ -7,7 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y # Networking CONFIG_NETWORKING=y diff --git a/samples/wifi/provisioning/softap/prj.conf b/samples/wifi/provisioning/softap/prj.conf index d2a7dcd2e3de..0afc370f8ff7 100644 --- a/samples/wifi/provisioning/softap/prj.conf +++ b/samples/wifi/provisioning/softap/prj.conf @@ -18,8 +18,8 @@ CONFIG_NRF70_MAX_TX_AGGREGATION=4 CONFIG_WIFI=y CONFIG_WIFI_NRF70=y CONFIG_NRF70_AP_MODE=y -CONFIG_WPA_SUPP=y -CONFIG_WPA_SUPP_AP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_AP=y CONFIG_NET_L2_ETHERNET=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/wifi/raw_tx_packet/prj.conf b/samples/wifi/raw_tx_packet/prj.conf index 0d8a54cbea87..e3399c6e181d 100644 --- a/samples/wifi/raw_tx_packet/prj.conf +++ b/samples/wifi/raw_tx_packet/prj.conf @@ -9,7 +9,7 @@ CONFIG_NRF_WIFI_LOW_POWER=n CONFIG_NRF70_RAW_DATA_TX=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/wifi/scan/sample.yaml b/samples/wifi/scan/sample.yaml index 652d635de695..67efa842fa80 100644 --- a/samples/wifi/scan/sample.yaml +++ b/samples/wifi/scan/sample.yaml @@ -48,7 +48,7 @@ tests: sample.nrf7000_eks.scan: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_WPA_SUPP=n + extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_WIFI_NM_WPA_SUPPLICANT=n integration_platforms: - nrf9160dk/nrf9160/ns platform_allow: nrf9160dk/nrf9160/ns diff --git a/samples/wifi/shell/overlay-sap.conf b/samples/wifi/shell/overlay-sap.conf index 5d98cdc2f405..9315603d65ba 100644 --- a/samples/wifi/shell/overlay-sap.conf +++ b/samples/wifi/shell/overlay-sap.conf @@ -1,5 +1,5 @@ CONFIG_NRF70_AP_MODE=y -CONFIG_WPA_SUPP_AP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_AP=y CONFIG_NET_ZPERF=y CONFIG_POSIX_MAX_FDS=16 diff --git a/samples/wifi/shell/overlay-scan-only.conf b/samples/wifi/shell/overlay-scan-only.conf index ff8e0651d526..c4fe84c8dbac 100644 --- a/samples/wifi/shell/overlay-scan-only.conf +++ b/samples/wifi/shell/overlay-scan-only.conf @@ -1,5 +1,5 @@ # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # In 9160 default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n diff --git a/samples/wifi/shell/prj.conf b/samples/wifi/shell/prj.conf index b692b42e4cc6..bdfd5e063f07 100644 --- a/samples/wifi/shell/prj.conf +++ b/samples/wifi/shell/prj.conf @@ -7,7 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_NET_L2_WIFI_SHELL=y # Networking @@ -63,7 +63,7 @@ CONFIG_DEBUG_COREDUMP_BACKEND_LOGGING=y CONFIG_DEBUG_COREDUMP_MEMORY_DUMP_MIN=y CONFIG_SHELL_CMDS_RESIZE=n #CONFIG_DEBUG=y -CONFIG_WPA_SUPP_LOG_LEVEL_INF=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF=y # Kernel options CONFIG_ENTROPY_GENERATOR=y diff --git a/samples/wifi/shell/sample.yaml b/samples/wifi/shell/sample.yaml index 924f403b8902..e823c749db3e 100644 --- a/samples/wifi/shell/sample.yaml +++ b/samples/wifi/shell/sample.yaml @@ -14,7 +14,7 @@ tests: sample.nrf7002.shell.disable_adv_features: sysbuild: true build_only: true - extra_args: -DCONFIG_WPA_SUPP_ADVANCED_FEATURES=n + extra_args: -DCONFIG_WIFI_NM_WPA_SUPPLICANT_ADVANCED_FEATURES=n integration_platforms: - nrf7002dk/nrf5340/cpuapp platform_allow: nrf7002dk/nrf5340/cpuapp @@ -38,7 +38,7 @@ tests: sample.nrf7000_eks.shell: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_WPA_SUPP=n + extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_WIFI_NM_WPA_SUPPLICANT=n integration_platforms: - nrf5340dk/nrf5340/cpuapp - nrf52840dk/nrf52840 @@ -64,7 +64,10 @@ tests: sample.nrf7000_eks_cpunet.shell: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_BOARD_ENABLE_CPUNET=y CONFIG_WPA_SUPP=n + extra_args: + - SHIELD=nrf7002ek_nrf7000 + - CONFIG_BOARD_ENABLE_CPUNET=y + - CONFIG_WIFI_NM_WPA_SUPPLICANT=n integration_platforms: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp @@ -120,7 +123,10 @@ tests: sample.nrf7000.shell.scan_only_91: sysbuild: true build_only: true - extra_args: EXTRA_CONF_FILE=overlay-scan-only.conf SHIELD=nrf7002ek_nrf7000 CONFIG_WPA_SUPP=n + extra_args: + - EXTRA_CONF_FILE=overlay-scan-only.conf + - SHIELD=nrf7002ek_nrf7000 + - CONFIG_WIFI_NM_WPA_SUPPLICANT=n integration_platforms: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns @@ -132,7 +138,7 @@ tests: sample.nrf7002.shell.scan_only_thingy91x: sysbuild: true build_only: true - extra_args: EXTRA_CONF_FILE=overlay-scan-only.conf CONFIG_WPA_SUPP=n + extra_args: EXTRA_CONF_FILE=overlay-scan-only.conf CONFIG_WIFI_NM_WPA_SUPPLICANT=n platform_allow: - thingy91x/nrf9151/ns tags: ci_build sysbuild ci_samples_wifi @@ -345,7 +351,7 @@ tests: tags: ci_build sysbuild ci_samples_wifi sample.nrf7002.shell.psa: build_only: true - extra_args: CONFIG_WPA_SUPP_CRYPTO_PSA=y + extra_args: CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA=y integration_platforms: - nrf7002dk/nrf5340/cpuapp platform_allow: nrf7002dk/nrf5340/cpuapp diff --git a/samples/wifi/softap/README.rst b/samples/wifi/softap/README.rst index 2896ca8e0000..0a2ae45f61b1 100644 --- a/samples/wifi/softap/README.rst +++ b/samples/wifi/softap/README.rst @@ -26,7 +26,7 @@ Then, the sample lists the connected devices. You can enable the SoftAP mode by setting the below configuration options in the sample project configuration file: * :kconfig:option:`CONFIG_NRF70_AP_MODE`: Enables access point mode support. -* :kconfig:option:`CONFIG_WPA_SUPP_AP`: Enables access point support. +* :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT_AP`: Enables access point support. The sample uses the :ref:`lib_wifi_ready` library to check Wi-Fi readiness. To use the :ref:`lib_wifi_ready` library, enable the :kconfig:option:`CONFIG_WIFI_READY_LIB` Kconfig option. diff --git a/samples/wifi/softap/prj.conf b/samples/wifi/softap/prj.conf index 25868db00547..cb6652cf9fe1 100644 --- a/samples/wifi/softap/prj.conf +++ b/samples/wifi/softap/prj.conf @@ -7,14 +7,14 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_WIFI_READY_LIB=y # Soft AP CONFIG_NRF70_AP_MODE=y -CONFIG_WPA_SUPP_AP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_AP=y -CONFIG_WPA_SUPP_LOG_LEVEL_INF=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF=y # Networking CONFIG_NETWORKING=y diff --git a/samples/wifi/sta/prj.conf b/samples/wifi/sta/prj.conf index 4690076e44d0..b8f1e00642ce 100644 --- a/samples/wifi/sta/prj.conf +++ b/samples/wifi/sta/prj.conf @@ -7,7 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_WIFI_READY_LIB=y CONFIG_NRF_WIFI_RPU_RECOVERY=y diff --git a/samples/wifi/thread_coex/prj.conf b/samples/wifi/thread_coex/prj.conf index 424c0f9fb4fb..386f6413b289 100644 --- a/samples/wifi/thread_coex/prj.conf +++ b/samples/wifi/thread_coex/prj.conf @@ -9,7 +9,7 @@ CONFIG_NRF70_SR_COEX=y CONFIG_NRF70_SR_COEX_RF_SWITCH=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y # Networking CONFIG_NETWORKING=y diff --git a/samples/wifi/throughput/prj.conf b/samples/wifi/throughput/prj.conf index 2f208645e376..cd6eb4b84159 100644 --- a/samples/wifi/throughput/prj.conf +++ b/samples/wifi/throughput/prj.conf @@ -7,7 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_NET_L2_WIFI_SHELL=y CONFIG_NET_ZPERF=y @@ -65,7 +65,7 @@ CONFIG_DEBUG_COREDUMP_BACKEND_LOGGING=y CONFIG_DEBUG_COREDUMP_MEMORY_DUMP_MIN=y CONFIG_SHELL_CMDS_RESIZE=n #CONFIG_DEBUG=y -CONFIG_WPA_SUPP_LOG_LEVEL_INF=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF=y # Kernel options CONFIG_ENTROPY_GENERATOR=y diff --git a/samples/wifi/twt/prj.conf b/samples/wifi/twt/prj.conf index 159c8010d879..0909fc41e7ec 100644 --- a/samples/wifi/twt/prj.conf +++ b/samples/wifi/twt/prj.conf @@ -7,7 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_WIFI_MGMT_EXT=y CONFIG_WIFI_CREDENTIALS=y diff --git a/samples/wifi/wfa_qt_app/prj.conf b/samples/wifi/wfa_qt_app/prj.conf index 8edc3280237c..a73b99c25bb8 100644 --- a/samples/wifi/wfa_qt_app/prj.conf +++ b/samples/wifi/wfa_qt_app/prj.conf @@ -12,7 +12,7 @@ CONFIG_WFA_QT_CONTROL_APP=y CONFIG_POSIX_MAX_FDS=16 # WPA supplicant -CONFIG_WPA_SUPP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT=y CONFIG_NET_L2_WIFI_SHELL=y # System settings @@ -69,7 +69,7 @@ CONFIG_DEBUG_COREDUMP_BACKEND_LOGGING=y CONFIG_DEBUG_COREDUMP_MEMORY_DUMP_MIN=y CONFIG_SHELL_CMDS_RESIZE=n #CONFIG_DEBUG=y -CONFIG_WPA_SUPP_LOG_LEVEL_INF=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF=y # Kernel options CONFIG_ENTROPY_GENERATOR=y @@ -106,4 +106,4 @@ CONFIG_SHELL_BACKEND_DUMMY=y CONFIG_NRF_WIFI_LOW_POWER=n # This is needed for WPA3 PMKSA caching test cases -CONFIG_WPA_SUPP_EAPOL=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_EAPOL=y diff --git a/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf b/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf index ae4a07865cc9..8a55b731096c 100644 --- a/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf +++ b/snippets/nrf70-driver-debug/overlay-nrf70-driver-debug.conf @@ -18,4 +18,4 @@ CONFIG_SYS_HEAP_RUNTIME_STATS=y CONFIG_LOG=y CONFIG_LOG_MODE_IMMEDIATE=y CONFIG_PRINTK=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_DBG=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_DBG=y diff --git a/subsys/net/l2_wifi_if_conn/l2_wifi_conn.c b/subsys/net/l2_wifi_if_conn/l2_wifi_conn.c index a676ce3cb120..7a1a722ca222 100644 --- a/subsys/net/l2_wifi_if_conn/l2_wifi_conn.c +++ b/subsys/net/l2_wifi_if_conn/l2_wifi_conn.c @@ -18,7 +18,7 @@ LOG_MODULE_REGISTER(l2_wifi_mgr_conn); #define WIFI_SHELL_MGMT_EVENTS (NET_EVENT_WIFI_CONNECT_RESULT | \ NET_EVENT_WIFI_DISCONNECT_RESULT) -#define WPA_SUPP_EVENTS (NET_EVENT_WPA_SUPP_READY) +#define WPA_SUPP_EVENTS (NET_EVENT_SUPPLICANT_READY) static struct net_mgmt_event_callback net_l2_mgmt_cb; static struct net_mgmt_event_callback net_wpa_supp_cb; @@ -98,7 +98,7 @@ static void wpa_supp_event_handler(struct net_mgmt_event_callback *cb, uint32_t mgmt_event, struct net_if *iface) { switch (mgmt_event) { - case NET_EVENT_WPA_SUPP_READY: + case NET_EVENT_SUPPLICANT_READY: k_sem_give(&wpa_supp_ready_sem); break; default: diff --git a/subsys/net/lib/softap_wifi_provision/Kconfig b/subsys/net/lib/softap_wifi_provision/Kconfig index 515d569818cb..79fb2d1e6ca7 100644 --- a/subsys/net/lib/softap_wifi_provision/Kconfig +++ b/subsys/net/lib/softap_wifi_provision/Kconfig @@ -9,7 +9,7 @@ menuconfig SOFTAP_WIFI_PROVISION select EXPERIMENTAL depends on NANOPB depends on NRF70_AP_MODE - depends on WPA_SUPP_AP + depends on WIFI_NM_WPA_SUPPLICANT_AP depends on SMF depends on NET_DHCPV4_SERVER depends on TLS_CREDENTIALS diff --git a/subsys/net/lib/wifi_mgmt_ext/Kconfig b/subsys/net/lib/wifi_mgmt_ext/Kconfig index 04591e5b53df..4d619f692a85 100644 --- a/subsys/net/lib/wifi_mgmt_ext/Kconfig +++ b/subsys/net/lib/wifi_mgmt_ext/Kconfig @@ -6,7 +6,7 @@ config WIFI_MGMT_EXT bool "Extended commands for Wi-Fi management" - depends on WPA_SUPP + depends on WIFI_NM_WPA_SUPPLICANT depends on WIFI_CREDENTIALS default y help diff --git a/subsys/net/lib/wifi_ready/Kconfig b/subsys/net/lib/wifi_ready/Kconfig index 9e90c442a158..69a5f477fe88 100644 --- a/subsys/net/lib/wifi_ready/Kconfig +++ b/subsys/net/lib/wifi_ready/Kconfig @@ -7,7 +7,7 @@ menuconfig WIFI_READY_LIB bool "Wi-Fi ready event handling library" select EXPERIMENTAL - depends on WPA_SUPP + depends on WIFI_NM_WPA_SUPPLICANT depends on NET_MGMT help Enable WiFi ready management subsystem that allows the application to diff --git a/subsys/net/lib/wifi_ready/wifi_ready.c b/subsys/net/lib/wifi_ready/wifi_ready.c index cbe21e6e5631..d8d2b7fc1aca 100644 --- a/subsys/net/lib/wifi_ready/wifi_ready.c +++ b/subsys/net/lib/wifi_ready/wifi_ready.c @@ -22,8 +22,8 @@ static wifi_ready_callback_t wifi_ready_callbacks[CONFIG_WIFI_READY_MAX_CALLBACK static unsigned char callback_count; static K_MUTEX_DEFINE(wifi_ready_mutex); -#define WPA_SUPP_EVENTS (NET_EVENT_WPA_SUPP_READY) | \ - (NET_EVENT_WPA_SUPP_NOT_READY) +#define WPA_SUPP_EVENTS (NET_EVENT_SUPPLICANT_READY) | \ + (NET_EVENT_SUPPLICANT_NOT_READY) static struct net_mgmt_event_callback net_wpa_supp_cb; @@ -68,10 +68,10 @@ static void wpa_supp_event_handler(struct net_mgmt_event_callback *cb, LOG_DBG("Event received: %d", mgmt_event); switch (mgmt_event) { - case NET_EVENT_WPA_SUPP_READY: + case NET_EVENT_SUPPLICANT_READY: handle_wpa_supp_event(iface, true); break; - case NET_EVENT_WPA_SUPP_NOT_READY: + case NET_EVENT_SUPPLICANT_NOT_READY: handle_wpa_supp_event(iface, false); break; default: From 196229b11312c5b6837ec1867b263b0ccf59ec85 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Tue, 6 Aug 2024 00:43:19 +0530 Subject: [PATCH 038/217] modules: hostap: Remove hostap module Migrate to using Zephyr upstream. Signed-off-by: Chaitanya Tata --- CODEOWNERS | 1 - modules/CMakeLists.txt | 1 - modules/Kconfig | 1 - modules/hostap/CMakeLists.txt | 398 ---------- modules/hostap/Kconfig | 269 ------- modules/hostap/module.yml | 3 - modules/hostap/src/supp_api.c | 1003 -------------------------- modules/hostap/src/supp_api.h | 199 ----- modules/hostap/src/supp_events.c | 462 ------------ modules/hostap/src/supp_events.h | 150 ---- modules/hostap/src/supp_main.c | 640 ---------------- modules/hostap/src/supp_main.h | 21 - modules/hostap/src/utils/wpa_debug.c | 416 ----------- modules/hostap/src/utils/wpa_debug.h | 389 ---------- modules/hostap/src/wpa_cli.c | 41 -- 15 files changed, 3994 deletions(-) delete mode 100644 modules/hostap/CMakeLists.txt delete mode 100644 modules/hostap/Kconfig delete mode 100644 modules/hostap/module.yml delete mode 100644 modules/hostap/src/supp_api.c delete mode 100644 modules/hostap/src/supp_api.h delete mode 100644 modules/hostap/src/supp_events.c delete mode 100644 modules/hostap/src/supp_events.h delete mode 100644 modules/hostap/src/supp_main.c delete mode 100644 modules/hostap/src/supp_main.h delete mode 100644 modules/hostap/src/utils/wpa_debug.c delete mode 100644 modules/hostap/src/utils/wpa_debug.h delete mode 100644 modules/hostap/src/wpa_cli.c diff --git a/CODEOWNERS b/CODEOWNERS index 8fa8a5bc54cb..6d718f7ce165 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -156,7 +156,6 @@ # Modules /modules/ @nrfconnect/ncs-co-build-system -/modules/hostap/ @nrfconnect/ncs-co-networking @krish2718 @rado17 @sachinthegreen /modules/mcuboot/ @nrfconnect/ncs-pluto /modules/cjson/ @nrfconnect/ncs-cia @plskeggs /modules/trusted-firmware-m/ @nrfconnect/ncs-aegir diff --git a/modules/CMakeLists.txt b/modules/CMakeLists.txt index eb053de26d92..8bee96ecc1d4 100644 --- a/modules/CMakeLists.txt +++ b/modules/CMakeLists.txt @@ -8,5 +8,4 @@ add_subdirectory_ifdef(CONFIG_BUILD_WITH_TFM trusted-firmware-m) add_subdirectory_ifdef(CONFIG_MEMFAULT memfault-firmware-sdk) add_subdirectory_ifdef(CONFIG_MCUBOOT mcuboot/hooks) add_subdirectory_ifdef(CONFIG_COREMARK coremark) -add_subdirectory(hostap) add_subdirectory(wfa-qt) diff --git a/modules/Kconfig b/modules/Kconfig index eddd40978ef6..f9f1ca41417a 100644 --- a/modules/Kconfig +++ b/modules/Kconfig @@ -5,5 +5,4 @@ # osource "$(NCS_MEMFAULT_FIRMWARE_SDK_KCONFIG)" -rsource "hostap/Kconfig" rsource "wfa-qt/Kconfig" diff --git a/modules/hostap/CMakeLists.txt b/modules/hostap/CMakeLists.txt deleted file mode 100644 index 888a3fa47d2d..000000000000 --- a/modules/hostap/CMakeLists.txt +++ /dev/null @@ -1,398 +0,0 @@ -# -# Copyright (c) 2022 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -if(CONFIG_WPA_SUPP) - -zephyr_library() - -set(HOSTAP_BASE ${CMAKE_CURRENT_SOURCE_DIR}/../../../modules/lib/hostap) -set(WPA_SUPPLICANT_BASE ${HOSTAP_BASE}/wpa_supplicant) -set(COMMON_SRC_BASE ${HOSTAP_BASE}/src) - -set(CMAKE_EXE_LINKER_FLAGS "--specs=nosys.specs -lnosys") -set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DMISSING_SYSCALL_NAMES") - -zephyr_compile_definitions( - CONFIG_ZEPHYR -) - -zephyr_include_directories( - ${CMAKE_CURRENT_SOURCE_DIR}/src - ${HOSTAP_BASE}/ - ${WPA_SUPPLICANT_BASE}/ - ${COMMON_SRC_BASE}/ -) - -zephyr_library_compile_definitions( - TLS_DEFAULT_CIPHERS=\""DEFAULT:!EXP:!LOW"\" - CONFIG_SHA256 - CONFIG_SME - CONFIG_NO_CONFIG_WRITE - CONFIG_NO_CONFIG_BLOBS - CONFIG_WPA_S_ZEPHYR_L2_WIFI_MGMT - CONFIG_CTRL_IFACE - CONFIG_CTRL_IFACE_ZEPHYR - CONFIG_NO_RANDOM_POOL - CONFIG_SUITEB192 -) - - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_CRYPTO_NONE - CONFIG_NO_PBKDF2 -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_NO_DEBUG - CONFIG_NO_STDOUT_DEBUG -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_ROBUST_AV - CONFIG_ROBUST_AV -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_WMM_AC - CONFIG_WMM_AC -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_RRM - CONFIG_RRM -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_MBO - CONFIG_MBO -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_WNM - CONFIG_WNM -) - -zephyr_library_include_directories( - ${CMAKE_CURRENT_SOURCE_DIR}/src - ${HOSTAP_BASE}/ - ${COMMON_SRC_BASE}/utils - ${COMMON_SRC_BASE}/drivers - ${HOSTAP_BASE}/src - ${ZEPHYR_BASE}/include - ${ZEPHYR_BASE}/include/net -) - -zephyr_library_sources( - ${COMMON_SRC_BASE}/common/wpa_common.c - ${COMMON_SRC_BASE}/common/ieee802_11_common.c - ${COMMON_SRC_BASE}/common/hw_features_common.c - ${COMMON_SRC_BASE}/common/wpa_ctrl.c - ${COMMON_SRC_BASE}/common/cli.c - - ${COMMON_SRC_BASE}/drivers/driver_common.c - ${COMMON_SRC_BASE}/drivers/drivers.c - ${COMMON_SRC_BASE}/l2_packet/l2_packet_zephyr.c - ${COMMON_SRC_BASE}/drivers/driver_zephyr.c - ${COMMON_SRC_BASE}/utils/common.c - ${COMMON_SRC_BASE}/utils/wpabuf.c - ${COMMON_SRC_BASE}/utils/bitfield.c - ${COMMON_SRC_BASE}/utils/eloop.c - ${COMMON_SRC_BASE}/utils/os_zephyr.c - ${WPA_SUPPLICANT_BASE}/config.c - ${WPA_SUPPLICANT_BASE}/notify.c - ${WPA_SUPPLICANT_BASE}/bss.c - ${WPA_SUPPLICANT_BASE}/eap_register.c - ${WPA_SUPPLICANT_BASE}/config_none.c - ${WPA_SUPPLICANT_BASE}/sme.c - ${WPA_SUPPLICANT_BASE}/wpa_supplicant.c - ${WPA_SUPPLICANT_BASE}/events.c - ${WPA_SUPPLICANT_BASE}/bssid_ignore.c - ${WPA_SUPPLICANT_BASE}/wpas_glue.c - ${WPA_SUPPLICANT_BASE}/scan.c - ${WPA_SUPPLICANT_BASE}/ctrl_iface.c - ${WPA_SUPPLICANT_BASE}/wpa_cli_cmds.c - ${WPA_SUPPLICANT_BASE}/ctrl_iface_zephyr.c - ${WPA_SUPPLICANT_BASE}/wpa_cli_zephyr.c - # Zephyr main - src/supp_main.c - src/utils/wpa_debug.c - src/supp_api.c - src/supp_events.c -) - -# Advanced features -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_RRM - ${WPA_SUPPLICANT_BASE}/op_classes.c - ${WPA_SUPPLICANT_BASE}/rrm.c -) -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_WMM_AC - ${WPA_SUPPLICANT_BASE}/wmm_ac.c -) -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_ROBUST_AV - ${WPA_SUPPLICANT_BASE}/robust_av.c -) -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_MBO - ${WPA_SUPPLICANT_BASE}/mbo.c -) -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_WNM - ${WPA_SUPPLICANT_BASE}/wnm_sta.c -) - -zephyr_library_sources_ifdef(CONFIG_WPA_CLI - src/wpa_cli.c -) - -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_AP - ${WPA_SUPPLICANT_BASE}/ap.c - ${COMMON_SRC_BASE}/ap/ap_config.c - ${COMMON_SRC_BASE}/ap/ap_drv_ops.c - ${COMMON_SRC_BASE}/ap/ap_list.c - ${COMMON_SRC_BASE}/ap/ap_mlme.c - ${COMMON_SRC_BASE}/ap/authsrv.c - ${COMMON_SRC_BASE}/ap/beacon.c - ${COMMON_SRC_BASE}/ap/bss_load.c - ${COMMON_SRC_BASE}/ap/dfs.c - ${COMMON_SRC_BASE}/ap/drv_callbacks.c - ${COMMON_SRC_BASE}/ap/eap_user_db.c - ${COMMON_SRC_BASE}/ap/hostapd.c - ${COMMON_SRC_BASE}/ap/hw_features.c - ${COMMON_SRC_BASE}/ap/ieee802_11_auth.c - ${COMMON_SRC_BASE}/ap/ieee802_11.c - ${COMMON_SRC_BASE}/ap/ieee802_11_he.c - ${COMMON_SRC_BASE}/ap/ieee802_11_ht.c - ${COMMON_SRC_BASE}/ap/ieee802_11_shared.c - ${COMMON_SRC_BASE}/ap/ieee802_11_vht.c - ${COMMON_SRC_BASE}/ap/ieee802_1x.c - ${COMMON_SRC_BASE}/ap/neighbor_db.c - ${COMMON_SRC_BASE}/ap/p2p_hostapd.c - ${COMMON_SRC_BASE}/ap/pmksa_cache_auth.c - ${COMMON_SRC_BASE}/ap/preauth_auth.c - ${COMMON_SRC_BASE}/ap/rrm.c - ${COMMON_SRC_BASE}/ap/sta_info.c - ${COMMON_SRC_BASE}/ap/tkip_countermeasures.c - ${COMMON_SRC_BASE}/ap/utils.c - ${COMMON_SRC_BASE}/ap/wmm.c - - ${COMMON_SRC_BASE}/ap/wpa_auth.c - ${COMMON_SRC_BASE}/ap/wpa_auth_ie.c - ${COMMON_SRC_BASE}/ap/wpa_auth_ft.c - ${COMMON_SRC_BASE}/ap/wpa_auth_glue.c - - ${COMMON_SRC_BASE}/eap_common/eap_common.c - ${COMMON_SRC_BASE}/eap_server/eap_server.c - ${COMMON_SRC_BASE}/eap_server/eap_server_identity.c - ${COMMON_SRC_BASE}/eap_server/eap_server_methods.c - ${COMMON_SRC_BASE}/eapol_auth/eapol_auth_sm.c - ${COMMON_SRC_BASE}/ap/mbo_ap.c - ${COMMON_SRC_BASE}/ap/ctrl_iface_ap.c - ${COMMON_SRC_BASE}/utils/crc32.c -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_AP - CONFIG_AP - CONFIG_NO_RADIUS - CONFIG_NO_VLAN - CONFIG_NO_ACCOUNTING - NEED_AP_MLME - CONFIG_IEEE80211AX - CONFIG_EAP_SERVER - CONFIG_EAP_SERVER_IDENTITY -) - - -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_CRYPTO_NONE - ${COMMON_SRC_BASE}/crypto/crypto_none.c - ${COMMON_SRC_BASE}/crypto/tls_none.c -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_CRYPTO_NONE - CONFIG_NO_WPA - CONFIG_CRYPTO_INTERNAL -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_CRYPTO_WEP - CONFIG_WEP -) - -zephyr_library_sources_ifndef(CONFIG_WPA_SUPP_CRYPTO_NONE - ${COMMON_SRC_BASE}/common/wpa_common.c - ${COMMON_SRC_BASE}/rsn_supp/wpa.c - ${COMMON_SRC_BASE}/rsn_supp/preauth.c - ${COMMON_SRC_BASE}/rsn_supp/wpa_ie.c - - ${COMMON_SRC_BASE}/crypto/crypto_mbedtls-bignum.c - ${COMMON_SRC_BASE}/crypto/crypto_mbedtls-ec.c - ${COMMON_SRC_BASE}/crypto/crypto_mbedtls.c - ${COMMON_SRC_BASE}/crypto/aes-wrap.c - ${COMMON_SRC_BASE}/crypto/aes-unwrap.c - ${COMMON_SRC_BASE}/crypto/rc4.c - #${COMMON_SRC_BASE}/crypto/random.c - ${COMMON_SRC_BASE}/crypto/sha1-prf.c - ${COMMON_SRC_BASE}/crypto/sha256-prf.c - ${COMMON_SRC_BASE}/crypto/sha256-prf.c - ${COMMON_SRC_BASE}/crypto/sha384-prf.c -) - -zephyr_library_sources_ifndef(CONFIG_WPA_SUPP_CRYPTO_ENTERPRISE - ${COMMON_SRC_BASE}/crypto/tls_none.c -) - -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_WPA3 - ${COMMON_SRC_BASE}/common/sae.c - ${COMMON_SRC_BASE}/common/dragonfly.c - - ${COMMON_SRC_BASE}/crypto/dh_groups.c - ${COMMON_SRC_BASE}/crypto/sha256-kdf.c -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_WPA3 - CONFIG_SAE - CONFIG_ECC -) - -zephyr_library_include_directories_ifndef(CONFIG_WPA_SUPP_CRYPTO_NONE - ${CMAKE_SOURCE_DIR} -) - -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_P2P - ${WPA_SUPPLICANT_BASE}/p2p_supplicant.c - ${WPA_SUPPLICANT_BASE}/p2p_supplicant_sd.c - ${COMMON_SRC_BASE}/p2p/p2p.c - ${COMMON_SRC_BASE}/p2p/p2p_utils.c - ${COMMON_SRC_BASE}/p2p/p2p_parse.c - ${COMMON_SRC_BASE}/p2p/p2p_build.c - ${COMMON_SRC_BASE}/p2p/p2p_go_neg.c - ${COMMON_SRC_BASE}/p2p/p2p_sd.c - ${COMMON_SRC_BASE}/p2p/p2p_pd.c - ${COMMON_SRC_BASE}/p2p/p2p_invitation.c - ${COMMON_SRC_BASE}/p2p/p2p_dev_disc.c - ${COMMON_SRC_BASE}/p2p/p2p_group.c - ${COMMON_SRC_BASE}/ap/p2p_hostapd.c - ${COMMON_SRC_BASE}/common/gas.c - ${WPA_SUPPLICANT_BASE}/gas_query.c - ${WPA_SUPPLICANT_BASE}/offchannel.c -) -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_WPS - ${WPA_SUPPLICANT_BASE}/wps_supplicant.c - ${COMMON_SRC_BASE}/utils/uuid.c - ${COMMON_SRC_BASE}/eap_peer/eap_wsc.c - ${COMMON_SRC_BASE}/eap_common/eap_wsc_common.c - ${COMMON_SRC_BASE}/wps/wps.c - ${COMMON_SRC_BASE}/ap/wps_hostapd.c - ${COMMON_SRC_BASE}/wps/wps_common.c - ${COMMON_SRC_BASE}/wps/wps_attr_parse.c - ${COMMON_SRC_BASE}/wps/wps_attr_build.c - ${COMMON_SRC_BASE}/wps/wps_attr_process.c - ${COMMON_SRC_BASE}/wps/wps_dev_attr.c - ${COMMON_SRC_BASE}/wps/wps_enrollee.c - ${COMMON_SRC_BASE}/wps/wps_registrar.c - ${COMMON_SRC_BASE}/crypto/dh_groups.c - ${COMMON_SRC_BASE}/crypto/dh_group5.c -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_P2P - CONFIG_P2P - CONFIG_GAS - CONFIG_OFFCHANNEL -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_WPS - CONFIG_WPS - EAP_WSC -) - -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_CRYPTO_ENTERPRISE - ${COMMON_SRC_BASE}/crypto/tls_mbedtls.c - - ${COMMON_SRC_BASE}/eap_peer/eap_tls.c - ${COMMON_SRC_BASE}/eap_peer/eap_tls_common.c - - - ${COMMON_SRC_BASE}/eap_peer/eap_peap.c - ${COMMON_SRC_BASE}/eap_common/eap_peap_common.c - ${COMMON_SRC_BASE}/eap_peer/eap_ttls.c - ${COMMON_SRC_BASE}/eap_peer/eap_md5.c - ${COMMON_SRC_BASE}/eap_peer/eap_mschapv2.c - ${COMMON_SRC_BASE}/eap_common/chap.c - ${COMMON_SRC_BASE}/eap_peer/mschapv2.c - ${COMMON_SRC_BASE}/eap_peer/eap_leap.c - - ${COMMON_SRC_BASE}/eap_peer/eap_psk.c - ${COMMON_SRC_BASE}/eap_common/eap_psk_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_fast.c - ${COMMON_SRC_BASE}/eap_peer/eap_fast_pac.c - ${COMMON_SRC_BASE}/eap_common/eap_fast_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_pax.c - ${COMMON_SRC_BASE}/eap_common/eap_pax_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_sake.c - ${COMMON_SRC_BASE}/eap_common/eap_sake_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_gpsk.c - ${COMMON_SRC_BASE}/eap_common/eap_gpsk_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_pwd.c - ${COMMON_SRC_BASE}/eap_common/eap_pwd_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_eke.c - ${COMMON_SRC_BASE}/eap_common/eap_eke_common.c - - ${COMMON_SRC_BASE}/eap_peer/eap_ikev2.c - ${COMMON_SRC_BASE}/eap_peer/ikev2.c - ${COMMON_SRC_BASE}/eap_common/eap_ikev2_common.c - ${COMMON_SRC_BASE}/eap_common/ikev2_common.c - - # common - ${COMMON_SRC_BASE}/crypto/sha384-tlsprf.c - ${COMMON_SRC_BASE}/crypto/sha256-tlsprf.c - ${COMMON_SRC_BASE}/crypto/sha1-tlsprf.c - ${COMMON_SRC_BASE}/crypto/sha1-tprf.c - ${COMMON_SRC_BASE}/crypto/ms_funcs.c - ${COMMON_SRC_BASE}/crypto/aes-eax.c - # MD4 removed from MbedTLS - ${COMMON_SRC_BASE}/crypto/md4-internal - ${COMMON_SRC_BASE}/crypto/aes-encblock.c - -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_CRYPTO_ENTERPRISE - CONFIG_EAP_TLS - CONFIG_IEEE8021X_EAPOL - CONFIG_EAP_PEAP - CONFIG_EAP_TTLS - CONFIG_EAP_MD5 - CONFIG_EAP_MSCHAPv2 - CONFIG_EAP_LEAP - CONFIG_EAP_PSK - CONFIG_EAP_FAST - CONFIG_EAP_PAX - CONFIG_EAP_SAKE - CONFIG_EAP_GPSK - CONFIG_EAP_PWD - CONFIG_EAP_EKE - CONFIG_EAP_IKEv2 -) - -zephyr_library_sources_ifdef(CONFIG_WPA_SUPP_EAPOL - ${COMMON_SRC_BASE}/eapol_supp/eapol_supp_sm.c - ${COMMON_SRC_BASE}/eap_peer/eap.c - ${COMMON_SRC_BASE}/eap_peer/eap_methods.c - ${COMMON_SRC_BASE}/eap_common/eap_common.c - ${COMMON_SRC_BASE}/rsn_supp/pmksa_cache.c -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_EAPOL - IEEE8021X_EAPOL -) - -zephyr_library_compile_definitions_ifdef(CONFIG_WPA_SUPP_NW_SEL_RELIABILITY - CONFIG_NW_SEL_RELIABILITY -) - -zephyr_library_include_directories_ifdef(CONFIG_WPA_SUPP_CRYPTO_LEGACY_MBEDTLS - ${CMAKE_CURRENT_SOURCE_DIR}/../../../modules/crypto/mbedtls/include - ${CMAKE_CURRENT_SOURCE_DIR}/../../../modules/crypto/mbedtls/include/mbedtls - ${CMAKE_CURRENT_SOURCE_DIR}/../../../modules/crypto/mbedtls/include/mbedtls/configs -) -zephyr_compile_definitions_ifdef(CONFIG_WPA_SUPP_CRYPTO_LEGACY_MBEDTLS - MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_SOURCE_DIR}/../../../zephyr/modules/mbedtls/configs/${CONFIG_MBEDTLS_CFG_FILE}" -) -endif() diff --git a/modules/hostap/Kconfig b/modules/hostap/Kconfig deleted file mode 100644 index b4c2eaa0714f..000000000000 --- a/modules/hostap/Kconfig +++ /dev/null @@ -1,269 +0,0 @@ -# Nordic WiFi driver for nRF52840 and nRF5340 -# -# Copyright (c) 2022 Nordic Semiconductor -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -menuconfig WIFI_NM_WPA_SUPPLICANT - bool "WPA supplicant support" - # Need full POSIX from libc, Zephyr's POSIX support is only partial - select POSIX_CLOCK - select POSIX_SIGNAL - select POSIX_API - select NET_SOCKETS - select NET_SOCKETS_PACKET - select NET_SOCKETPAIR - select NET_L2_WIFI_MGMT - select WIFI_NM - select EXPERIMENTAL if !SOC_SERIES_NRF53X && !SOC_SERIES_NRF91X - select COMMON_LIBC_MALLOC - help - WPA supplicant implements 802.1X related functions. - -if WIFI_NM_WPA_SUPPLICANT - -config COMMON_LIBC_MALLOC_ARENA_SIZE - default 40000 if WPA_SUPP_AP - # 8192 for MbedTLS heap - default 21808 if MBEDTLS_ENABLE_HEAP - # 30K is mandatory, but might need more for long duration use cases - default 30000 - -# Hidden as these are mandatory for WFA certification -config WPA_SUPP_WMM_AC - bool - default y - -config WPA_SUPP_MBO - bool - default y - -# Memory optimizations -config WPA_SUPP_ADVANCED_FEATURES - bool "Enable advanced features" - default y - -if WPA_SUPP_ADVANCED_FEATURES - -config WPA_SUPP_ROBUST_AV - bool "Robust Audio Video streaming support" - default y - -config WPA_SUPP_WNM - bool "Wireless Network Management support" - default y - -config WPA_SUPP_RRM - bool "Radio Resource Management support" - default y -endif - -config WPA_SUPP_MGD_IFACES_PREFIXES - string "WPA supplicant managed interfaces prefixes" - default "wlan,esp,nordic_wlan" - -config WPA_SUPP_THREAD_STACK_SIZE - int "Stack size for wpa_supplicant thread" - default 5200 - -config WPA_SUPP_WQ_STACK_SIZE - int "Stack size for wpa_supplicant workqueue" - default 4400 - -config WPA_SUPP_WQ_PRIORITY - int "Priority for wpa_supplicant workqueue" - default 7 - -config WPA_SUPP_CRYPTO_WEP - bool "WEP (Legacy crypto) support" - -choice WPA_SUPP_CRYPTO_BACKEND - prompt "WPA supplicant crypto implementation" - default WPA_SUPP_CRYPTO_PSA if BUILD_WITH_TFM - default WPA_SUPP_CRYPTO_LEGACY if !BUILD_WITH_TFM - help - Select the crypto implementation to use for WPA supplicant. - -# To easily manage the crypto dependencies we separate the crypto -# implementations into two Kconfig options. One for the legacy crypto -# and one for the PSA crypto. -config WPA_SUPP_CRYPTO_PSA - bool "PSA Crypto support for WiFi" - select MBEDTLS - select NRF_SECURITY - select PSA_WANT_GENERATE_RANDOM - # Legacy crypto, still needed - select MBEDTLS_SHA1_C - select MBEDTLS_LEGACY_CRYPTO_C - select MBEDTLS_CMAC_C - select MBEDTLS_GCM_C - select MBEDTLS_TLS_LIBRARY - select MBEDTLS_PK_C - select MBEDTLS_PK_WRITE_C - select MBEDTLS_X509_LIBRARY - select MBEDTLS_X509_CRT_PARSE_C - select MBEDTLS_CIPHER_C - select MBEDTLS_CIPHER_MODE_CTR - select MBEDTLS_CIPHER_MODE_CBC - select MBEDTLS_SSL_TLS_C - select MBEDTLS_ECP_C - select MBEDTLS_CTR_DRBG_C - select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED - select MBEDTLS_MD_C - select MBEDTLS_CIPHER_PADDING_PKCS7 - select MBEDTLS_PKCS5_C - -config WPA_SUPP_CRYPTO_LEGACY - bool "Legacy Crypto support for WiFi using nRF security" - select MBEDTLS - select NRF_SECURITY - select MBEDTLS_CIPHER_MODE_CBC - select MBEDTLS_CIPHER_MODE_CTR - select MBEDTLS_LEGACY_CRYPTO_C - select MBEDTLS_SHA1_C - select MBEDTLS_ECP_C - select MBEDTLS_CTR_DRBG_C - select MBEDTLS_PK_C - select MBEDTLS_PKCS5_C - select MBEDTLS_CIPHER_PADDING_PKCS7 - select MBEDTLS_PK_WRITE_C - select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED - -config WPA_SUPP_CRYPTO_LEGACY_MBEDTLS - bool "Legacy Crypto support for WiFi using vanilla MbedTLS" - select MBEDTLS - select MBEDTLS_CIPHER_MODE_CTR_ENABLED - select MBEDTLS_CIPHER_MODE_CBC_ENABLED - select MBEDTLS_ECP_C - select MBEDTLS_ECP_ALL_ENABLED - select MBEDTLS_MAC_CMAC_ENABLED - select MBEDTLS_PKCS5_C - select MBEDTLS_PK_WRITE_C - select MBEDTLS_ECDH_C - select MBEDTLS_ECDSA_C - select MBEDTLS_ECJPAKE_C - select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - select MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - select MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED - -config WPA_SUPP_CRYPTO_NONE - bool "No Crypto support for WiFi" - -endchoice - -# To fix MAC_MD5 Kconfig warning -config NET_TCP_ISN_RFC6528 - default n if !WPA_SUPP_CRYPTO_NONE - -config WPA_SUPP_CRYPTO_ENTERPRISE - bool "Enterprise Crypto support for WiFi" - depends on !WPA_SUPP_CRYPTO_NONE - -config WPA_SUPP_WPA3 - bool "WPA3 support" - depends on !WPA_SUPP_CRYPTO_NONE - default y - -config WPA_SUPP_AP - bool "AP mode support" - -config WPA_SUPP_WPS - bool "WPS support" - depends on !WPA_SUPP_CRYPTO_NONE - -config WPA_SUPP_P2P - bool "P2P mode support" - select WPA_SUPP_AP - select WPA_SUPP_WPS - -config WPA_SUPP_EAPOL - bool "Enable EAPoL supplicant" - -config WPA_CLI - bool "CLI support for wpa_supplicant" - default n - -config NET_SOCKETPAIR_BUFFER_SIZE - default 4096 - -config POSIX_MAX_FDS - # l2_packet - 1 - # ctrl_iface - 2 * socketpairs = 4(local and global) - # z_wpa_event_sock - 1 socketpair = 2 - # Remaining left for the applications running in default configuration - default 16 if !POSIX_API - -config BSS_MAX_IDLE_TIME - int "BSS max idle timeout in seconds" - range 0 64000 - default 300 - help - BSS max idle timeout is the period for which AP may keep a client - in associated state while there is no traffic from that particular - client. Set 0 to disable inclusion of BSS max idle time tag in - association request. If a non-zero value is set, STA can suggest a - timeout by including BSS max idle period in the association request. - AP may choose to consider or ignore the STA's preferred value. - Ref: Sec 11.21.13 of IEEE Std 802.11™-2020 - -# Control interface is stack heavy (buffers + snprintfs) -# Making calls to RPU from net_mgmt callbacks (status - RSSI) -config NET_MGMT_EVENT_STACK_SIZE - default 4400 - -config NET_SOCKETS_POLL_MAX - default 6 - -module = WIFI_NM_WPA_SUPPLICANT -module-str = WPA supplicant -source "subsys/logging/Kconfig.template.log_config" - -config WPA_SUPP_DEBUG_LEVEL - int "Min compiled-in debug message level for WPA supplicant" - default 0 if WPA_SUPP_LOG_LEVEL_DBG # MSG_EXCESSIVE - default 3 if WPA_SUPP_LOG_LEVEL_INF # MSG_INFO - default 4 if WPA_SUPP_LOG_LEVEL_WRN # MSG_WARNING - default 5 if WPA_SUPP_LOG_LEVEL_ERR # MSG_ERROR - default 6 - help - Minimum priority level of a debug message emitted by WPA supplicant that - is compiled-in the firmware. See wpa_debug.h file of the supplicant for - available levels and functions for emitting the messages. Note that - runtime filtering can also be configured in addition to the compile-time - filtering. - -# Debug logs need more buffer space -config LOG_BUFFER_SIZE - default 4096 if WPA_SUPP_LOG_LEVEL_DBG - default 2048 - -# Without this logs are logs independent of buffer size -if WPA_SUPP_LOG_LEVEL_DBG - choice LOG_MODE - default LOG_MODE_IMMEDIATE - endchoice -endif - -config WPA_SUPP_NO_DEBUG - bool "Disable printing of debug messages, saves code size significantly" - -choice WPA_SUPP_NW_SEL - prompt "WPA supplicant Network selection criterion" - default WPA_SUPP_NW_SEL_THROUGHPUT - help - Select the network selection method for the supplicant. - -config WPA_SUPP_NW_SEL_THROUGHPUT - bool "Throughput based network selection" - help - Select the network based on throughput. - -config WPA_SUPP_NW_SEL_RELIABILITY - bool "Reliability based network selection" - help - Select the network based on reliability. -endchoice - -endif # WIFI_NM_WPA_SUPPLICANT diff --git a/modules/hostap/module.yml b/modules/hostap/module.yml deleted file mode 100644 index 9c43bc6e5fd6..000000000000 --- a/modules/hostap/module.yml +++ /dev/null @@ -1,3 +0,0 @@ -build: - cmake: ./zephyr - kconfig: ./zephyr/Kconfig diff --git a/modules/hostap/src/supp_api.c b/modules/hostap/src/supp_api.c deleted file mode 100644 index ba2faf8c3ccf..000000000000 --- a/modules/hostap/src/supp_api.c +++ /dev/null @@ -1,1003 +0,0 @@ -/** - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include - -#include -#include -#include - -#include "includes.h" -#include "common.h" -#include "common/defs.h" -#include "wpa_supplicant/config.h" -#include "wpa_supplicant_i.h" -#include "driver_i.h" - -#include "supp_main.h" -#include "supp_api.h" -#include "wpa_cli_zephyr.h" -#include "supp_events.h" - -extern struct k_sem wpa_supplicant_ready_sem; -extern struct wpa_global *global; - -enum requested_ops { - CONNECT = 0, - DISCONNECT -}; - -enum status_thread_state { - STATUS_THREAD_STOPPED = 0, - STATUS_THREAD_RUNNING, -}; - -#define OP_STATUS_POLLING_INTERVAL 1 - -#define CONNECTION_SUCCESS 0 -#define CONNECTION_FAILURE 1 -#define CONNECTION_TERMINATED 2 - -#define DISCONNECT_TIMEOUT_MS 5000 - -#define _wpa_cli_cmd_v(cmd, ...) \ - do { \ - ret = z_wpa_cli_cmd_v(cmd, ##__VA_ARGS__); \ - if (ret < 0) { \ - wpa_printf(MSG_ERROR, "Failed to execute wpa_cli command: %s", cmd); \ - goto out; \ - } \ - } while (0) - -K_MUTEX_DEFINE(wpa_supplicant_mutex); - - -struct wpa_supp_api_ctrl { - const struct device *dev; - enum requested_ops requested_op; - enum status_thread_state status_thread_state; - int connection_timeout; /* in seconds */ - struct k_work_sync sync; - bool terminate; -}; - -static struct wpa_supp_api_ctrl wpa_supp_api_ctrl; - -static void supp_shell_connect_status(struct k_work *work); - -static K_WORK_DELAYABLE_DEFINE(wpa_supp_status_work, - supp_shell_connect_status); - -static inline struct wpa_supplicant *get_wpa_s_handle(const struct device *dev) -{ - return z_wpas_get_handle_by_ifname(dev->name); -} - -#define WPA_SUPP_STATE_POLLING_MS 10 -static int wait_for_disconnect_complete(const struct device *dev) -{ - int ret = 0; - int attempts = 0; - struct wpa_supplicant *wpa_s = get_wpa_s_handle(dev); - unsigned int max_attempts = DISCONNECT_TIMEOUT_MS / WPA_SUPP_STATE_POLLING_MS; - - if (!wpa_s) { - ret = -ENODEV; - wpa_printf(MSG_ERROR, "Failed to get wpa_s handle"); - goto out; - } - - while (wpa_s->wpa_state != WPA_DISCONNECTED) { - if (attempts++ > max_attempts) { - ret = -ETIMEDOUT; - wpa_printf(MSG_WARNING, "Failed to disconnect from network"); - break; - } - k_sleep(K_MSEC(WPA_SUPP_STATE_POLLING_MS)); - } -out: - return ret; -} - -static void supp_shell_connect_status(struct k_work *work) -{ - static int seconds_counter; - int ret = CONNECTION_SUCCESS; - int conn_result = CONNECTION_FAILURE; - struct wpa_supplicant *wpa_s; - struct wpa_supp_api_ctrl *ctrl = &wpa_supp_api_ctrl; - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - if (ctrl->status_thread_state == STATUS_THREAD_RUNNING && ctrl->terminate) { - ret = CONNECTION_TERMINATED; - goto out; - } - - wpa_s = get_wpa_s_handle(ctrl->dev); - if (!wpa_s) { - ret = CONNECTION_FAILURE; - goto out; - } - - if (ctrl->requested_op == CONNECT && wpa_s->wpa_state != WPA_COMPLETED) { - if (ctrl->connection_timeout > 0 && seconds_counter++ > ctrl->connection_timeout) { - wpa_printf(MSG_ERROR, "Connection timed out, timeout: %d seconds", - ctrl->connection_timeout); - _wpa_cli_cmd_v("disconnect"); - conn_result = -ETIMEDOUT; - send_wifi_mgmt_event(wpa_s->ifname, NET_EVENT_WIFI_CMD_CONNECT_RESULT, - (void *)&conn_result, sizeof(int)); - ret = CONNECTION_FAILURE; - goto out; - } - - k_work_reschedule_for_queue(&z_wpas_wq, &wpa_supp_status_work, - K_SECONDS(OP_STATUS_POLLING_INTERVAL)); - ctrl->status_thread_state = STATUS_THREAD_RUNNING; - k_mutex_unlock(&wpa_supplicant_mutex); - return; - } -out: - seconds_counter = 0; - - ctrl->status_thread_state = STATUS_THREAD_STOPPED; - k_mutex_unlock(&wpa_supplicant_mutex); -} - -static struct hostapd_hw_modes *get_mode_by_band(struct wpa_supplicant *wpa_s, uint8_t band) -{ - enum hostapd_hw_mode hw_mode; - bool is_6ghz = (band == WIFI_FREQ_BAND_6_GHZ) ? true : false; - - if (band == WIFI_FREQ_BAND_2_4_GHZ) { - hw_mode = HOSTAPD_MODE_IEEE80211G; - } else if ((band == WIFI_FREQ_BAND_5_GHZ) || - (band == WIFI_FREQ_BAND_6_GHZ)) { - hw_mode = HOSTAPD_MODE_IEEE80211A; - } else { - return NULL; - } - - return get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, is_6ghz); -} - -static int wpa_supp_supported_channels(struct wpa_supplicant *wpa_s, uint8_t band, char **chan_list) -{ - struct hostapd_hw_modes *mode = NULL; - int i; - int offset, retval; - int size; - char *_chan_list; - - mode = get_mode_by_band(wpa_s, band); - if (!mode) { - wpa_printf(MSG_ERROR, "Unsupported or invalid band: %d", band); - return -EINVAL; - } - - size = ((mode->num_channels) * CHAN_NUM_LEN) + 1; - _chan_list = os_malloc(size); - if (!_chan_list) { - wpa_printf(MSG_ERROR, "Mem alloc failed for channel list\n"); - return -ENOMEM; - } - - retval = 0; - offset = 0; - for (i = 0; i < mode->num_channels; i++) { - retval = snprintf(_chan_list + offset, CHAN_NUM_LEN, " %d", mode->channels[i].freq); - offset += retval; - } - *chan_list = _chan_list; - - return 0; -} - -static int wpa_supp_band_chan_compat(struct wpa_supplicant *wpa_s, uint8_t band, uint8_t channel) -{ - struct hostapd_hw_modes *mode = NULL; - int i; - - mode = get_mode_by_band(wpa_s, band); - if (!mode) { - wpa_printf(MSG_ERROR, "Unsupported or invalid band: %d", band); - return -EINVAL; - } - - for (i = 0; i < mode->num_channels; i++) { - if (mode->channels[i].chan == channel) { - return mode->channels[i].freq; - } - } - - wpa_printf(MSG_ERROR, "Channel %d not supported for band %d", channel, band); - - return -EINVAL; -} - -static inline void wpa_supp_restart_status_work(void) -{ - /* Terminate synchronously */ - wpa_supp_api_ctrl.terminate = 1; - k_work_flush_delayable(&wpa_supp_status_work, - &wpa_supp_api_ctrl.sync); - wpa_supp_api_ctrl.terminate = 0; - - /* Start afresh */ - k_work_reschedule_for_queue(&z_wpas_wq, &wpa_supp_status_work, - K_MSEC(10)); -} - -static inline int chan_to_freq(int chan) -{ - /* We use global channel list here and also use the widest - * op_class for 5GHz channels as there is no user input - * for these (yet). - */ - int freq = -1; - int op_classes[] = {81, 82, 128}; - int op_classes_size = ARRAY_SIZE(op_classes); - - for (int i = 0; i < op_classes_size; i++) { - freq = ieee80211_chan_to_freq(NULL, op_classes[i], chan); - if (freq > 0) { - break; - } - } - - if (freq <= 0) { - wpa_printf(MSG_ERROR, "Invalid channel %d", chan); - return -1; - } - - return freq; -} - -static inline enum wifi_frequency_bands wpas_band_to_zephyr(enum wpa_radio_work_band band) -{ - switch (band) { - case BAND_2_4_GHZ: - return WIFI_FREQ_BAND_2_4_GHZ; - case BAND_5_GHZ: - return WIFI_FREQ_BAND_5_GHZ; - default: - return WIFI_FREQ_BAND_UNKNOWN; - } -} - -static inline enum wifi_security_type wpas_key_mgmt_to_zephyr(int key_mgmt, int proto) -{ - switch (key_mgmt) { - case WPA_KEY_MGMT_NONE: - return WIFI_SECURITY_TYPE_NONE; - case WPA_KEY_MGMT_PSK: - if (proto == WPA_PROTO_RSN) { - return WIFI_SECURITY_TYPE_PSK; - } else { - return WIFI_SECURITY_TYPE_WPA_PSK; - } - case WPA_KEY_MGMT_PSK_SHA256: - return WIFI_SECURITY_TYPE_PSK_SHA256; - case WPA_KEY_MGMT_SAE: - return WIFI_SECURITY_TYPE_SAE; - default: - return WIFI_SECURITY_TYPE_UNKNOWN; - } -} - -static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, - struct wifi_connect_req_params *params, bool mode_ap) -{ - int ret; - struct add_network_resp resp = {0}; - char *chan_list = NULL; - struct net_eth_addr mac = {0}; - - _wpa_cli_cmd_v("remove_network all"); - ret = z_wpa_ctrl_add_network(&resp); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to add network"); - goto out; - } - - wpa_printf(MSG_DEBUG, "NET added: %d\n", resp.network_id); - - if (mode_ap) { - _wpa_cli_cmd_v("set_network %d mode 2", resp.network_id); - } - - _wpa_cli_cmd_v("set_network %d ssid \"%s\"", resp.network_id, params->ssid); - _wpa_cli_cmd_v("set_network %d scan_ssid 1", resp.network_id); - _wpa_cli_cmd_v("set_network %d key_mgmt NONE", resp.network_id); - _wpa_cli_cmd_v("set_network %d ieee80211w 0", resp.network_id); - if (params->band != WIFI_FREQ_BAND_UNKNOWN) { - ret = wpa_supp_supported_channels(wpa_s, params->band, &chan_list); - if (ret < 0) { - goto rem_net; - } - - if (chan_list) { - _wpa_cli_cmd_v("set_network %d scan_freq%s", resp.network_id, chan_list); - os_free(chan_list); - } - } - - if (params->security != WIFI_SECURITY_TYPE_NONE) { - /* SAP - only open and WPA2-PSK are supported for now */ - if (mode_ap && params->security != WIFI_SECURITY_TYPE_PSK) { - ret = -1; - wpa_printf(MSG_ERROR, "Unsupported security type: %d", - params->security); - goto rem_net; - } - - /* Except for WPA-PSK, rest all are under WPA2 */ - if (params->security != WIFI_SECURITY_TYPE_WPA_PSK) { - _wpa_cli_cmd_v("set_network %d proto RSN", - resp.network_id); - } - - if (params->security == WIFI_SECURITY_TYPE_SAE) { - if (params->sae_password) { - _wpa_cli_cmd_v("set_network %d sae_password \"%s\"", - resp.network_id, params->sae_password); - } else { - _wpa_cli_cmd_v("set_network %d sae_password \"%s\"", - resp.network_id, params->psk); - } - _wpa_cli_cmd_v("set_network %d key_mgmt SAE", - resp.network_id); - } else if (params->security == WIFI_SECURITY_TYPE_PSK_SHA256) { - _wpa_cli_cmd_v("set_network %d psk \"%s\"", - resp.network_id, params->psk); - _wpa_cli_cmd_v("set_network %d key_mgmt WPA-PSK-SHA256", - resp.network_id); - } else if (params->security == WIFI_SECURITY_TYPE_PSK || - params->security == WIFI_SECURITY_TYPE_WPA_PSK) { - _wpa_cli_cmd_v("set_network %d psk \"%s\"", - resp.network_id, params->psk); - _wpa_cli_cmd_v("set_network %d key_mgmt WPA-PSK", - resp.network_id); - if (params->security == WIFI_SECURITY_TYPE_WPA_PSK) { - _wpa_cli_cmd_v("set_network %d proto WPA", - resp.network_id); - } - } else if (params->security == WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL) { - if (params->sae_password) { - _wpa_cli_cmd_v("set_network %d sae_password \"%s\"", - resp.network_id, params->sae_password); - } - _wpa_cli_cmd_v("set_network %d psk \"%s\"", - resp.network_id, params->psk); - _wpa_cli_cmd_v("set_network %d key_mgmt WPA-PSK WPA-PSK-SHA256 SAE", - resp.network_id); - _wpa_cli_cmd_v("set_network %d proto WPA RSN", - resp.network_id); - } else { - ret = -1; - wpa_printf(MSG_ERROR, "Unsupported security type: %d", - params->security); - goto rem_net; - } - - if (params->mfp) { - _wpa_cli_cmd_v("set_network %d ieee80211w %d", - resp.network_id, params->mfp); - } - } - - if (params->channel != WIFI_CHANNEL_ANY) { - int freq; - - if (params->band != WIFI_FREQ_BAND_UNKNOWN) { - freq = wpa_supp_band_chan_compat(wpa_s, params->band, params->channel); - if (freq < 0) { - goto rem_net; - } - } else { - freq = chan_to_freq(params->channel); - if (freq < 0) { - ret = -1; - wpa_printf(MSG_ERROR, "Invalid channel %d", - params->channel); - goto rem_net; - } - } - if (mode_ap) { - _wpa_cli_cmd_v("set_network %d frequency %d", - resp.network_id, freq); - } else { - _wpa_cli_cmd_v("set_network %d scan_freq %d", - resp.network_id, freq); - } - } - - memcpy((void *)&mac, params->bssid, WIFI_MAC_ADDR_LEN); - if (net_eth_is_addr_broadcast(&mac) || - net_eth_is_addr_multicast(&mac)) { - wpa_printf(MSG_ERROR, "Invalid BSSID. Configuration " - "of multicast or broadcast MAC is not allowed."); - ret = -EINVAL; - goto rem_net; - } - - if (!net_eth_is_addr_unspecified(&mac)) { - char bssid_str[MAC_STR_LEN] = {0}; - - snprintf(bssid_str, MAC_STR_LEN, "%02x:%02x:%02x:%02x:%02x:%02x", - params->bssid[0], params->bssid[1], params->bssid[2], - params->bssid[3], params->bssid[4], params->bssid[5]); - _wpa_cli_cmd_v("set_network %d bssid %s", - resp.network_id, bssid_str); - } - - /* Set the default maximum inactivity time for the BSS to - * as configured by user. - */ - _wpa_cli_cmd_v("set_network %d ap_max_inactivity %d", - resp.network_id, CONFIG_WIFI_MGMT_AP_STA_INACTIVITY_TIMEOUT); - - /* enable and select network */ - _wpa_cli_cmd_v("enable_network %d", resp.network_id); - _wpa_cli_cmd_v("select_network %d", resp.network_id); - - return 0; -rem_net: - _wpa_cli_cmd_v("remove_network %d", resp.network_id); -out: - return ret; -} - -static int wpas_disconnect_network(const struct device *dev, int cur_mode) -{ - int ret = 0; - struct net_if *iface = net_if_lookup_by_dev(dev); - struct wpa_supplicant *wpa_s; - bool is_ap = false; - - if (!iface) { - ret = -EINVAL; - wpa_printf(MSG_ERROR, "Device %s not found", dev->name); - goto out; - } - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - ret = -1; - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - if (wpa_s->current_ssid && wpa_s->current_ssid->mode != cur_mode) { - ret = -EBUSY; - wpa_printf(MSG_ERROR, "Interface %s is not in %s mode", dev->name, - cur_mode == WPAS_MODE_INFRA ? "STA" : "AP"); - goto out; - } - - is_ap = (cur_mode == WPAS_MODE_AP); - - wpa_supp_api_ctrl.dev = dev; - wpa_supp_api_ctrl.requested_op = DISCONNECT; - _wpa_cli_cmd_v("disconnect"); - -out: - k_mutex_unlock(&wpa_supplicant_mutex); - - if (ret) { - wpa_printf(MSG_ERROR, "Disconnect failed: %s", - strerror(-ret)); - return ret; - } - - wpa_supp_restart_status_work(); - - ret = wait_for_disconnect_complete(dev); -#ifdef CONFIG_AP - if (is_ap) { - send_wifi_mgmt_ap_status(wpa_s, NET_EVENT_WIFI_CMD_AP_DISABLE_RESULT, - ret == 0 ? WIFI_STATUS_AP_SUCCESS : WIFI_STATUS_AP_FAIL); - } else { -#else - { -#endif /* CONFIG_AP */ - wifi_mgmt_raise_disconnect_complete_event(iface, ret); - } - - return ret; -} - -/* Public API */ -int z_wpa_supplicant_connect(const struct device *dev, - struct wifi_connect_req_params *params) -{ - struct wpa_supplicant *wpa_s; - int ret = 0; - - if (!net_if_is_admin_up(net_if_lookup_by_dev(dev))) { - wpa_printf(MSG_ERROR, - "Interface %s is down, dropping connect", - dev->name); - return -1; - } - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - ret = -1; - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - /* Allow connect in STA mode only even if we are connected already */ - if (wpa_s->current_ssid && wpa_s->current_ssid->mode != WPAS_MODE_INFRA) { - ret = -EBUSY; - wpa_printf(MSG_ERROR, "Interface %s is not in STA mode", dev->name); - goto out; - } - - ret = wpas_add_and_config_network(wpa_s, params, false); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to add and configure network for STA mode: %d", ret); - goto out; - } - - wpa_supp_api_ctrl.dev = dev; - wpa_supp_api_ctrl.requested_op = CONNECT; - wpa_supp_api_ctrl.connection_timeout = params->timeout; - - goto out; -out: - k_mutex_unlock(&wpa_supplicant_mutex); - - if (!ret) { - wpa_supp_restart_status_work(); - } - - return ret; -} - -int z_wpa_supplicant_disconnect(const struct device *dev) -{ - return wpas_disconnect_network(dev, WPAS_MODE_INFRA); -} - -int z_wpa_supplicant_status(const struct device *dev, - struct wifi_iface_status *status) -{ - struct wpa_supplicant *wpa_s; - int ret = -1; - struct wpa_signal_info *si = NULL; - struct wpa_conn_info *conn_info = NULL; - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - si = os_zalloc(sizeof(struct wpa_signal_info)); - if (!si) { - wpa_printf(MSG_ERROR, "Failed to allocate memory for signal info"); - goto out; - } - - status->state = wpa_s->wpa_state; /* 1-1 Mapping */ - - if (wpa_s->wpa_state >= WPA_ASSOCIATED) { - struct wpa_ssid *ssid = wpa_s->current_ssid; - u8 channel; - struct signal_poll_resp signal_poll; - u8 *_ssid = ssid->ssid; - size_t ssid_len = ssid->ssid_len; - struct status_resp cli_status; - bool is_ap; - int proto; - int key_mgmt; - - if (!ssid) { - wpa_printf(MSG_ERROR, "Failed to get current ssid"); - goto out; - } - - is_ap = ssid->mode == WPAS_MODE_AP; - /* For AP its always the configured one */ - proto = is_ap ? ssid->proto : wpa_s->wpa_proto; - key_mgmt = is_ap ? ssid->key_mgmt : wpa_s->key_mgmt; - os_memcpy(status->bssid, wpa_s->bssid, WIFI_MAC_ADDR_LEN); - status->band = wpas_band_to_zephyr(wpas_freq_to_band(wpa_s->assoc_freq)); - status->security = wpas_key_mgmt_to_zephyr(key_mgmt, proto); - status->mfp = ssid->ieee80211w; /* Same mapping */ - ieee80211_freq_to_chan(wpa_s->assoc_freq, &channel); - status->channel = channel; - - if (ssid_len == 0) { - int _res = z_wpa_ctrl_status(&cli_status); - - if (_res < 0) - ssid_len = 0; - else - ssid_len = cli_status.ssid_len; - _ssid = cli_status.ssid; - } - os_memcpy(status->ssid, _ssid, ssid_len); - status->ssid_len = ssid_len; - status->iface_mode = ssid->mode; - if (wpa_s->connection_set == 1) { - status->link_mode = wpa_s->connection_he ? WIFI_6 : - wpa_s->connection_vht ? WIFI_5 : - wpa_s->connection_ht ? WIFI_4 : - wpa_s->connection_g ? WIFI_3 : - wpa_s->connection_a ? WIFI_2 : - wpa_s->connection_b ? WIFI_1 : - WIFI_0; - } else { - status->link_mode = WIFI_LINK_MODE_UNKNOWN; - } - - status->rssi = -WPA_INVALID_NOISE; - if (status->iface_mode == WIFI_MODE_INFRA) { - ret = z_wpa_ctrl_signal_poll(&signal_poll); - if (!ret) { - status->rssi = signal_poll.rssi; - } else { - wpa_printf(MSG_WARNING, "%s:Failed to read RSSI\n", - __func__); - ret = 0; - } - } - - conn_info = os_zalloc(sizeof(struct wpa_conn_info)); - if (!conn_info) { - wpa_printf(MSG_ERROR, "%s:Failed to allocate memory\n", - __func__); - ret = -ENOMEM; - goto out; - } - ret = wpa_drv_get_conn_info(wpa_s, conn_info); - if (!ret) { - status->beacon_interval = conn_info->beacon_interval; - status->dtim_period = conn_info->dtim_period; - status->twt_capable = conn_info->twt_capable; - } else { - wpa_printf(MSG_WARNING, "%s: Failed to get connection info\n", - __func__); - status->beacon_interval = 0; - status->dtim_period = 0; - status->twt_capable = false; - ret = 0; - } - os_free(conn_info); - } else { - ret = 0; - } -out: - os_free(si); - k_mutex_unlock(&wpa_supplicant_mutex); - return ret; -} - -/* Below APIs are not natively supported by WPA supplicant, so, - * these are just wrappers around driver offload APIs. But it is - * transparent to the user. - * - * In the future these might be implemented natively by the WPA - * supplicant. - */ - -static const struct wifi_mgmt_ops *const get_wifi_mgmt_api(const struct device *dev) -{ - struct net_wifi_mgmt_offload *off_api = - (struct net_wifi_mgmt_offload *) dev->api; - - return off_api ? off_api->wifi_mgmt_api : NULL; -} - -int z_wpa_supplicant_scan(const struct device *dev, struct wifi_scan_params *params, - scan_result_cb_t cb) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->scan) { - wpa_printf(MSG_ERROR, "Scan not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->scan(dev, params, cb); -} - -#ifdef CONFIG_NET_STATISTICS_WIFI -int z_wpa_supplicant_get_stats(const struct device *dev, - struct net_stats_wifi *stats) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->get_stats) { - wpa_printf(MSG_ERROR, "Get stats not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->get_stats(dev, stats); -} - -int z_wpa_supplicant_reset_stats(const struct device *dev) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->reset_stats) { - wpa_printf(MSG_ERROR, "Reset stats not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->reset_stats(dev); -} -#endif /* CONFIG_NET_STATISTICS_WIFI */ - -int z_wpa_supplicant_set_power_save(const struct device *dev, - struct wifi_ps_params *params) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->set_power_save) { - wpa_printf(MSG_ERROR, "Set power save not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->set_power_save(dev, params); -} - -int z_wpa_supplicant_set_twt(const struct device *dev, - struct wifi_twt_params *params) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->set_twt) { - wpa_printf(MSG_ERROR, "Set TWT not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->set_twt(dev, params); -} - -int z_wpa_supplicant_get_power_save_config(const struct device *dev, - struct wifi_ps_config *config) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->get_power_save_config) { - wpa_printf(MSG_ERROR, "Get power save config not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->get_power_save_config(dev, config); -} - -int z_wpa_supplicant_reg_domain(const struct device *dev, - struct wifi_reg_domain *reg_domain) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->reg_domain) { - wpa_printf(MSG_ERROR, "Regulatory domain not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->reg_domain(dev, reg_domain); -} - -int z_wpa_supplicant_mode(const struct device *dev, - struct wifi_mode_info *mode) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->mode) { - wpa_printf(MSG_ERROR, "Setting mode not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->mode(dev, mode); -} - -int z_wpa_supplicant_filter(const struct device *dev, - struct wifi_filter_info *filter) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->filter) { - wpa_printf(MSG_ERROR, "Setting filter not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->filter(dev, filter); -} - -int z_wpa_supplicant_channel(const struct device *dev, - struct wifi_channel_info *channel) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->channel) { - wpa_printf(MSG_ERROR, "Setting channel not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->channel(dev, channel); -} - -int z_wpa_supplicant_set_rts_threshold(const struct device *dev, - unsigned int rts_threshold) -{ - const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); - - if (!wifi_mgmt_api || !wifi_mgmt_api->set_rts_threshold) { - wpa_printf(MSG_ERROR, "Set RTS not supported"); - return -ENOTSUP; - } - - return wifi_mgmt_api->set_rts_threshold(dev, rts_threshold); -} - -#ifdef CONFIG_AP -int z_wpa_supplicant_ap_enable(const struct device *dev, - struct wifi_connect_req_params *params) -{ - struct wpa_supplicant *wpa_s; - int ret = 0; - - if (!net_if_is_admin_up(net_if_lookup_by_dev(dev))) { - wpa_printf(MSG_ERROR, - "Interface %s is down, dropping connect", - dev->name); - return -1; - } - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - ret = -1; - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - if (wpa_s->wpa_state != WPA_DISCONNECTED) { - ret = -EBUSY; - wpa_printf(MSG_ERROR, "Interface %s is not in disconnected state", dev->name); - goto out; - } - - /* No need to check for existing network to join for SoftAP*/ - wpa_s->conf->ap_scan = 2; - /* Set BSS parameter max_num_sta to default configured value */ - wpa_s->conf->max_num_sta = CONFIG_WIFI_MGMT_AP_MAX_NUM_STA; - - ret = wpas_add_and_config_network(wpa_s, params, true); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to add and configure network for AP mode: %d", ret); - goto out; - } - -out: - k_mutex_unlock(&wpa_supplicant_mutex); - - return ret; -} - -int z_wpa_supplicant_ap_disable(const struct device *dev) -{ - struct wpa_supplicant *wpa_s; - int ret = -1; - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - ret = -1; - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - ret = wpas_disconnect_network(dev, WPAS_MODE_AP); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to disconnect from network"); - goto out; - } - - /* Restore ap_scan to default value */ - wpa_s->conf->ap_scan = 1; - -out: - k_mutex_unlock(&wpa_supplicant_mutex); - return ret; -} - -int z_wpa_supplicant_ap_sta_disconnect(const struct device *dev, - const uint8_t *mac_addr) -{ - struct wpa_supplicant *wpa_s; - int ret = -1; - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - ret = -1; - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - if (!mac_addr) { - ret = -EINVAL; - wpa_printf(MSG_ERROR, "Invalid MAC address"); - goto out; - } - - _wpa_cli_cmd_v("disassociate %02x:%02x:%02x:%02x:%02x:%02x", - mac_addr[0], mac_addr[1], mac_addr[2], - mac_addr[3], mac_addr[4], mac_addr[5]); - -out: - k_mutex_unlock(&wpa_supplicant_mutex); - return ret; -} - -int z_wpa_supplicant_ap_config_params(const struct device *dev, - struct wifi_ap_config_params *params) -{ - struct wpa_supplicant *wpa_s; - int ret = -1; - struct wpa_ssid *ssid = NULL; - - k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); - - if (!params) { - wpa_printf(MSG_ERROR, "AP config param NULL"); - goto out; - } - - wpa_s = get_wpa_s_handle(dev); - if (!wpa_s) { - wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); - goto out; - } - - ssid = wpa_s->current_ssid; - if (!ssid) { - wpa_printf(MSG_ERROR, "AP is not operational"); - goto out; - } - - if (params->type & WIFI_AP_CONFIG_PARAM_MAX_INACTIVITY) { - _wpa_cli_cmd_v("set_network %d ap_max_inactivity %d", - ssid->id, params->max_inactivity); - } - - if (params->type & WIFI_AP_CONFIG_PARAM_MAX_NUM_STA) { - /* Build time value has higher precedence than runtime configuration value. - * Check if build time value is exceeded. - */ - if (params->max_num_sta > CONFIG_WIFI_MGMT_AP_MAX_NUM_STA) { - ret = -EINVAL; - wpa_printf(MSG_ERROR, "Invalid max_num_sta: %d", - params->max_num_sta); - goto out; - } else { - _wpa_cli_cmd_v("set max_num_sta %d", params->max_num_sta); - ret = 0; - } - } -out: - k_mutex_unlock(&wpa_supplicant_mutex); - - return ret; -} - -#endif /* CONFIG_AP */ diff --git a/modules/hostap/src/supp_api.h b/modules/hostap/src/supp_api.h deleted file mode 100644 index 8646df1906c6..000000000000 --- a/modules/hostap/src/supp_api.h +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - * - */ - -#ifndef ZEPHYR_SUPP_MGMT_H -#define ZEPHYR_SUPP_MGMT_H - -#include - -#define MAX_SSID_LEN 32 -#define MAC_ADDR_LEN 6 -#define MAC_STR_LEN 18 /* for ':' or '-' separated MAC address string */ -#define CHAN_NUM_LEN 6 /* for space-separated channel numbers string */ - -/** - * @brief Request a connection - * - * @param dev: Wi-Fi interface name to use - * @param params: Connection details - * - * @return: 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_connect(const struct device *dev, - struct wifi_connect_req_params *params); -/** - * @brief Forces station to disconnect and stops any subsequent scan - * or connection attempts - * - * @param dev: Wi-Fi interface name to use - * - * @return: 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_disconnect(const struct device *dev); - -/** - * @brief - * - * @param dev: Wi-Fi interface name to use - * @param status: Status structure to fill - * - * @return: 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_status(const struct device *dev, - struct wifi_iface_status *status); - -/** - * @brief Request a scan - * - * @param dev Wi-Fi interface name to use - * @param params Scan parameters - * @param cb Callback to be called for each scan result - * - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_scan(const struct device *dev, struct wifi_scan_params *params, - scan_result_cb_t cb); - -#if defined(CONFIG_NET_STATISTICS_WIFI) || defined(__DOXYGEN__) -/** - * @brief Get Wi-Fi statistics - * - * @param dev Wi-Fi interface name to use - * @param stats Pointer to stats structure to fill - * - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_get_stats(const struct device *dev, - struct net_stats_wifi *stats); -/** - * @brief Reset Wi-Fi statistics - * - * @param dev Wi-Fi interface name to use - * - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_reset_stats(const struct device *dev); -#endif /* CONFIG_NET_STATISTICS_WIFI || __DOXYGEN__ */ - -/** - * @brief Set Wi-Fi power save configuration - * - * @param dev Wi-Fi interface name to use - * @param params Power save parameters to set - * - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_set_power_save(const struct device *dev, - struct wifi_ps_params *params); - -/** - * @brief Set Wi-Fi TWT parameters - * - * @param dev Wi-Fi interface name to use - * @param params TWT parameters to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_set_twt(const struct device *dev, - struct wifi_twt_params *params); - -/** - * @brief Get Wi-Fi power save configuration - * - * @param dev Wi-Fi interface name to use - * @param config Address of power save configuration to fill - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_get_power_save_config(const struct device *dev, - struct wifi_ps_config *config); - -/** - * @brief Set Wi-Fi Regulatory domain - * - * @param dev Wi-Fi interface name to use - * @param reg_domain Regulatory domain to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_reg_domain(const struct device *dev, - struct wifi_reg_domain *reg_domain); - -/** - * @brief Set Wi-Fi mode of operation - * - * @param dev Wi-Fi interface name to use - * @param mode Mode setting to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_mode(const struct device *dev, - struct wifi_mode_info *mode); - -/** - * @brief Set Wi-Fi packet filter for sniffing operation - * - * @param dev Wi-Fi interface name to use - * @param filter Filter settings to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_filter(const struct device *dev, - struct wifi_filter_info *filter); - -/** - * @brief Set Wi-Fi channel for monitor or TX injection mode - * - * @param dev Wi-Fi interface name to use - * @param channel Channel settings to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_channel(const struct device *dev, - struct wifi_channel_info *channel); - -/** - * @brief Set Wi-Fi RTS threshold - * - * @param dev Wi-Fi interface handle to use - * @param rts_threshold RTS threshold to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_set_rts_threshold(const struct device *dev, - unsigned int rts_threshold); - -#ifdef CONFIG_AP -/** - * @brief Set Wi-Fi AP configuration - * - * @param dev Wi-Fi interface name to use - * @param params AP configuration parameters to set - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_ap_enable(const struct device *dev, - struct wifi_connect_req_params *params); - -/** - * @brief Disable Wi-Fi AP - * @param dev Wi-Fi interface name to use - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_ap_disable(const struct device *dev); - -/** - * @brief Set Wi-Fi AP STA disconnect - * @param dev Wi-Fi interface name to use - * @param mac_addr MAC address of the station to disconnect - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_ap_sta_disconnect(const struct device *dev, - const uint8_t *mac_addr); - -/** - * @brief Set Wi-Fi AP config parameter - * @param dev Wi-Fi interface name to use - * @param params AP parameters to be configured - * @return 0 for OK; -1 for ERROR - */ -int z_wpa_supplicant_ap_config_params(const struct device *dev, - struct wifi_ap_config_params *params); -#endif /* CONFIG_AP */ -#endif /* ZEPHYR_SUPP_MGMT_H */ diff --git a/modules/hostap/src/supp_events.c b/modules/hostap/src/supp_events.c deleted file mode 100644 index 2d6cf896e2f0..000000000000 --- a/modules/hostap/src/supp_events.c +++ /dev/null @@ -1,462 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include "supp_events.h" - -#include "includes.h" -#include "common.h" -#include "common/ieee802_11_defs.h" -#include "wpa_supplicant_i.h" - -#ifdef CONFIG_AP -#include "ap/sta_info.h" -#include "ap/ieee802_11.h" -#include "ap/hostapd.h" -#endif /* CONFIG_AP */ - -#include - -/* Re-defines MAC2STR with address of the element */ -#define MACADDR2STR(a) &(a)[0], &(a)[1], &(a)[2], &(a)[3], &(a)[4], &(a)[5] - -static const struct wpa_supp_event_info { - const char *event_str; - enum supp_event_num event; -} wpa_supp_event_info[] = { - { "CTRL-EVENT-CONNECTED", WPA_SUPP_EVENT_CONNECTED }, - { "CTRL-EVENT-DISCONNECTED", WPA_SUPP_EVENT_DISCONNECTED }, - { "CTRL-EVENT-ASSOC-REJECT", WPA_SUPP_EVENT_ASSOC_REJECT }, - { "CTRL-EVENT-AUTH-REJECT", WPA_SUPP_EVENT_AUTH_REJECT }, - { "CTRL-EVENT-SSID-TEMP-DISABLED", WPA_SUPP_EVENT_SSID_TEMP_DISABLED }, - { "CTRL-EVENT-SSID-REENABLED", WPA_SUPP_EVENT_SSID_REENABLED }, - { "CTRL-EVENT-BSS-ADDED", WPA_SUPP_EVENT_BSS_ADDED }, - { "CTRL-EVENT-BSS-REMOVED", WPA_SUPP_EVENT_BSS_REMOVED }, - { "CTRL-EVENT-TERMINATING", WPA_SUPP_EVENT_TERMINATING }, - { "CTRL-EVENT-SCAN-STARTED", WPA_SUPP_EVENT_SCAN_STARTED }, - { "CTRL-EVENT-SCAN-FAILED", WPA_SUPP_EVENT_SCAN_FAILED }, - { "CTRL-EVENT-NETWORK-NOT-FOUND", WPA_SUPP_EVENT_NETWORK_NOT_FOUND }, - { "CTRL-EVENT-NETWORK-ADDED", WPA_SUPP_EVENT_NETWORK_ADDED }, - { "CTRL-EVENT-NETWORK-REMOVED", WPA_SUPP_EVENT_NETWORK_REMOVED }, - { "CTRL-EVENT-DSCP-POLICY", WPA_SUPP_EVENT_DSCP_POLICY }, -}; - -static void copy_mac_addr(const unsigned int *src, uint8_t *dst) -{ - int i; - - for (i = 0; i < ETH_ALEN; i++) { - dst[i] = src[i]; - } -} - -static enum wifi_conn_status wpas_to_wifi_mgmt_conn_status(int status) -{ - switch (status) { - case WLAN_STATUS_SUCCESS: - return WIFI_STATUS_CONN_SUCCESS; - case WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT: - return WIFI_STATUS_CONN_WRONG_PASSWORD; - /* Handle non-supplicant errors */ - case -ETIMEDOUT: - return WIFI_STATUS_CONN_TIMEOUT; - default: - return WIFI_STATUS_CONN_FAIL; - } -} - -static enum wifi_disconn_reason wpas_to_wifi_mgmt_diconn_status(int status) -{ - switch (status) { - case WLAN_STATUS_SUCCESS: - return WIFI_REASON_DISCONN_SUCCESS; - case WLAN_REASON_DEAUTH_LEAVING: - return WIFI_REASON_DISCONN_AP_LEAVING; - case WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY: - return WIFI_REASON_DISCONN_INACTIVITY; - case WLAN_REASON_UNSPECIFIED: - /* fall through */ - default: - return WIFI_REASON_DISCONN_UNSPECIFIED; - } -} - -static int wpa_supp_process_status(struct supp_int_event_data *event_data, char *wpa_supp_status) -{ - int ret = 1; /* For cases where parsing is not being done*/ - int i; - union supp_event_data *data; - unsigned int tmp_mac_addr[ETH_ALEN]; - unsigned int event_prefix_len; - char *event_no_prefix; - struct wpa_supp_event_info event_info; - - data = (union supp_event_data *)event_data->data; - - for (i = 0; i < ARRAY_SIZE(wpa_supp_event_info); i++) { - if (strncmp(wpa_supp_status, wpa_supp_event_info[i].event_str, - strlen(wpa_supp_event_info[i].event_str)) == 0) { - event_info = wpa_supp_event_info[i]; - break; - } - } - - if (i >= ARRAY_SIZE(wpa_supp_event_info)) { - /* This is not a bug but rather implementation gap (intentional or not) */ - wpa_printf(MSG_DEBUG, "Event not supported: %s\n", wpa_supp_status); - return -ENOTSUP; - } - - /* Skip the event prefix and a space */ - event_prefix_len = strlen(event_info.event_str) + 1; - event_no_prefix = wpa_supp_status + event_prefix_len; - event_data->event = event_info.event; - - switch (event_data->event) { - case WPA_SUPP_EVENT_CONNECTED: - ret = sscanf(event_no_prefix, "- Connection to" - MACSTR, MACADDR2STR(tmp_mac_addr)); - event_data->data_len = sizeof(data->connected); - copy_mac_addr(tmp_mac_addr, data->connected.bssid); - break; - case WPA_SUPP_EVENT_DISCONNECTED: - ret = sscanf(event_no_prefix, - MACSTR" reason=%d", MACADDR2STR(tmp_mac_addr), - &data->disconnected.reason_code); - event_data->data_len = sizeof(data->disconnected); - copy_mac_addr(tmp_mac_addr, data->disconnected.bssid); - break; - case WPA_SUPP_EVENT_ASSOC_REJECT: - /* TODO */ - break; - case WPA_SUPP_EVENT_AUTH_REJECT: - ret = sscanf(event_no_prefix, MACSTR - " auth_type=%u auth_transaction=%u status_code=%u", - MACADDR2STR(tmp_mac_addr), - &data->auth_reject.auth_type, - &data->auth_reject.auth_transaction, - &data->auth_reject.status_code); - event_data->data_len = sizeof(data->auth_reject); - copy_mac_addr(tmp_mac_addr, data->auth_reject.bssid); - break; - case WPA_SUPP_EVENT_SSID_TEMP_DISABLED: - ret = sscanf(event_no_prefix, - "id=%d ssid=%s auth_failures=%u duration=%d reason=%s", - &data->temp_disabled.id, data->temp_disabled.ssid, - &data->temp_disabled.auth_failures, - &data->temp_disabled.duration, - data->temp_disabled.reason_code); - event_data->data_len = sizeof(data->temp_disabled); - break; - case WPA_SUPP_EVENT_SSID_REENABLED: - ret = sscanf(event_no_prefix, - "id=%d ssid=%s", &data->reenabled.id, - data->reenabled.ssid); - event_data->data_len = sizeof(data->reenabled); - break; - case WPA_SUPP_EVENT_BSS_ADDED: - ret = sscanf(event_no_prefix, "%u "MACSTR, - &data->bss_added.id, - MACADDR2STR(tmp_mac_addr)); - copy_mac_addr(tmp_mac_addr, data->bss_added.bssid); - event_data->data_len = sizeof(data->bss_added); - break; - case WPA_SUPP_EVENT_BSS_REMOVED: - ret = sscanf(event_no_prefix, - "%u "MACSTR, - &data->bss_removed.id, - MACADDR2STR(tmp_mac_addr)); - event_data->data_len = sizeof(data->bss_removed); - copy_mac_addr(tmp_mac_addr, data->bss_removed.bssid); - break; - case WPA_SUPP_EVENT_TERMINATING: - case WPA_SUPP_EVENT_SCAN_STARTED: - case WPA_SUPP_EVENT_SCAN_FAILED: - case WPA_SUPP_EVENT_NETWORK_NOT_FOUND: - case WPA_SUPP_EVENT_NETWORK_ADDED: - case WPA_SUPP_EVENT_NETWORK_REMOVED: - strncpy(data->supp_event_str, event_info.event_str, - sizeof(data->supp_event_str)-1); - event_data->data_len = strlen(data->supp_event_str) + 1; - case WPA_SUPP_EVENT_DSCP_POLICY: - /* TODO */ - break; - default: - break; - } - - if (ret <= 0) { - wpa_printf(MSG_ERROR, "%s Parse failed: %s", - event_info.event_str, strerror(errno)); - } - - return ret; -} - -#ifdef CONFIG_WPA_SUPP_AP -static int config_ap_param_skip_inactivity_poll(struct wpa_supplicant *wpa_s) -{ - int i; - int ret = -ENOENT; - - if (!wpa_s || !wpa_s->ap_iface || !wpa_s->current_ssid) { - ret = -ENODEV; - goto out; - } - - for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { - struct hostapd_data *hapd = NULL; - struct hostapd_bss_config *bss_conf = NULL; - - hapd = wpa_s->ap_iface->bss[i]; - if (!hapd) { - continue; - } - bss_conf = hapd->conf; - if (!bss_conf) { - continue; - } - - if (os_memcmp(bss_conf->ssid.ssid, - wpa_s->current_ssid->ssid, - wpa_s->current_ssid->ssid_len) != 0) { - continue; - } - - bss_conf->skip_inactivity_poll = - WIFI_MGMT_SKIP_INACTIVITY_POLL; - /* If at least one BSS is found, return success */ - ret = 0; - } -out: - - return ret; -} -#endif - -int send_wifi_mgmt_conn_event(void *ctx, int status_code) -{ - struct wpa_supplicant *wpa_s = ctx; - int status = wpas_to_wifi_mgmt_conn_status(status_code); - enum net_event_wifi_cmd event; -#ifdef CONFIG_WPA_SUPP_AP - int err = -1; -#endif - - if (!wpa_s || !wpa_s->current_ssid) { - return -EINVAL; - } - - if (wpa_s->current_ssid->mode == WPAS_MODE_AP) { - event = NET_EVENT_WIFI_CMD_AP_ENABLE_RESULT; -#ifdef CONFIG_WPA_SUPP_AP - if (status == WLAN_STATUS_SUCCESS) { - err = config_ap_param_skip_inactivity_poll(wpa_s); - if (err) { - wpa_printf(MSG_WARNING, - "Unable to configure skip_inactivity_poll parameter " - "err: %s", strerror(-err)); - } - } -#endif - } else { - event = NET_EVENT_WIFI_CMD_CONNECT_RESULT; - } - - return send_wifi_mgmt_event(wpa_s->ifname, - event, - (void *)&status, - sizeof(int)); -} - -int send_wifi_mgmt_disc_event(void *ctx, int reason_code) -{ - struct wpa_supplicant *wpa_s = ctx; - int status = wpas_to_wifi_mgmt_diconn_status(reason_code); - enum net_event_wifi_cmd event; - - if (!wpa_s || !wpa_s->current_ssid) { - return -EINVAL; - } - - if (wpa_s->wpa_state >= WPA_COMPLETED) { - if (wpa_s->current_ssid->mode == WPAS_MODE_AP) { - event = NET_EVENT_WIFI_CMD_AP_DISABLE_RESULT; - } else { - event = NET_EVENT_WIFI_CMD_DISCONNECT_RESULT; - } - } else { - if (wpa_s->current_ssid->mode == WPAS_MODE_AP) { - event = NET_EVENT_WIFI_CMD_AP_ENABLE_RESULT; - } else { - event = NET_EVENT_WIFI_CMD_CONNECT_RESULT; - } - } - - return send_wifi_mgmt_event(wpa_s->ifname, - event, - (void *)&status, - sizeof(int)); -} - -#ifdef CONFIG_AP - -static enum wifi_link_mode get_sta_link_mode(struct wpa_supplicant *wpa_s, struct sta_info *sta) -{ - if (sta->flags & WLAN_STA_HE) { - return WIFI_6; - } else if (sta->flags & WLAN_STA_VHT) { - return WIFI_5; - } else if (sta->flags & WLAN_STA_HT) { - return WIFI_4; - } else if (sta->flags & WLAN_STA_NONERP) { - return WIFI_1; - } else if (wpa_s->assoc_freq > 4000) { - return WIFI_2; - } else if (wpa_s->assoc_freq > 2000) { - return WIFI_3; - } else { - return WIFI_LINK_MODE_UNKNOWN; - } -} - -static bool is_twt_capable(struct wpa_supplicant *wpa_s, struct sta_info *sta) -{ - return hostapd_get_he_twt_responder(wpa_s->ap_iface->bss[0], IEEE80211_MODE_AP); -} - -int send_wifi_mgmt_ap_status(void *ctx, - enum net_event_wifi_cmd event, enum wifi_ap_status ap_status) -{ - struct wpa_supplicant *wpa_s = ctx; - int status = ap_status; - - return send_wifi_mgmt_event(wpa_s->ifname, - event, - (void *)&status, - sizeof(int)); -} - -int send_wifi_mgmt_ap_sta_event(void *ctx, - enum net_event_wifi_cmd event, void *data) -{ - struct sta_info *sta = data; - struct wpa_supplicant *wpa_s = ctx; - struct wifi_ap_sta_info sta_info = { 0 }; - - if (!wpa_s || !sta) { - return -EINVAL; - } - - memcpy(sta_info.mac, sta->addr, sizeof(sta_info.mac)); - - if (event == NET_EVENT_WIFI_CMD_AP_STA_CONNECTED) { - sta_info.link_mode = get_sta_link_mode(wpa_s, sta); - sta_info.twt_capable = is_twt_capable(wpa_s, sta); - } - - return send_wifi_mgmt_event(wpa_s->ifname, - event, - (void *)&sta_info, - sizeof(sta_info)); -} -#endif /* CONFIG_AP */ - -int send_wifi_mgmt_event(const char *ifname, enum net_event_wifi_cmd event, - void *wpa_supp_status, size_t len) -{ - const struct device *dev = device_get_binding(ifname); - struct net_if *iface = net_if_lookup_by_dev(dev); - union supp_event_data data; - struct supp_int_event_data event_data; - - if (!iface) { - wpa_printf(MSG_ERROR, "Could not find iface for %s", ifname); - return -ENODEV; - } - - switch (event) { - case NET_EVENT_WIFI_CMD_CONNECT_RESULT: - wifi_mgmt_raise_connect_result_event(iface, - *(int *)wpa_supp_status); - break; - case NET_EVENT_WIFI_CMD_DISCONNECT_RESULT: - wifi_mgmt_raise_disconnect_result_event(iface, - *(int *)wpa_supp_status); - break; -#ifdef CONFIG_AP - case NET_EVENT_WIFI_CMD_AP_ENABLE_RESULT: - wifi_mgmt_raise_ap_enable_result_event(iface, - *(int *)wpa_supp_status); - break; - case NET_EVENT_WIFI_CMD_AP_DISABLE_RESULT: - wifi_mgmt_raise_ap_disable_result_event(iface, - *(int *)wpa_supp_status); - break; - case NET_EVENT_WIFI_CMD_AP_STA_CONNECTED: - wifi_mgmt_raise_ap_sta_connected_event(iface, - (struct wifi_ap_sta_info *)wpa_supp_status); - break; - case NET_EVENT_WIFI_CMD_AP_STA_DISCONNECTED: - wifi_mgmt_raise_ap_sta_disconnected_event(iface, - (struct wifi_ap_sta_info *)wpa_supp_status); - break; -#endif /* CONFIG_AP */ - case NET_EVENT_WPA_SUPP_CMD_INT_EVENT: - event_data.data = &data; - if (wpa_supp_process_status(&event_data, (char *)wpa_supp_status) > 0) { - net_mgmt_event_notify_with_info(NET_EVENT_WPA_SUPP_INT_EVENT, - iface, &event_data, sizeof(event_data)); - } - break; - default: - wpa_printf(MSG_ERROR, "Unsupported event %d", event); - return -EINVAL; - } - - return 0; -} - -int generate_supp_state_event(const char *ifname, enum net_event_wpa_supp_cmd event, int status) -{ - /* TODO: Replace device_get_binding. */ - const struct device *dev = device_get_binding(ifname); - - if (!dev) { - wpa_printf(MSG_ERROR, "Could not find device for %s", ifname); - return -ENODEV; - } - - struct net_if *iface = net_if_lookup_by_dev(dev); - - if (!iface) { - wpa_printf(MSG_ERROR, "Could not find iface for %s", ifname); - return -ENODEV; - } - - switch (event) { - case NET_EVENT_WPA_SUPP_CMD_READY: - net_mgmt_event_notify(NET_EVENT_WPA_SUPP_READY, iface); - break; - case NET_EVENT_WPA_SUPP_CMD_NOT_READY: - net_mgmt_event_notify(NET_EVENT_WPA_SUPP_NOT_READY, iface); - break; - case NET_EVENT_WPA_SUPP_CMD_IFACE_ADDED: - net_mgmt_event_notify(NET_EVENT_WPA_SUPP_IFACE_ADDED, iface); - break; - case NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVING: - net_mgmt_event_notify(NET_EVENT_WPA_SUPP_IFACE_REMOVING, iface); - break; - case NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVED: - net_mgmt_event_notify_with_info(NET_EVENT_WPA_SUPP_IFACE_REMOVED, - iface, &status, sizeof(status)); - break; - default: - wpa_printf(MSG_ERROR, "Unsupported event %d", event); - return -EINVAL; - } - - return 0; -} diff --git a/modules/hostap/src/supp_events.h b/modules/hostap/src/supp_events.h deleted file mode 100644 index da090a3a931b..000000000000 --- a/modules/hostap/src/supp_events.h +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#ifndef __SUPP_EVENTS_H__ -#define __SUPP_EVENTS_H__ - -#include - -/* Connectivity Events */ -#define _NET_MGMT_WPA_SUPP_LAYER NET_MGMT_LAYER_L2 -#define _NET_MGMT_WPA_SUPP_CODE 0x157 -#define _NET_MGMT_WPA_SUPP_BASE (NET_MGMT_LAYER(_NET_MGMT_WPA_SUPP_LAYER) | \ - NET_MGMT_LAYER_CODE(_NET_MGMT_WPA_SUPP_CODE) | \ - NET_MGMT_IFACE_BIT) -#define _NET_MGMT_WPA_SUPP_EVENT (NET_MGMT_EVENT_BIT | _NET_MGMT_WPA_SUPP_BASE) - -enum net_event_wpa_supp_cmd { - NET_EVENT_WPA_SUPP_CMD_READY = 1, - NET_EVENT_WPA_SUPP_CMD_NOT_READY, - NET_EVENT_WPA_SUPP_CMD_IFACE_ADDED, - NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVING, - NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVED, - NET_EVENT_WPA_SUPP_CMD_INT_EVENT, - NET_EVENT_WPA_SUPP_CMD_MAX -}; - -#define NET_EVENT_WPA_SUPP_READY \ - (_NET_MGMT_WPA_SUPP_EVENT | NET_EVENT_WPA_SUPP_CMD_READY) - -#define NET_EVENT_WPA_SUPP_NOT_READY \ - (_NET_MGMT_WPA_SUPP_EVENT | NET_EVENT_WPA_SUPP_CMD_NOT_READY) - -#define NET_EVENT_WPA_SUPP_IFACE_ADDED \ - (_NET_MGMT_WPA_SUPP_EVENT | NET_EVENT_WPA_SUPP_CMD_IFACE_ADDED) - -#define NET_EVENT_WPA_SUPP_IFACE_REMOVED \ - (_NET_MGMT_WPA_SUPP_EVENT | NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVED) - -#define NET_EVENT_WPA_SUPP_IFACE_REMOVING \ - (_NET_MGMT_WPA_SUPP_EVENT | NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVING) - -#define NET_EVENT_WPA_SUPP_INT_EVENT \ - (_NET_MGMT_WPA_SUPP_EVENT | NET_EVENT_WPA_SUPP_CMD_INT_EVENT) - -int send_wifi_mgmt_conn_event(void *ctx, int status_code); -int send_wifi_mgmt_disc_event(void *ctx, int reason_code); -int send_wifi_mgmt_event(const char *ifname, enum net_event_wifi_cmd event, void *status, - size_t len); -int generate_supp_state_event(const char *ifname, enum net_event_wpa_supp_cmd event, int status); -#ifdef CONFIG_AP -int send_wifi_mgmt_ap_status(void *ctx, - enum net_event_wifi_cmd event, enum wifi_ap_status); -int send_wifi_mgmt_ap_sta_event(void *ctx, - enum net_event_wifi_cmd event, void *data); -#endif /* CONFIG_AP */ - -#define REASON_CODE_LEN 18 -#define NM_WIFI_EVENT_STR_LEN 64 -#define ETH_ALEN 6 - -union supp_event_data { - struct supp_event_auth_reject { - int auth_type; - int auth_transaction; - int status_code; - uint8_t bssid[ETH_ALEN]; - } auth_reject; - - struct supp_event_connected { - uint8_t bssid[ETH_ALEN]; - char ssid[WIFI_SSID_MAX_LEN]; - int id; - } connected; - - struct supp_event_disconnected { - uint8_t bssid[ETH_ALEN]; - int reason_code; - int locally_generated; - } disconnected; - - struct supp_event_assoc_reject { - int status_code; - int reason_code; - } assoc_reject; - - struct supp_event_temp_disabled { - int id; - char ssid[WIFI_SSID_MAX_LEN]; - unsigned int auth_failures; - unsigned int duration; - char reason_code[REASON_CODE_LEN]; - } temp_disabled; - - struct supp_event_reenabled { - int id; - char ssid[WIFI_SSID_MAX_LEN]; - } reenabled; - - struct supp_event_bss_added { - unsigned int id; - uint8_t bssid[ETH_ALEN]; - } bss_added; - - struct supp_event_bss_removed { - unsigned int id; - uint8_t bssid[ETH_ALEN]; - } bss_removed; - - struct supp_event_network_added { - unsigned int id; - } network_added; - - struct supp_event_network_removed { - unsigned int id; - } network_removed; - - char supp_event_str[NM_WIFI_EVENT_STR_LEN]; -}; - -enum supp_event_num { - WPA_SUPP_EVENT_CONNECTED, - WPA_SUPP_EVENT_DISCONNECTED, - WPA_SUPP_EVENT_ASSOC_REJECT, - WPA_SUPP_EVENT_AUTH_REJECT, - WPA_SUPP_EVENT_TERMINATING, - WPA_SUPP_EVENT_SSID_TEMP_DISABLED, - WPA_SUPP_EVENT_SSID_REENABLED, - WPA_SUPP_EVENT_SCAN_STARTED, - WPA_SUPP_EVENT_SCAN_RESULTS, - WPA_SUPP_EVENT_SCAN_FAILED, - WPA_SUPP_EVENT_BSS_ADDED, - WPA_SUPP_EVENT_BSS_REMOVED, - WPA_SUPP_EVENT_NETWORK_NOT_FOUND, - WPA_SUPP_EVENT_NETWORK_ADDED, - WPA_SUPP_EVENT_NETWORK_REMOVED, - WPA_SUPP_EVENT_DSCP_POLICY, -}; - - - -struct supp_int_event_data { - enum supp_event_num event; - void *data; - size_t data_len; -}; - -#endif /* __SUPP_EVENTS_H__ */ diff --git a/modules/hostap/src/supp_main.c b/modules/hostap/src/supp_main.c deleted file mode 100644 index 11397fe94ec9..000000000000 --- a/modules/hostap/src/supp_main.c +++ /dev/null @@ -1,640 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* - * WPA Supplicant / main() function for Zephyr OS - * Copyright (c) 2003-2013, Jouni Malinen - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include -#include -LOG_MODULE_REGISTER(wpa_supplicant, LOG_LEVEL_DBG); - -#if defined(CONFIG_MBEDTLS_PLATFORM_C) && \ - !defined(CONFIG_WPA_SUPP_CRYPTO_NONE) && \ - !defined(CONFIG_MBEDTLS_ENABLE_HEAP) -#include -#endif /* !CONFIG_WPA_SUPP_CRYPTO_NONE && !CONFIG_MBEDTLS_ENABLE_HEAP */ - -#include - -#include "includes.h" -#include "common.h" -#include "eloop.h" -#include "wpa_supplicant/config.h" -#include "wpa_supplicant_i.h" - -#include "fst/fst.h" -#include "includes.h" -#include "p2p_supplicant.h" -#include "driver_i.h" - -#include "supp_main.h" -#include "supp_events.h" -#include "wpa_cli_zephyr.h" - -#include "supp_api.h" - -K_SEM_DEFINE(z_wpas_ready_sem, 0, 1); -#include - -static struct net_mgmt_event_callback cb; -struct k_mutex iface_up_mutex; - -struct wpa_global *global; - -static int z_wpas_event_sockpair[2]; - -static void z_wpas_start(void); -static void z_wpas_iface_work_handler(struct k_work *item); - -static K_THREAD_STACK_DEFINE(z_wpa_s_thread_stack, - CONFIG_WPA_SUPP_THREAD_STACK_SIZE); -static struct k_thread z_wpa_s_tid; - -static K_THREAD_STACK_DEFINE(z_wpas_wq_stack, - CONFIG_WPA_SUPP_WQ_STACK_SIZE); - -/* TODO: Debug why using system workqueue blocks the driver dedicated - * workqueue? - */ -struct k_work_q z_wpas_wq; -static K_WORK_DEFINE(z_wpas_iface_work, - z_wpas_iface_work_handler); - -K_MUTEX_DEFINE(z_wpas_event_mutex); - -static const struct wifi_mgmt_ops wpa_supp_ops = { - .scan = z_wpa_supplicant_scan, - .connect = z_wpa_supplicant_connect, - .disconnect = z_wpa_supplicant_disconnect, - .iface_status = z_wpa_supplicant_status, -#ifdef CONFIG_NET_STATISTICS_WIFI - .get_stats = z_wpa_supplicant_get_stats, - .reset_stats = z_wpa_supplicant_reset_stats, -#endif - .set_power_save = z_wpa_supplicant_set_power_save, - .set_twt = z_wpa_supplicant_set_twt, - .get_power_save_config = z_wpa_supplicant_get_power_save_config, - .reg_domain = z_wpa_supplicant_reg_domain, - .mode = z_wpa_supplicant_mode, - .filter = z_wpa_supplicant_filter, - .channel = z_wpa_supplicant_channel, - .set_rts_threshold = z_wpa_supplicant_set_rts_threshold, -#ifdef CONFIG_AP - .ap_enable = z_wpa_supplicant_ap_enable, - .ap_disable = z_wpa_supplicant_ap_disable, - .ap_sta_disconnect = z_wpa_supplicant_ap_sta_disconnect, - .ap_config_params = z_wpa_supplicant_ap_config_params, -#endif /* CONFIG_AP */ -}; - -DEFINE_WIFI_NM_INSTANCE(wpa_supplicant, &wpa_supp_ops); - -#ifdef CONFIG_MATCH_IFACE -static int z_wpas_init_match(struct wpa_global *global) -{ - /* - * The assumption is that the first driver is the primary driver and - * will handle the arrival / departure of interfaces. - */ - if (wpa_drivers[0]->global_init && !global->drv_priv[0]) { - global->drv_priv[0] = wpa_drivers[0]->global_init(global); - if (!global->drv_priv[0]) { - wpa_printf(MSG_ERROR, - "Failed to initialize driver '%s'", - wpa_drivers[0]->name); - return -1; - } - } - - return 0; -} -#endif /* CONFIG_MATCH_IFACE */ - -struct wpa_supplicant *z_wpas_get_handle_by_ifname(const char *ifname) -{ - struct wpa_supplicant *wpa_s = NULL; - int ret = k_sem_take(&z_wpas_ready_sem, K_SECONDS(2)); - - if (ret) { - wpa_printf(MSG_ERROR, "%s: WPA supplicant not ready: %d", __func__, ret); - return NULL; - } - - k_sem_give(&z_wpas_ready_sem); - - wpa_s = wpa_supplicant_get_iface(global, ifname); - if (!wpa_s) { - wpa_printf(MSG_ERROR, - "%s: Unable to get wpa_s handle for %s\n", __func__, ifname); - return NULL; - } - - return wpa_s; -} - -static int z_wpas_get_iface_count(void) -{ - struct wpa_supplicant *wpa_s; - unsigned int count = 0; - - for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { - count += 1; - } - return count; -} - -#define Z_WPA_S_IFACE_NOTIFY_TIMEOUT_MS 1000 -#define Z_WPA_S_IFACE_NOTIFY_RETRY_MS 10 - -static int z_wpas_add_interface(const char *ifname) -{ - struct wpa_supplicant *wpa_s; - struct net_if *iface; - int ret = -1; - int retry = 0, count = Z_WPA_S_IFACE_NOTIFY_TIMEOUT_MS / Z_WPA_S_IFACE_NOTIFY_RETRY_MS; - - wpa_printf(MSG_DEBUG, "Adding interface %s\n", ifname); - - iface = net_if_lookup_by_dev(device_get_binding(ifname)); - if (!iface) { - wpa_printf(MSG_ERROR, "Failed to get net_if handle for %s", ifname); - goto err; - } - - ret = z_wpa_cli_global_cmd_v("interface_add %s %s %s %s", - ifname, "zephyr", "zephyr", "zephyr"); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to add interface: %s", ifname); - goto err; - } - - /* This cannot be through control interface as need the handle */ - while (retry++ < count && !wpa_supplicant_get_iface(global, ifname)) { - k_sleep(K_MSEC(Z_WPA_S_IFACE_NOTIFY_RETRY_MS)); - } - - wpa_s = wpa_supplicant_get_iface(global, ifname); - if (wpa_s == NULL) { - wpa_printf(MSG_ERROR, "Failed to add iface: %s", ifname); - goto err; - } - - wpa_s->conf->filter_ssids = 1; - wpa_s->conf->ap_scan = 1; - wpa_s->conf->sae_pwe = 2; - - /* Default interface, kick start wpa_supplicant */ - if (z_wpas_get_iface_count() == 1) { - k_mutex_unlock(&iface_up_mutex); - } - - ret = z_wpa_ctrl_init(wpa_s); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to initialize control interface"); - goto err; - } - - ret = wifi_nm_register_mgd_iface(wifi_nm_get_instance("wpa_supplicant"), iface); - - if (ret) { - wpa_printf(MSG_ERROR, "Failed to register mgd iface with native stack: %s (%d)", - ifname, ret); - goto err; - } - - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_IFACE_ADDED, 0); - - if (z_wpas_get_iface_count() == 1) { - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_READY, 0); - } - - return 0; -err: - return ret; -} - -static int z_wpas_remove_interface(const char *ifname) -{ - int ret = -1; - union wpa_event_data *event = os_zalloc(sizeof(*event)); - struct wpa_supplicant *wpa_s = wpa_supplicant_get_iface(global, ifname); - struct net_if *iface = net_if_lookup_by_dev(device_get_binding(ifname)); - - int retry = 0, count = Z_WPA_S_IFACE_NOTIFY_TIMEOUT_MS / Z_WPA_S_IFACE_NOTIFY_RETRY_MS; - - if (!event) { - wpa_printf(MSG_ERROR, "Failed to allocate event data"); - goto err; - } - - if (!wpa_s) { - wpa_printf(MSG_ERROR, "Failed to get wpa_s handle for %s", ifname); - goto err; - } - - if (!iface) { - wpa_printf(MSG_ERROR, "Failed to get net_if handle for %s", ifname); - goto err; - } - - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVING, 0); - wpa_printf(MSG_DEBUG, "Remove interface %s\n", ifname); - - if (sizeof(event->interface_status.ifname) < strlen(ifname)) { - wpa_printf(MSG_ERROR, "Interface name too long: %s (max: %d)", - ifname, sizeof(event->interface_status.ifname)); - goto err; - } - - os_memcpy(event->interface_status.ifname, ifname, strlen(ifname)); - event->interface_status.ievent = EVENT_INTERFACE_REMOVED; - - struct wpa_supplicant_event_msg msg = { - .global = true, - .ctx = global, - .event = EVENT_INTERFACE_STATUS, - .data = event, - }; - - ret = z_wpas_send_event(&msg); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to send event: %d", ret); - goto err; - } - - while (retry++ < count && - wpa_s->wpa_state != WPA_INTERFACE_DISABLED) { - k_sleep(K_MSEC(Z_WPA_S_IFACE_NOTIFY_RETRY_MS)); - } - - if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) { - wpa_printf(MSG_ERROR, "Failed to notify remove interface: %s", ifname); - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVED, - -1); - goto err; - } - - z_wpa_ctrl_deinit(wpa_s); - - ret = z_wpa_cli_global_cmd_v("interface_remove %s", ifname); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to remove interface: %s", ifname); - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVED, - -EINVAL); - goto err; - } - - ret = wifi_nm_unregister_mgd_iface(wifi_nm_get_instance("wpa_supplicant"), iface); - if (ret) { - wpa_printf(MSG_ERROR, "Failed to unregister mgd iface with native stack: %s (%d)", - ifname, ret); - goto err; - } - - - if (z_wpas_get_iface_count() == 0) { - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_NOT_READY, 0); - } - - generate_supp_state_event(ifname, NET_EVENT_WPA_SUPP_CMD_IFACE_REMOVED, 0); - - return 0; -err: - if (event) { - os_free(event); - } - return ret; -} - -static void iface_event_handler(struct net_mgmt_event_callback *cb, - uint32_t mgmt_event, struct net_if *iface) -{ - const char *ifname = iface->if_dev->dev->name; - char *prefix; - char mgd_if_prefix[] = CONFIG_WPA_SUPP_MGD_IFACES_PREFIXES; - bool found = false; - - if (sizeof(mgd_if_prefix) > 0) { - prefix = strtok(mgd_if_prefix, ","); - - while (prefix) { - if (strncmp(ifname, prefix, strlen(prefix)) == 0) { - found = true; - break; - } - prefix = strtok(NULL, ","); - } - - if (!found) { - wpa_printf(MSG_DEBUG, "No matching prefix found for %s", ifname); - return; - } - } - - wpa_printf(MSG_DEBUG, "Event: %d", mgmt_event); - if (mgmt_event == NET_EVENT_IF_ADMIN_UP) { - z_wpas_add_interface(ifname); - } else if (mgmt_event == NET_EVENT_IF_ADMIN_DOWN) { - z_wpas_remove_interface(ifname); - } -} - -static void register_iface_events(void) -{ - k_mutex_init(&iface_up_mutex); - - k_mutex_lock(&iface_up_mutex, K_FOREVER); - net_mgmt_init_event_callback(&cb, iface_event_handler, - NET_EVENT_IF_ADMIN_UP | NET_EVENT_IF_ADMIN_DOWN); - net_mgmt_add_event_callback(&cb); -} - -static void wait_for_interface_up(const char *iface_name) -{ - if (z_wpas_get_iface_count() == 0) { - k_mutex_lock(&iface_up_mutex, K_FOREVER); - } -} - -#include "config.h" -static void iface_cb(struct net_if *iface, void *user_data) -{ - const char *ifname = iface->if_dev->dev->name; - const struct device *wifi_dev = NULL; - - wifi_dev = DEVICE_DT_GET(DT_CHOSEN(zephyr_wifi)); - if (!wifi_dev) { - wpa_printf(MSG_ERROR, "Device instance not found"); - return; - } - - if (ifname == NULL) { - return; - } - - if (strncmp(ifname, wifi_dev->name, strlen(ifname)) != 0) { - return; - } - - /* Check default interface */ - if (net_if_is_admin_up(iface)) { - z_wpas_add_interface(ifname); - } - - register_iface_events(); -} - - -static void z_wpas_iface_work_handler(struct k_work *item) -{ - ARG_UNUSED(item); - const struct device *wifi_dev = NULL; - - wifi_dev = DEVICE_DT_GET(DT_CHOSEN(zephyr_wifi)); - if (!wifi_dev) { - wpa_printf(MSG_ERROR, "Device instance not found"); - return; - } - - int ret = k_sem_take(&z_wpas_ready_sem, K_SECONDS(5)); - - if (ret) { - wpa_printf(MSG_ERROR, "Timed out waiting for wpa_supplicant"); - return; - } - - net_if_foreach(iface_cb, NULL); - wait_for_interface_up(wifi_dev->name); - - k_sem_give(&z_wpas_ready_sem); -} - -static void z_wpas_event_sock_handler(int sock, void *eloop_ctx, void *sock_ctx) -{ - int ret; - - ARG_UNUSED(eloop_ctx); - ARG_UNUSED(sock_ctx); - struct wpa_supplicant_event_msg msg; - - ret = recv(sock, &msg, sizeof(msg), 0); - - if (ret < 0) { - wpa_printf(MSG_ERROR, "Failed to recv the message: %s", strerror(errno)); - return; - } - - if (ret != sizeof(msg)) { - wpa_printf(MSG_ERROR, "Received incomplete message: got: %d, expected:%d", - ret, sizeof(msg)); - return; - } - - wpa_printf(MSG_DEBUG, "Passing message %d to wpa_supplicant", msg.event); - - if (msg.global) { - wpa_supplicant_event_global(msg.ctx, msg.event, msg.data); - } else { - wpa_supplicant_event(msg.ctx, msg.event, msg.data); - } - - if (msg.data) { - union wpa_event_data *data = msg.data; - - /* Free up deep copied data */ - if (msg.event == EVENT_AUTH) { - os_free((char *)data->auth.ies); - } else if (msg.event == EVENT_RX_MGMT) { - os_free((char *)data->rx_mgmt.frame); - } else if (msg.event == EVENT_TX_STATUS) { - os_free((char *)data->tx_status.data); - } else if (msg.event == EVENT_ASSOC) { - os_free((char *)data->assoc_info.addr); - os_free((char *)data->assoc_info.req_ies); - os_free((char *)data->assoc_info.resp_ies); - os_free((char *)data->assoc_info.resp_frame); - } else if (msg.event == EVENT_ASSOC_REJECT) { - os_free((char *)data->assoc_reject.bssid); - os_free((char *)data->assoc_reject.resp_ies); - } else if (msg.event == EVENT_DEAUTH) { - os_free((char *)data->deauth_info.addr); - os_free((char *)data->deauth_info.ie); - } else if (msg.event == EVENT_DISASSOC) { - os_free((char *)data->disassoc_info.addr); - os_free((char *)data->disassoc_info.ie); - } else if (msg.event == EVENT_UNPROT_DEAUTH) { - os_free((char *)data->unprot_deauth.sa); - os_free((char *)data->unprot_deauth.da); - } else if (msg.event == EVENT_UNPROT_DISASSOC) { - os_free((char *)data->unprot_disassoc.sa); - os_free((char *)data->unprot_disassoc.da); - } - os_free(msg.data); - } -} - -static int register_wpa_event_sock(void) -{ - int ret; - - ret = socketpair(AF_UNIX, SOCK_STREAM, 0, z_wpas_event_sockpair); - - if (ret != 0) { - wpa_printf(MSG_ERROR, "Failed to initialize socket: %s", strerror(errno)); - return -1; - } - - eloop_register_read_sock(z_wpas_event_sockpair[0], z_wpas_event_sock_handler, NULL, NULL); - - return 0; -} - -int z_wpas_send_event(const struct wpa_supplicant_event_msg *msg) -{ - int ret = -1; - unsigned int retry = 0; - - k_mutex_lock(&z_wpas_event_mutex, K_FOREVER); - - if (z_wpas_event_sockpair[1] < 0) { - goto err; - } - -retry_send: - ret = send(z_wpas_event_sockpair[1], msg, sizeof(*msg), 0); - if (ret < 0) { - if (errno == EINTR || errno == EAGAIN || errno == EBUSY || errno == EWOULDBLOCK) { - k_msleep(2); - if (retry++ < 3) { - goto retry_send; - } else { - wpa_printf(MSG_WARNING, "Event send fail (max retries): %s", - strerror(errno)); - goto err; - } - } else { - wpa_printf(MSG_WARNING, "Event send fail: %s", - strerror(errno)); - goto err; - } - } - - ret = 0; -err: - k_mutex_unlock(&z_wpas_event_mutex); - return ret; -} - -static void z_wpas_start(void) -{ - struct wpa_params params; - int exitcode = -1; - const struct device *wifi_dev = NULL; - - wifi_dev = DEVICE_DT_GET(DT_CHOSEN(zephyr_wifi)); - if (!wifi_dev) { - wpa_printf(MSG_ERROR, "Device instance not found"); - return; - } - -#if defined(CONFIG_MBEDTLS_PLATFORM_C) && \ - !defined(CONFIG_WPA_SUPP_CRYPTO_NONE) && \ - !defined(CONFIG_MBEDTLS_ENABLE_HEAP) - /* Needed for crypto operation as default is no-op and fails */ - mbedtls_platform_set_calloc_free(calloc, free); -#endif /* !CONFIG_WPA_SUPP_CRYPTO_NONE && !CONFIG_MBEDTLS_ENABLE_HEAP */ - - k_work_queue_init(&z_wpas_wq); - - k_work_queue_start(&z_wpas_wq, - z_wpas_wq_stack, - K_THREAD_STACK_SIZEOF(z_wpas_wq_stack), - CONFIG_WPA_SUPP_WQ_PRIORITY, - NULL); - - k_thread_name_set(&z_wpas_wq.thread, "wpa_supplicant_wq"); - - os_memset(¶ms, 0, sizeof(params)); - params.wpa_debug_level = CONFIG_WPA_SUPP_DEBUG_LEVEL; - - exitcode = 0; - global = wpa_supplicant_init(¶ms); - if (global == NULL) { - wpa_printf(MSG_ERROR, "Failed to initialize wpa_supplicant"); - exitcode = -1; - goto out; - } else { - wpa_printf(MSG_INFO, "Successfully initialized " - "wpa_supplicant"); - } - - if (fst_global_init()) { - wpa_printf(MSG_ERROR, "Failed to initialize FST"); - exitcode = -1; - goto out; - } - -#if defined(CONFIG_FST) && defined(CONFIG_CTRL_IFACE) - if (!fst_global_add_ctrl(fst_ctrl_cli)) { - wpa_printf(MSG_WARNING, "Failed to add CLI FST ctrl"); - } -#endif - z_global_wpa_ctrl_init(); - - register_wpa_event_sock(); - - k_work_submit_to_queue(&z_wpas_wq, &z_wpas_iface_work); - -#ifdef CONFIG_MATCH_IFACE - if (exitcode == 0) { - exitcode = z_wpas_init_match(global); - } -#endif /* CONFIG_MATCH_IFACE */ - - if (exitcode == 0) { - k_sem_give(&z_wpas_ready_sem); - exitcode = wpa_supplicant_run(global); - } - - generate_supp_state_event(wifi_dev->name, NET_EVENT_WPA_SUPP_CMD_NOT_READY, 0); - eloop_unregister_read_sock(z_wpas_event_sockpair[0]); - - z_global_wpa_ctrl_deinit(); - wpa_supplicant_deinit(global); - - fst_global_deinit(); - - close(z_wpas_event_sockpair[0]); - close(z_wpas_event_sockpair[1]); - -out: -#ifdef CONFIG_MATCH_IFACE - os_free(params.match_ifaces); -#endif /* CONFIG_MATCH_IFACE */ - os_free(params.pid_file); - - wpa_printf(MSG_INFO, "z_wpas_start: exitcode %d", exitcode); -} - -static int z_wpas_init(void) -{ - k_thread_create(&z_wpa_s_tid, z_wpa_s_thread_stack, - CONFIG_WPA_SUPP_THREAD_STACK_SIZE, - (k_thread_entry_t)z_wpas_start, - NULL, NULL, NULL, - 0, 0, K_NO_WAIT); - - k_thread_name_set(&z_wpa_s_tid, "wpa_supplicant_main"); - - return 0; -} - -SYS_INIT(z_wpas_init, APPLICATION, 0); diff --git a/modules/hostap/src/supp_main.h b/modules/hostap/src/supp_main.h deleted file mode 100644 index de71f86bd2be..000000000000 --- a/modules/hostap/src/supp_main.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#ifndef __SUPP_MAIN_H_ -#define __SUPP_MAIN_H_ - -#include "wpa_supplicant_i.h" - -struct wpa_supplicant *z_wpas_get_handle_by_ifname(const char *ifname); -struct wpa_supplicant_event_msg { - bool global; - void *ctx; - unsigned int event; - void *data; -}; -int z_wpas_send_event(const struct wpa_supplicant_event_msg *msg); -extern struct k_work_q z_wpas_wq; -#endif /* __SUPP_MAIN_H_ */ diff --git a/modules/hostap/src/utils/wpa_debug.c b/modules/hostap/src/utils/wpa_debug.c deleted file mode 100644 index 7d42857fae13..000000000000 --- a/modules/hostap/src/utils/wpa_debug.c +++ /dev/null @@ -1,416 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* - * wpa_supplicant/hostapd / Debug prints - * Copyright (c) 2002-2013, Jouni Malinen - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include -#include - -#include "wpa_debug.h" - -#include - -#define WPA_DEBUG_MAX_LINE_LENGTH 256 - -LOG_MODULE_REGISTER(wpa_supp, CONFIG_WPA_SUPP_LOG_LEVEL); - -int wpa_debug_level = MSG_INFO; -int wpa_debug_show_keys; -int wpa_debug_timestamp; - -#ifndef CONFIG_NO_STDOUT_DEBUG - -void wpa_printf_impl(int level, const char *fmt, ...) -{ - va_list ap; - char buffer[WPA_DEBUG_MAX_LINE_LENGTH]; - - if (level < wpa_debug_level) - return; - - va_start(ap, fmt); - vsnprintf(buffer, sizeof(buffer), fmt, ap); - va_end(ap); - - switch (level) { - case MSG_ERROR: - LOG_ERR("%s", buffer); - break; - case MSG_WARNING: - LOG_WRN("%s", buffer); - break; - case MSG_INFO: - LOG_INF("%s", buffer); - break; - case MSG_DEBUG: - case MSG_MSGDUMP: - case MSG_EXCESSIVE: - LOG_DBG("%s", buffer); - break; - default: - break; - } - - forced_memzero(buffer, sizeof(buffer)); -} - -static void _wpa_hexdump(int level, const char *title, const u8 *buf, size_t len, int show) -{ - size_t i; - const char *content; - char *content_buf = NULL; - - if (level < wpa_debug_level) - return; - - if (buf == NULL) { - content = " [NULL]"; - } else if (show) { - content = content_buf = os_malloc(3 * len + 1); - - if (content == NULL) { - wpa_printf(MSG_ERROR, "wpa_hexdump: Failed to allocate message buffer"); - return; - } - - for (i = 0; i < len; i++) { - os_snprintf(&content_buf[i * 3], 4, " %02x", buf[i]); - } - } else { - content = " [REMOVED]"; - } - - wpa_printf(level, "%s - hexdump(len=%lu):%s", title, (unsigned long)len, content); - bin_clear_free(content_buf, 3 * len + 1); -} - -void wpa_hexdump_impl(int level, const char *title, const void *buf, size_t len) -{ - _wpa_hexdump(level, title, buf, len, 1); -} - -void wpa_hexdump_key_impl(int level, const char *title, const void *buf, size_t len) -{ - _wpa_hexdump(level, title, buf, len, wpa_debug_show_keys); -} - -static void _wpa_hexdump_ascii(int level, const char *title, const void *buf, size_t len, int show) -{ - const char *content; - - if (level < wpa_debug_level) { - return; - } - - if (buf == NULL) { - content = " [NULL]"; - } else if (show) { - content = ""; - } else { - content = " [REMOVED]"; - } - - wpa_printf(level, "%s - hexdump_ascii(len=%lu):%s", title, (unsigned long)len, content); - - if (buf == NULL || !show) { - return; - } - - switch (level) { - case MSG_ERROR: - LOG_HEXDUMP_ERR(buf, len, ""); - break; - case MSG_WARNING: - LOG_HEXDUMP_WRN(buf, len, ""); - break; - case MSG_INFO: - LOG_HEXDUMP_INF(buf, len, ""); - break; - case MSG_DEBUG: - case MSG_MSGDUMP: - case MSG_EXCESSIVE: - LOG_HEXDUMP_DBG(buf, len, ""); - break; - default: - break; - } -} - -void wpa_hexdump_ascii_impl(int level, const char *title, const void *buf, size_t len) -{ - _wpa_hexdump_ascii(level, title, buf, len, 1); -} - -void wpa_hexdump_ascii_key_impl(int level, const char *title, const void *buf, size_t len) -{ - _wpa_hexdump_ascii(level, title, buf, len, wpa_debug_show_keys); -} - -#endif /* CONFIG_NO_STDOUT_DEBUG */ - -#ifndef CONFIG_NO_WPA_MSG - -static wpa_msg_cb_func wpa_msg_cb; - -void wpa_msg_register_cb(wpa_msg_cb_func func) -{ - wpa_msg_cb = func; -} - -static wpa_msg_get_ifname_func wpa_msg_ifname_cb; - -void wpa_msg_register_ifname_cb(wpa_msg_get_ifname_func func) -{ - wpa_msg_ifname_cb = func; -} - -void wpa_msg_impl(void *ctx, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - char prefix[130]; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "wpa_msg: Failed to allocate message buffer"); - return; - } - va_start(ap, fmt); - prefix[0] = '\0'; - if (wpa_msg_ifname_cb) { - const char *ifname = wpa_msg_ifname_cb(ctx); - - if (ifname) { - int res = os_snprintf(prefix, sizeof(prefix), "%s: ", ifname); - - if (os_snprintf_error(sizeof(prefix), res)) - prefix[0] = '\0'; - } - } - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - wpa_printf(level, "%s%s", prefix, buf); - if (wpa_msg_cb) - wpa_msg_cb(ctx, level, WPA_MSG_PER_INTERFACE, buf, len); - bin_clear_free(buf, buflen); -} - -void wpa_msg_ctrl_impl(void *ctx, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - - if (!wpa_msg_cb) - return; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "wpa_msg_ctrl: Failed to allocate message buffer"); - return; - } - va_start(ap, fmt); - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - wpa_msg_cb(ctx, level, WPA_MSG_PER_INTERFACE, buf, len); - bin_clear_free(buf, buflen); -} - -void wpa_msg_global_impl(void *ctx, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "wpa_msg_global: Failed to allocate message buffer"); - return; - } - va_start(ap, fmt); - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - wpa_printf(level, "%s", buf); - if (wpa_msg_cb) - wpa_msg_cb(ctx, level, WPA_MSG_GLOBAL, buf, len); - bin_clear_free(buf, buflen); -} - -void wpa_msg_global_ctrl_impl(void *ctx, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - - if (!wpa_msg_cb) - return; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "wpa_msg_global_ctrl: Failed to allocate message buffer"); - return; - } - va_start(ap, fmt); - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - wpa_msg_cb(ctx, level, WPA_MSG_GLOBAL, buf, len); - bin_clear_free(buf, buflen); -} - -void wpa_msg_no_global_impl(void *ctx, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "wpa_msg_no_global: Failed to allocate message buffer"); - return; - } - va_start(ap, fmt); - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - wpa_printf(level, "%s", buf); - if (wpa_msg_cb) - wpa_msg_cb(ctx, level, WPA_MSG_NO_GLOBAL, buf, len); - bin_clear_free(buf, buflen); -} - -void wpa_msg_global_only_impl(void *ctx, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "%s: Failed to allocate message buffer", __func__); - return; - } - va_start(ap, fmt); - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - wpa_printf(level, "%s", buf); - if (wpa_msg_cb) - wpa_msg_cb(ctx, level, WPA_MSG_ONLY_GLOBAL, buf, len); - os_free(buf); -} - -#endif /* CONFIG_NO_WPA_MSG */ - -#ifndef CONFIG_NO_HOSTAPD_LOGGER - -static hostapd_logger_cb_func hostapd_logger_cb; - -void hostapd_logger_register_cb(hostapd_logger_cb_func func) -{ - hostapd_logger_cb = func; -} - -void hostapd_logger(void *ctx, const u8 *addr, unsigned int module, int level, const char *fmt, ...) -{ - va_list ap; - char *buf; - int buflen; - int len; - - va_start(ap, fmt); - buflen = vsnprintf(NULL, 0, fmt, ap) + 1; - va_end(ap); - - buf = os_malloc(buflen); - if (buf == NULL) { - wpa_printf(MSG_ERROR, "hostapd_logger: Failed to allocate message buffer"); - return; - } - va_start(ap, fmt); - len = vsnprintf(buf, buflen, fmt, ap); - va_end(ap); - if (hostapd_logger_cb) - hostapd_logger_cb(ctx, addr, module, level, buf, len); - else if (addr) - wpa_printf(MSG_DEBUG, "hostapd_logger: STA " MACSTR " - %s", MAC2STR(addr), buf); - else - wpa_printf(MSG_DEBUG, "hostapd_logger: %s", buf); - bin_clear_free(buf, buflen); -} - -#endif /* CONFIG_NO_HOSTAPD_LOGGER */ - -const char *debug_level_str(int level) -{ - switch (level) { - case MSG_EXCESSIVE: - return "EXCESSIVE"; - case MSG_MSGDUMP: - return "MSGDUMP"; - case MSG_DEBUG: - return "DEBUG"; - case MSG_INFO: - return "INFO"; - case MSG_WARNING: - return "WARNING"; - case MSG_ERROR: - return "ERROR"; - default: - return "?"; - } -} - -int str_to_debug_level(const char *s) -{ - if (os_strcasecmp(s, "EXCESSIVE") == 0) - return MSG_EXCESSIVE; - if (os_strcasecmp(s, "MSGDUMP") == 0) - return MSG_MSGDUMP; - if (os_strcasecmp(s, "DEBUG") == 0) - return MSG_DEBUG; - if (os_strcasecmp(s, "INFO") == 0) - return MSG_INFO; - if (os_strcasecmp(s, "WARNING") == 0) - return MSG_WARNING; - if (os_strcasecmp(s, "ERROR") == 0) - return MSG_ERROR; - return -1; -} diff --git a/modules/hostap/src/utils/wpa_debug.h b/modules/hostap/src/utils/wpa_debug.h deleted file mode 100644 index c065ffe467d0..000000000000 --- a/modules/hostap/src/utils/wpa_debug.h +++ /dev/null @@ -1,389 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* - * wpa_supplicant/hostapd / Debug prints - * Copyright (c) 2002-2013, Jouni Malinen - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#ifndef WPA_DEBUG_H -#define WPA_DEBUG_H - -#include - -#include - -extern int wpa_debug_level; -extern int wpa_debug_show_keys; -extern int wpa_debug_timestamp; - -enum { MSG_EXCESSIVE, MSG_MSGDUMP, MSG_DEBUG, MSG_INFO, MSG_WARNING, MSG_ERROR }; - -/** - * wpa_debug_level_enabled - determine if the given priority level is enabled - * by compile-time configuration. - * - * @level: priority level of a message - */ -#define wpa_debug_level_enabled(level) (CONFIG_WPA_SUPP_DEBUG_LEVEL <= (level)) - -/** - * wpa_debug_cond_run - run the action if the given condition is met - * - * @cond: condition expression - * @action: action to run - */ -#define wpa_debug_cond_run(cond, action) \ - do { \ - if (cond) { \ - action; \ - } \ - } while (0) - - -#ifdef CONFIG_NO_STDOUT_DEBUG - -#define wpa_printf(args...) do { } while (0) -#define wpa_hexdump(l, t, b, e) do { } while (0) -#define wpa_hexdump_buf(l, t, b) do { } while (0) -#define wpa_hexdump_key(l, t, b, le) do { } while (0) -#define wpa_hexdump_buf_key(l, t, b) do { } while (0) -#define wpa_hexdump_ascii(l, t, b, le) do { } while (0) -#define wpa_hexdump_ascii_key(l, t, b, le) do { } while (0) -#define wpa_dbg(args...) do { } while (0) - -#else /* CONFIG_NO_STDOUT_DEBUG */ - -/** - * wpa_printf - conditional printf - * - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * The output is directed to Zephyr logging subsystem. - */ -#define wpa_printf(level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_printf_impl(level, fmt, ##__VA_ARGS__)) - -void wpa_printf_impl(int level, const char *fmt, ...) PRINTF_FORMAT(2, 3); - -/** - * wpa_hexdump - conditional hex dump - * - * @level: priority level (MSG_*) of the message - * @title: title of the message - * @buf: data buffer to be dumped - * @len: length of the buffer - * - * This function is used to print conditional debugging and error messages. - * The output is directed to Zephyr logging subsystem. The contents of buf is - * printed out as hex dump. - */ -#define wpa_hexdump(level, title, buf, len) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), wpa_hexdump_impl(level, title, buf, len)) - -void wpa_hexdump_impl(int level, const char *title, const void *buf, size_t len); - -static inline void wpa_hexdump_buf(int level, const char *title, const struct wpabuf *buf) -{ - wpa_hexdump(level, title, buf ? wpabuf_head(buf) : NULL, buf ? wpabuf_len(buf) : 0); -} - -/** - * wpa_hexdump_key - conditional hex dump, hide keys - * - * @level: priority level (MSG_*) of the message - * @title: title of the message - * @buf: data buffer to be dumped - * @len: length of the buffer - * - * This function is used to print conditional debugging and error messages. - * The output is directed to Zephyr logging subsystem. The contents of buf is - * printed out as hex dump. This works like wpa_hexdump(), but by default, does - * not include secret keys (passwords, etc.) in debug output. - */ -#define wpa_hexdump_key(level, title, buf, len) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_hexdump_key_impl(level, title, buf, len)) - -void wpa_hexdump_key_impl(int level, const char *title, const void *buf, size_t len); - -static inline void wpa_hexdump_buf_key(int level, const char *title, const struct wpabuf *buf) -{ - wpa_hexdump_key(level, title, buf ? wpabuf_head(buf) : NULL, buf ? wpabuf_len(buf) : 0); -} - -/** - * wpa_hexdump_ascii - conditional hex dump - * - * @level: priority level (MSG_*) of the message - * @title: title of the message - * @buf: data buffer to be dumped - * @len: length of the buffer - * - * This function is used to print conditional debugging and error messages. - * The output is directed to Zephyr logging subsystem. The contents of buf is - * printed out as hex dump with both the hex numbers and ASCII characters (for - * printable range) shown. 16 bytes per line will be shown. - */ -#define wpa_hexdump_ascii(level, title, buf, len) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_hexdump_ascii_impl(level, title, buf, len)) - -void wpa_hexdump_ascii_impl(int level, const char *title, const void *buf, size_t len); - -/** - * wpa_hexdump_ascii_key - conditional hex dump, hide keys - * @level: priority level (MSG_*) of the message - * @title: title of the message - * @buf: data buffer to be dumped - * @len: length of the buffer - * - * This function is used to print conditional debugging and error messages. - * The output is directed to Zephyr logging subsystem. The contents of buf is - * printed out as hex dump with both the hex numbers and ASCII characters (for - * printable range) shown. 16 bytes per line will be shown. This works like - * wpa_hexdump_ascii(), but by default, does not include secret keys - * (passwords, etc.) in debug output. - */ -#define wpa_hexdump_ascii_key(level, title, buf, len) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_hexdump_ascii_key_impl(level, title, buf, len)); - -void wpa_hexdump_ascii_key_impl(int level, const char *title, const void *buf, size_t len); - -/* - * wpa_dbg() behaves like wpa_msg(), but it can be removed from build to reduce - * binary size. As such, it should be used with debugging messages that are not - * needed in the control interface while wpa_msg() has to be used for anything - * that needs to shown to control interface monitors. - */ -#define wpa_dbg(args...) wpa_msg(args) - -#endif /* CONFIG_NO_STDOUT_DEBUG */ - - -#ifdef CONFIG_NO_WPA_MSG - -#define wpa_msg(args...) do { } while (0) -#define wpa_msg_ctrl(args...) do { } while (0) -#define wpa_msg_global(args...) do { } while (0) -#define wpa_msg_global_ctrl(args...) do { } while (0) -#define wpa_msg_no_global(args...) do { } while (0) -#define wpa_msg_global_only(args...) do { } while (0) -#define wpa_msg_register_cb(f) do { } while (0) -#define wpa_msg_register_ifname_cb(f) do { } while (0) - -#else /* CONFIG_NO_WPA_MSG */ - -/** - * wpa_msg - Conditional printf for default target and ctrl_iface monitors - * - * @ctx: Pointer to context data; this is the ctx variable registered - * with struct wpa_driver_ops::init() - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * The output is directed to Zephyr logging subsystem. This function is like - * wpa_printf(), but it also sends the same message to all attached ctrl_iface - * monitors. - */ -#define wpa_msg(ctx, level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_msg_impl(ctx, level, fmt, ##__VA_ARGS__)) - -void wpa_msg_impl(void *ctx, int level, const char *fmt, ...) PRINTF_FORMAT(3, 4); - -/** - * wpa_msg_ctrl - Conditional printf for ctrl_iface monitors - * - * @ctx: Pointer to context data; this is the ctx variable registered - * with struct wpa_driver_ops::init() - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * This function is like wpa_msg(), but it sends the output only to the - * attached ctrl_iface monitors. In other words, it can be used for frequent - * events that do not need to be sent to syslog. - */ -#define wpa_msg_ctrl(ctx, level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_msg_ctrl_impl(ctx, level, fmt, ##__VA_ARGS__)) - -void wpa_msg_ctrl_impl(void *ctx, int level, const char *fmt, ...) PRINTF_FORMAT(3, 4); - -/** - * wpa_msg_global - Global printf for ctrl_iface monitors - * - * @ctx: Pointer to context data; this is the ctx variable registered - * with struct wpa_driver_ops::init() - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * This function is like wpa_msg(), but it sends the output as a global event, - * i.e., without being specific to an interface. For backwards compatibility, - * an old style event is also delivered on one of the interfaces (the one - * specified by the context data). - */ -#define wpa_msg_global(ctx, level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_msg_global_impl(ctx, level, fmt, ##__VA_ARGS__)) - -void wpa_msg_global_impl(void *ctx, int level, const char *fmt, ...) PRINTF_FORMAT(3, 4); - -/** - * wpa_msg_global_ctrl - Conditional global printf for ctrl_iface monitors - * - * @ctx: Pointer to context data; this is the ctx variable registered - * with struct wpa_driver_ops::init() - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * This function is like wpa_msg_global(), but it sends the output only to the - * attached global ctrl_iface monitors. In other words, it can be used for - * frequent events that do not need to be sent to syslog. - */ -#define wpa_msg_global_ctrl(ctx, level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_msg_global_ctrl_impl(ctx, level, fmt, ##__VA_ARGS__)) - -void wpa_msg_global_ctrl_impl(void *ctx, int level, const char *fmt, ...) PRINTF_FORMAT(3, 4); - -/** - * wpa_msg_no_global - Conditional printf for ctrl_iface monitors - * - * @ctx: Pointer to context data; this is the ctx variable registered - * with struct wpa_driver_ops::init() - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * This function is like wpa_msg(), but it does not send the output as a global - * event. - */ -#define wpa_msg_no_global(ctx, level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_msg_no_global_impl(ctx, level, fmt, ##__VA_ARGS__)) - -void wpa_msg_no_global_impl(void *ctx, int level, const char *fmt, ...) PRINTF_FORMAT(3, 4); - -/** - * wpa_msg_global_only - Conditional printf for ctrl_iface monitors - * - * @ctx: Pointer to context data; this is the ctx variable registered - * with struct wpa_driver_ops::init() - * @level: priority level (MSG_*) of the message - * @fmt: printf format string, followed by optional arguments - * - * This function is used to print conditional debugging and error messages. - * This function is like wpa_msg_global(), but it sends the output only as a - * global event. - */ -#define wpa_msg_global_only(ctx, level, fmt, ...) \ - wpa_debug_cond_run(wpa_debug_level_enabled(level), \ - wpa_msg_global_only_impl(ctx, level, fmt, ##__VA_ARGS__)) - -void wpa_msg_global_only_impl(void *ctx, int level, const char *fmt, ...) PRINTF_FORMAT(3, 4); - -enum wpa_msg_type { - WPA_MSG_PER_INTERFACE, - WPA_MSG_GLOBAL, - WPA_MSG_NO_GLOBAL, - WPA_MSG_ONLY_GLOBAL, -}; - -typedef void (*wpa_msg_cb_func)(void *ctx, int level, enum wpa_msg_type type, const char *txt, - size_t len); - -/** - * wpa_msg_register_cb - Register callback function for wpa_msg() messages - * @func: Callback function (%NULL to unregister) - */ -void wpa_msg_register_cb(wpa_msg_cb_func func); - -typedef const char * (*wpa_msg_get_ifname_func)(void *ctx); -void wpa_msg_register_ifname_cb(wpa_msg_get_ifname_func func); - -#endif /* CONFIG_NO_WPA_MSG */ - - -#ifdef CONFIG_NO_HOSTAPD_LOGGER - -#define hostapd_logger(args...) do { } while (0) -#define hostapd_logger_register_cb(f) do { } while (0) - -#else /* CONFIG_NO_HOSTAPD_LOGGER */ - -#define HOSTAPD_MODULE_IEEE80211 0x00000001 -#define HOSTAPD_MODULE_IEEE8021X 0x00000002 -#define HOSTAPD_MODULE_RADIUS 0x00000004 -#define HOSTAPD_MODULE_WPA 0x00000008 -#define HOSTAPD_MODULE_DRIVER 0x00000010 -#define HOSTAPD_MODULE_MLME 0x00000040 - -enum hostapd_logger_level { - HOSTAPD_LEVEL_DEBUG_VERBOSE = 0, - HOSTAPD_LEVEL_DEBUG = 1, - HOSTAPD_LEVEL_INFO = 2, - HOSTAPD_LEVEL_NOTICE = 3, - HOSTAPD_LEVEL_WARNING = 4 -}; - -void hostapd_logger(void *ctx, const u8 *addr, unsigned int module, int level, const char *fmt, ...) - PRINTF_FORMAT(5, 6); - -typedef void (*hostapd_logger_cb_func)(void *ctx, const u8 *addr, unsigned int module, int level, - const char *txt, size_t len); - -/** - * hostapd_logger_register_cb - Register callback function for hostapd_logger() - * @func: Callback function (NULL to unregister) - */ -void hostapd_logger_register_cb(hostapd_logger_cb_func func); - -#endif /* CONFIG_NO_HOSTAPD_LOGGER */ - - -/* CONFIG_DEBUG_FILE is not supported by Zephyr */ - -static inline int wpa_debug_open_file(const char *path) { return 0; } -static inline int wpa_debug_reopen_file(void) { return 0; } -static inline void wpa_debug_close_file(void) {} -static inline void wpa_debug_setup_stdout(void) {} - - -/* CONFIG_DEBUG_SYSLOG is not supported by Zephyr */ - -static inline void wpa_debug_open_syslog(void) {} -static inline void wpa_debug_close_syslog(void) {} - - -/* CONFIG_DEBUG_LINUX_TRACING is not supported by Zephyr */ - -static inline int wpa_debug_open_linux_tracing(void) { return 0; } -static inline void wpa_debug_close_linux_tracing(void) {} - - -#ifdef EAPOL_TEST -#define WPA_ASSERT __ASSERT -#else -#define WPA_ASSERT(a) do {} while (0) -#endif - - -const char *debug_level_str(int level); -int str_to_debug_level(const char *s); - -#endif /* WPA_DEBUG_H */ diff --git a/modules/hostap/src/wpa_cli.c b/modules/hostap/src/wpa_cli.c deleted file mode 100644 index d65fa5d882c7..000000000000 --- a/modules/hostap/src/wpa_cli.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* @file - * @brief wpa_cli implementation for Zephyr OS - */ - -#include -#include -#include - -#include "wpa_cli_zephyr.h" - -static int cmd_wpa_cli(const struct shell *sh, - size_t argc, - const char *argv[]) -{ - ARG_UNUSED(sh); - - if (argc == 1) { - shell_error(sh, "Missing argument"); - return -EINVAL; - } - - argv[argc] = "interactive"; - argc++; - - /* Remove wpa_cli from the argument list */ - return z_wpa_ctrl_zephyr_cmd(argc - 1, &argv[1]); -} - -/* Persisting with "wpa_cli" naming for compatibility with Wi-Fi - * certification applications and scripts. - */ -SHELL_CMD_REGISTER(wpa_cli, - NULL, - "wpa_cli commands (only for internal use)", - cmd_wpa_cli); From 786ada37b4a9045e3da896daace7186e6d7ba695 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Tue, 6 Aug 2024 00:50:03 +0530 Subject: [PATCH 039/217] boards: Remove nRF7002DK board This board is upstreamed to Zephyr. Signed-off-by: Chaitanya Tata --- boards/nordic/nrf7002dk/CMakeLists.txt | 12 - boards/nordic/nrf7002dk/Kconfig | 85 ----- boards/nordic/nrf7002dk/Kconfig.defconfig | 81 ----- boards/nordic/nrf7002dk/Kconfig.nrf7002dk | 10 - boards/nordic/nrf7002dk/Kconfig.sysbuild | 5 - boards/nordic/nrf7002dk/board.cmake | 22 -- boards/nordic/nrf7002dk/board.yml | 15 - .../nrf5340_cpuapp_common-pinctrl.dtsi | 127 -------- .../nrf7002dk/nrf5340_cpuapp_common.dtsi | 292 ------------------ .../nrf5340_cpuapp_nrf7001_common.dtsi | 292 ------------------ .../nrf5340_cpuapp_nrf7001_partition_conf.dts | 60 ---- .../nrf5340_cpuapp_partition_conf.dts | 60 ---- .../nrf7002dk/nrf5340_cpunet_nrf7001_reset.c | 59 ---- .../nordic/nrf7002dk/nrf5340_cpunet_reset.c | 59 ---- ...340_nrf7001_shared_sram_planning_conf.dtsi | 30 -- .../nrf5340_shared_sram_planning_conf.dts | 30 -- .../nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi | 19 -- .../nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts | 39 --- .../nrf7002dk/nrf7002dk_nrf5340_cpuapp.yaml | 19 -- .../nrf7002dk_nrf5340_cpuapp_defconfig | 23 -- .../nrf7002dk_nrf5340_cpuapp_nrf7001.dts | 32 -- .../nrf7002dk_nrf5340_cpuapp_nrf7001.yaml | 19 -- ...nrf7002dk_nrf5340_cpuapp_nrf7001_defconfig | 24 -- .../nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts | 29 -- .../nrf7002dk_nrf5340_cpuapp_nrf7001_ns.yaml | 18 -- ...7002dk_nrf5340_cpuapp_nrf7001_ns_defconfig | 27 -- .../nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts | 42 --- .../nrf7002dk_nrf5340_cpuapp_ns.yaml | 18 -- .../nrf7002dk_nrf5340_cpuapp_ns_defconfig | 26 -- .../nrf7002dk_nrf5340_cpunet-pinctrl.dtsi | 56 ---- .../nrf7002dk/nrf7002dk_nrf5340_cpunet.dts | 172 ----------- .../nrf7002dk/nrf7002dk_nrf5340_cpunet.yaml | 13 - .../nrf7002dk_nrf5340_cpunet_defconfig | 20 -- .../nrf7002dk_nrf5340_cpunet_nrf7001.dts | 172 ----------- .../nrf7002dk_nrf5340_cpunet_nrf7001.yaml | 13 - ...nrf7002dk_nrf5340_cpunet_nrf7001_defconfig | 21 -- boards/nordic/nrf7002dk/pre_dt_board.cmake | 8 - 37 files changed, 2049 deletions(-) delete mode 100644 boards/nordic/nrf7002dk/CMakeLists.txt delete mode 100644 boards/nordic/nrf7002dk/Kconfig delete mode 100644 boards/nordic/nrf7002dk/Kconfig.defconfig delete mode 100644 boards/nordic/nrf7002dk/Kconfig.nrf7002dk delete mode 100644 boards/nordic/nrf7002dk/Kconfig.sysbuild delete mode 100644 boards/nordic/nrf7002dk/board.cmake delete mode 100644 boards/nordic/nrf7002dk/board.yml delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpuapp_common-pinctrl.dtsi delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_common.dtsi delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_partition_conf.dts delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpuapp_partition_conf.dts delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpunet_nrf7001_reset.c delete mode 100644 boards/nordic/nrf7002dk/nrf5340_cpunet_reset.c delete mode 100644 boards/nordic/nrf7002dk/nrf5340_nrf7001_shared_sram_planning_conf.dtsi delete mode 100644 boards/nordic/nrf7002dk/nrf5340_shared_sram_planning_conf.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.yaml delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_defconfig delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.yaml delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_defconfig delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.yaml delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns_defconfig delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.yaml delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns_defconfig delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet-pinctrl.dtsi delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.yaml delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_defconfig delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.dts delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.yaml delete mode 100644 boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001_defconfig delete mode 100644 boards/nordic/nrf7002dk/pre_dt_board.cmake diff --git a/boards/nordic/nrf7002dk/CMakeLists.txt b/boards/nordic/nrf7002dk/CMakeLists.txt deleted file mode 100644 index 325ca1162bf3..000000000000 --- a/boards/nordic/nrf7002dk/CMakeLists.txt +++ /dev/null @@ -1,12 +0,0 @@ -# Copyright (c) 2022 Nordic Semiconductor ASA. -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -if(CONFIG_BOARD_ENABLE_CPUNET) - if(CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NS) - zephyr_library() - zephyr_library_sources(nrf5340_cpunet_reset.c) - elseif(CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NS_NRF7001) - zephyr_library() - zephyr_library_sources(nrf5340_cpunet_nrf7001_reset.c) - endif() -endif() diff --git a/boards/nordic/nrf7002dk/Kconfig b/boards/nordic/nrf7002dk/Kconfig deleted file mode 100644 index 92b9de9f1184..000000000000 --- a/boards/nordic/nrf7002dk/Kconfig +++ /dev/null @@ -1,85 +0,0 @@ -# nRF5340 DK board configuration - -# Copyright (c) 2022 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -config IPM_NRFX - default IPM - -config MBOX_NRFX_IPC - default MBOX - -if BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NS \ - || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - -config BOARD_ENABLE_DCDC_APP - bool "Enable Application MCU DCDC converter" - select SOC_DCDC_NRF53X_APP - default y - -config BOARD_ENABLE_DCDC_NET - bool "Enable Network MCU DCDC converter" - select SOC_DCDC_NRF53X_NET - default y - -config BOARD_ENABLE_DCDC_HV - bool "Enable High Voltage DCDC converter" - select SOC_DCDC_NRF53X_HV - default y - -config HEAP_MEM_POOL_SIZE - default 4096 if BT_HCI_IPC - -config BT_HCI_VS - default y if BT - -config BOARD_ENABLE_CPUNET - bool "Enable nRF53 Network MCU" - select SOC_NRF_GPIO_FORWARDER_FOR_NRF5340 if \ - $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF_GPIO_FORWARDER)) - help - This option enables releasing the Network 'force off' signal, which - as a consequence will power up the Network MCU during system boot. - Additionally, the option allocates GPIO pins that will be used by UARTE - of the Network MCU. - Note: GPIO pin allocation can only be configured by the secure Application - MCU firmware, so when this option is used with the non-secure version of - the board, the application needs to take into consideration, that the - secure firmware image must already have configured GPIO allocation for the - Network MCU. - default y if (BT || NRF_802154_SER_HOST) - -config DOMAIN_CPUNET_BOARD - string - default "nrf7002dk/nrf5340/cpunet" if BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NS - default "nrf7002dk/nrf5340/cpunet/nrf7001" if BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - depends on BOARD_ENABLE_CPUNET - help - The board which will be used for CPUNET domain when creating a multi - image application where one or more images should be located on - another board. For example hci_ipc on the nRF5340_cpunet for - Bluetooth applications. - -endif # BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NS -# || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - -if BOARD_NRF7002DK_NRF5340_CPUNET || BOARD_NRF7002DK_NRF5340_CPUNET_NRF7001 - -# BT_CTLR depends on BT. When BT is enabled we should default to also -# enabling the controller. -config BT_CTLR - default y if BT - -config BT_ECC - default y if BT - -config DOMAIN_CPUAPP_BOARD - string - default "nrf7002dk/nrf5340/cpuapp" if BOARD_NRF7002DK_NRF5340_CPUNET - default "nrf7002dk/nrf5340/cpuapp/nrf7001" if BOARD_NRF7002DK_NRF5340_CPUNET_NRF7001 - help - The board which will be used for CPUAPP domain when creating a multi - image application where one or more images should be located on - another board. - -endif # BOARD_NRF7002DK_NRF5340_CPUNET || BOARD_NRF7002DK_NRF5340_CPUNET_NRF7001 diff --git a/boards/nordic/nrf7002dk/Kconfig.defconfig b/boards/nordic/nrf7002dk/Kconfig.defconfig deleted file mode 100644 index e8f2bb4b3cf4..000000000000 --- a/boards/nordic/nrf7002dk/Kconfig.defconfig +++ /dev/null @@ -1,81 +0,0 @@ -# nRF5340 DK nRF5340 board configuration - -# Copyright (c) 2022 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -if BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NS \ - || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - -# By default, if we build for a Non-Secure version of the board, -# force building with TF-M as the Secure Execution Environment. -config BUILD_WITH_TFM - default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS - # Temporarily disable building Non-Secure images with TF-M support by - # default. - # default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - default n - -if BUILD_WITH_TFM - -# By default, if we build with TF-M, instruct build system to -# flash the combined TF-M (Secure) & Zephyr (Non Secure) image -config TFM_FLASH_MERGED_BINARY - bool - default y - -endif # BUILD_WITH_TFM - -# Code Partition: -# -# For the secure version of the board the firmware is linked at the beginning -# of the flash, or into the code-partition defined in DT if it is intended to -# be loaded by MCUboot. If the secure firmware is to be combined with a non- -# secure image (TRUSTED_EXECUTION_SECURE=y), the secure FW image shall always -# be restricted to the size of its code partition. -# -# For the non-secure version of the board, the firmware -# must be linked into the code-partition (non-secure) defined in DT, regardless. -# Apply this configuration below by setting the Kconfig symbols used by -# the linker according to the information extracted from DT partitions. - -# SRAM Partition: -# -# If the secure firmware is to be combined with a non-secure image -# (TRUSTED_EXECUTION_SECURE=y), the secure FW image SRAM shall always -# be restricted to the secure image SRAM partition (sram-secure-partition). -# Otherwise (if TRUSTED_EXECUTION_SECURE is not set) the whole zephyr,sram -# may be used by the image. -# -# For the non-secure version of the board, the firmware image SRAM is -# always restricted to the allocated non-secure SRAM partition. -# -# Workaround for not being able to have commas in macro arguments -DT_CHOSEN_Z_CODE_PARTITION := zephyr,code-partition -DT_CHOSEN_Z_SRAM_PARTITION := zephyr,sram-secure-partition - -if (BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001) && TRUSTED_EXECUTION_SECURE - -config FLASH_LOAD_SIZE - default $(dt_chosen_reg_size_hex,$(DT_CHOSEN_Z_CODE_PARTITION)) - -config SRAM_SIZE - default $(dt_chosen_reg_size_int,$(DT_CHOSEN_Z_SRAM_PARTITION),0,K) - -endif # (BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001) && TRUSTED_EXECUTION_SECURE - -if BOARD_NRF7002DK_NRF5340_CPUAPP_NS || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - -config FLASH_LOAD_OFFSET - default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_CODE_PARTITION)) - -config FLASH_LOAD_SIZE - default $(dt_chosen_reg_size_hex,$(DT_CHOSEN_Z_CODE_PARTITION)) - -endif # BOARD_NRF7002DK_NRF5340_CPUAPP_NS || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS - -endif # BOARD_NRF7002DK_NRF5340_CPUAPP || BOARD_NRF7002DK_NRF5340_CPUAPP_NS - -# Hidden (Internal use only) -config NRF70_2_4G_ONLY - bool - default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS || BOARD_NRF7002DK_NRF5340_CPUNET_NRF7001 diff --git a/boards/nordic/nrf7002dk/Kconfig.nrf7002dk b/boards/nordic/nrf7002dk/Kconfig.nrf7002dk deleted file mode 100644 index 670cb682f973..000000000000 --- a/boards/nordic/nrf7002dk/Kconfig.nrf7002dk +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright (c) 2024 Nordic Semiconductor -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -config BOARD_NRF7002DK - select SOC_NRF5340_CPUNET_QKAA if BOARD_NRF7002DK_NRF5340_CPUNET \ - || BOARD_NRF7002DK_NRF5340_CPUNET_NRF7001 - select SOC_NRF5340_CPUAPP_QKAA if BOARD_NRF7002DK_NRF5340_CPUAPP \ - || BOARD_NRF7002DK_NRF5340_CPUAPP_NS \ - || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 \ - || BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001_NS diff --git a/boards/nordic/nrf7002dk/Kconfig.sysbuild b/boards/nordic/nrf7002dk/Kconfig.sysbuild deleted file mode 100644 index 852dd74a9459..000000000000 --- a/boards/nordic/nrf7002dk/Kconfig.sysbuild +++ /dev/null @@ -1,5 +0,0 @@ -# Copyright (c) 2024 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -config WIFI_NRF70 - default y if SOC_NRF5340_CPUAPP_QKAA diff --git a/boards/nordic/nrf7002dk/board.cmake b/boards/nordic/nrf7002dk/board.cmake deleted file mode 100644 index 09f52c4933c7..000000000000 --- a/boards/nordic/nrf7002dk/board.cmake +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright (c) 2023 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -if(CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NS OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NS_NRF7001) - set(TFM_PUBLIC_KEY_FORMAT "full") -endif() - -if(CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NS - OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NRF7001 OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUAPP_NS_NRF7001) - board_runner_args(jlink "--device=nrf5340_xxaa_app" "--speed=4000") -endif() - -if(CONFIG_TFM_FLASH_MERGED_BINARY) - set_property(TARGET runners_yaml_props_target PROPERTY hex_file "${CMAKE_BINARY_DIR}/tfm_merged.hex") -endif() - -if(CONFIG_BOARD_NRF7002DK_NRF5340_CPUNET OR CONFIG_BOARD_NRF7002DK_NRF5340_CPUNET_NRF7001) - board_runner_args(jlink "--device=nrf5340_xxaa_net" "--speed=4000") -endif() - -include(${ZEPHYR_BASE}/boards/common/nrfjprog.board.cmake) -include(${ZEPHYR_BASE}/boards/common/jlink.board.cmake) diff --git a/boards/nordic/nrf7002dk/board.yml b/boards/nordic/nrf7002dk/board.yml deleted file mode 100644 index 336d914ceecf..000000000000 --- a/boards/nordic/nrf7002dk/board.yml +++ /dev/null @@ -1,15 +0,0 @@ -board: - name: nrf7002dk - vendor: nordic - socs: - - name: nrf5340 - variants: - - name: ns - cpucluster: cpuapp - # nRF7002 companion IC in nRF7001 emulation mode on nRF7002dk - - name: nrf7001 - cpucluster: cpuapp - variants: - - name: ns - - name: nrf7001 - cpucluster: cpunet diff --git a/boards/nordic/nrf7002dk/nrf5340_cpuapp_common-pinctrl.dtsi b/boards/nordic/nrf7002dk/nrf5340_cpuapp_common-pinctrl.dtsi deleted file mode 100644 index f68ffe7c397f..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpuapp_common-pinctrl.dtsi +++ /dev/null @@ -1,127 +0,0 @@ -&pinctrl { - i2c1_default: i2c1_default { - group1 { - psels = , - ; - }; - }; - - i2c1_sleep: i2c1_sleep { - group1 { - psels = , - ; - low-power-enable; - }; - }; - - uart0_default: uart0_default { - group1 { - psels = , - ; - }; - group2 { - psels = , - ; - bias-pull-up; - }; - }; - - uart0_sleep: uart0_sleep { - group1 { - psels = , - , - , - ; - low-power-enable; - }; - }; - - pwm0_default: pwm0_default { - group1 { - psels = ; - }; - }; - - pwm0_sleep: pwm0_sleep { - group1 { - psels = ; - low-power-enable; - }; - }; - - qspi_default: qspi_default { - group1 { - psels = , - , - , - , - , - ; - }; - }; - - qspi_sleep: qspi_sleep { - group1 { - psels = , - , - , - , - , - ; - low-power-enable; - }; - }; - - uart1_default: uart1_default { - group1 { - psels = ; - }; - group2 { - psels = ; - bias-pull-up; - }; - }; - - uart1_sleep: uart1_sleep { - group1 { - psels = , - ; - low-power-enable; - }; - }; - - spi3_default: spi3_default { - group1 { - psels = , - , - ; - }; - }; - - spi3_sleep: spi3_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; - - spi4_default: spi4_default { - group1 { - psels = , - , - ; - }; - }; - - spi4_sleep: spi4_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; - -}; diff --git a/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi b/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi deleted file mode 100644 index 7b1a4ef1c509..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi +++ /dev/null @@ -1,292 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include "nrf5340_cpuapp_common-pinctrl.dtsi" - -/ { - - chosen { - zephyr,console = &uart0; - zephyr,shell-uart = &uart0; - zephyr,uart-mcumgr = &uart0; - zephyr,bt-mon-uart = &uart0; - zephyr,bt-c2h-uart = &uart0; - zephyr,bt-hci-ipc = &ipc0; - nordic,802154-spinel-ipc = &ipc0; - zephyr,ieee802154 = &ieee802154; - }; - - leds { - compatible = "gpio-leds"; - led0: led_0 { - gpios = <&gpio1 6 GPIO_ACTIVE_HIGH>; - label = "Green LED 0"; - }; - led1: led_1 { - gpios = <&gpio1 7 GPIO_ACTIVE_HIGH>; - label = "Green LED 1"; - }; - }; - - pwmleds { - compatible = "pwm-leds"; - pwm_led0: pwm_led_0 { - pwms = <&pwm0 0 PWM_MSEC(20) PWM_POLARITY_NORMAL>; - }; - }; - - buttons { - compatible = "gpio-keys"; - button0: button_0 { - gpios = <&gpio1 8 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 1"; - }; - button1: button_1 { - gpios = <&gpio1 9 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 2"; - }; - }; - - arduino_header: connector { - compatible = "arduino-header-r3"; - #gpio-cells = <2>; - gpio-map-mask = <0xffffffff 0xffffffc0>; - gpio-map-pass-thru = <0 0x3f>; - gpio-map = <0 0 &gpio0 4 0>, /* A0 */ - <1 0 &gpio0 5 0>, /* A1 */ - <2 0 &gpio0 6 0>, /* A2 */ - <3 0 &gpio0 7 0>, /* A3 */ - <4 0 &gpio0 25 0>, /* A4 */ - <5 0 &gpio0 26 0>, /* A5 */ - <6 0 &gpio1 0 0>, /* D0 */ - <7 0 &gpio1 1 0>, /* D1 */ - <8 0 &gpio1 4 0>, /* D2 */ - <9 0 &gpio1 5 0>, /* D3 */ - <10 0 &gpio1 6 0>, /* D4 */ - <11 0 &gpio1 7 0>, /* D5 */ - <12 0 &gpio1 8 0>, /* D6 */ - <13 0 &gpio1 9 0>, /* D7 */ - <14 0 &gpio1 10 0>, /* D8 */ - <15 0 &gpio1 11 0>, /* D9 */ - <16 0 &gpio1 12 0>, /* D10 */ - <17 0 &gpio1 13 0>, /* D11 */ - <18 0 &gpio1 14 0>, /* D12 */ - <19 0 &gpio1 15 0>, /* D13 */ - <20 0 &gpio1 2 0>, /* D14 */ - <21 0 &gpio1 3 0>; /* D15 */ - }; - - arduino_adc: analog-connector { - compatible = "arduino,uno-adc"; - #io-channel-cells = <1>; - io-channel-map = <0 &adc 0>, /* A0 = P0.4 = AIN0 */ - <1 &adc 1>, /* A1 = P0.5 = AIN1 */ - <2 &adc 2>, /* A2 = P0.6 = AIN2 */ - <3 &adc 3>, /* A3 = P0.7 = AIN3 */ - <4 &adc 4>, /* A4 = P0.25 = AIN4 */ - <5 &adc 5>; /* A5 = P0.26 = AIN5 */ - }; - - gpio_fwd: nrf-gpio-forwarder { - compatible = "nordic,nrf-gpio-forwarder"; - status = "okay"; - uart { - gpios = <&gpio1 1 0>, <&gpio1 0 0>, <&gpio1 5 0>, <&gpio1 4 0>; - }; - }; - - nrf_radio_coex: nrf7002-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - req-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; - status0-gpios = <&gpio0 30 GPIO_ACTIVE_HIGH>; - grant-gpios = <&gpio0 24 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; - swctrl1-gpios = <&gpio0 29 GPIO_ACTIVE_HIGH>; - srrf-switch-gpios = <&gpio1 10 GPIO_ACTIVE_HIGH>; - }; - - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - /* These aliases are provided for compatibility with samples */ - aliases { - led0 = &led0; - led1 = &led1; - pwm-led0 = &pwm_led0; - sw0 = &button0; - sw1 = &button1; - bootloader-led0 = &led0; - mcuboot-button0 = &button0; - mcuboot-led0 = &led0; - }; -}; - -&adc { - status = "okay"; -}; - -&gpiote { - status = "okay"; -}; - -&gpio0 { - status = "okay"; -}; - -&gpio1 { - status = "okay"; -}; - -arduino_i2c: &i2c1 { - compatible = "nordic,nrf-twim"; - status = "okay"; - pinctrl-0 = <&i2c1_default>; - pinctrl-1 = <&i2c1_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&uart0 { - status = "okay"; - current-speed = <115200>; - pinctrl-0 = <&uart0_default>; - pinctrl-1 = <&uart0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&pwm0 { - status = "okay"; - pinctrl-0 = <&pwm0_default>; - pinctrl-1 = <&pwm0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&spi4 { - compatible = "nordic,nrf-spim"; - status = "okay"; - pinctrl-0 = <&spi4_default>; - pinctrl-1 = <&spi4_sleep>; - pinctrl-names = "default", "sleep"; - cs-gpios = <&gpio0 11 GPIO_ACTIVE_LOW>; - mx25r64: mx25r6435f@0 { - compatible = "jedec,spi-nor"; - reg = <0>; - spi-max-frequency = <33000000>; - jedec-id = [c2 28 17]; - sfdp-bfp = [ - e5 20 f1 ff ff ff ff 03 44 eb 08 6b 08 3b 04 bb - ee ff ff ff ff ff 00 ff ff ff 00 ff 0c 20 0f 52 - 10 d8 00 ff 23 72 f5 00 82 ed 04 cc 44 83 68 44 - 30 b0 30 b0 f7 c4 d5 5c 00 be 29 ff f0 d0 ff ff - ]; - size = <67108864>; - has-dpd; - t-enter-dpd = <10000>; - t-exit-dpd = <5000>; - }; -}; - -&qspi { - status = "okay"; - - pinctrl-0 = <&qspi_default>; - pinctrl-1 = <&qspi_sleep>; - pinctrl-names = "default", "sleep"; - nrf700x: nrf7002@1 { - status = "okay"; - compatible = "nordic,nrf700x-qspi"; - reg = <1>; - sck-frequency = <24000000>; - quad-mode; - /* Wi-Fi Pins used */ - iovdd-ctrl-gpios = <&gpio0 31 GPIO_ACTIVE_HIGH>; - bucken-gpios = <&gpio0 12 GPIO_ACTIVE_HIGH>; - host-irq-gpios = <&gpio0 23 GPIO_ACTIVE_HIGH>; - }; -}; - -arduino_serial: &uart1 { - compatible = "nordic,nrf-uarte"; - current-speed = <115200>; - pinctrl-0 = <&uart1_default>; - pinctrl-1 = <&uart1_sleep>; - pinctrl-names = "default", "sleep"; -}; - -arduino_spi: &spi3 { - compatible = "nordic,nrf-spim"; - cs-gpios = <&arduino_header 16 GPIO_ACTIVE_LOW>; /* D10 */ - pinctrl-0 = <&spi3_default>; - pinctrl-1 = <&spi3_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&flash0 { - - partitions { - compatible = "fixed-partitions"; - #address-cells = <1>; - #size-cells = <1>; - - boot_partition: partition@0 { - label = "mcuboot"; - reg = <0x00000000 0x00010000>; - }; - slot0_partition: partition@10000 { - label = "image-0"; - }; - slot0_ns_partition: partition@50000 { - label = "image-0-nonsecure"; - }; - slot1_partition: partition@80000 { - label = "image-1"; - }; - slot1_ns_partition: partition@c0000 { - label = "image-1-nonsecure"; - }; - scratch_partition: partition@f0000 { - label = "image-scratch"; - reg = <0x000f0000 0xa000>; - }; - storage_partition: partition@fa000 { - label = "storage"; - reg = <0x000fa000 0x00006000>; - }; - }; -}; - -&ieee802154 { - status = "okay"; -}; - -zephyr_udc0: &usbd { - compatible = "nordic,nrf-usbd"; - status = "okay"; -}; - -/ { - - reserved-memory { - #address-cells = <1>; - #size-cells = <1>; - ranges; - - sram0_image: image@20000000 { - /* Zephyr image(s) memory */ - }; - - sram0_s: image_s@20000000 { - /* Secure image memory */ - }; - - sram0_ns: image_ns@20040000 { - /* Non-Secure image memory */ - }; - }; -}; - -/* Include partition configuration file */ -#include "nrf5340_cpuapp_partition_conf.dts" diff --git a/boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_common.dtsi b/boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_common.dtsi deleted file mode 100644 index e81d5ce8df4d..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_common.dtsi +++ /dev/null @@ -1,292 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include "nrf5340_cpuapp_common-pinctrl.dtsi" - -/ { - - chosen { - zephyr,console = &uart0; - zephyr,shell-uart = &uart0; - zephyr,uart-mcumgr = &uart0; - zephyr,bt-mon-uart = &uart0; - zephyr,bt-c2h-uart = &uart0; - zephyr,bt-hci-ipc = &ipc0; - nordic,802154-spinel-ipc = &ipc0; - zephyr,ieee802154 = &ieee802154; - }; - - leds { - compatible = "gpio-leds"; - led0: led_0 { - gpios = <&gpio1 6 GPIO_ACTIVE_HIGH>; - label = "Green LED 0"; - }; - led1: led_1 { - gpios = <&gpio1 7 GPIO_ACTIVE_HIGH>; - label = "Green LED 1"; - }; - }; - - pwmleds { - compatible = "pwm-leds"; - pwm_led0: pwm_led_0 { - pwms = <&pwm0 0 PWM_MSEC(20) PWM_POLARITY_NORMAL>; - }; - }; - - buttons { - compatible = "gpio-keys"; - button0: button_0 { - gpios = <&gpio1 8 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 1"; - }; - button1: button_1 { - gpios = <&gpio1 9 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 2"; - }; - }; - - arduino_header: connector { - compatible = "arduino-header-r3"; - #gpio-cells = <2>; - gpio-map-mask = <0xffffffff 0xffffffc0>; - gpio-map-pass-thru = <0 0x3f>; - gpio-map = <0 0 &gpio0 4 0>, /* A0 */ - <1 0 &gpio0 5 0>, /* A1 */ - <2 0 &gpio0 6 0>, /* A2 */ - <3 0 &gpio0 7 0>, /* A3 */ - <4 0 &gpio0 25 0>, /* A4 */ - <5 0 &gpio0 26 0>, /* A5 */ - <6 0 &gpio1 0 0>, /* D0 */ - <7 0 &gpio1 1 0>, /* D1 */ - <8 0 &gpio1 4 0>, /* D2 */ - <9 0 &gpio1 5 0>, /* D3 */ - <10 0 &gpio1 6 0>, /* D4 */ - <11 0 &gpio1 7 0>, /* D5 */ - <12 0 &gpio1 8 0>, /* D6 */ - <13 0 &gpio1 9 0>, /* D7 */ - <14 0 &gpio1 10 0>, /* D8 */ - <15 0 &gpio1 11 0>, /* D9 */ - <16 0 &gpio1 12 0>, /* D10 */ - <17 0 &gpio1 13 0>, /* D11 */ - <18 0 &gpio1 14 0>, /* D12 */ - <19 0 &gpio1 15 0>, /* D13 */ - <20 0 &gpio1 2 0>, /* D14 */ - <21 0 &gpio1 3 0>; /* D15 */ - }; - - arduino_adc: analog-connector { - compatible = "arduino,uno-adc"; - #io-channel-cells = <1>; - io-channel-map = <0 &adc 0>, /* A0 = P0.4 = AIN0 */ - <1 &adc 1>, /* A1 = P0.5 = AIN1 */ - <2 &adc 2>, /* A2 = P0.6 = AIN2 */ - <3 &adc 3>, /* A3 = P0.7 = AIN3 */ - <4 &adc 4>, /* A4 = P0.25 = AIN4 */ - <5 &adc 5>; /* A5 = P0.26 = AIN5 */ - }; - - gpio_fwd: nrf-gpio-forwarder { - compatible = "nordic,nrf-gpio-forwarder"; - status = "okay"; - uart { - gpios = <&gpio1 1 0>, <&gpio1 0 0>, <&gpio1 5 0>, <&gpio1 4 0>; - }; - }; - - nrf_radio_coex: nrf7001-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - req-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; - status0-gpios = <&gpio0 30 GPIO_ACTIVE_HIGH>; - grant-gpios = <&gpio0 24 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; - swctrl1-gpios = <&gpio0 29 GPIO_ACTIVE_HIGH>; - srrf-switch-gpios = <&gpio1 10 GPIO_ACTIVE_HIGH>; - }; - - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - /* These aliases are provided for compatibility with samples */ - aliases { - led0 = &led0; - led1 = &led1; - pwm-led0 = &pwm_led0; - sw0 = &button0; - sw1 = &button1; - bootloader-led0 = &led0; - mcuboot-button0 = &button0; - mcuboot-led0 = &led0; - }; -}; - -&adc { - status = "okay"; -}; - -&gpiote { - status = "okay"; -}; - -&gpio0 { - status = "okay"; -}; - -&gpio1 { - status = "okay"; -}; - -arduino_i2c: &i2c1 { - compatible = "nordic,nrf-twim"; - status = "okay"; - pinctrl-0 = <&i2c1_default>; - pinctrl-1 = <&i2c1_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&uart0 { - status = "okay"; - current-speed = <115200>; - pinctrl-0 = <&uart0_default>; - pinctrl-1 = <&uart0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&pwm0 { - status = "okay"; - pinctrl-0 = <&pwm0_default>; - pinctrl-1 = <&pwm0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&spi4 { - compatible = "nordic,nrf-spim"; - status = "okay"; - pinctrl-0 = <&spi4_default>; - pinctrl-1 = <&spi4_sleep>; - pinctrl-names = "default", "sleep"; - cs-gpios = <&gpio0 11 GPIO_ACTIVE_LOW>; - mx25r64: mx25r6435f@0 { - compatible = "jedec,spi-nor"; - reg = <0>; - spi-max-frequency = <33000000>; - jedec-id = [c2 28 17]; - sfdp-bfp = [ - e5 20 f1 ff ff ff ff 03 44 eb 08 6b 08 3b 04 bb - ee ff ff ff ff ff 00 ff ff ff 00 ff 0c 20 0f 52 - 10 d8 00 ff 23 72 f5 00 82 ed 04 cc 44 83 68 44 - 30 b0 30 b0 f7 c4 d5 5c 00 be 29 ff f0 d0 ff ff - ]; - size = <67108864>; - has-dpd; - t-enter-dpd = <10000>; - t-exit-dpd = <5000>; - }; -}; - -&qspi { - status = "okay"; - - pinctrl-0 = <&qspi_default>; - pinctrl-1 = <&qspi_sleep>; - pinctrl-names = "default", "sleep"; - nrf700x: nrf7001@1 { - status = "okay"; - compatible = "nordic,nrf700x-qspi"; - reg = <1>; - sck-frequency = <24000000>; - quad-mode; - /* Wi-Fi Pins used */ - iovdd-ctrl-gpios = <&gpio0 31 GPIO_ACTIVE_HIGH>; - bucken-gpios = <&gpio0 12 GPIO_ACTIVE_HIGH>; - host-irq-gpios = <&gpio0 23 GPIO_ACTIVE_HIGH>; - }; -}; - -arduino_serial: &uart1 { - compatible = "nordic,nrf-uarte"; - current-speed = <115200>; - pinctrl-0 = <&uart1_default>; - pinctrl-1 = <&uart1_sleep>; - pinctrl-names = "default", "sleep"; -}; - -arduino_spi: &spi3 { - compatible = "nordic,nrf-spim"; - cs-gpios = <&arduino_header 16 GPIO_ACTIVE_LOW>; /* D10 */ - pinctrl-0 = <&spi3_default>; - pinctrl-1 = <&spi3_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&flash0 { - - partitions { - compatible = "fixed-partitions"; - #address-cells = <1>; - #size-cells = <1>; - - boot_partition: partition@0 { - label = "mcuboot"; - reg = <0x00000000 0x00010000>; - }; - slot0_partition: partition@10000 { - label = "image-0"; - }; - slot0_ns_partition: partition@50000 { - label = "image-0-nonsecure"; - }; - slot1_partition: partition@80000 { - label = "image-1"; - }; - slot1_ns_partition: partition@c0000 { - label = "image-1-nonsecure"; - }; - scratch_partition: partition@f0000 { - label = "image-scratch"; - reg = <0x000f0000 0xa000>; - }; - storage_partition: partition@fa000 { - label = "storage"; - reg = <0x000fa000 0x00006000>; - }; - }; -}; - -&ieee802154 { - status = "okay"; -}; - -zephyr_udc0: &usbd { - compatible = "nordic,nrf-usbd"; - status = "okay"; -}; - -/ { - - reserved-memory { - #address-cells = <1>; - #size-cells = <1>; - ranges; - - sram0_image: image@20000000 { - /* Zephyr image(s) memory */ - }; - - sram0_s: image_s@20000000 { - /* Secure image memory */ - }; - - sram0_ns: image_ns@20040000 { - /* Non-Secure image memory */ - }; - }; -}; - -/* Include partition configuration file */ -#include "nrf5340_cpuapp_partition_conf.dts" diff --git a/boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_partition_conf.dts b/boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_partition_conf.dts deleted file mode 100644 index 6d0657c379bd..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpuapp_nrf7001_partition_conf.dts +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* - * Default Flash planning for nrf7002dk_nrf7001_nrf5340 CPUAPP (Application MCU). - * - * Zephyr build for nRF5340 with ARM TrustZone-M support, - * implies building Secure and Non-Secure Zephyr images. - * - * Secure image will be placed, by default, in flash0 - * (or in slot0, if MCUboot is present). - * Secure image will use sram0 for system memory. - * - * Non-Secure image will be placed in slot0_ns, and use - * sram0_ns for system memory. - * - * Note that the Secure image only requires knowledge of - * the beginning of the Non-Secure image (not its size). - */ - -&slot0_partition { - reg = <0x00010000 0x40000>; -}; - -&slot0_ns_partition { - reg = <0x00050000 0x30000>; -}; - -&slot1_partition { - reg = <0x00080000 0x40000>; -}; - -&slot1_ns_partition { - reg = <0x000c0000 0x30000>; -}; - -/* Default SRAM planning when building for nRF5340 with - * ARM TrustZone-M support - * - Lowest 256 kB SRAM allocated to Secure image (sram0_s) - * - Middle 192 kB allocated to Non-Secure image (sram0_ns) - * - Upper 64 kB SRAM allocated as Shared memory (sram0_shared) - * (see nrf5340_shared_sram_planning_conf.dts) - */ -&sram0_image { - reg = <0x20000000 DT_SIZE_K(448)>; -}; - -&sram0_s { - reg = <0x20000000 DT_SIZE_K(256)>; -}; - -&sram0_ns { - reg = <0x20040000 DT_SIZE_K(192)>; -}; - -/* Include shared RAM configuration file */ -#include "nrf5340_shared_sram_planning_conf.dts" diff --git a/boards/nordic/nrf7002dk/nrf5340_cpuapp_partition_conf.dts b/boards/nordic/nrf7002dk/nrf5340_cpuapp_partition_conf.dts deleted file mode 100644 index ec1e2556db62..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpuapp_partition_conf.dts +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* - * Default Flash planning for nrf7002dk_nrf5340 CPUAPP (Application MCU). - * - * Zephyr build for nRF5340 with ARM TrustZone-M support, - * implies building Secure and Non-Secure Zephyr images. - * - * Secure image will be placed, by default, in flash0 - * (or in slot0, if MCUboot is present). - * Secure image will use sram0 for system memory. - * - * Non-Secure image will be placed in slot0_ns, and use - * sram0_ns for system memory. - * - * Note that the Secure image only requires knowledge of - * the beginning of the Non-Secure image (not its size). - */ - -&slot0_partition { - reg = <0x00010000 0x40000>; -}; - -&slot0_ns_partition { - reg = <0x00050000 0x30000>; -}; - -&slot1_partition { - reg = <0x00080000 0x40000>; -}; - -&slot1_ns_partition { - reg = <0x000c0000 0x30000>; -}; - -/* Default SRAM planning when building for nRF5340 with - * ARM TrustZone-M support - * - Lowest 256 kB SRAM allocated to Secure image (sram0_s) - * - Middle 192 kB allocated to Non-Secure image (sram0_ns) - * - Upper 64 kB SRAM allocated as Shared memory (sram0_shared) - * (see nrf5340_shared_sram_planning_conf.dts) - */ -&sram0_image { - reg = <0x20000000 DT_SIZE_K(448)>; -}; - -&sram0_s { - reg = <0x20000000 DT_SIZE_K(256)>; -}; - -&sram0_ns { - reg = <0x20040000 DT_SIZE_K(192)>; -}; - -/* Include shared RAM configuration file */ -#include "nrf5340_shared_sram_planning_conf.dts" diff --git a/boards/nordic/nrf7002dk/nrf5340_cpunet_nrf7001_reset.c b/boards/nordic/nrf7002dk/nrf5340_cpunet_nrf7001_reset.c deleted file mode 100644 index 32d093597aed..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpunet_nrf7001_reset.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA. - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include - -#include -#include - -LOG_MODULE_REGISTER(nrf7002dk_nrf5340_cpuapp_nrf7001, CONFIG_LOG_DEFAULT_LEVEL); - -#if defined(CONFIG_BT_CTLR_DEBUG_PINS_CPUAPP) -#include <../subsys/bluetooth/controller/ll_sw/nordic/hal/nrf5/debug.h> -#endif - -static void remoteproc_mgr_config(void) -{ -#if defined(CONFIG_BT_CTLR_DEBUG_PINS_CPUAPP) && \ - (!defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) || defined(CONFIG_BUILD_WITH_TFM)) - /* Route Bluetooth Controller Debug Pins */ - DEBUG_SETUP(); -#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) || defined(CONFIG_BUILD_WITH_TFM) */ - -#if !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) - /* Retain nRF5340 Network MCU in Secure domain (bus - * accesses by Network MCU will have Secure attribute set). - */ - NRF_SPU->EXTDOMAIN[0].PERM = BIT(4); -#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) */ -} - -static int remoteproc_mgr_boot(void) -{ - - /* Secure domain may configure permissions for the Network MCU. */ - remoteproc_mgr_config(); - -#if !defined(CONFIG_TRUSTED_EXECUTION_SECURE) - /* - * Building Zephyr with CONFIG_TRUSTED_EXECUTION_SECURE=y implies - * building also a Non-Secure image. The Non-Secure image will, in - * this case do the remainder of actions to properly configure and - * boot the Network MCU. - */ - - /* Release the Network MCU, 'Release force off signal' */ - nrf_reset_network_force_off(NRF_RESET, false); - - LOG_DBG("Network MCU released."); -#endif /* !CONFIG_TRUSTED_EXECUTION_SECURE */ - - return 0; -} - -SYS_INIT(remoteproc_mgr_boot, POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE); diff --git a/boards/nordic/nrf7002dk/nrf5340_cpunet_reset.c b/boards/nordic/nrf7002dk/nrf5340_cpunet_reset.c deleted file mode 100644 index a699b3e9bf0d..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_cpunet_reset.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA. - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include - -#include -#include - -LOG_MODULE_REGISTER(nrf7002dk_nrf5340_cpuapp, CONFIG_LOG_DEFAULT_LEVEL); - -#if defined(CONFIG_BT_CTLR_DEBUG_PINS_CPUAPP) -#include <../subsys/bluetooth/controller/ll_sw/nordic/hal/nrf5/debug.h> -#endif - -static void remoteproc_mgr_config(void) -{ -#if defined(CONFIG_BT_CTLR_DEBUG_PINS_CPUAPP) && \ - (!defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) || defined(CONFIG_BUILD_WITH_TFM)) - /* Route Bluetooth Controller Debug Pins */ - DEBUG_SETUP(); -#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) || defined(CONFIG_BUILD_WITH_TFM) */ - -#if !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) - /* Retain nRF5340 Network MCU in Secure domain (bus - * accesses by Network MCU will have Secure attribute set). - */ - NRF_SPU->EXTDOMAIN[0].PERM = BIT(4); -#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) */ -} - -static int remoteproc_mgr_boot(void) -{ - - /* Secure domain may configure permissions for the Network MCU. */ - remoteproc_mgr_config(); - -#if !defined(CONFIG_TRUSTED_EXECUTION_SECURE) - /* - * Building Zephyr with CONFIG_TRUSTED_EXECUTION_SECURE=y implies - * building also a Non-Secure image. The Non-Secure image will, in - * this case do the remainder of actions to properly configure and - * boot the Network MCU. - */ - - /* Release the Network MCU, 'Release force off signal' */ - nrf_reset_network_force_off(NRF_RESET, false); - - LOG_DBG("Network MCU released."); -#endif /* !CONFIG_TRUSTED_EXECUTION_SECURE */ - - return 0; -} - -SYS_INIT(remoteproc_mgr_boot, POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE); diff --git a/boards/nordic/nrf7002dk/nrf5340_nrf7001_shared_sram_planning_conf.dtsi b/boards/nordic/nrf7002dk/nrf5340_nrf7001_shared_sram_planning_conf.dtsi deleted file mode 100644 index eae3bdcce226..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_nrf7001_shared_sram_planning_conf.dtsi +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* Default shared SRAM planning when building for nRF5340. - * This file is included by both nRF5340 CPUAPP (Application MCU) - * and nRF5340 CPUNET (Network MCU). - * - 64 kB SRAM allocated as Shared memory (sram0_shared) - * - Region defined after the image SRAM of Application MCU - */ - -/ { - chosen { - /* shared memory reserved for the inter-processor communication */ - zephyr,ipc_shm = &sram0_shared; - }; - - reserved-memory { - #address-cells = <1>; - #size-cells = <1>; - ranges; - - sram0_shared: memory@20070000 { - /* SRAM allocated to shared memory */ - reg = <0x20070000 0x10000>; - }; - }; -}; diff --git a/boards/nordic/nrf7002dk/nrf5340_shared_sram_planning_conf.dts b/boards/nordic/nrf7002dk/nrf5340_shared_sram_planning_conf.dts deleted file mode 100644 index c030a1e962ca..000000000000 --- a/boards/nordic/nrf7002dk/nrf5340_shared_sram_planning_conf.dts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/* Default shared SRAM planning when building for nRF5340. - * This file is included by both nRF5340 CPUAPP (Application MCU) - * and nRF5340 CPUNET (Network MCU). - * - 64 kB SRAM allocated as Shared memory (sram0_shared) - * - Region defined after the image SRAM of Application MCU - */ - -/ { - chosen { - /* shared memory reserved for the inter-processor communication */ - zephyr,ipc_shm = &sram0_shared; - }; - - reserved-memory { - #address-cells = <1>; - #size-cells = <1>; - ranges; - - sram0_shared: memory@20070000 { - /* SRAM allocated to shared memory */ - reg = <0x20070000 0x10000>; - }; - }; -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi deleted file mode 100644 index 950ccad422dc..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi +++ /dev/null @@ -1,19 +0,0 @@ -&pinctrl { - spi2_default: spi2_default { - group1 { - psels = , - , - ; - }; - }; - - spi2_sleep: spi2_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; - -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts deleted file mode 100644 index eb12e33add74..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/dts-v1/; -#include -#include "nrf5340_cpuapp_common.dtsi" -#include "nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi" - -/ { - model = "Nordic NRF7002 DK NRF5340 Application"; - compatible = "nordic,nrf7002-dk-nrf5340-cpuapp"; - - chosen { - zephyr,sram = &sram0_image; - zephyr,flash = &flash0; - zephyr,code-partition = &slot0_partition; - zephyr,sram-secure-partition = &sram0_s; - zephyr,sram-non-secure-partition = &sram0_ns; - zephyr,wifi = &nordic_wlan0; - zephyr,bt-hci = &bt_hci_ipc0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x24>; - max-pwr-5g-low-mcs7 = <0x24>; - max-pwr-5g-mid-mcs0 = <0x2C>; - max-pwr-5g-mid-mcs7 = <0x2C>; - max-pwr-5g-high-mcs0 = <0x34>; - max-pwr-5g-high-mcs7 = <0x34>; - }; -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.yaml b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.yaml deleted file mode 100644 index d9f5e8d889aa..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.yaml +++ /dev/null @@ -1,19 +0,0 @@ -identifier: nrf7002dk/nrf5340/cpuapp -name: NRF7002-DK-NRF5340-application-MCU -type: mcu -arch: arm -toolchain: - - gnuarmemb - - xtools - - zephyr -ram: 448 -flash: 1024 -supported: - - gpio - - i2c - - i2s - - pwm - - watchdog - - usb_cdc - - usb_device - - netif:openthread diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_defconfig b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_defconfig deleted file mode 100644 index 31c4812463db..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_defconfig +++ /dev/null @@ -1,23 +0,0 @@ -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Enable MPU -CONFIG_ARM_MPU=y - -# Enable hardware stack protection -CONFIG_HW_STACK_PROTECTION=y - -# Enable TrustZone-M -CONFIG_ARM_TRUSTZONE_M=y - -# enable GPIO -CONFIG_GPIO=y - -# enable PINCTRL -CONFIG_PINCTRL=y - -# Enable uart driver -CONFIG_SERIAL=y - -# enable console -CONFIG_CONSOLE=y -CONFIG_UART_CONSOLE=y diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts deleted file mode 100644 index 1505d6181834..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/dts-v1/; -#include -#include "nrf5340_cpuapp_nrf7001_common.dtsi" -#include "nrf7002dk_nrf5340_cpuapp-pinctrl.dtsi" - -/ { - model = "Nordic NRF7002 DK (emulating NRF7001) NRF5340 Application"; - compatible = "nordic,nrf7002-dk-nrf5340-cpuapp"; - - chosen { - zephyr,sram = &sram0_image; - zephyr,flash = &flash0; - zephyr,code-partition = &slot0_partition; - zephyr,sram-secure-partition = &sram0_s; - zephyr,sram-non-secure-partition = &sram0_ns; - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - }; -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.yaml b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.yaml deleted file mode 100644 index 6c57c3064b72..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.yaml +++ /dev/null @@ -1,19 +0,0 @@ -identifier: nrf7002dk/nrf5340/cpuapp/nrf7001 -name: NRF7002-DK-NRF7001-NRF5340-application-MCU -type: mcu -arch: arm -toolchain: - - gnuarmemb - - xtools - - zephyr -ram: 448 -flash: 1024 -supported: - - gpio - - i2c - - i2s - - pwm - - watchdog - - usb_cdc - - usb_device - - netif:openthread diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_defconfig b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_defconfig deleted file mode 100644 index bc7bcbe657f0..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_defconfig +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright (c) 2023 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Enable MPU -CONFIG_ARM_MPU=y - -# Enable hardware stack protection -CONFIG_HW_STACK_PROTECTION=y - -# Enable TrustZone-M -CONFIG_ARM_TRUSTZONE_M=y - -# enable GPIO -CONFIG_GPIO=y - -# enable PINCTRL -CONFIG_PINCTRL=y - -# Enable uart driver -CONFIG_SERIAL=y - -# enable console -CONFIG_CONSOLE=y -CONFIG_UART_CONSOLE=y diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts deleted file mode 100644 index 9ab33f7e69f4..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/dts-v1/; -#include -#include "nrf5340_cpuapp_nrf7001_common.dtsi" - -/ { - model = "Nordic NRF5340 DK NRF5340 Application"; - compatible = "nordic,nrf5340-dk-nrf5340-cpuapp"; - - chosen { - zephyr,sram = &sram0_ns; - zephyr,flash = &flash0; - zephyr,code-partition = &slot0_ns_partition; - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - }; -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.yaml b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.yaml deleted file mode 100644 index 1302d2be8ed0..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.yaml +++ /dev/null @@ -1,18 +0,0 @@ -identifier: nrf7002dk/nrf5340/cpuapp/nrf7001_ns -name: NRF7002-DK-NRF7001-NRF5340-application-MCU-Non-Secure -type: mcu -arch: arm -toolchain: - - gnuarmemb - - xtools - - zephyr -ram: 192 -flash: 192 -supported: - - gpio - - i2c - - pwm - - watchdog - - usb_cdc - - usb_device - - netif:openthread diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns_defconfig b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns_defconfig deleted file mode 100644 index e37dfba0f6a7..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns_defconfig +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (c) 2023 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Enable MPU -CONFIG_ARM_MPU=y - -# Enable hardware stack protection -CONFIG_HW_STACK_PROTECTION=y - -# Enable TrustZone-M -CONFIG_ARM_TRUSTZONE_M=y - -# This Board implies building Non-Secure firmware -CONFIG_TRUSTED_EXECUTION_NONSECURE=y - -# enable GPIO -CONFIG_GPIO=y - -# enable PINCTRL -CONFIG_PINCTRL=y - -# Enable uart driver -CONFIG_SERIAL=y - -# enable console -CONFIG_CONSOLE=y -CONFIG_UART_CONSOLE=y diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts deleted file mode 100644 index 1d8edda1e874..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/dts-v1/; -#include -#include "nrf5340_cpuapp_common.dtsi" - -/ { - model = "Nordic NRF5340 DK NRF5340 Application"; - compatible = "nordic,nrf5340-dk-nrf5340-cpuapp"; - - chosen { - zephyr,sram = &sram0_ns; - zephyr,flash = &flash0; - zephyr,code-partition = &slot0_ns_partition; - zephyr,entropy = &psa_rng; - zephyr,wifi = &nordic_wlan0; - zephyr,bt-hci = &bt_hci_ipc0; - }; - - psa_rng: psa-rng { - compatible = "zephyr,psa-crypto-rng"; - status = "okay"; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x24>; - max-pwr-5g-low-mcs7 = <0x24>; - max-pwr-5g-mid-mcs0 = <0x2C>; - max-pwr-5g-mid-mcs7 = <0x2C>; - max-pwr-5g-high-mcs0 = <0x34>; - max-pwr-5g-high-mcs7 = <0x34>; - }; -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.yaml b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.yaml deleted file mode 100644 index e6c1afd8546b..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.yaml +++ /dev/null @@ -1,18 +0,0 @@ -identifier: nrf7002dk/nrf5340/cpuapp/ns -name: NRF7002-DK-NRF5340-application-MCU-Non-Secure -type: mcu -arch: arm -toolchain: - - gnuarmemb - - xtools - - zephyr -ram: 192 -flash: 192 -supported: - - gpio - - i2c - - pwm - - watchdog - - usb_cdc - - usb_device - - netif:openthread diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns_defconfig b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns_defconfig deleted file mode 100644 index f3e5e3ab9cd9..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns_defconfig +++ /dev/null @@ -1,26 +0,0 @@ -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Enable MPU -CONFIG_ARM_MPU=y - -# Enable hardware stack protection -CONFIG_HW_STACK_PROTECTION=y - -# Enable TrustZone-M -CONFIG_ARM_TRUSTZONE_M=y - -# This Board implies building Non-Secure firmware -CONFIG_TRUSTED_EXECUTION_NONSECURE=y - -# enable GPIO -CONFIG_GPIO=y - -# enable PINCTRL -CONFIG_PINCTRL=y - -# Enable uart driver -CONFIG_SERIAL=y - -# enable console -CONFIG_CONSOLE=y -CONFIG_UART_CONSOLE=y diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet-pinctrl.dtsi b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet-pinctrl.dtsi deleted file mode 100644 index b597b9ff0e2f..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet-pinctrl.dtsi +++ /dev/null @@ -1,56 +0,0 @@ -&pinctrl { - uart0_default: uart0_default { - group1 { - psels = , - ; - }; - group2 { - psels = , - ; - bias-pull-up; - }; - }; - - uart0_sleep: uart0_sleep { - group1 { - psels = , - , - , - ; - low-power-enable; - }; - }; - - i2c0_default: i2c0_default { - group1 { - psels = , - ; - }; - }; - - i2c0_sleep: i2c0_sleep { - group1 { - psels = , - ; - low-power-enable; - }; - }; - - spi0_default: spi0_default { - group1 { - psels = , - , - ; - }; - }; - - spi0_sleep: spi0_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; - -}; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts deleted file mode 100644 index af63d6859dd5..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright (c) 2022 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/dts-v1/; -#include -#include "nrf7002dk_nrf5340_cpunet-pinctrl.dtsi" - -/ { - model = "Nordic NRF7002 DK NRF5340 Network"; - compatible = "nordic,nrf7002-dk-nrf5340-cpunet"; - - chosen { - zephyr,console = &uart0; - zephyr,shell-uart = &uart0; - zephyr,uart-mcumgr = &uart0; - zephyr,bt-mon-uart = &uart0; - zephyr,bt-c2h-uart = &uart0; - zephyr,bt-hci-ipc = &ipc0; - nordic,802154-spinel-ipc = &ipc0; - zephyr,sram = &sram1; - zephyr,flash = &flash1; - zephyr,code-partition = &slot0_partition; - }; - - leds { - compatible = "gpio-leds"; - led0: led_0 { - gpios = <&gpio1 6 GPIO_ACTIVE_HIGH>; - label = "Green LED 0"; - }; - led1: led_1 { - gpios = <&gpio1 7 GPIO_ACTIVE_HIGH>; - label = "Green LED 1"; - }; - }; - - buttons { - compatible = "gpio-keys"; - button0: button_0 { - gpios = <&gpio1 8 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 1"; - }; - button1: button_1 { - gpios = <&gpio1 9 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 2"; - }; - }; - - arduino_header: connector { - compatible = "arduino-header-r3"; - #gpio-cells = <2>; - gpio-map-mask = <0xffffffff 0xffffffc0>; - gpio-map-pass-thru = <0 0x3f>; - gpio-map = <0 0 &gpio0 4 0>, /* A0 */ - <1 0 &gpio0 5 0>, /* A1 */ - <2 0 &gpio0 6 0>, /* A2 */ - <3 0 &gpio0 7 0>, /* A3 */ - <4 0 &gpio0 25 0>, /* A4 */ - <5 0 &gpio0 26 0>, /* A5 */ - <6 0 &gpio1 0 0>, /* D0 */ - <7 0 &gpio1 1 0>, /* D1 */ - <8 0 &gpio1 4 0>, /* D2 */ - <9 0 &gpio1 5 0>, /* D3 */ - <10 0 &gpio1 6 0>, /* D4 */ - <11 0 &gpio1 7 0>, /* D5 */ - <12 0 &gpio1 8 0>, /* D6 */ - <13 0 &gpio1 9 0>, /* D7 */ - <14 0 &gpio1 10 0>, /* D8 */ - <15 0 &gpio1 11 0>, /* D9 */ - <16 0 &gpio1 12 0>, /* D10 */ - <17 0 &gpio1 13 0>, /* D11 */ - <18 0 &gpio1 14 0>, /* D12 */ - <19 0 &gpio1 15 0>, /* D13 */ - <20 0 &gpio1 2 0>, /* D14 */ - <21 0 &gpio1 3 0>; /* D15 */ - }; - - nrf_radio_coex: nrf7002-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - req-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; - status0-gpios = <&gpio0 30 GPIO_ACTIVE_HIGH>; - grant-gpios = <&gpio0 24 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; - swctrl1-gpios = <&gpio0 29 GPIO_ACTIVE_HIGH>; - }; - - /* These aliases are provided for compatibility with samples */ - aliases { - led0 = &led0; - led1 = &led1; - sw0 = &button0; - sw1 = &button1; - bootloader-led0 = &led0; - }; -}; - -&gpiote { - status = "okay"; -}; - -&gpio0 { - status = "okay"; -}; - -&gpio1 { - status = "okay"; -}; - -&uart0 { - status = "okay"; - current-speed = <115200>; - pinctrl-0 = <&uart0_default>; - pinctrl-1 = <&uart0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -arduino_serial: &uart0{}; - -arduino_i2c: &i2c0 { - compatible = "nordic,nrf-twim"; - /* Cannot be used together with uart0. */ - /* status = "okay"; */ - pinctrl-0 = <&i2c0_default>; - pinctrl-1 = <&i2c0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -arduino_spi: &spi0 { - compatible = "nordic,nrf-spim"; - /* Cannot be used together with uart0. */ - /* status = "okay"; */ - cs-gpios = <&arduino_header 16 GPIO_ACTIVE_LOW>; /* D10 */ - pinctrl-0 = <&spi0_default>; - pinctrl-1 = <&spi0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&flash1 { - - partitions { - compatible = "fixed-partitions"; - #address-cells = <1>; - #size-cells = <1>; - - boot_partition: partition@0 { - label = "mcuboot"; - reg = <0x00000000 0xc000>; - }; - slot0_partition: partition@c000 { - label = "image-0"; - reg = <0x0000C000 0x12000>; - }; - slot1_partition: partition@1e000 { - label = "image-1"; - reg = <0x0001E000 0x12000>; - }; - scratch_partition: partition@30000 { - label = "image-scratch"; - reg = <0x00030000 0xa000>; - }; - storage_partition: partition@3a000 { - label = "storage"; - reg = <0x0003a000 0x6000>; - }; - }; -}; - -/* Include shared RAM configuration file */ -#include "nrf5340_shared_sram_planning_conf.dts" diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.yaml b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.yaml deleted file mode 100644 index c048c452bce5..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.yaml +++ /dev/null @@ -1,13 +0,0 @@ -identifier: nrf7002dk/nrf5340/cpunet -name: NRF7002-DK-NRF5340-network-MCU -type: mcu -arch: arm -toolchain: - - gnuarmemb - - xtools - - zephyr -ram: 64 -flash: 256 -supported: - - gpio - - watchdog diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_defconfig b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_defconfig deleted file mode 100644 index c7d468fb82d1..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_defconfig +++ /dev/null @@ -1,20 +0,0 @@ -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Enable MPU -CONFIG_ARM_MPU=y - -# Enable hardware stack protection -CONFIG_HW_STACK_PROTECTION=y - -# enable GPIO -CONFIG_GPIO=y - -# enable PINCTRL -CONFIG_PINCTRL=y - -# Enable uart driver -CONFIG_SERIAL=y - -# enable console -CONFIG_CONSOLE=y -CONFIG_UART_CONSOLE=y diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.dts deleted file mode 100644 index 21cf1efcb56a..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.dts +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/dts-v1/; -#include -#include "nrf7002dk_nrf5340_cpunet-pinctrl.dtsi" - -/ { - model = "Nordic NRF7002 DK (emulating NRF7001) NRF5340 Network"; - compatible = "nordic,nrf7002-dk-nrf5340-cpunet"; - - chosen { - zephyr,console = &uart0; - zephyr,shell-uart = &uart0; - zephyr,uart-mcumgr = &uart0; - zephyr,bt-mon-uart = &uart0; - zephyr,bt-c2h-uart = &uart0; - zephyr,bt-hci-ipc = &ipc0; - nordic,802154-spinel-ipc = &ipc0; - zephyr,sram = &sram1; - zephyr,flash = &flash1; - zephyr,code-partition = &slot0_partition; - }; - - leds { - compatible = "gpio-leds"; - led0: led_0 { - gpios = <&gpio1 6 GPIO_ACTIVE_HIGH>; - label = "Green LED 0"; - }; - led1: led_1 { - gpios = <&gpio1 7 GPIO_ACTIVE_HIGH>; - label = "Green LED 1"; - }; - }; - - buttons { - compatible = "gpio-keys"; - button0: button_0 { - gpios = <&gpio1 8 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 1"; - }; - button1: button_1 { - gpios = <&gpio1 9 (GPIO_PULL_UP | GPIO_ACTIVE_LOW)>; - label = "Push button 2"; - }; - }; - - arduino_header: connector { - compatible = "arduino-header-r3"; - #gpio-cells = <2>; - gpio-map-mask = <0xffffffff 0xffffffc0>; - gpio-map-pass-thru = <0 0x3f>; - gpio-map = <0 0 &gpio0 4 0>, /* A0 */ - <1 0 &gpio0 5 0>, /* A1 */ - <2 0 &gpio0 6 0>, /* A2 */ - <3 0 &gpio0 7 0>, /* A3 */ - <4 0 &gpio0 25 0>, /* A4 */ - <5 0 &gpio0 26 0>, /* A5 */ - <6 0 &gpio1 0 0>, /* D0 */ - <7 0 &gpio1 1 0>, /* D1 */ - <8 0 &gpio1 4 0>, /* D2 */ - <9 0 &gpio1 5 0>, /* D3 */ - <10 0 &gpio1 6 0>, /* D4 */ - <11 0 &gpio1 7 0>, /* D5 */ - <12 0 &gpio1 8 0>, /* D6 */ - <13 0 &gpio1 9 0>, /* D7 */ - <14 0 &gpio1 10 0>, /* D8 */ - <15 0 &gpio1 11 0>, /* D9 */ - <16 0 &gpio1 12 0>, /* D10 */ - <17 0 &gpio1 13 0>, /* D11 */ - <18 0 &gpio1 14 0>, /* D12 */ - <19 0 &gpio1 15 0>, /* D13 */ - <20 0 &gpio1 2 0>, /* D14 */ - <21 0 &gpio1 3 0>; /* D15 */ - }; - - nrf_radio_coex: nrf7001-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - req-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; - status0-gpios = <&gpio0 30 GPIO_ACTIVE_HIGH>; - grant-gpios = <&gpio0 24 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; - swctrl1-gpios = <&gpio0 29 GPIO_ACTIVE_HIGH>; - }; - - /* These aliases are provided for compatibility with samples */ - aliases { - led0 = &led0; - led1 = &led1; - sw0 = &button0; - sw1 = &button1; - bootloader-led0 = &led0; - }; -}; - -&gpiote { - status = "okay"; -}; - -&gpio0 { - status = "okay"; -}; - -&gpio1 { - status = "okay"; -}; - -&uart0 { - status = "okay"; - current-speed = <115200>; - pinctrl-0 = <&uart0_default>; - pinctrl-1 = <&uart0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -arduino_serial: &uart0{}; - -arduino_i2c: &i2c0 { - compatible = "nordic,nrf-twim"; - /* Cannot be used together with uart0. */ - /* status = "okay"; */ - pinctrl-0 = <&i2c0_default>; - pinctrl-1 = <&i2c0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -arduino_spi: &spi0 { - compatible = "nordic,nrf-spim"; - /* Cannot be used together with uart0. */ - /* status = "okay"; */ - cs-gpios = <&arduino_header 16 GPIO_ACTIVE_LOW>; /* D10 */ - pinctrl-0 = <&spi0_default>; - pinctrl-1 = <&spi0_sleep>; - pinctrl-names = "default", "sleep"; -}; - -&flash1 { - - partitions { - compatible = "fixed-partitions"; - #address-cells = <1>; - #size-cells = <1>; - - boot_partition: partition@0 { - label = "mcuboot"; - reg = <0x00000000 0xc000>; - }; - slot0_partition: partition@c000 { - label = "image-0"; - reg = <0x0000C000 0x12000>; - }; - slot1_partition: partition@1e000 { - label = "image-1"; - reg = <0x0001E000 0x12000>; - }; - scratch_partition: partition@30000 { - label = "image-scratch"; - reg = <0x00030000 0xa000>; - }; - storage_partition: partition@3a000 { - label = "storage"; - reg = <0x0003a000 0x6000>; - }; - }; -}; - -/* Include shared RAM configuration file */ -#include "nrf5340_nrf7001_shared_sram_planning_conf.dtsi" diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.yaml b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.yaml deleted file mode 100644 index aab6e826591e..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001.yaml +++ /dev/null @@ -1,13 +0,0 @@ -identifier: nrf7002dk/nrf5340/cpunet/nrf7001 -name: NRF7002-DK-NRF7001-NRF5340-network-MCU -type: mcu -arch: arm -toolchain: - - gnuarmemb - - xtools - - zephyr -ram: 64 -flash: 256 -supported: - - gpio - - watchdog diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001_defconfig b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001_defconfig deleted file mode 100644 index 9d05078d7af7..000000000000 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet_nrf7001_defconfig +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright (c) 2023 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Enable MPU -CONFIG_ARM_MPU=y - -# Enable hardware stack protection -CONFIG_HW_STACK_PROTECTION=y - -# enable GPIO -CONFIG_GPIO=y - -# enable PINCTRL -CONFIG_PINCTRL=y - -# Enable uart driver -CONFIG_SERIAL=y - -# enable console -CONFIG_CONSOLE=y -CONFIG_UART_CONSOLE=y diff --git a/boards/nordic/nrf7002dk/pre_dt_board.cmake b/boards/nordic/nrf7002dk/pre_dt_board.cmake deleted file mode 100644 index 69136ab35076..000000000000 --- a/boards/nordic/nrf7002dk/pre_dt_board.cmake +++ /dev/null @@ -1,8 +0,0 @@ -# Copyright (c) 2022 Nordic Semiconductor ASA -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - -# Suppress "unique_unit_address_if_enabled" to handle the following overlaps: -# - flash-controller@39000 & kmu@39000 -# - power@5000 & clock@5000 -# - /reserved-memory/image@20000000 & /reserved-memory/image_s@20000000 -list(APPEND EXTRA_DTC_FLAGS "-Wno-unique_unit_address_if_enabled") From 934125d83200f5330ef2140e22fe8e49c916176c Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Tue, 6 Aug 2024 02:02:06 +0530 Subject: [PATCH 040/217] treewide: Fix CMake warning for nRF70 driver heap nRF70 driver is the primary user for kernel heap and already sets a higher value which is typical, but for some configurations e.g., scan-only we need to set it to lower value to optimize memory, so, enable the option to ignore minimum mandated value from driver and instead use the value from the sample. Signed-off-by: Chaitanya Tata --- .../asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf | 1 + samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf | 1 + samples/cellular/lwm2m_client/overlay-assist-wifi.conf | 1 + samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf | 1 + .../overlay-nrf7002ek-wifi-scan-only.conf | 1 + .../overlay_nrf700x_wifi_coap_no_lte.conf | 1 + .../overlay_nrf700x_wifi_mqtt_no_lte.conf | 1 + samples/wifi/provisioning/softap/prj.conf | 1 + samples/wifi/radio_test/prj.conf | 1 + samples/wifi/scan/prj.conf | 1 + samples/wifi/shell/overlay-scan-only.conf | 1 + samples/wifi/shell/prj.conf | 1 + samples/wifi/shutdown/prj.conf | 1 + samples/wifi/sta/prj.conf | 1 + samples/wifi/throughput/prj.conf | 1 + 15 files changed, 15 insertions(+) diff --git a/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf b/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf index 92bda281627b..f7ffc98a2cb0 100644 --- a/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf +++ b/applications/asset_tracker_v2/overlay-nrf7002ek-wifi-scan-only.conf @@ -35,6 +35,7 @@ CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT=20 CONFIG_LOCATION_WORKQUEUE_STACK_SIZE=8192 # Needed to handle more scan results CONFIG_HEAP_MEM_POOL_SIZE=60000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y # Not for LTE throughput testing CONFIG_NRF_MODEM_LIB_SHMEM_TX_SIZE=4096 diff --git a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf index 84c9d09ca697..5a62d5af5d67 100644 --- a/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/location/overlay-nrf700x-wifi-scan-only.conf @@ -66,3 +66,4 @@ CONFIG_NET_MGMT_EVENT_STACK_SIZE=1024 # Heap allocation should be changed when CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT # and CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT (which should be the same value) are changed. CONFIG_HEAP_MEM_POOL_SIZE=40000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y diff --git a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf index 4b9dd361718b..e197ee2f00fd 100644 --- a/samples/cellular/lwm2m_client/overlay-assist-wifi.conf +++ b/samples/cellular/lwm2m_client/overlay-assist-wifi.conf @@ -29,6 +29,7 @@ CONFIG_LWM2M_RW_SENML_CBOR_RECORDS=40 # Needed to handle more scan results CONFIG_HEAP_MEM_POOL_SIZE=60000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y # Does not work with buttons&LEDs CONFIG_APP_PUSH_BUTTON=n diff --git a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf index 9dcce93d1c38..4a5bad469382 100644 --- a/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf +++ b/samples/cellular/modem_shell/overlay-nrf700x-wifi-scan-only.conf @@ -82,3 +82,4 @@ CONFIG_NET_MGMT_EVENT_STACK_SIZE=1024 # and CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT (which should be the same value) are changed. # In modem shell, it looks like 10 APs requires ~4500 bytes to give some rough numbers. CONFIG_HEAP_MEM_POOL_SIZE=40000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y diff --git a/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf b/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf index 5fd5298b993a..10c74be48f13 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay-nrf7002ek-wifi-scan-only.conf @@ -34,6 +34,7 @@ CONFIG_MBEDTLS=n # Heap allocation should be changed when CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT # and CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT (which should be the same value) are changed. CONFIG_HEAP_MEM_POOL_SIZE=20000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_MAIN_STACK_SIZE=2048 CONFIG_NET_MGMT_EVENT_STACK_SIZE=2048 diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf index b337a0103542..0585b5be63eb 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf @@ -163,6 +163,7 @@ CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=10 CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT=10 # Add 256 bytes for each additional scanning result, assuming sane SSID lengths CONFIG_HEAP_MEM_POOL_SIZE=138000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y ## Miscellaneous resource allocation tweaks needed to support Wi-Fi. CONFIG_MAIN_STACK_SIZE=2048 diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf index dc770750531d..e500ffb36d34 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf @@ -161,6 +161,7 @@ CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=10 CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT=10 # Add 256 bytes for each additional scanning result, assuming sane SSID lengths CONFIG_HEAP_MEM_POOL_SIZE=136000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y ## Miscellaneous resource allocation tweaks needed to support Wi-Fi. CONFIG_MAIN_STACK_SIZE=2048 diff --git a/samples/wifi/provisioning/softap/prj.conf b/samples/wifi/provisioning/softap/prj.conf index 0afc370f8ff7..9c79237a3ab5 100644 --- a/samples/wifi/provisioning/softap/prj.conf +++ b/samples/wifi/provisioning/softap/prj.conf @@ -11,6 +11,7 @@ CONFIG_PM_PARTITION_SIZE_TFM=0x1c000 # Optimize Wi-Fi stack to save some memory. CONFIG_HEAP_MEM_POOL_SIZE=81920 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_NRF70_RX_NUM_BUFS=16 CONFIG_NRF70_MAX_TX_AGGREGATION=4 diff --git a/samples/wifi/radio_test/prj.conf b/samples/wifi/radio_test/prj.conf index efc2ad3aeca1..00a4d3a310bf 100644 --- a/samples/wifi/radio_test/prj.conf +++ b/samples/wifi/radio_test/prj.conf @@ -14,6 +14,7 @@ CONFIG_MAIN_STACK_SIZE=4096 CONFIG_SHELL_STACK_SIZE=4096 #64K memory needed for IQ sample captures. CONFIG_HEAP_MEM_POOL_SIZE=98304 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y # Debugging diff --git a/samples/wifi/scan/prj.conf b/samples/wifi/scan/prj.conf index 7edae9f7b7bb..27c1710484d8 100644 --- a/samples/wifi/scan/prj.conf +++ b/samples/wifi/scan/prj.conf @@ -7,6 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y CONFIG_NET_L2_WIFI_MGMT=y CONFIG_HEAP_MEM_POOL_SIZE=25000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y # System settings CONFIG_ASSERT=y diff --git a/samples/wifi/shell/overlay-scan-only.conf b/samples/wifi/shell/overlay-scan-only.conf index c4fe84c8dbac..7e7055ef91d6 100644 --- a/samples/wifi/shell/overlay-scan-only.conf +++ b/samples/wifi/shell/overlay-scan-only.conf @@ -20,3 +20,4 @@ CONFIG_NET_PKT_RX_COUNT=1 CONFIG_NET_PKT_TX_COUNT=1 # Needed to handle more scan results CONFIG_HEAP_MEM_POOL_SIZE=25000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y diff --git a/samples/wifi/shell/prj.conf b/samples/wifi/shell/prj.conf index bdfd5e063f07..88832a3ac972 100644 --- a/samples/wifi/shell/prj.conf +++ b/samples/wifi/shell/prj.conf @@ -37,6 +37,7 @@ CONFIG_NRF70_RX_NUM_BUFS=16 CONFIG_NRF70_MAX_TX_AGGREGATION=4 # nRF700x is main consumer: (16 + 8) * 1600 = ~40KB + ~40KB control path (experimental) CONFIG_HEAP_MEM_POOL_SIZE=80000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_NET_TC_TX_COUNT=1 CONFIG_NET_IF_UNICAST_IPV6_ADDR_COUNT=4 diff --git a/samples/wifi/shutdown/prj.conf b/samples/wifi/shutdown/prj.conf index bf679a42c729..0c6221a0ce79 100644 --- a/samples/wifi/shutdown/prj.conf +++ b/samples/wifi/shutdown/prj.conf @@ -7,6 +7,7 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y CONFIG_NET_L2_WIFI_MGMT=y CONFIG_HEAP_MEM_POOL_SIZE=25000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y # Networking CONFIG_NETWORKING=y diff --git a/samples/wifi/sta/prj.conf b/samples/wifi/sta/prj.conf index b8f1e00642ce..b3f031357fce 100644 --- a/samples/wifi/sta/prj.conf +++ b/samples/wifi/sta/prj.conf @@ -36,6 +36,7 @@ CONFIG_NET_BUF_TX_COUNT=16 CONFIG_NET_BUF_DATA_SIZE=128 CONFIG_NRF70_RX_NUM_BUFS=16 CONFIG_HEAP_MEM_POOL_SIZE=90000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_NET_TC_TX_COUNT=1 CONFIG_NET_IF_UNICAST_IPV4_ADDR_COUNT=1 diff --git a/samples/wifi/throughput/prj.conf b/samples/wifi/throughput/prj.conf index cd6eb4b84159..ea2d21bb53a1 100644 --- a/samples/wifi/throughput/prj.conf +++ b/samples/wifi/throughput/prj.conf @@ -39,6 +39,7 @@ CONFIG_NRF70_RX_NUM_BUFS=16 CONFIG_NRF70_MAX_TX_AGGREGATION=4 # nRF700x is main consumer: (16 + 8) * 1600 = ~40KB + ~40KB control path (experimental) CONFIG_HEAP_MEM_POOL_SIZE=80000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_NET_TC_TX_COUNT=1 CONFIG_NET_IF_UNICAST_IPV6_ADDR_COUNT=4 From 5a7947e424c0170894ab9f84e417b0cea33ca5ac Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Wed, 7 Aug 2024 00:48:17 +0530 Subject: [PATCH 041/217] samples: wifi: shell: Increase kernel heap nRF70 upstream driver now needs more heap, not sure about the cause, but without this OOM messages during boot are seen. Signed-off-by: Chaitanya Tata --- samples/wifi/shell/prj.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/wifi/shell/prj.conf b/samples/wifi/shell/prj.conf index 88832a3ac972..cb520cd1c3f4 100644 --- a/samples/wifi/shell/prj.conf +++ b/samples/wifi/shell/prj.conf @@ -36,7 +36,7 @@ CONFIG_NET_BUF_DATA_SIZE=128 CONFIG_NRF70_RX_NUM_BUFS=16 CONFIG_NRF70_MAX_TX_AGGREGATION=4 # nRF700x is main consumer: (16 + 8) * 1600 = ~40KB + ~40KB control path (experimental) -CONFIG_HEAP_MEM_POOL_SIZE=80000 +CONFIG_HEAP_MEM_POOL_SIZE=90000 CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_NET_TC_TX_COUNT=1 From cd87a02f3d637d1f651f3a265c8cf4a30685e546 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Wed, 7 Aug 2024 13:26:28 +0530 Subject: [PATCH 042/217] migration: Add notes for nRF70 upstream switch Document changes that affect customer samples or applications. Signed-off-by: Chaitanya Tata --- .../migration/migration_guide_2.8.rst | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst b/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst index c394aa7ebf77..784b72127ef9 100644 --- a/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst +++ b/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst @@ -95,6 +95,29 @@ Nordic Secure Immutable Bootloader (NSIB, B0, or B0n) * Enable the :kconfig:option:`CONFIG_USE_SEGGER_RTT` and :kconfig:option:`CONFIG_RTT_CONSOLE` Kconfig options. * Disable the :kconfig:option:`CONFIG_UART_CONSOLE` and :kconfig:option:`CONFIG_SERIAL` Kconfig options. +nRF70 Series +------------ + +.. toggle:: + + * The nRF70 Series support is now part of Zephyr upstream and it requires the following changes: + + * The nRF70 Series driver namespace has been renamed from ``NRF700X`` to ``NRF70``. + For example, ``CONFIG_NRF700X_RAW_DATA_RX`` to ``CONIFG_NRF70_RAW_DATA_RX``. + Update your application configurations to use the new namespace. + * The nRF70 Series driver now uses per-module kernel heap with a higher default. + If a sample or an application uses the kernel heap but uses less than the default size, a build warning is displayed. + Use the :kconfig:option:`CONFIG_HEAP_MEM_POOL_IGNORE_MIN` Kconfig option and enable it to suppress the warning. + + * The WPA supplicant is also now part of Zephy upstream and it requires the following changes: + + * The WPA supplicant namespace has been renamed from ``WPA_SUPP`` to ``WIFI_NM_WPA_SUPPLICANT``. + For example, ``CONFIG_WPA_SUPP=y`` to ``CONFIG_WIFI_NM_WPA_SUPPLICANT=y``. + Update your application configurations to use the new namespace. + + * The SR co-existence feature should now be explicitly enabled using the :kconfig:option:`CONFIG_NRF70_SR_COEX` Kconfig option. + The RF switch feature should be enabled using the :kconfig:option:`CONFIG_NRF70_SR_COEX_RF_SWITCH` Kconfig option. + Libraries ========= From 55c3fedc9b7434fe876e70e66ac50f1f67c08804 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Fri, 9 Aug 2024 18:40:10 +0530 Subject: [PATCH 043/217] doc: changelog: Update with upstream migration Update Drivers, Wi-Fi protocols and documentation with notes about upstream migration. Signed-off-by: Chaitanya Tata --- .../releases/release-notes-changelog.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst index ce2b4dcdc702..a616a6b44eac 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst @@ -203,7 +203,7 @@ Zigbee Wi-Fi ----- -|no_changes_yet_note| +* The WPA supplicant is now switched to Zephyr upstream's fork instead of |NCS|. Applications ============ @@ -620,7 +620,7 @@ This section provides detailed lists of changes by :ref:`driver `. Wi-Fi drivers ------------- -|no_changes_yet_note| +* nRF70 Series Wi-Fi driver is upstreamed to Zephyr, so, removed from the |NCS|. Libraries ========= @@ -1059,6 +1059,7 @@ Documentation * The Device configuration guides section and moved its contents to :ref:`ug_app_dev`. * The Advanced building procedures page and moved its contents to the :ref:`building` page. + * nRF70 Series support is upstreamed to Zephyr, hence the documentation is removed from the |NCS|. * Updated: From 9e6c93fc9f2ef81451862195996d8a61fa40f171 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Sun, 11 Aug 2024 21:39:05 +0530 Subject: [PATCH 044/217] treewide: Use nRF7000 for scan only With latest upstream, scan only mode now only works with nRF7000. Signed-off-by: Chaitanya Tata --- applications/asset_tracker_v2/sample.yaml | 8 ++-- samples/cellular/location/sample.yaml | 16 +------ samples/cellular/modem_shell/sample.yaml | 30 ++++--------- .../nrf_cloud_multi_service/sample.yaml | 4 +- samples/wifi/scan/sample.yaml | 44 +++---------------- 5 files changed, 21 insertions(+), 81 deletions(-) diff --git a/applications/asset_tracker_v2/sample.yaml b/applications/asset_tracker_v2/sample.yaml index 879dfbc71298..cd5132b22229 100644 --- a/applications/asset_tracker_v2/sample.yaml +++ b/applications/asset_tracker_v2/sample.yaml @@ -328,7 +328,7 @@ tests: integration_platforms: - nrf9160dk/nrf9160/ns platform_allow: nrf9160dk/nrf9160/ns - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.nrf7002ek_wifi.nrf9161dk: @@ -337,7 +337,7 @@ tests: integration_platforms: - nrf9161dk/nrf9161/ns platform_allow: nrf9161dk/nrf9161/ns - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.nrf7002ek_wifi.nrf9151dk: @@ -346,7 +346,7 @@ tests: integration_platforms: - nrf9151dk/nrf9151/ns platform_allow: nrf9151dk/nrf9151/ns - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf7002ek-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.nrf7002ek_wifi-debug: @@ -360,7 +360,7 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - extra_args: SHIELD=nrf7002ek + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE="overlay-nrf7002ek-wifi-scan-only.conf;overlay-debug.conf" SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_applications_asset_tracker_v2 diff --git a/samples/cellular/location/sample.yaml b/samples/cellular/location/sample.yaml index fd87d9bfe11f..746e1c0932ca 100644 --- a/samples/cellular/location/sample.yaml +++ b/samples/cellular/location/sample.yaml @@ -41,7 +41,7 @@ tests: - nrf9151dk/nrf9151/ns - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - extra_args: SHIELD=nrf7002ek OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.location.nrf7000ek_wifi: @@ -59,20 +59,6 @@ tests: CONFIG_WIFI_NM_WPA_SUPPLICANT=n SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular - sample.cellular.location.nrf7001ek_wifi: - sysbuild: true - build_only: true - integration_platforms: - - nrf9151dk/nrf9151/ns - - nrf9160dk/nrf9160/ns - - nrf9161dk/nrf9161/ns - platform_allow: - - nrf9151dk/nrf9151/ns - - nrf9160dk/nrf9160/ns - - nrf9161dk/nrf9161/ns - extra_args: SHIELD=nrf7002ek_nrf7001 OVERLAY_CONFIG=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y - tags: ci_build sysbuild ci_samples_cellular sample.cellular.location.thingy91x_wifi: sysbuild: true build_only: true diff --git a/samples/cellular/modem_shell/sample.yaml b/samples/cellular/modem_shell/sample.yaml index 299c1928fbf3..a8e912d5e5f1 100644 --- a/samples/cellular/modem_shell/sample.yaml +++ b/samples/cellular/modem_shell/sample.yaml @@ -95,7 +95,7 @@ tests: - nrf9151dk/nrf9151/ns - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.nrf7000ek_wifi: @@ -113,20 +113,6 @@ tests: CONFIG_WIFI_NM_WPA_SUPPLICANT=n SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular - sample.cellular.modem_shell.nrf7001ek_wifi: - sysbuild: true - build_only: true - integration_platforms: - - nrf9151dk/nrf9151/ns - - nrf9160dk/nrf9160/ns - - nrf9161dk/nrf9161/ns - platform_allow: - - nrf9151dk/nrf9151/ns - - nrf9160dk/nrf9160/ns - - nrf9161dk/nrf9161/ns - extra_args: SHIELD=nrf7002ek_nrf7001 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf - SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y - tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.nrf7002ek_wifi-debug: sysbuild: true build_only: true @@ -138,7 +124,7 @@ tests: - nrf9151dk/nrf9151/ns - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - extra_args: SHIELD=nrf7002ek + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE="overlay-nrf700x-wifi-scan-only.conf;overlay-debug.conf" SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular @@ -269,7 +255,7 @@ tests: extra_configs: - CONFIG_LOCATION_SERVICE_EXTERNAL=y - CONFIG_NRF_CLOUD_PGPS_TRANSPORT_NONE=y - extra_args: SHIELD=nrf7002ek + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE="overlay-cloud_mqtt.conf;overlay-pgps.conf;overlay-nrf700x-wifi-scan-only.conf" SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y integration_platforms: @@ -381,7 +367,7 @@ tests: - CONFIG_LOCATION_METHOD_GNSS=y - CONFIG_LOCATION_METHOD_CELLULAR=n - CONFIG_LOCATION_METHOD_WIFI=y - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_wifi_cellular_no_gnss: @@ -399,7 +385,7 @@ tests: - CONFIG_LOCATION_METHOD_GNSS=n - CONFIG_LOCATION_METHOD_CELLULAR=y - CONFIG_LOCATION_METHOD_WIFI=y - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_wifi_no_cellular_no_gnss: @@ -417,7 +403,7 @@ tests: - CONFIG_LOCATION_METHOD_GNSS=n - CONFIG_LOCATION_METHOD_CELLULAR=n - CONFIG_LOCATION_METHOD_WIFI=y - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_gnss_no_wifi_no_cellular: @@ -470,7 +456,7 @@ tests: - CONFIG_LOCATION_METHOD_GNSS=y - CONFIG_LOCATION_METHOD_CELLULAR=y - CONFIG_LOCATION_METHOD_WIFI=y - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_gnss_no_wifi_no_cellular_details: @@ -506,7 +492,7 @@ tests: - CONFIG_LOCATION_METHOD_GNSS=n - CONFIG_LOCATION_METHOD_CELLULAR=y - CONFIG_LOCATION_METHOD_WIFI=y - extra_args: SHIELD=nrf7002ek EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf + extra_args: SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE=overlay-nrf700x-wifi-scan-only.conf SB_CONFIG_WIFI_NRF70=y SB_CONFIG_WIFI_NRF70_SCAN_ONLY=y tags: ci_build sysbuild ci_samples_cellular sample.cellular.modem_shell.location_gnss_cellular_no_wifi_details: diff --git a/samples/cellular/nrf_cloud_multi_service/sample.yaml b/samples/cellular/nrf_cloud_multi_service/sample.yaml index e047566b2fb6..d2cd8f8143f0 100644 --- a/samples/cellular/nrf_cloud_multi_service/sample.yaml +++ b/samples/cellular/nrf_cloud_multi_service/sample.yaml @@ -84,7 +84,7 @@ tests: - nrf9151dk/nrf9151/ns - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - extra_args: nrf_cloud_multi_service_SHIELD=nrf7002ek + extra_args: nrf_cloud_multi_service_SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE="overlay-nrf7002ek-wifi-scan-only.conf" SB_CONF_FILE="sysbuild_nrf700x-wifi-scan.conf" tags: ci_build sysbuild ci_samples_cellular @@ -94,7 +94,7 @@ tests: integration_platforms: - nrf5340dk/nrf5340/cpuapp/ns platform_allow: nrf5340dk/nrf5340/cpuapp/ns - extra_args: nrf_cloud_multi_service_SHIELD=nrf7002ek + extra_args: nrf_cloud_multi_service_SHIELD=nrf7002ek_nrf7000 EXTRA_CONF_FILE="overlay_nrf700x_wifi_mqtt_no_lte.conf" SB_CONF_FILE="sysbuild_nrf700x-wifi-conn.conf" tags: ci_build sysbuild ci_samples_cellular diff --git a/samples/wifi/scan/sample.yaml b/samples/wifi/scan/sample.yaml index 67efa842fa80..c6255b858e8c 100644 --- a/samples/wifi/scan/sample.yaml +++ b/samples/wifi/scan/sample.yaml @@ -3,25 +3,10 @@ sample: application name: Wi-Fi scan tests: - sample.nrf7002.scan: - sysbuild: true - build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp - platform_allow: nrf7002dk/nrf5340/cpuapp - tags: ci_build sysbuild ci_samples_wifi - sample.nrf7001.scan: - sysbuild: true - build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/nrf7001 - platform_allow: nrf7002dk/nrf5340/cpuapp/nrf7001 - tags: ci_build sysbuild ci_samples_wifi - skip: true - sample.nrf7002_eks.scan: + sample.nrf7000_eks.scan: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek + extra_args: SHIELD=nrf7002ek_nrf7000 integration_platforms: - nrf5340dk/nrf5340/cpuapp - nrf52840dk/nrf52840 @@ -33,10 +18,10 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns tags: ci_build sysbuild ci_samples_wifi - sample.nrf7002_eks.raw_scan: + sample.nrf7000_eks.raw_scan: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS=y + extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_WIFI_MGMT_RAW_SCAN_RESULTS=y integration_platforms: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns @@ -45,24 +30,6 @@ tests: - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns tags: ci_build sysbuild ci_samples_wifi - sample.nrf7000_eks.scan: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf7002ek_nrf7000 CONFIG_WIFI_NM_WPA_SUPPLICANT=n - integration_platforms: - - nrf9160dk/nrf9160/ns - platform_allow: nrf9160dk/nrf9160/ns - tags: ci_build sysbuild ci_samples_wifi - sample.nrf7001_eks.scan: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf7002ek_nrf7001 - integration_platforms: - - nrf5340dk/nrf5340/cpuapp - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160/ns - platform_allow: nrf5340dk/nrf5340/cpuapp nrf52840dk/nrf52840 nrf9160dk/nrf9160/ns - tags: ci_build sysbuild ci_samples_wifi sample.nrf7002_eb.thingy53.scan: sysbuild: true build_only: true @@ -71,10 +38,11 @@ tests: - thingy53/nrf5340/cpuapp platform_allow: thingy53/nrf5340/cpuapp tags: ci_build sysbuild ci_samples_wifi - sample.thingy91x_nrf7002.scan: + sample.thingy91x_nrf7000.scan: sysbuild: true build_only: true platform_allow: thingy91x/nrf9151/ns + extra_args: SHIELD=nrf7002ek_nrf7000 tags: ci_build sysbuild ci_samples_wifi sample.scan.nrf7002eb.nrf54l15dk.shell: sysbuild: true From 4f395cc468296b07f8332986b70f10a8e0c972c1 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Sun, 11 Aug 2024 21:56:36 +0530 Subject: [PATCH 045/217] ci: Quarantine nRF7002 unsupported boards These are still unsupported in nRF70 upstream. Signed-off-by: Chaitanya Tata --- scripts/quarantine.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index ebc3420de6a5..4c8c0e557638 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -9,3 +9,10 @@ platforms: - nrf7002dk/nrf5340/cpuapp comment: "https://nordicsemi.atlassian.net/browse/KRKNWK-19027" + +- scenarios: + - ".*nrf7002eb.*" + - ".*nrf7002_eb.*" + - ".thingy91x_nrf700.*" + - ".thingy91x_wifi.*" + comment: "nRF7002EB, Thingy91x are not support in the upstream nRF70 driver yet" From 17e80d6488e415085e5ae6d1211028402d0b8c78 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Tue, 13 Aug 2024 23:28:48 +0530 Subject: [PATCH 046/217] samples: wifi: Fix Raw mode build Remove the driver header dependency and inline the structures for now, this needs to be properly fixed in the future where nRF70 driver should have public headers. Signed-off-by: Chaitanya Tata --- samples/wifi/raw_tx_packet/CMakeLists.txt | 4 --- samples/wifi/raw_tx_packet/src/main.c | 12 ++++++- samples/wifi/shell/CMakeLists.txt | 5 --- .../wifi/shell/src/wifi_raw_tx_pkt_shell.c | 34 ++++++++++++++++++- 4 files changed, 44 insertions(+), 11 deletions(-) diff --git a/samples/wifi/raw_tx_packet/CMakeLists.txt b/samples/wifi/raw_tx_packet/CMakeLists.txt index f1ed5c64315a..923f5d3e7069 100644 --- a/samples/wifi/raw_tx_packet/CMakeLists.txt +++ b/samples/wifi/raw_tx_packet/CMakeLists.txt @@ -10,10 +10,6 @@ find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(nrf_wifi_raw_tx_packet) target_include_directories(app PUBLIC ${ZEPHYR_BASE}/subsys/net/ip) -target_include_directories( - app - PRIVATE - ${ZEPHYR_BASE}/../nrfxlib/) target_sources_ifdef(CONFIG_RAW_TX_PKT_SAMPLE_CONNECTION_MODE app diff --git a/samples/wifi/raw_tx_packet/src/main.c b/samples/wifi/raw_tx_packet/src/main.c index 10f73c575396..ef6b48389b12 100644 --- a/samples/wifi/raw_tx_packet/src/main.c +++ b/samples/wifi/raw_tx_packet/src/main.c @@ -19,7 +19,6 @@ LOG_MODULE_REGISTER(raw_tx_packet, CONFIG_LOG_DEFAULT_LEVEL); #endif #include -#include #include "net_private.h" #include "wifi_connection.h" @@ -30,6 +29,7 @@ LOG_MODULE_REGISTER(raw_tx_packet, CONFIG_LOG_DEFAULT_LEVEL); #define IEEE80211_SEQ_CTRL_SEQ_NUM_MASK 0xFFF0 #define IEEE80211_SEQ_NUMBER_INC BIT(4) /* 0-3 is fragment number */ +#define NRF_WIFI_MAGIC_NUM_RAWTX 0x12345678 struct beacon { uint16_t frame_control; @@ -75,6 +75,16 @@ static struct beacon test_beacon_frame = { } }; +/* TODO: Copied from nRF70 Wi-Fi driver, need to be moved to a common place */ +struct raw_tx_pkt_header { + unsigned int magic_num; + unsigned char data_rate; + unsigned short packet_length; + unsigned char tx_mode; + unsigned char queue; + unsigned char raw_tx_flag; +}; + #ifdef CONFIG_RAW_TX_PKT_SAMPLE_NON_CONNECTED_MODE static void wifi_set_channel(void) { diff --git a/samples/wifi/shell/CMakeLists.txt b/samples/wifi/shell/CMakeLists.txt index a0230bfd1857..156aadf59ecf 100644 --- a/samples/wifi/shell/CMakeLists.txt +++ b/samples/wifi/shell/CMakeLists.txt @@ -9,11 +9,6 @@ cmake_minimum_required(VERSION 3.20.0) find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(nrf_wifi_shell) -target_include_directories( - app - PRIVATE - ${ZEPHYR_BASE}/../nrfxlib/) - target_sources_ifdef(CONFIG_NRF70_RAW_DATA_TX app PRIVATE diff --git a/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c b/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c index a58d9ce5bfde..129e9b0a0ac8 100644 --- a/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c +++ b/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c @@ -16,11 +16,43 @@ LOG_MODULE_REGISTER(raw_tx_pkt, CONFIG_LOG_DEFAULT_LEVEL); #include "net_private.h" -#include #define BEACON_PAYLOAD_LENGTH 256 #define IEEE80211_SEQ_CTRL_SEQ_NUM_MASK 0xFFF0 #define IEEE80211_SEQ_NUMBER_INC BIT(4) /* 0-3 is fragment number */ +#define NRF_WIFI_MAGIC_NUM_RAWTX 0x12345678 + +/* TODO: Copied from nRF70 Wi-Fi driver, need to be moved to a common place */ + +/** + * @brief Transmit modes for raw packets. + * + */ +enum nrf_wifi_fmac_rawtx_mode { + /** Legacy mode. */ + NRF_WIFI_FMAC_RAWTX_MODE_LEGACY, + /** HT mode. */ + NRF_WIFI_FMAC_RAWTX_MODE_HT, + /** VHT mode. */ + NRF_WIFI_FMAC_RAWTX_MODE_VHT, + /** HE SU mode. */ + NRF_WIFI_FMAC_RAWTX_MODE_HE_SU, + /** HE ER SU mode. */ + NRF_WIFI_FMAC_RAWTX_MODE_HE_ER_SU, + /** HE TB mode. */ + NRF_WIFI_FMAC_RAWTX_MODE_HE_TB, + /** Throughput max. */ + NRF_WIFI_FMAC_RAWTX_MODE_MAX +}; + +struct raw_tx_pkt_header { + unsigned int magic_num; + unsigned char data_rate; + unsigned short packet_length; + unsigned char tx_mode; + unsigned char queue; + unsigned char raw_tx_flag; +}; struct raw_tx_pkt_header raw_tx_pkt; From cb1e48b4156f9b9fc9299b42933bae68d56e450b Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Tue, 13 Aug 2024 23:57:01 +0530 Subject: [PATCH 047/217] samples: wifi: coex: Explicitly enable co-existence With the upstream nRF70 driver, the co-ex is not auto-enabled based on the DTS, this was implemented improperly, now user has to explicitly choose to enable co-existence. Signed-off-by: Chaitanya Tata --- samples/wifi/ble_coex/prj.conf | 2 ++ samples/wifi/provisioning/ble/prj.conf | 2 ++ 2 files changed, 4 insertions(+) diff --git a/samples/wifi/ble_coex/prj.conf b/samples/wifi/ble_coex/prj.conf index b439d67070e8..eb0e2967898a 100644 --- a/samples/wifi/ble_coex/prj.conf +++ b/samples/wifi/ble_coex/prj.conf @@ -6,6 +6,8 @@ CONFIG_WIFI=y CONFIG_WIFI_NRF70=y +CONFIG_NRF70_SR_COEX=y +CONFIG_NRF70_SR_COEX_RF_SWITCH=y # WPA supplicant CONFIG_WIFI_NM_WPA_SUPPLICANT=y diff --git a/samples/wifi/provisioning/ble/prj.conf b/samples/wifi/provisioning/ble/prj.conf index 33c9eda1fd35..6cbc451cfdca 100644 --- a/samples/wifi/provisioning/ble/prj.conf +++ b/samples/wifi/provisioning/ble/prj.conf @@ -5,6 +5,8 @@ # CONFIG_WIFI=y CONFIG_WIFI_NRF70=y +CONFIG_NRF70_SR_COEX=y +CONFIG_NRF70_SR_COEX_RF_SWITCH=y # WPA supplicant CONFIG_WIFI_NM_WPA_SUPPLICANT=y From 0c26188510986dc53d021e98ad3f50334c6bc0a4 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Sun, 18 Aug 2024 13:41:28 +0530 Subject: [PATCH 048/217] ci: Quarantine Thingy and Wi-Fi tests Thingy is not supported yet for nRF70 companion chips. Signed-off-by: Chaitanya Tata --- scripts/quarantine.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index 4c8c0e557638..10f1016b0c12 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -16,3 +16,9 @@ - ".thingy91x_nrf700.*" - ".thingy91x_wifi.*" comment: "nRF7002EB, Thingy91x are not support in the upstream nRF70 driver yet" + +- scenarios: + - applications.asset_tracker_v2.nrf_cloud + - ".*thingy.*nrf70.*" + - ".*thingy.*wifi.*" + comment: "Thingy is not supported in the upstream nRF70 driver yet" From 396eb050215b5ad1f64addf283ebb25648e4ffab Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Sun, 18 Aug 2024 13:51:07 +0530 Subject: [PATCH 049/217] samples: Remove unsupported platforms from integration Though these platforms are excluded for Wi-Fi tags, twister still fails as this is still part of integration platforms, remove it to fix the twister. Signed-off-by: Chaitanya Tata --- samples/net/aws_iot/sample.yaml | 2 -- samples/net/azure_iot_hub/sample.yaml | 4 ---- samples/net/coap_client/sample.yaml | 2 -- samples/net/download/sample.yaml | 2 -- samples/net/http_server/sample.yaml | 4 ---- samples/net/https_client/sample.yaml | 2 -- samples/net/mqtt/sample.yaml | 4 ---- samples/net/udp/sample.yaml | 2 -- samples/wifi/provisioning/softap/sample.yaml | 2 -- samples/wifi/shell/sample.yaml | 6 ------ 10 files changed, 30 deletions(-) diff --git a/samples/net/aws_iot/sample.yaml b/samples/net/aws_iot/sample.yaml index ba7b33b7916d..bff98553c810 100644 --- a/samples/net/aws_iot/sample.yaml +++ b/samples/net/aws_iot/sample.yaml @@ -11,7 +11,6 @@ tests: - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim platform_allow: - nrf9160dk/nrf9160/ns @@ -19,5 +18,4 @@ tests: - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - thingy91x/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim diff --git a/samples/net/azure_iot_hub/sample.yaml b/samples/net/azure_iot_hub/sample.yaml index f42394ee5891..27955163bc9e 100644 --- a/samples/net/azure_iot_hub/sample.yaml +++ b/samples/net/azure_iot_hub/sample.yaml @@ -8,13 +8,11 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim tags: ci_build sysbuild ci_samples_net sample.net.azure_iot_hub.dps: @@ -24,12 +22,10 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns extra_args: OVERLAY_CONFIG=overlay-dps.conf extra_configs: - CONFIG_AZURE_IOT_HUB_DPS_ID_SCOPE="test-scope" diff --git a/samples/net/coap_client/sample.yaml b/samples/net/coap_client/sample.yaml index 884ba64afcab..b1e7676207f6 100644 --- a/samples/net/coap_client/sample.yaml +++ b/samples/net/coap_client/sample.yaml @@ -10,13 +10,11 @@ tests: - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim tags: ci_build sysbuild ci_samples_net diff --git a/samples/net/download/sample.yaml b/samples/net/download/sample.yaml index 8f269203659f..5e3e400bbb18 100644 --- a/samples/net/download/sample.yaml +++ b/samples/net/download/sample.yaml @@ -23,10 +23,8 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns tags: ci_build sysbuild ci_samples_net diff --git a/samples/net/http_server/sample.yaml b/samples/net/http_server/sample.yaml index f9eda281f0c8..039c254b97d0 100644 --- a/samples/net/http_server/sample.yaml +++ b/samples/net/http_server/sample.yaml @@ -4,15 +4,11 @@ tests: sample.net.http_server.wifi: sysbuild: true build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: nrf7002dk/nrf5340/cpuapp/ns tags: ci_build sysbuild ci_samples_net sample.net.http_server.wifi.tls: sysbuild: true build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: nrf7002dk/nrf5340/cpuapp/ns extra_args: OVERLAY_CONFIG=overlay-tls-nrf7002dk.conf tags: ci_build sysbuild ci_samples_net diff --git a/samples/net/https_client/sample.yaml b/samples/net/https_client/sample.yaml index 087335040fa1..f13e59210532 100644 --- a/samples/net/https_client/sample.yaml +++ b/samples/net/https_client/sample.yaml @@ -8,13 +8,11 @@ tests: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim tags: ci_build sysbuild ci_samples_net sample.net.https_client.lte.tfm-mbedtls: diff --git a/samples/net/mqtt/sample.yaml b/samples/net/mqtt/sample.yaml index 49f35e97a44e..57cb5354c19f 100644 --- a/samples/net/mqtt/sample.yaml +++ b/samples/net/mqtt/sample.yaml @@ -11,22 +11,18 @@ tests: - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - thingy91x/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - thingy91x/nrf9151/ns - - nrf7002dk/nrf5340/cpuapp/ns - native_sim tags: ci_build sysbuild ci_samples_net sample.net.mqtt.nrf70.tls: sysbuild: true build_only: true build_on_all: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: nrf7002dk/nrf5340/cpuapp/ns tags: ci_build sysbuild ci_samples_net extra_args: EXTRA_CONF_FILE=overlay-tls-nrf70.conf diff --git a/samples/net/udp/sample.yaml b/samples/net/udp/sample.yaml index 57d74fefa040..b423ce2bd39a 100644 --- a/samples/net/udp/sample.yaml +++ b/samples/net/udp/sample.yaml @@ -9,13 +9,11 @@ tests: - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns - thingy91/nrf9160/ns - - nrf7002dk/nrf5340/cpuapp/ns tags: ci_build sysbuild ci_samples_net sample.net.udp.emulation: sysbuild: true diff --git a/samples/wifi/provisioning/softap/sample.yaml b/samples/wifi/provisioning/softap/sample.yaml index 09b0c239b3fb..8eef7714c1e8 100644 --- a/samples/wifi/provisioning/softap/sample.yaml +++ b/samples/wifi/provisioning/softap/sample.yaml @@ -4,7 +4,5 @@ tests: sample.softap.wifi.provision: sysbuild: true build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: nrf7002dk/nrf5340/cpuapp/ns tags: ci_build sysbuild ci_samples_wifi diff --git a/samples/wifi/shell/sample.yaml b/samples/wifi/shell/sample.yaml index e823c749db3e..aed03dbc6b13 100644 --- a/samples/wifi/shell/sample.yaml +++ b/samples/wifi/shell/sample.yaml @@ -168,8 +168,6 @@ tests: sample.nrf7002_ns.shell: sysbuild: true build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/ns platform_allow: nrf7002dk/nrf5340/cpuapp/ns tags: sysbuild ci_samples_wifi sample.nrf7002_eb.thingy53.shell: @@ -209,8 +207,6 @@ tests: sysbuild: true build_only: true extra_args: SHIELD=nrf700x_nrf54h20dk - integration_platforms: - - nrf54h20dk/nrf54h20/cpuapp platform_allow: nrf54h20dk/nrf54h20/cpuapp tags: ci_build sysbuild ci_samples_wifi # Used by QA and also acts as a memory stress test @@ -337,8 +333,6 @@ tests: sysbuild: true build_only: true extra_args: SHIELD=nrf700x_nrf54l15pdk - integration_platforms: - - nrf54l15pdk/nrf54l15/cpuapp platform_allow: nrf54l15pdk/nrf54l15/cpuapp tags: ci_build sysbuild ci_samples_wifi sample.nrf7002eb.nrf54l15dk.shell: From f2c463b16de500fc2f79066cc643788359462ccc Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Sun, 18 Aug 2024 13:54:33 +0530 Subject: [PATCH 050/217] doc: Fix missing tag In latest nrfxlib this tag is removed, so, remove the reference to fix the doc build. Signed-off-by: Chaitanya Tata --- doc/nrf/releases_and_maturity/releases/release-notes-1.8.0.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-1.8.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-1.8.0.rst index 9c925806c346..fa71e4200f48 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-1.8.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-1.8.0.rst @@ -89,6 +89,7 @@ These changes are valid for :ref:`nrfxlib:softdevice_controller`. This interface is typically implemented in the Wi-Fi products. * Experimental support for a 1-wire PTA interface for external radio coexistence for the nRF52 Series. This interface is specific to Nordic Semiconductor's nRF91 Series. + See ``nrfxlib:bluetooth_coex`` for more information. * Support for the Simple GPIO Front-End Module implementation on the nRF53 Series. Bluetooth mesh From bfb147115ba5b51b110aa85696d2e1dfa8beac3c Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 19 Aug 2024 00:16:07 +0530 Subject: [PATCH 051/217] samples: wifi: Remove raw modes for nRF7000 As of now the raw mode is couple with system mode which is unsupported for nRF7000, so, remove them. Signed-off-by: Chaitanya Tata --- samples/wifi/monitor/sample.yaml | 9 --------- samples/wifi/raw_tx_packet/sample.yaml | 9 --------- 2 files changed, 18 deletions(-) diff --git a/samples/wifi/monitor/sample.yaml b/samples/wifi/monitor/sample.yaml index 2bfe89cc983d..af079e77d209 100644 --- a/samples/wifi/monitor/sample.yaml +++ b/samples/wifi/monitor/sample.yaml @@ -18,15 +18,6 @@ tests: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp tags: ci_build sysbuild ci_samples_wifi - sample.nrf7000.monitor: - sysbuild: true - build_only: true - extra_args: - SHIELD=nrf7002ek_nrf7000 - integration_platforms: - - nrf5340dk/nrf5340/cpuapp - platform_allow: nrf5340dk/nrf5340/cpuapp - tags: ci_build sysbuild ci_samples_wifi sample.nrf7001.monitor: sysbuild: true build_only: true diff --git a/samples/wifi/raw_tx_packet/sample.yaml b/samples/wifi/raw_tx_packet/sample.yaml index 331b3de840f4..25d25db1cd9e 100644 --- a/samples/wifi/raw_tx_packet/sample.yaml +++ b/samples/wifi/raw_tx_packet/sample.yaml @@ -18,15 +18,6 @@ tests: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp tags: ci_build sysbuild ci_samples_wifi - sample.nrf7000.raw_tx_packet: - sysbuild: true - build_only: true - extra_args: - SHIELD=nrf7002ek_nrf7000 - integration_platforms: - - nrf5340dk/nrf5340/cpuapp - platform_allow: nrf5340dk/nrf5340/cpuapp - tags: ci_build sysbuild ci_samples_wifi sample.nrf7001.raw_tx_packet: sysbuild: true build_only: true From 4d1c6d91435dacde39c1af9ae7342e3b79d5d6c4 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Mon, 19 Aug 2024 02:05:20 +0530 Subject: [PATCH 052/217] samples: wifi: shutdown: Fix build errors Shutdown sample assumes default nRF70 mode is scan and doesn't support any other mode. With the migration to upstream scan only is limited to nRF7000 shield, so, remove other combinations. Also, add nRF7000 with 5340 as this was the main usecase for testing this sample. Signed-off-by: Chaitanya Tata --- samples/wifi/shutdown/README.rst | 8 ++++---- samples/wifi/shutdown/sample.yaml | 26 ++------------------------ 2 files changed, 6 insertions(+), 28 deletions(-) diff --git a/samples/wifi/shutdown/README.rst b/samples/wifi/shutdown/README.rst index a1d6bbb4382d..b479638f9135 100644 --- a/samples/wifi/shutdown/README.rst +++ b/samples/wifi/shutdown/README.rst @@ -50,12 +50,12 @@ Building and running .. include:: /includes/build_and_run_ns.txt -To build for the nRF7002 DK, use the ``nrf7002dk/nrf5340/cpuapp`` board target. +To build for the nRF7000 EK, use the ``nrf5340dk/nrf5340/cpuapp`` board target. The following is an example of the CLI command to demonstrate Wi-Fi shutdown: .. code-block:: console - west build -b nrf7002dk/nrf5340/cpuapp + west build -b nrf5340dk/nrf5340/cpuapp -- -DSHIELD=nrf7002ek_nrf7000 Disable auto-start of the Wi-Fi driver -------------------------------------- @@ -65,7 +65,7 @@ You can disable it by setting the :kconfig:option:`CONFIG_NRF_WIFI_IF_AUTO_START .. code-block:: console - west build -b nrf7002dk/nrf5340/cpuapp -DCONFIG_NRF_WIFI_IF_AUTO_START=n + west build -b nrf5340dk/nrf5340/cpuapp -- -DSHIELD=nrf7002ek_nrf7000 -DCONFIG_NRF_WIFI_IF_AUTO_START=n With this configuration, the Wi-Fi network interface is not automatically brought up by the Zephyr networking stack. You must press **Button 1** to bring up the Wi-Fi network interface. @@ -85,7 +85,7 @@ Testing *** Booting Zephyr OS build v3.3.99-ncs1-26-ge405279d2134 *** [00:00:00.440,460] wifi_nrf: Firmware (v1.2.8.1) booted successfully - [00:00:00.638,397] scan: Starting nrf7002dk_nrf5340_cpuapp with CPU frequency: 64 MHz + [00:00:00.638,397] scan: Starting nrf5340dk_nrf5340_cpuapp with CPU frequency: 64 MHz [00:00:00.642,608] scan: Scan requested diff --git a/samples/wifi/shutdown/sample.yaml b/samples/wifi/shutdown/sample.yaml index 6da8422ce797..2e53602dae9d 100644 --- a/samples/wifi/shutdown/sample.yaml +++ b/samples/wifi/shutdown/sample.yaml @@ -3,38 +3,16 @@ sample: application name: Wi-Fi shutdown tests: - sample.nrf7002.shutdown: - sysbuild: true - build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp - platform_allow: nrf7002dk/nrf5340/cpuapp - tags: ci_build sysbuild ci_samples_wifi - sample.nrf7001.shutdown: - sysbuild: true - build_only: true - integration_platforms: - - nrf7002dk/nrf5340/cpuapp/nrf7001 - platform_allow: nrf7002dk/nrf5340/cpuapp/nrf7001 - tags: ci_build sysbuild ci_samples_wifi - skip: true - sample.nrf7002_eks.shutdown: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf7002ek - integration_platforms: - - nrf5340dk/nrf5340/cpuapp - - nrf52840dk/nrf52840 - platform_allow: nrf5340dk/nrf5340/cpuapp nrf52840dk/nrf52840 - tags: ci_build sysbuild ci_samples_wifi sample.nrf7000_location.shutdown: sysbuild: true build_only: true extra_args: SHIELD=nrf7002ek_nrf7000 integration_platforms: + - nrf5340dk/nrf5340/cpuapp - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns platform_allow: + - nrf5340dk/nrf5340/cpuapp - nrf9160dk/nrf9160/ns - nrf9161dk/nrf9161/ns - nrf9151dk/nrf9151/ns From 444d07b4e1da08534fde5611ab97b90ab5b85e74 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Thu, 22 Aug 2024 01:11:15 +0530 Subject: [PATCH 053/217] ci: quarantine: Quarantine few mysterious memory overflows These overflows are only happening in the CI, locally the same twister command works fine, quarantine them for now, and investigate later. Signed-off-by: Chaitanya Tata --- scripts/quarantine.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index 10f1016b0c12..d5ee01f6c6e6 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -22,3 +22,13 @@ - ".*thingy.*nrf70.*" - ".*thingy.*wifi.*" comment: "Thingy is not supported in the upstream nRF70 driver yet" + +- scenarios: + - sample.cellular.modem_shell.location_service_ext_pgps_nrf7002ek_wifi + - sample.cellular.nrf7002ek_wifi.scan + - sample.cellular.nrf7002ek_wifi.conn + platforms: + - nrf9161dk/nrf9161/ns + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + comment: "Unknown failures using NS (TF-M), unable to replicate locally, temporarily excluded" From 784302627baf48014a9103c0dce38db9d0773df8 Mon Sep 17 00:00:00 2001 From: Jamie McCrae Date: Wed, 11 Sep 2024 08:22:32 +0100 Subject: [PATCH 054/217] sysbuild: Remove some Kconfigs Removes some Kconfig options that have been added to zephyr Signed-off-by: Jamie McCrae --- sysbuild/Kconfig.mcuboot | 73 ---------------------------------------- 1 file changed, 73 deletions(-) diff --git a/sysbuild/Kconfig.mcuboot b/sysbuild/Kconfig.mcuboot index 564c8a312fe3..9af7b1d4e62a 100644 --- a/sysbuild/Kconfig.mcuboot +++ b/sysbuild/Kconfig.mcuboot @@ -5,79 +5,6 @@ menu "MCUboot configuration" depends on BOOTLOADER_MCUBOOT -choice MCUBOOT_MODE - prompt "Mode of operation" - default MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH - help - The operating mode of MCUboot (which will also be propagated to the application). - -config MCUBOOT_MODE_SINGLE_APP - bool "Single slot" - help - MCUboot will only boot slot0_partition placed application and does not care about other - slots. In this mode application is not able to DFU its own update to secondary slot and - all updates need to be performed using MCUboot serial recovery. - -config MCUBOOT_MODE_SWAP_WITHOUT_SCRATCH - bool "Swap without scratch (swap using move)" - help - MCUboot expects slot0_partition and slot1_partition to be present in DT and application - will boot from slot0_partition. MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected - in main application if MCUboot has been built with MCUBOOT_DOWNGRADE_PREVENTION. - -config MCUBOOT_MODE_SWAP_SCRATCH - bool "Swap using scratch" - help - MCUboot expects slot0_partition, slot1_partition and scratch_partition to be present in - DT, and application will boot from slot0_partition. In this mode scratch_partition is - used as temporary storage when MCUboot swaps application from the secondary slot to the - primary slot. - MCUBOOT_BOOTLOADER_NO_DOWNGRADE should also be selected in main application if MCUboot - has been built with MCUBOOT_DOWNGRADE_PREVENTION. - -config MCUBOOT_MODE_OVERWRITE_ONLY - bool "Overwrite" - help - MCUboot will take contents of secondary slot of an image and will overwrite primary slot - with it. In this mode it is not possible to revert back to previous version as it is not - stored in the secondary slot. - This mode supports MCUBOOT_BOOTLOADER_NO_DOWNGRADE which means that the overwrite will - not happen unless the version of secondary slot is higher than the version in primary - slot. - -config MCUBOOT_MODE_DIRECT_XIP - bool "DirectXIP" - help - MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot - can boot from either partition and will select one with higher application image version, - which usually means major.minor.patch triple, unless BOOT_VERSION_CMP_USE_BUILD_NUMBER is - also selected in MCUboot that enables comparison of build number. - This option automatically selectes MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible - to swap back to older version of application. - -config MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT - bool "DirectXIP with revert" - help - MCUboot expects slot0_partition and slot1_partition to exist in DT. In this mode MCUboot - will boot the application with the higher version from either slot, as long as it has - been marked to be boot next time for test or permanently. In case when application is - marked for test it needs to confirm itself, on the first boot, or it will be removed and - MCUboot will revert to booting previously approved application. - This mode does not allow freely switching between application versions, as, once higher - version application is approved, it is not possible to select lower version for boot. - This mode selects MCUBOOT_BOOTLOADER_NO_DOWNGRADE as it is not possible to downgrade - running application, but note that MCUboot may do that if application with higher - version will not get confirmed. - -config MCUBOOT_MODE_FIRMWARE_UPDATER - bool "Firmware updater" - help - MCUboot will only boot slot0_partition for the main application but has an entrance - mechanism defined for entering the slot1_partition which is a dedicated firmware updater - application used to update the slot0_partition application. - -endchoice - config MCUBOOT_BUILD_DIRECT_XIP_VARIANT bool "Build DirectXIP variant image" depends on MCUBOOT_MODE_DIRECT_XIP || MCUBOOT_MODE_DIRECT_XIP_WITH_REVERT From 0b84b66a0bff105112c56a5b9350702a739e7b43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 11 Sep 2024 14:10:54 +0200 Subject: [PATCH 055/217] openthread: Remove CFB and OFB from defconfig MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This removes MBEDTLS_CIPHER_MODE_CFB and MBEDTLS_CIPHER_MODE_OFB which is no longer actively supported in nRF Connect SDK Signed-off-by: Frank Audun Kvamtrø --- subsys/net/openthread/Kconfig.defconfig | 8 -------- 1 file changed, 8 deletions(-) diff --git a/subsys/net/openthread/Kconfig.defconfig b/subsys/net/openthread/Kconfig.defconfig index 1ad9634be0bb..9a5ec34e2003 100644 --- a/subsys/net/openthread/Kconfig.defconfig +++ b/subsys/net/openthread/Kconfig.defconfig @@ -127,14 +127,6 @@ config MBEDTLS_CIPHER_MODE_CTR bool default n -config MBEDTLS_CIPHER_MODE_CFB - bool - default n - -config MBEDTLS_CIPHER_MODE_OFB - bool - default n - config MBEDTLS_CHACHA20_C bool default n From 478d90465085be1ba335742b6e68d318e36fcb2b Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Thu, 12 Sep 2024 11:52:23 +0200 Subject: [PATCH 056/217] github: workflows: compliance: add unidiff to requirenments Add unidiff dependency to requirenments-fixed.txt and add it to the compliance.yml job "Install python dependencies" Signed-off-by: Bjarki Arge Andreasen --- .github/workflows/compliance.yml | 2 +- scripts/requirements-fixed.txt | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index 19f2c9fb265b..29bd87a60a9c 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -29,7 +29,7 @@ jobs: pip3 install -U pip pip3 install -U setuptools pip3 install -U wheel - grep -E "^python-magic|^junitparser|^lxml|^gitlint|^pylint|^pykwalify|^yamllint" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U + grep -E "^python-magic|^junitparser|^lxml|^gitlint|^pylint|^pykwalify|^yamllint|^unidiff" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U grep -E "^west" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U pip3 show -f west diff --git a/scripts/requirements-fixed.txt b/scripts/requirements-fixed.txt index bfa3c1c5447e..f52c2a265568 100644 --- a/scripts/requirements-fixed.txt +++ b/scripts/requirements-fixed.txt @@ -124,6 +124,7 @@ toml==0.10.2 # via -r nrf/scripts/requirements-ci.txt tomli==2.0.1 # via nrf-regtool tomlkit==0.12.1 # via pylint typing-extensions==4.8.0 # via mypy, pyocd, python-can, qrcode, setuptools-scm, svada +unidiff==0.7.5 urllib3==2.2.2 # via requests wcwidth==0.2.6 # via prettytable west==1.2.0 # via -r nrf/scripts/requirements-base.txt, -r zephyr/scripts/requirements-base.txt From 380405b1fef98664f6a668890d02329c0ff8b833 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 12 Sep 2024 09:07:01 +0200 Subject: [PATCH 057/217] samples: libraries: Fixing deprecated z_arch_esf_t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -The upmerge brings in a deprecation of const z_arch_esf_t in favor of struct arch_esf. This commit fixes this for applications, samples and tests in the following domain: -fatal_error library -ipc_radio application -Audio application -Matter diagnostics (used by multiple samples) -fprotect tests -hw_unique_key tests -Audio tests Signed-off-by: Frank Audun Kvamtrø --- applications/ipc_radio/src/bt_hci_ipc.c | 2 +- applications/nrf5340_audio/src/utils/error_handler.c | 4 ++-- lib/fatal_error/fatal_error.c | 2 +- .../matter/common/src/diagnostic/diagnostic_logs_crash.cpp | 4 ++-- tests/drivers/fprotect/app/src/main.c | 2 +- tests/drivers/fprotect/negative/src/main.c | 2 +- tests/drivers/fprotect/storage/src/main.c | 2 +- tests/lib/hw_unique_key/src/main.c | 2 +- tests/nrf5340_audio/macros/main.c | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) diff --git a/applications/ipc_radio/src/bt_hci_ipc.c b/applications/ipc_radio/src/bt_hci_ipc.c index bab02b34a950..f56543d81611 100644 --- a/applications/ipc_radio/src/bt_hci_ipc.c +++ b/applications/ipc_radio/src/bt_hci_ipc.c @@ -315,7 +315,7 @@ void bt_ctlr_assert_handle(char *file, uint32_t line) #endif /* CONFIG_BT_CTLR_ASSERT_HANDLER */ #if defined(CONFIG_BT_HCI_VS_FATAL_ERROR) -void k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *esf) +void k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *esf) { LOG_PANIC(); diff --git a/applications/nrf5340_audio/src/utils/error_handler.c b/applications/nrf5340_audio/src/utils/error_handler.c index 9a37399954b7..8ae54bd832aa 100644 --- a/applications/nrf5340_audio/src/utils/error_handler.c +++ b/applications/nrf5340_audio/src/utils/error_handler.c @@ -21,7 +21,7 @@ static const struct gpio_dt_spec center_led_g = GPIO_DT_SPEC_GET(DT_NODELABEL(rg static const struct gpio_dt_spec center_led_b = GPIO_DT_SPEC_GET(DT_NODELABEL(rgb1_blue), gpios); #endif /* (defined(CONFIG_BOARD_NRF5340_AUDIO_DK_NRF5340_CPUAPP) && (CONFIG_DEBUG)) */ -void error_handler(unsigned int reason, const z_arch_esf_t *esf) +void error_handler(unsigned int reason, const struct arch_esf *esf) { #if (CONFIG_DEBUG) LOG_ERR("Caught system error -- reason %d. Entering infinite loop", reason); @@ -51,7 +51,7 @@ void bt_ctlr_assert_handle(char *c, int code) error_handler(code, NULL); } -void k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *esf) +void k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *esf) { error_handler(reason, esf); } diff --git a/lib/fatal_error/fatal_error.c b/lib/fatal_error/fatal_error.c index d8e8391e6be3..eb69777836f1 100644 --- a/lib/fatal_error/fatal_error.c +++ b/lib/fatal_error/fatal_error.c @@ -14,7 +14,7 @@ LOG_MODULE_REGISTER(fatal_error, CONFIG_FATAL_ERROR_LOG_LEVEL); extern void sys_arch_reboot(int type); void k_sys_fatal_error_handler(unsigned int reason, - const z_arch_esf_t *esf) + const struct arch_esf *esf) { ARG_UNUSED(esf); ARG_UNUSED(reason); diff --git a/samples/matter/common/src/diagnostic/diagnostic_logs_crash.cpp b/samples/matter/common/src/diagnostic/diagnostic_logs_crash.cpp index cbb4d69db72b..8a920aa6727e 100644 --- a/samples/matter/common/src/diagnostic/diagnostic_logs_crash.cpp +++ b/samples/matter/common/src/diagnostic/diagnostic_logs_crash.cpp @@ -208,12 +208,12 @@ extern "C" { /* The actual code of the z_fatal_error function assigned as __real_ for linker wrapping purpose. It required -Wl,--wrap=z_fatal_error linker option added */ -void __real_z_fatal_error(unsigned int reason, const z_arch_esf_t *esf); +void __real_z_fatal_error(unsigned int reason, const struct arch_esf *esf); /* Wrapped z_fatal_error function to implement saving crash data to the retention memory and then call the _real_ function that contains the actual code of the z_fatal_error. It required -Wl,--wrap=z_fatal_error linker option added */ -void __wrap_z_fatal_error(unsigned int reason, const z_arch_esf_t *esf) +void __wrap_z_fatal_error(unsigned int reason, const struct arch_esf *esf) { /* Store the crash data into the retained RAM memory */ if (esf) { diff --git a/tests/drivers/fprotect/app/src/main.c b/tests/drivers/fprotect/app/src/main.c index 81d15e75a208..9e4e1a0c6b8c 100644 --- a/tests/drivers/fprotect/app/src/main.c +++ b/tests/drivers/fprotect/app/src/main.c @@ -16,7 +16,7 @@ static uint32_t expected_fatal; static uint32_t actual_fatal; -void k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *pEsf) +void k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *pEsf) { printk("Caught system error -- reason %d\n", reason); actual_fatal++; diff --git a/tests/drivers/fprotect/negative/src/main.c b/tests/drivers/fprotect/negative/src/main.c index 6cec16210b01..d350626387d6 100644 --- a/tests/drivers/fprotect/negative/src/main.c +++ b/tests/drivers/fprotect/negative/src/main.c @@ -38,7 +38,7 @@ static volatile uint32_t expected_fatal; static uint32_t actual_fatal; static uint8_t read_buf[BUF_SIZE]; -void k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *pEsf) +void k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *pEsf) { printk("Caught system error -- reason %d\n", reason); actual_fatal++; diff --git a/tests/drivers/fprotect/storage/src/main.c b/tests/drivers/fprotect/storage/src/main.c index a0a881954370..7581b518159e 100644 --- a/tests/drivers/fprotect/storage/src/main.c +++ b/tests/drivers/fprotect/storage/src/main.c @@ -22,7 +22,7 @@ BUILD_ASSERT(STORAGE_AREA_ADDRESS % CONFIG_NRF_RRAM_REGION_ADDRESS_RESOLUTION == static uint32_t expected_fatal; static uint32_t actual_fatal; -void k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *pEsf) +void k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *pEsf) { printk("Caught system error -- reason %d\n", reason); actual_fatal++; diff --git a/tests/lib/hw_unique_key/src/main.c b/tests/lib/hw_unique_key/src/main.c index d1ad21245516..dabcc60387ad 100644 --- a/tests/lib/hw_unique_key/src/main.c +++ b/tests/lib/hw_unique_key/src/main.c @@ -82,7 +82,7 @@ static uint8_t expected_key[16] = { static uint32_t expected_fatal; static uint32_t actual_fatal; -void k_sys_fatal_error_handler(unsigned int reason, const z_arch_esf_t *pEsf) +void k_sys_fatal_error_handler(unsigned int reason, const struct arch_esf *pEsf) { printk("Caught system error -- reason %d\n", reason); actual_fatal++; diff --git a/tests/nrf5340_audio/macros/main.c b/tests/nrf5340_audio/macros/main.c index 03786e8dcfea..8a82f85a7656 100644 --- a/tests/nrf5340_audio/macros/main.c +++ b/tests/nrf5340_audio/macros/main.c @@ -9,7 +9,7 @@ #include #include -FUNC_NORETURN void _SysFatalErrorHandler(unsigned int reason, const z_arch_esf_t *pEsf) +FUNC_NORETURN void _SysFatalErrorHandler(unsigned int reason, const struct arch_esf *pEsf) { TC_PRINT("SysFatalErrorHandler called - reason %d\n", reason); k_thread_abort(_current); From 07eea6da7a60bd7be5305e72bc901211a27c2cf9 Mon Sep 17 00:00:00 2001 From: Dominik Chat Date: Fri, 13 Sep 2024 08:57:43 +0200 Subject: [PATCH 058/217] applications: ipc_radio: align net_buf to new API The net_buf_put/get is deprecated, align to recommended API. Signed-off-by: Dominik Chat --- applications/ipc_radio/src/bt_hci_ipc.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/applications/ipc_radio/src/bt_hci_ipc.c b/applications/ipc_radio/src/bt_hci_ipc.c index f56543d81611..c8fadd17e870 100644 --- a/applications/ipc_radio/src/bt_hci_ipc.c +++ b/applications/ipc_radio/src/bt_hci_ipc.c @@ -88,7 +88,7 @@ static void recv_cmd(const uint8_t *data, size_t len) sys_le16_to_cpu(hdr->opcode), hdr->param_len); net_buf_add_mem(buf, data, len); - net_buf_put(&tx_queue, buf); + k_fifo_put(&tx_queue, buf); } static void recv_acl(const uint8_t *data, size_t len) @@ -125,7 +125,7 @@ static void recv_acl(const uint8_t *data, size_t len) sys_le16_to_cpu(hdr->handle), sys_le16_to_cpu(hdr->len)); net_buf_add_mem(buf, data, len); - net_buf_put(&tx_queue, buf); + k_fifo_put(&tx_queue, buf); } static void recv_iso(const uint8_t *data, size_t len) @@ -162,7 +162,7 @@ static void recv_iso(const uint8_t *data, size_t len) sys_le16_to_cpu(hdr->handle), sys_le16_to_cpu(hdr->len)); net_buf_add_mem(buf, data, len); - net_buf_put(&tx_queue, buf); + k_fifo_put(&tx_queue, buf); } static void send(struct net_buf *buf, bool is_fatal_err) @@ -260,7 +260,7 @@ static void tx_thread(void) int err; while (1) { - buf = net_buf_get(&tx_queue, K_FOREVER); + buf = k_fifo_get(&tx_queue, K_FOREVER); err = bt_send(buf); if (err) { LOG_ERR("bt_send failed err: %d.", err); @@ -374,7 +374,7 @@ int ipc_bt_process(void) k_sem_take(&ipc_bound_sem, K_FOREVER); while (1) { - buf = net_buf_get(&rx_queue, K_FOREVER); + buf = k_fifo_get(&rx_queue, K_FOREVER); send(buf, HCI_REGULAR_MSG); } From e61e73575c11f2c3957bbcebe89b5c4980ba25fc Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sun, 15 Sep 2024 21:02:08 +0200 Subject: [PATCH 059/217] boards: shields: remove nrf7002eb The nrf7002eb is now part of sdk-zephyr. Remove out-of-tree shield. Signed-off-by: Bjarki Arge Andreasen --- boards/shields/nrf7002eb/Kconfig.shield | 8 --- .../boards/nrf52840dk_nrf52840.overlay | 5 -- .../boards/nrf5340dk_nrf5340_cpuapp.overlay | 5 -- .../boards/thingy53_nrf5340_cpuapp.overlay | 24 --------- boards/shields/nrf7002eb/nrf7002eb.overlay | 50 ------------------- .../shields/nrf7002eb/nrf7002eb_coex.overlay | 15 ------ 6 files changed, 107 deletions(-) delete mode 100644 boards/shields/nrf7002eb/Kconfig.shield delete mode 100644 boards/shields/nrf7002eb/boards/nrf52840dk_nrf52840.overlay delete mode 100644 boards/shields/nrf7002eb/boards/nrf5340dk_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002eb/boards/thingy53_nrf5340_cpuapp.overlay delete mode 100644 boards/shields/nrf7002eb/nrf7002eb.overlay delete mode 100644 boards/shields/nrf7002eb/nrf7002eb_coex.overlay diff --git a/boards/shields/nrf7002eb/Kconfig.shield b/boards/shields/nrf7002eb/Kconfig.shield deleted file mode 100644 index 64d315770531..000000000000 --- a/boards/shields/nrf7002eb/Kconfig.shield +++ /dev/null @@ -1,8 +0,0 @@ -# -# Copyright (c) 2023 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -config SHIELD_NRF7002EB - select NRF_WIFI_COMBINED_BUCKEN_IOVDD_GPIO - def_bool $(shields_list_contains,nrf7002eb) diff --git a/boards/shields/nrf7002eb/boards/nrf52840dk_nrf52840.overlay b/boards/shields/nrf7002eb/boards/nrf52840dk_nrf52840.overlay deleted file mode 100644 index 2da9f87a2ad1..000000000000 --- a/boards/shields/nrf7002eb/boards/nrf52840dk_nrf52840.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - #include "../nrf7002eb_coex.overlay" diff --git a/boards/shields/nrf7002eb/boards/nrf5340dk_nrf5340_cpuapp.overlay b/boards/shields/nrf7002eb/boards/nrf5340dk_nrf5340_cpuapp.overlay deleted file mode 100644 index 0beb03e965c7..000000000000 --- a/boards/shields/nrf7002eb/boards/nrf5340dk_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,5 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include "../nrf7002eb_coex.overlay" diff --git a/boards/shields/nrf7002eb/boards/thingy53_nrf5340_cpuapp.overlay b/boards/shields/nrf7002eb/boards/thingy53_nrf5340_cpuapp.overlay deleted file mode 100644 index 18b934a96ac9..000000000000 --- a/boards/shields/nrf7002eb/boards/thingy53_nrf5340_cpuapp.overlay +++ /dev/null @@ -1,24 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - - #include "../nrf7002eb_coex.overlay" - - /* The below overlays might not be explicitly required but still - * kept here to warn of the conflicting pins that could hamper - * functionality later - */ - -/* - * This uses gpio0 pin 8 that conflicts with STATUS pin of Wi-Fi SR coex - */ -&npm1100_force_pwm_mode { - status = "disabled"; -}; - -/* Pins P0.9, P0.10, P0.11, P0.12 conflicting with SPI4, - * nrf7002 host irq */ -&uart0 { - status = "disabled"; -}; diff --git a/boards/shields/nrf7002eb/nrf7002eb.overlay b/boards/shields/nrf7002eb/nrf7002eb.overlay deleted file mode 100644 index 6e72cec73a56..000000000000 --- a/boards/shields/nrf7002eb/nrf7002eb.overlay +++ /dev/null @@ -1,50 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include - -/ { - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; -}; - -&edge_connector_spi { - status = "okay"; - - nrf700x: nrf7002@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - - bucken-gpios = <&edge_connector 9 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - - /* No separate pin for IOVDD, BUCKEN will handle IOVDD automatically, - * but this entry is for compatibility purposes and to avoid adding a - * special case in the nRF700x driver. - */ - iovdd-ctrl-gpios = <&edge_connector 9 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - host-irq-gpios = <&edge_connector 19 GPIO_ACTIVE_HIGH>; - }; -}; diff --git a/boards/shields/nrf7002eb/nrf7002eb_coex.overlay b/boards/shields/nrf7002eb/nrf7002eb_coex.overlay deleted file mode 100644 index a8077f03faf4..000000000000 --- a/boards/shields/nrf7002eb/nrf7002eb_coex.overlay +++ /dev/null @@ -1,15 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -/ { - nrf_radio_coex: nrf7002-coex { - status = "okay"; - compatible = "nordic,nrf700x-coex"; - status0-gpios = <&gpio1 1 GPIO_ACTIVE_HIGH>; - req-gpios = <&gpio1 0 GPIO_ACTIVE_HIGH>; - grant-gpios = <&edge_connector 15 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; - srrf-switch-gpios = <&gpio1 13 GPIO_ACTIVE_HIGH>; - }; -}; From 31473b3ddaa05aee0505e1130791cb46aae6289e Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sun, 15 Sep 2024 21:05:11 +0200 Subject: [PATCH 060/217] boards: shields: remove nrf700x_nrf54h20dk nrf700x_nrf54h20dk has been replaced by the nrf7002eb and nrf7002eb_interposer_p1 shields along with the nrf70-wifi snippet. Signed-off-by: Bjarki Arge Andreasen --- .../nrf700x_nrf54h20dk/Kconfig.defconfig | 21 --- .../shields/nrf700x_nrf54h20dk/Kconfig.shield | 15 -- .../boards/nrf54h20dk_nrf54h20_cpuapp.conf | 8 - .../nrf700x_nrf54h20dk.overlay | 151 ------------------ 4 files changed, 195 deletions(-) delete mode 100644 boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig delete mode 100644 boards/shields/nrf700x_nrf54h20dk/Kconfig.shield delete mode 100644 boards/shields/nrf700x_nrf54h20dk/boards/nrf54h20dk_nrf54h20_cpuapp.conf delete mode 100644 boards/shields/nrf700x_nrf54h20dk/nrf700x_nrf54h20dk.overlay diff --git a/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig b/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig deleted file mode 100644 index 3de124ae9ce1..000000000000 --- a/boards/shields/nrf700x_nrf54h20dk/Kconfig.defconfig +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -if SHIELD_NRF700X_NRF54H20DK - -config NETWORKING - default y - -config WIFI - default y - -config WIFI_NRF70 - default y - -config NRFX_GPIOTE - default y - -endif #SHIELD_NRF700X_NRF54H20DK diff --git a/boards/shields/nrf700x_nrf54h20dk/Kconfig.shield b/boards/shields/nrf700x_nrf54h20dk/Kconfig.shield deleted file mode 100644 index b9eca8cf3549..000000000000 --- a/boards/shields/nrf700x_nrf54h20dk/Kconfig.shield +++ /dev/null @@ -1,15 +0,0 @@ -# -# Copyright (c) 2023 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -DT_COMPAT_NORDIC_NRF700X_SPI := nordic,nrf700x-spi - -config SHIELD_NRF700X_NRF54H20DK - select NRF_WIFI_COMBINED_BUCKEN_IOVDD_GPIO - def_bool $(shields_list_contains,nrf700x_nrf54h20dk) - -config NRF7002_ON_SPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_SPI)) - depends on SHIELD_NRF700X_NRF54H20DK diff --git a/boards/shields/nrf700x_nrf54h20dk/boards/nrf54h20dk_nrf54h20_cpuapp.conf b/boards/shields/nrf700x_nrf54h20dk/boards/nrf54h20dk_nrf54h20_cpuapp.conf deleted file mode 100644 index c46c1f98b6d1..000000000000 --- a/boards/shields/nrf700x_nrf54h20dk/boards/nrf54h20dk_nrf54h20_cpuapp.conf +++ /dev/null @@ -1,8 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -CONFIG_SHELL_BACKEND_SERIAL=y -CONFIG_TEST_RANDOM_GENERATOR=y diff --git a/boards/shields/nrf700x_nrf54h20dk/nrf700x_nrf54h20dk.overlay b/boards/shields/nrf700x_nrf54h20dk/nrf700x_nrf54h20dk.overlay deleted file mode 100644 index 25b154973420..000000000000 --- a/boards/shields/nrf700x_nrf54h20dk/nrf700x_nrf54h20dk.overlay +++ /dev/null @@ -1,151 +0,0 @@ -/* Copyright (c) 2023 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ -#include - -/ { - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - zephyr,bt-hci-ipc = ""; - }; - - cpurad_ram0x_region: memory@2f07d000 { - compatible = "nordic,owned-memory"; - reg = <0x2f07d000 DT_SIZE_K(4)>; - status = "disabled"; - perm-read; - perm-write; - perm-secure; - #address-cells = <1>; - #size-cells = <1>; - ranges = <0x0 0x2f07d000 0x1000>; - - cpusec_cpurad_ipc_shm: memory@0 { - reg = <0x0 DT_SIZE_K(2)>; - }; - - cpurad_cpusec_ipc_shm: memory@800 { - reg = <0x800 DT_SIZE_K(2)>; - }; - }; -}; - -/* Wi-Fi needs more flash, so, minimize Radio memory to make room for Wi-Fi */ -/delete-node/ &cpuapp_rx_partitions; -/delete-node/ &cpuapp_rw_partitions; - -/* For MPC, min. granularity is 4K*/ -&cpurad_slot0_partition { - reg = <0x66000 DT_SIZE_K(4)>; -}; - -&mram1x { - cpuapp_rx_partitions: cpuapp-rx-partitions { - compatible = "nordic,owned-partitions", "fixed-partitions"; - status = "okay"; - perm-read; - perm-execute; - perm-secure; - #address-cells = <1>; - #size-cells = <1>; - - cpuapp_slot0_partition: partition@67000 { - reg = <0x67000 DT_SIZE_K(764)>; - }; - - cpuppr_code_partition: partition@126000 { - reg = <0x126000 DT_SIZE_K(64)>; - }; - }; - cpuapp_rw_partitions: cpuapp-rw-partitions { - compatible = "nordic,owned-partitions", "fixed-partitions"; - status = "okay"; - perm-read; - perm-write; - perm-secure; - #address-cells = <1>; - #size-cells = <1>; - - dfu_partition: partition@136000 { - reg = < 0x136000 DT_SIZE_K(692) >; - }; - - storage_partition: partition@1e3000 { - reg = < 0x1e3000 DT_SIZE_K(24) >; - }; - }; -}; - -/delete-node/ &cpurad_ram0x_region; -&cpuapp_ram0x_region{ - status = "okay"; - reg = <0x2f010000 DT_SIZE_K(436)>; - ranges = <0x0 0x2f010000 0x6e000>; - cpuapp_data: memory@1000 { - reg = <0x1000 DT_SIZE_K(432)>; - }; -}; - - -&pinctrl { - spi130_default: spi130_default { - group1 { - /* SCK has to be 0..3 and other signals can't use these pins */ - psels = , - , - ; - }; - }; - - spi130_sleep: spi130_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; -}; - -&spi130 { - status = "okay"; - cs-gpios = <&gpio1 4 GPIO_ACTIVE_LOW>; - - pinctrl-0 = <&spi130_default>; - pinctrl-1 = <&spi130_sleep>; - pinctrl-names = "default", "sleep"; - memory-regions = <&cpuapp_dma_region>; - nrf700x: nrf7002@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - bucken-gpios = <&gpio1 0 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - iovdd-ctrl-gpios = <&gpio1 0 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - host-irq-gpios = <&gpio1 2 GPIO_ACTIVE_HIGH>; - }; -}; - -&gpio1 { - status = "okay"; -}; From b8971f16271c145a10dde88c07bb526b45a900d6 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sun, 15 Sep 2024 21:08:08 +0200 Subject: [PATCH 061/217] boards: shields: remove nrf700x_nrf54h15dk nrf700x_nrf54h15dk has been replaced by the nrf7002eb and nrf7002eb_interposer_p1 shields along with the nrf70-wifi snippet. Signed-off-by: Bjarki Arge Andreasen --- .../nrf700x_nrf54l15dk/Kconfig.defconfig | 21 ----- .../shields/nrf700x_nrf54l15dk/Kconfig.shield | 19 ----- .../boards/nrf54l15dk_nrf54l15_cpuapp.conf | 5 -- .../nrf700x_nrf54l15dk.overlay | 81 ------------------- 4 files changed, 126 deletions(-) delete mode 100644 boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig delete mode 100644 boards/shields/nrf700x_nrf54l15dk/Kconfig.shield delete mode 100644 boards/shields/nrf700x_nrf54l15dk/boards/nrf54l15dk_nrf54l15_cpuapp.conf delete mode 100644 boards/shields/nrf700x_nrf54l15dk/nrf700x_nrf54l15dk.overlay diff --git a/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig b/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig deleted file mode 100644 index c63d7c2f214e..000000000000 --- a/boards/shields/nrf700x_nrf54l15dk/Kconfig.defconfig +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -if SHIELD_NRF700X_NRF54L15DK - -config NETWORKING - default y - -config WIFI - default y - -config WIFI_NRF70 - default y - -config NRFX_GPIOTE - default y - -endif #SHIELD_NRF700X_NRF54L15DK diff --git a/boards/shields/nrf700x_nrf54l15dk/Kconfig.shield b/boards/shields/nrf700x_nrf54l15dk/Kconfig.shield deleted file mode 100644 index 93079ec34ad9..000000000000 --- a/boards/shields/nrf700x_nrf54l15dk/Kconfig.shield +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -DT_COMPAT_NORDIC_NRF700X_QSPI := nordic,nrf700x-qspi -DT_COMPAT_NORDIC_NRF700X_SPI := nordic,nrf700x-spi - -config SHIELD_NRF700X_NRF54L15DK - select NRF_WIFI_COMBINED_BUCKEN_IOVDD_GPIO - def_bool $(shields_list_contains,nrf700x_nrf54l15dk) - -config NRF7002_ON_QSPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_QSPI)) - depends on SHIELD_NRF700X_NRF54L15DK - -config NRF7002_ON_SPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_SPI)) - depends on SHIELD_NRF700X_NRF54L15DK diff --git a/boards/shields/nrf700x_nrf54l15dk/boards/nrf54l15dk_nrf54l15_cpuapp.conf b/boards/shields/nrf700x_nrf54l15dk/boards/nrf54l15dk_nrf54l15_cpuapp.conf deleted file mode 100644 index 5e2f58f0d44a..000000000000 --- a/boards/shields/nrf700x_nrf54l15dk/boards/nrf54l15dk_nrf54l15_cpuapp.conf +++ /dev/null @@ -1,5 +0,0 @@ -# This is to get both Legacy and PSA to work, for Wi-Fi -CONFIG_TRUSTED_STORAGE=y -CONFIG_PSA_CRYPTO_DRIVER_OBERON=y -CONFIG_PSA_CRYPTO_DRIVER_CRACEN=n -CONFIG_TRUSTED_STORAGE_BACKEND_AEAD_KEY_HASH_UID=y diff --git a/boards/shields/nrf700x_nrf54l15dk/nrf700x_nrf54l15dk.overlay b/boards/shields/nrf700x_nrf54l15dk/nrf700x_nrf54l15dk.overlay deleted file mode 100644 index f61191cfdc69..000000000000 --- a/boards/shields/nrf700x_nrf54l15dk/nrf700x_nrf54l15dk.overlay +++ /dev/null @@ -1,81 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include - -/ { - /* Wi-Fi doesn't needs this and it frees up 68K RAM */ - /delete-node/ cpuflpr_sram; - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; -}; - -&cpuapp_sram { - reg = <0x20000000 DT_SIZE_K(256)>; - ranges = <0x0 0x20000000 0x20040000>; -}; - -&pinctrl { - spi22_default: spi22_default { - group1 { - psels = , - , - ; - }; - }; - - spi22_sleep: spi22_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; -}; - -/* With P1 only SPI20/21/22 are allowed and SPI20 uses same IRQ as UART20 */ -&spi22 { - status = "okay"; - cs-gpios = <&gpio1 8 GPIO_ACTIVE_LOW>; - - pinctrl-0 = <&spi22_default>; - pinctrl-1 = <&spi22_sleep>; - pinctrl-names = "default", "sleep"; - nrf700x: nrf7002@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - bucken-gpios = <&gpio1 13 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - iovdd-ctrl-gpios = <&gpio1 13 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - host-irq-gpios = <&gpio1 14 GPIO_ACTIVE_HIGH>; - }; -}; - - -&gpio1 { - status = "okay"; -}; From 34b8158dd665205a04e9a1d154ca96f62e5783c8 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sun, 15 Sep 2024 21:08:27 +0200 Subject: [PATCH 062/217] boards: shields: remove nrf700x_nrf54l15pdk nrf700x_nrf54l15pdk has been replaced by the nrf7002eb and nrf7002eb_interposer_p1 shields along with the nrf70-wifi snippet. Signed-off-by: Bjarki Arge Andreasen --- .../nrf700x_nrf54l15pdk/Kconfig.defconfig | 21 ----- .../nrf700x_nrf54l15pdk/Kconfig.shield | 19 ----- .../boards/nrf54l15pdk_nrf54l15_cpuapp.conf | 5 -- .../nrf700x_nrf54l15pdk.overlay | 81 ------------------- 4 files changed, 126 deletions(-) delete mode 100644 boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig delete mode 100644 boards/shields/nrf700x_nrf54l15pdk/Kconfig.shield delete mode 100644 boards/shields/nrf700x_nrf54l15pdk/boards/nrf54l15pdk_nrf54l15_cpuapp.conf delete mode 100644 boards/shields/nrf700x_nrf54l15pdk/nrf700x_nrf54l15pdk.overlay diff --git a/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig b/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig deleted file mode 100644 index 9336253fd8f8..000000000000 --- a/boards/shields/nrf700x_nrf54l15pdk/Kconfig.defconfig +++ /dev/null @@ -1,21 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -if SHIELD_NRF700X_NRF54L15PDK - -config NETWORKING - default y - -config WIFI - default y - -config WIFI_NRF70 - default y - -config NRFX_GPIOTE - default y - -endif #SHIELD_NRF700X_NRF54L15PDK diff --git a/boards/shields/nrf700x_nrf54l15pdk/Kconfig.shield b/boards/shields/nrf700x_nrf54l15pdk/Kconfig.shield deleted file mode 100644 index 009a8ca0290e..000000000000 --- a/boards/shields/nrf700x_nrf54l15pdk/Kconfig.shield +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# -DT_COMPAT_NORDIC_NRF700X_QSPI := nordic,nrf700x-qspi -DT_COMPAT_NORDIC_NRF700X_SPI := nordic,nrf700x-spi - -config SHIELD_NRF700X_NRF54L15PDK - select NRF_WIFI_COMBINED_BUCKEN_IOVDD_GPIO - def_bool $(shields_list_contains,nrf700x_nrf54l15pdk) - -config NRF7002_ON_QSPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_QSPI)) - depends on SHIELD_NRF700X_NRF54L15PDK - -config NRF7002_ON_SPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_SPI)) - depends on SHIELD_NRF700X_NRF54L15PDK diff --git a/boards/shields/nrf700x_nrf54l15pdk/boards/nrf54l15pdk_nrf54l15_cpuapp.conf b/boards/shields/nrf700x_nrf54l15pdk/boards/nrf54l15pdk_nrf54l15_cpuapp.conf deleted file mode 100644 index 5e2f58f0d44a..000000000000 --- a/boards/shields/nrf700x_nrf54l15pdk/boards/nrf54l15pdk_nrf54l15_cpuapp.conf +++ /dev/null @@ -1,5 +0,0 @@ -# This is to get both Legacy and PSA to work, for Wi-Fi -CONFIG_TRUSTED_STORAGE=y -CONFIG_PSA_CRYPTO_DRIVER_OBERON=y -CONFIG_PSA_CRYPTO_DRIVER_CRACEN=n -CONFIG_TRUSTED_STORAGE_BACKEND_AEAD_KEY_HASH_UID=y diff --git a/boards/shields/nrf700x_nrf54l15pdk/nrf700x_nrf54l15pdk.overlay b/boards/shields/nrf700x_nrf54l15pdk/nrf700x_nrf54l15pdk.overlay deleted file mode 100644 index f61191cfdc69..000000000000 --- a/boards/shields/nrf700x_nrf54l15pdk/nrf700x_nrf54l15pdk.overlay +++ /dev/null @@ -1,81 +0,0 @@ -/* Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include - -/ { - /* Wi-Fi doesn't needs this and it frees up 68K RAM */ - /delete-node/ cpuflpr_sram; - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - - chosen { - zephyr,wifi = &nordic_wlan0; - }; - - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x34>; - max-pwr-5g-low-mcs7 = <0x34>; - max-pwr-5g-mid-mcs0 = <0x34>; - max-pwr-5g-mid-mcs7 = <0x34>; - max-pwr-5g-high-mcs0 = <0x30>; - max-pwr-5g-high-mcs7 = <0x30>; - }; -}; - -&cpuapp_sram { - reg = <0x20000000 DT_SIZE_K(256)>; - ranges = <0x0 0x20000000 0x20040000>; -}; - -&pinctrl { - spi22_default: spi22_default { - group1 { - psels = , - , - ; - }; - }; - - spi22_sleep: spi22_sleep { - group1 { - psels = , - , - ; - low-power-enable; - }; - }; -}; - -/* With P1 only SPI20/21/22 are allowed and SPI20 uses same IRQ as UART20 */ -&spi22 { - status = "okay"; - cs-gpios = <&gpio1 8 GPIO_ACTIVE_LOW>; - - pinctrl-0 = <&spi22_default>; - pinctrl-1 = <&spi22_sleep>; - pinctrl-names = "default", "sleep"; - nrf700x: nrf7002@0 { - compatible = "nordic,nrf700x-spi"; - status = "okay"; - reg = <0>; - spi-max-frequency = ; - bucken-gpios = <&gpio1 13 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - iovdd-ctrl-gpios = <&gpio1 13 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; - host-irq-gpios = <&gpio1 14 GPIO_ACTIVE_HIGH>; - }; -}; - - -&gpio1 { - status = "okay"; -}; From b7f2f1e458064d263dd07d25453729fa2ba8502e Mon Sep 17 00:00:00 2001 From: Jamie McCrae Date: Thu, 12 Sep 2024 10:17:59 +0100 Subject: [PATCH 063/217] cmake: modules: kconfig: Update autoconf path Updates the path to the autoconf file as this has changed in Zephyr Signed-off-by: Jamie McCrae --- cmake/modules/kconfig.cmake | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cmake/modules/kconfig.cmake b/cmake/modules/kconfig.cmake index eef0df954d84..1cacbe4f0ba7 100644 --- a/cmake/modules/kconfig.cmake +++ b/cmake/modules/kconfig.cmake @@ -9,14 +9,14 @@ include_guard(GLOBAL) if(CONFIG_NCS_IS_VARIANT_IMAGE) # A variant build should reuse same .config and thus autoconf.h, therefore # copy files from original and bypass Kconfig invocation. - set(AUTOCONF_H ${PROJECT_BINARY_DIR}/include/generated/autoconf.h) + set(AUTOCONF_H ${PROJECT_BINARY_DIR}/include/generated/zephyr/autoconf.h) set(DOTCONFIG ${PROJECT_BINARY_DIR}/.config) - set(preload_autoconf_h ${PRELOAD_BINARY_DIR}/zephyr/include/generated/autoconf.h) + set(preload_autoconf_h ${PRELOAD_BINARY_DIR}/zephyr/include/generated/zephyr/autoconf.h) set(preload_dotconfig ${PRELOAD_BINARY_DIR}/zephyr/.config) file(COPY ${preload_dotconfig} DESTINATION ${PROJECT_BINARY_DIR}) - file(COPY ${preload_autoconf_h} DESTINATION ${PROJECT_BINARY_DIR}/include/generated) + file(COPY ${preload_autoconf_h} DESTINATION ${PROJECT_BINARY_DIR}/include/generated/zephyr) file(APPEND ${AUTOCONF_H} "#define CONFIG_NCS_IS_VARIANT_IMAGE 1") set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS ${AUTOCONF_H}) From 680c33816fd8788512c60b18e474f5cebf9b7d8e Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Mon, 16 Sep 2024 10:04:21 +0200 Subject: [PATCH 064/217] boards: shields: add nrf7002eb_interposer_p1 shield Add the nrf7002eb_interposer_p1 shield which is connected to P1. Signed-off-by: Bjarki Arge Andreasen --- .../nrf7002eb_interposer_p1/Kconfig.shield | 5 +++ .../boards/nrf54h20dk_nrf54h20_cpuapp.overlay | 39 +++++++++++++++++++ .../boards/nrf54l15dk_nrf54l15_cpuapp.overlay | 34 ++++++++++++++++ .../nrf54l15pdk_nrf54l15_cpuapp.overlay | 34 ++++++++++++++++ .../nrf7002eb_interposer_p1.overlay | 9 +++++ .../nrf7002eb_interposer_p1_gpio_map_1.dtsi | 20 ++++++++++ .../nrf7002eb_interposer_p1_gpio_map_2.dtsi | 20 ++++++++++ 7 files changed, 161 insertions(+) create mode 100644 boards/shields/nrf7002eb_interposer_p1/Kconfig.shield create mode 100644 boards/shields/nrf7002eb_interposer_p1/boards/nrf54h20dk_nrf54h20_cpuapp.overlay create mode 100644 boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15dk_nrf54l15_cpuapp.overlay create mode 100644 boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15pdk_nrf54l15_cpuapp.overlay create mode 100644 boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1.overlay create mode 100644 boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_1.dtsi create mode 100644 boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_2.dtsi diff --git a/boards/shields/nrf7002eb_interposer_p1/Kconfig.shield b/boards/shields/nrf7002eb_interposer_p1/Kconfig.shield new file mode 100644 index 000000000000..0cfd73a6d764 --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/Kconfig.shield @@ -0,0 +1,5 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +config SHIELD_NRF7002EB_INTERPOSER_P1 + def_bool $(shields_list_contains,nrf7002eb_interposer_p1) diff --git a/boards/shields/nrf7002eb_interposer_p1/boards/nrf54h20dk_nrf54h20_cpuapp.overlay b/boards/shields/nrf7002eb_interposer_p1/boards/nrf54h20dk_nrf54h20_cpuapp.overlay new file mode 100644 index 000000000000..1215f5f3dcd3 --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/boards/nrf54h20dk_nrf54h20_cpuapp.overlay @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include "../nrf7002eb_interposer_p1_gpio_map_2.dtsi" + +&pinctrl { + spi130_default: spi130_default { + group1 { + psels = , + , + ; + }; + }; + + spi130_sleep: spi130_sleep { + group1 { + psels = , + , + ; + low-power-enable; + }; + }; +}; + +edge_connector_spi: &spi130 { + status = "okay"; + cs-gpios = <&edge_connector 18 GPIO_ACTIVE_LOW>; + pinctrl-0 = <&spi130_default>; + pinctrl-1 = <&spi130_sleep>; + pinctrl-names = "default", "sleep"; + memory-regions = <&cpuapp_dma_region>; +}; + +&gpio1 { + status = "okay"; +}; diff --git a/boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15dk_nrf54l15_cpuapp.overlay b/boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15dk_nrf54l15_cpuapp.overlay new file mode 100644 index 000000000000..76ae75150f8f --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15dk_nrf54l15_cpuapp.overlay @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include "../nrf7002eb_interposer_p1_gpio_map_1.dtsi" + +&pinctrl { + spi22_default: spi22_default { + group1 { + psels = , + , + ; + }; + }; + + spi22_sleep: spi22_sleep { + group1 { + psels = , + , + ; + low-power-enable; + }; + }; +}; + +edge_connector_spi: &spi22 { + status = "okay"; + cs-gpios = <&edge_connector 18 GPIO_ACTIVE_LOW>; + pinctrl-0 = <&spi22_default>; + pinctrl-1 = <&spi22_sleep>; + pinctrl-names = "default", "sleep"; +}; diff --git a/boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15pdk_nrf54l15_cpuapp.overlay b/boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15pdk_nrf54l15_cpuapp.overlay new file mode 100644 index 000000000000..76ae75150f8f --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/boards/nrf54l15pdk_nrf54l15_cpuapp.overlay @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include "../nrf7002eb_interposer_p1_gpio_map_1.dtsi" + +&pinctrl { + spi22_default: spi22_default { + group1 { + psels = , + , + ; + }; + }; + + spi22_sleep: spi22_sleep { + group1 { + psels = , + , + ; + low-power-enable; + }; + }; +}; + +edge_connector_spi: &spi22 { + status = "okay"; + cs-gpios = <&edge_connector 18 GPIO_ACTIVE_LOW>; + pinctrl-0 = <&spi22_default>; + pinctrl-1 = <&spi22_sleep>; + pinctrl-names = "default", "sleep"; +}; diff --git a/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1.overlay b/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1.overlay new file mode 100644 index 000000000000..19860275c900 --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1.overlay @@ -0,0 +1,9 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: Apache-2.0 + */ + +&gpio1 { + status = "okay"; +}; diff --git a/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_1.dtsi b/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_1.dtsi new file mode 100644 index 000000000000..da1b2354128b --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_1.dtsi @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/{ + edge_connector: connector { + compatible = "nordic-edge-connector"; + #gpio-cells = <2>; + gpio-map-mask = <0xffffffff 0xffffffc0>; + gpio-map-pass-thru = <0 0x3f>; + gpio-map = <5 0 &gpio1 7 0>, /* ST0 / STAT */ + <6 0 &gpio1 6 0>, /* REQ */ + <9 0 &gpio1 13 0>, /* EN / ENB */ + <15 0 &gpio1 12 0>, /* GRT / GRANT */ + <18 0 &gpio1 8 0>, /* CS */ + <19 0 &gpio1 14 0>; /* IRQ */ + }; +}; diff --git a/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_2.dtsi b/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_2.dtsi new file mode 100644 index 000000000000..c77e59dada1a --- /dev/null +++ b/boards/shields/nrf7002eb_interposer_p1/nrf7002eb_interposer_p1_gpio_map_2.dtsi @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/{ + edge_connector: connector { + compatible = "nordic-edge-connector"; + #gpio-cells = <2>; + gpio-map-mask = <0xffffffff 0xffffffc0>; + gpio-map-pass-thru = <0 0x3f>; + gpio-map = <5 0 &gpio1 7 0>, /* ST0 / STAT */ + <6 0 &gpio1 8 0>, /* REQ */ + <9 0 &gpio1 0 0>, /* EN / ENB */ + <15 0 &gpio1 3 0>, /* GRT / GRANT */ + <18 0 &gpio1 4 0>, /* CS */ + <19 0 &gpio1 2 0>; /* IRQ */ + }; +}; From a2562254c8a31d41cd35d0291ce7dc420b80cc2d Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Mon, 16 Sep 2024 10:47:20 +0200 Subject: [PATCH 065/217] doc: cmake: inject DOCS_HTML_DIR Since the addition of sphinx-autobuild support in Zephyr, the ZEPHYR_BUILD variable in conf.py requires knowledge of the HTML build dir from the environment, using DOCS_HTML_DIR. Ref: Zephyr 2e99de80472b80f36303ff85c8ed5d54dfe73ef4 Signed-off-by: Gerard Marull-Paretas Signed-off-by: Bjarki Arge Andreasen --- doc/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt index edc0eb5af1fe..b5a1b51740b6 100644 --- a/doc/CMakeLists.txt +++ b/doc/CMakeLists.txt @@ -135,7 +135,7 @@ function(add_docset name version) set(DOCSET_HTML_DIR ${CMAKE_BINARY_DIR}/html/${name}) set(DOCSET_MAKE_DIRS ${DOCSET_BUILD_DIR};${DOCSET_SRC_DIR};${DOCSET_HTML_DIR}) set(DOCSET_CLEAN_DIRS ${DOCSET_BUILD_DIR};${DOCSET_HTML_DIR}) - set(DOCSET_ENV DOXYGEN_EXECUTABLE=${DOXYGEN_EXECUTABLE};DOCSET_VERSION=${version}) + set(DOCSET_ENV DOXYGEN_EXECUTABLE=${DOXYGEN_EXECUTABLE};DOCSET_VERSION=${version};DOCS_HTML_DIR=${DOCSET_HTML_DIR}) if(${DOCSET_DODGY}) list(REMOVE_ITEM SPHINXOPTS "-W" "--keep-going") From 6bde88b70da8e98b09c462b097cb1d177313909b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 12 Sep 2024 13:08:57 +0200 Subject: [PATCH 066/217] tf-m: Fix removed PSA_WANT_KEY_TYPE_RSA_KEY_PAIR configuration for tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit removes selection of PSA_WANT_KEY_TYPE_RSA_KEY_PAIR for TF-M tests as this is no longer a Signed-off-by: Frank Audun Kvamtrø --- tests/tfm/tfm_psa_test/prj.conf | 6 +++++- tests/tfm/tfm_regression_test/prj.conf | 5 ++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/tests/tfm/tfm_psa_test/prj.conf b/tests/tfm/tfm_psa_test/prj.conf index 36afd189d05e..f2d5c8a56f8d 100644 --- a/tests/tfm/tfm_psa_test/prj.conf +++ b/tests/tfm/tfm_psa_test/prj.conf @@ -23,7 +23,11 @@ CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y -CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE=y + # Ciphers CONFIG_PSA_WANT_ALG_ECB_NO_PADDING=y diff --git a/tests/tfm/tfm_regression_test/prj.conf b/tests/tfm/tfm_regression_test/prj.conf index 5b1d30fd8b64..a072b1f5b6d1 100644 --- a/tests/tfm/tfm_regression_test/prj.conf +++ b/tests/tfm/tfm_regression_test/prj.conf @@ -34,7 +34,10 @@ CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE=y CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y -CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE=y +CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE=y # Ciphers CONFIG_PSA_WANT_ALG_ECB_NO_PADDING=y From aab0c412fee614b6b80de4676cb740fad57aa84b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 12 Sep 2024 13:37:37 +0200 Subject: [PATCH 067/217] tf-m: Add a dummy PLAT_OTP_ID_LCS define for TF-M Minimal configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This adds a dummy OTP element in include/tfm/platform_otp_ids.h which is a file that is only used when TFM_PROFILE_TYPE_MINIMAL is set. It was added as TF-M 2.1 references this directly in the psa_api.c file. Note that calling to retrieve the LCS will always report "TFM_PLAT_ERR_UNSUPPORTED" as dummy_otp.c is enabled in this case. This commit is only fixing a build issue Signed-off-by: Frank Audun Kvamtrø --- include/tfm/platform_otp_ids.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/tfm/platform_otp_ids.h b/include/tfm/platform_otp_ids.h index 8b68fff89a6b..71332c445df8 100644 --- a/include/tfm/platform_otp_ids.h +++ b/include/tfm/platform_otp_ids.h @@ -14,6 +14,7 @@ extern "C" { #endif enum tfm_otp_element_id_t { + PLAT_OTP_ID_LCS = UINT32_MAX -1, PLAT_OTP_ID_MAX = UINT32_MAX, }; From fad6dfabafb005931217217f0a7f5b283aded016 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 12 Sep 2024 13:44:54 +0200 Subject: [PATCH 068/217] crypto: Adding missing include-folder to CRACEN library MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Cleaning up PSA driver and core CMake logic -This fixes missing link to nrfx.h in CRACEN PSA crypto library (fixup of commit eccaa2161658aae17c14900be46e8d3e80035b29) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/drivers/cracen/CMakeLists.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 588a2d9a03a9..1d90d02ef4c3 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -44,3 +44,5 @@ target_link_libraries(oberon_psa_core PRIVATE cracen_psa_driver ) + +nrf_security_add_zephyr_options(cracen_psa_driver) From ac05e6482152ebfd6b16ab787e41d6d09d95824e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 12 Sep 2024 15:33:28 +0200 Subject: [PATCH 069/217] crypto: CRACEN: Remove unused parameter MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Removing a compilationg warning Signed-off-by: Frank Audun Kvamtrø --- .../src/drivers/cracen/cracenpsa/src/key_management.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c index eb44dc1f38de..7b0caba37460 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c @@ -774,8 +774,6 @@ static psa_status_t ecc_export_key(const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length) { - psa_status_t psa_status; - if (data_size < key_buffer_size) { return PSA_ERROR_BUFFER_TOO_SMALL; } From 4d4f5be5becfe54f366081d99f7e755330767e3a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 13 Sep 2024 10:52:11 +0200 Subject: [PATCH 070/217] tf-m: Clean up PSA crypto interface/library config addition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! tf-m: Add support for building PSA core externally -This commit changes to install the PSA crypto interface config files to the TF-M install target, for use by Zephyr when TF-M is enabled -This commit prevents the interface-config (required for main app and NS image build in TF-M) from being enabled in any library build by using generator expressions in nrf_security_add_zephyr_options to filter out of the list that gets retrofitted into nrf_security libraries -This commit removes unneeded duplications of includes for ${mbedcrypto_target} which is already available in mbedcrypto_Base (fixup of commit 6791e0abb7f656975eeb43c01ef42be06f2b1669) Signed-off-by: Frank Audun Kvamtrø --- .../tfm_boards/external_core_install.cmake | 10 +++++++++- subsys/nrf_security/cmake/extensions.cmake | 15 +++++++++++++-- subsys/nrf_security/src/CMakeLists.txt | 12 ++++-------- 3 files changed, 26 insertions(+), 11 deletions(-) diff --git a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake index 57c5bd09e309..8a0981edf650 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake @@ -32,4 +32,12 @@ install( ${OBERON_PSA_CORE_PATH}/include/mbedtls/config_psa.h DESTINATION ${INSTALL_INTERFACE_INC_DIR}/mbedtls -) \ No newline at end of file +) + +install( + FILES + ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}/${MBEDTLS_CONFIG_FILE} + ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}/${MBEDTLS_PSA_CRYPTO_CONFIG_FILE} + DESTINATION + ${INSTALL_INTERFACE_INC_DIR}/ +) diff --git a/subsys/nrf_security/cmake/extensions.cmake b/subsys/nrf_security/cmake/extensions.cmake index 8b04c63bac2d..e76a18a1f89f 100644 --- a/subsys/nrf_security/cmake/extensions.cmake +++ b/subsys/nrf_security/cmake/extensions.cmake @@ -142,8 +142,19 @@ macro(nrf_security_add_zephyr_options lib_name) # Add compile options and includes from zephyr target_compile_options(${lib_name} PRIVATE $) target_compile_definitions(${lib_name} PRIVATE $) - target_include_directories(${lib_name} PRIVATE $) - target_include_directories(${lib_name} PRIVATE $) + + # Ensure that the PSA crypto interface include folder isn't added in library builds (filtered out) + target_include_directories(${lib_name} + PRIVATE + $,EXCLUDE,${PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX}> + ) + + # Ensure that the PSA crypto interface include folder isn't added in library builds (filtered out) + target_include_directories(${lib_name} + PRIVATE + $,EXCLUDE,${PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX}> + ) + add_dependencies(${lib_name} zephyr_interface) # Unsure if these are needed any more diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 243e007e84fb..40043a4b8b13 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -18,6 +18,10 @@ include(${NRF_SECURITY_ROOT}/cmake/generate_configs.cmake) generate_mbedcrypto_interface_configs() generate_mbedcrypto_library_configs() +# This configuration is used for regex matching of the PSA crypto config interface path +# This regex is used by nrf_security_add_zephyr_options when adding includes from +# the zephyr_interface to nrf_security libraries +string(REPLACE "/" "\\/" PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}) # Add include folders for psa_crypto_config (interface builds) target_include_directories(psa_crypto_config @@ -129,14 +133,6 @@ target_link_libraries(${mbedcrypto_target} mbedcrypto_base ) -# Add a public version of the configs includes and interface -target_link_libraries(${mbedcrypto_target} - PRIVATE - $,psa_crypto_library_config,psa_crypto_config> - psa_interface -) - - # Disable compile warnings for Mbed TLS sources for files that are # added to the build for legacy APIs but are not enabled due to # configurations not being set. From a4736d8a05cba86fa0a6589fdffd7533910f2d79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 13 Sep 2024 11:01:14 +0200 Subject: [PATCH 071/217] crypto: Adjusting threading to also work with no multithreading support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Adding threading support for PSA core -This commit changes from threading/CMakeLists.txt to threading/threading.cmake to ensure that include can be used instead of add_subdirectory. This is necessary to keep the variables used to pass to build the mbedcrypto lib working inside and outside -Added support for the faux no threading suppport mode by reusing the nrf_security_mutexes.h API -Adding init/free to nrf_security_mutexes.h APIs Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 7 +-- .../src/drivers/cracen/CMakeLists.txt | 5 +- .../{CMakeLists.txt => threading.cmake} | 5 +- .../src/threading/threading_alt.c | 54 +++++-------------- .../src/utils/nrf_security_events.h | 2 +- .../src/utils/nrf_security_mutexes.c | 22 ++++++++ .../src/utils/nrf_security_mutexes.h | 14 +++++ .../src/utils/nrf_security_utils.cmake | 9 ++-- 8 files changed, 63 insertions(+), 55 deletions(-) rename subsys/nrf_security/src/threading/{CMakeLists.txt => threading.cmake} (92%) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 40043a4b8b13..867a6d7267ac 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -84,6 +84,10 @@ append_with_prefix(src_crypto_base ${ARM_MBEDTLS_PATH}/library constant_time.c ) +# Add threading support for PSA core (if enabled) +include(${CMAKE_CURRENT_LIST_DIR}/threading/threading.cmake) +include(${NRF_SECURITY_ROOT}/src/utils/nrf_security_utils.cmake) + # Add base library with files required by all drivers/backends. add_library(mbedcrypto_base STATIC @@ -125,9 +129,6 @@ if(LINKER_CP_OPTION) ) endif() -# Add threading support for PSA core (if enabled) -add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/threading) - target_link_libraries(${mbedcrypto_target} PRIVATE mbedcrypto_base diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 1d90d02ef4c3..6e0e208b1749 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -18,19 +18,20 @@ include(cracenpsa/cracenpsa.cmake) target_include_directories(psa_crypto_library_config INTERFACE ${CMAKE_CURRENT_LIST_DIR}/common/include/ - ${nrf_security_utils_include_dirs} + ${cracen_driver_include_dirs} ) add_library(cracen_psa_driver STATIC ${cracen_driver_sources} - ${nrf_security_utils_sources} ) + # The CRACEN sources have not been written to comply with this gcc # warning target_compile_options(cracen_psa_driver PRIVATE -Wno-pointer-sign + -Wno-unused-function ) target_link_libraries(cracen_psa_driver diff --git a/subsys/nrf_security/src/threading/CMakeLists.txt b/subsys/nrf_security/src/threading/threading.cmake similarity index 92% rename from subsys/nrf_security/src/threading/CMakeLists.txt rename to subsys/nrf_security/src/threading/threading.cmake index 1630bf9a88eb..5ea1259f4aa4 100644 --- a/subsys/nrf_security/src/threading/CMakeLists.txt +++ b/subsys/nrf_security/src/threading/threading.cmake @@ -8,7 +8,7 @@ # Which was added in Mbed TLS 3.6.0. # Return if threading is not enabled at all -if(NOT CONFIG_MBEDTLS_THREADING_C) +if(NOT (CONFIG_MBEDTLS_THREADING_C OR CONFIG_MBEDTLS_PSA_CRYPTO_C)) return() endif() @@ -18,7 +18,6 @@ if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX OR CONFIG_CC3XX_BACKEND) return() endif() -# Add support for threading using append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} threading_alt.c ) @@ -33,4 +32,4 @@ target_include_directories(psa_crypto_library_config target_include_directories(psa_crypto_config INTERFACE ${CMAKE_CURRENT_LIST_DIR}/include -) \ No newline at end of file +) diff --git a/subsys/nrf_security/src/threading/threading_alt.c b/subsys/nrf_security/src/threading/threading_alt.c index 39b802d96764..2e7acb7395bb 100644 --- a/subsys/nrf_security/src/threading/threading_alt.c +++ b/subsys/nrf_security/src/threading/threading_alt.c @@ -10,11 +10,7 @@ #include #include -#include - -BUILD_ASSERT(IS_ENABLED(CONFIG_MULTITHREADING), - "This file is intended for multi-threading, but single-threading is enabled. " - "Please check your config build configuration!"); +#include #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" @@ -22,52 +18,26 @@ BUILD_ASSERT(IS_ENABLED(CONFIG_MULTITHREADING), #include MBEDTLS_CONFIG_FILE #endif -K_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); -K_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); -K_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); - -#if defined(MBEDTLS_THREADING_ALT) && !(defined(CONFIG_CC3XX_BACKEND) || defined(CONFIG_PSA_CRYPTO_DRIVER_CC3XX)) - -void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), - void (*mutex_free)( mbedtls_threading_mutex_t * ), - int (*mutex_lock)( mbedtls_threading_mutex_t * ), - int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ) -{ - // Do nothing -} - -void mbedtls_threading_free_alt( void ) -{ - // Do nothing -} - -#endif /* MBEDTLS_THREADING_ALT */ +NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); +NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); +NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); -#if defined(MBEDTLS_THREADING_C) - -void mutex_init(mbedtls_threading_mutex_t *mutex) +void mbedtls_mutex_init(mbedtls_threading_mutex_t *mutex) { - (void)k_mutex_init((struct k_mutex*)mutex); + nrf_security_mutex_init(mutex); } -void mutex_free(mbedtls_threading_mutex_t *mutex) +void mbedtls_mutex_free(mbedtls_threading_mutex_t *mutex) { - // Do nothing + nrf_security_mutex_free(mutex); } -int mutex_lock(mbedtls_threading_mutex_t *mutex) +int mbedtls_mutex_lock(mbedtls_threading_mutex_t *mutex) { - return k_mutex_lock((struct k_mutex*)mutex, K_FOREVER); + return nrf_security_mutex_lock(mutex); } -int mutex_unlock(mbedtls_threading_mutex_t *mutex) +int mbedtls_mutex_unlock(mbedtls_threading_mutex_t *mutex) { - return k_mutex_unlock((struct k_mutex*)mutex); + return nrf_security_mutex_unlock(mutex); } - -void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex) = mutex_init; -void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex) = mutex_free; -int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex) = mutex_lock; -int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex) = mutex_unlock; - -#endif /* MBEDTLS_THREADING_C */ diff --git a/subsys/nrf_security/src/utils/nrf_security_events.h b/subsys/nrf_security/src/utils/nrf_security_events.h index 167e1d10c947..2132d61deca8 100644 --- a/subsys/nrf_security/src/utils/nrf_security_events.h +++ b/subsys/nrf_security/src/utils/nrf_security_events.h @@ -19,7 +19,7 @@ * there are no threads and uses cortex-M33 __WFE instructions. */ -#if defined(CONFIG_MULTITHREADING) && !defined(__NRF_TFM__) +#if defined(CONFIG_EVENTS) && !defined(__NRF_TFM__) typedef struct k_event *nrf_security_event_t; #define NRF_SECURITY_EVENT_DEFINE(event_name) \ diff --git a/subsys/nrf_security/src/utils/nrf_security_mutexes.c b/subsys/nrf_security/src/utils/nrf_security_mutexes.c index 9d169a4585e9..dbd935773ce4 100644 --- a/subsys/nrf_security/src/utils/nrf_security_mutexes.c +++ b/subsys/nrf_security/src/utils/nrf_security_mutexes.c @@ -16,6 +16,17 @@ #endif #if defined(CONFIG_MULTITHREADING) && !defined(__NRF_TFM__) + +void nrf_security_mutex_init(nrf_security_mutex_t mutex) +{ + (void)k_mutex_init(mutex); +} + +void nrf_security_mutex_free(nrf_security_mutex_t mutex) +{ + (void)mutex; +} + int nrf_security_mutex_lock(nrf_security_mutex_t mutex) { return k_mutex_lock(mutex, K_FOREVER); @@ -27,6 +38,17 @@ int nrf_security_mutex_unlock(nrf_security_mutex_t mutex) } #else + +void nrf_security_mutex_init(nrf_security_mutex_t mutex) +{ + (void)mutex; +} + +void nrf_security_mutex_free(nrf_security_mutex_t mutex) +{ + (void)mutex; +} + int nrf_security_mutex_lock(nrf_security_mutex_t mutex) { (void)mutex; diff --git a/subsys/nrf_security/src/utils/nrf_security_mutexes.h b/subsys/nrf_security/src/utils/nrf_security_mutexes.h index 3825fdb77e36..ee53ae5c9842 100644 --- a/subsys/nrf_security/src/utils/nrf_security_mutexes.h +++ b/subsys/nrf_security/src/utils/nrf_security_mutexes.h @@ -28,6 +28,20 @@ typedef uint8_t nrf_security_mutex_t; #endif +/** + * @brief Initialize a mutex. + * + * @param[in] mutex The mutex to initialized. + */ +void nrf_security_mutex_init(nrf_security_mutex_t mutex); + +/** + * @brief Free a mutex. + * + * @param[in] mutex The mutex to free. + */ +void nrf_security_mutex_free(nrf_security_mutex_t mutex); + /** * @brief Lock a mutex. * diff --git a/subsys/nrf_security/src/utils/nrf_security_utils.cmake b/subsys/nrf_security/src/utils/nrf_security_utils.cmake index 19d1d3e68220..a4c86816d03b 100644 --- a/subsys/nrf_security/src/utils/nrf_security_utils.cmake +++ b/subsys/nrf_security/src/utils/nrf_security_utils.cmake @@ -4,11 +4,12 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -list(APPEND nrf_security_utils_sources - ${CMAKE_CURRENT_LIST_DIR}/nrf_security_mutexes.c - ${CMAKE_CURRENT_LIST_DIR}/nrf_security_events.c +append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} + nrf_security_mutexes.c + nrf_security_events.c ) -list(APPEND nrf_security_utils_include_dirs +target_include_directories(psa_crypto_library_config + INTERFACE ${CMAKE_CURRENT_LIST_DIR} ) From 112f39623529750315fdff8d1d6c48b0d1023b99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 11:41:44 +0200 Subject: [PATCH 072/217] crypto: Rm unused target names mbedx509_target and mbedtls_target MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -TF-M renames the mbedcrypto target and previously it was also needed to rename mbedx509 and mbedtls (TLS/DTLS library). TF-M no longer build this so we can use the standard names instead of keeping the aforementioned targets as CMake variables -Changing ${mbedx509_target} => mbedx509 -Changing ${mbedtls_target} => mbedtls Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/CMakeLists.txt | 2 -- subsys/nrf_security/src/CMakeLists.txt | 24 +++++++++++++----------- subsys/nrf_security/tfm/CMakeLists.txt | 2 -- 3 files changed, 13 insertions(+), 15 deletions(-) diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index d80f8c6643a4..190bb53c79e8 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -12,8 +12,6 @@ set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM False) include(cmake/extensions.cmake) set(mbedcrypto_target mbedcrypto) -set(mbedx509_target mbedx509) -set(mbedtls_target mbedtls) # Generate the file containing all static paths and configurations used both in # TF-M and non TF-M builds diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 867a6d7267ac..bfb7a64215b6 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -181,18 +181,20 @@ if (CONFIG_MBEDTLS_X509_LIBRARY) x509write_csr.c ) - add_library(${mbedx509_target} STATIC + add_library(mbedx509 STATIC ${src_x509} ) - # Add options from Zephyr build - nrf_security_add_zephyr_options(${mbedx509_target}) - - target_link_libraries(${mbedx509_target} + # Link with + target_link_libraries(mbedx509 PRIVATE + psa_crypto_config ${mbedcrypto_target} mbedcrypto_base ) + + nrf_security_add_zephyr_options(mbedx509) + endif() # Library for TLS protocol support @@ -222,19 +224,19 @@ if (CONFIG_MBEDTLS_TLS_LIBRARY) ) endif() - add_library(${mbedtls_target} STATIC + add_library(mbedtls STATIC ${src_tls} ) - # Add options from Zephyr build - nrf_security_add_zephyr_options(${mbedtls_target}) - - target_link_libraries(${mbedtls_target} + target_link_libraries(mbedtls PRIVATE - ${mbedx509_target} + psa_crypto_config + mbedx509 ${mbedcrypto_target} mbedcrypto_base ) + + nrf_security_add_zephyr_options(mbedtls) endif() if (NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) diff --git a/subsys/nrf_security/tfm/CMakeLists.txt b/subsys/nrf_security/tfm/CMakeLists.txt index 64d45b222885..582ed3763812 100644 --- a/subsys/nrf_security/tfm/CMakeLists.txt +++ b/subsys/nrf_security/tfm/CMakeLists.txt @@ -9,8 +9,6 @@ include(${NRF_SECURITY_ROOT}/cmake/extensions.cmake) # Prefix targets as expected from TF-M set(mbedcrypto_target ${MBEDTLS_TARGET_PREFIX}mbedcrypto) -set(mbedx509_target ${MBEDTLS_TARGET_PREFIX}mbedx509) -set(mbedtls_target ${MBEDTLS_TARGET_PREFIX}mbedtls) # Building nrf security for TF-M implies the following: # - Parse NRF_SECURITY_SETTINGS into CMake variables. From 7085ac528b3057cb22371fd8f890ff1789ecedb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 11:43:36 +0200 Subject: [PATCH 073/217] crypto: Fix legacy API support for TLS/DTLS and X.509 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit moves some TLS-dependent APIs into ${mbedcrypto_target} as they are required for PSA to legacy conversions e.g. using psa_util.c APIs. Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 19 +++++++++++++++++++ subsys/nrf_security/src/legacy/CMakeLists.txt | 10 ---------- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index bfb7a64215b6..6c8e70f3b37b 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -55,6 +55,15 @@ if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) pkcs5.c pkparse.c pkwrite.c + dhm.c + cipher.c + cipher_wrap.c + md.c + pk.c + pk_ecc.c + pk_wrap.c + pkwrite.c + psa_util.c ) endif() @@ -84,6 +93,16 @@ append_with_prefix(src_crypto_base ${ARM_MBEDTLS_PATH}/library constant_time.c ) +# Legacy APIs were missing files added by Oberon PSA core (not built in +# certain instances. This adds the same platform support as the Oberon PSA core) +if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_C) + append_with_prefix(src_crypto_base ${OBERON_PSA_CORE_PATH}/library/ + platform.c + platform_util.c + ) +endif() + + # Add threading support for PSA core (if enabled) include(${CMAKE_CURRENT_LIST_DIR}/threading/threading.cmake) include(${NRF_SECURITY_ROOT}/src/utils/nrf_security_utils.cmake) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 2f8fd2a8ce5b..08610cef895b 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -11,14 +11,6 @@ endif() # Legacy APIs missing driver support or APIs assumed to be # deprecated with more PSA API awareness. append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library - dhm.c - cipher.c - cipher_wrap.c - md.c - pk.c - pk_ecc.c - pk_wrap.c - pkwrite.c sha1.c sha256.c sha512.c @@ -26,8 +18,6 @@ append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library md5.c aesni.c aesce.c - psa_util.c - platform_util.c ) # Add all files that are neccessary for (nrf_oberon or cracen) + builtin in legacy mode From 2b94d571da4888df02d6d85d6a48a95471e5bfb8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 11:55:01 +0200 Subject: [PATCH 074/217] crypto: Reworking the structure of psa driver/core MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Cleaning up PSA driver and core CMake logic -This improves include paths (putting things closer to where they are generated/imported -This ensures that legacy-world gets access to the include folders for nrf_cc3xx_platform and oberon imported libs without depending on PSA core build -This removes some return-guards which may be considered to be added on again (to resolve a CMake/linking issue) (fixup of commit fc0112a5ec90e2b5872ca187748f9a862b191e1f) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 16 ++-- subsys/nrf_security/src/core/CMakeLists.txt | 4 +- .../src/core/nrf_oberon/CMakeLists.txt | 3 +- .../nrf_security/src/drivers/CMakeLists.txt | 85 ++++++++++++++++--- .../src/drivers/cracen/CMakeLists.txt | 1 - .../src/drivers/nrf_oberon/CMakeLists.txt | 11 ++- subsys/nrf_security/src/legacy/CMakeLists.txt | 34 +------- 7 files changed, 91 insertions(+), 63 deletions(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 6c8e70f3b37b..8b287d6b3cd1 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -164,16 +164,18 @@ target_compile_options(${mbedcrypto_target} -Wno-unused-variable ) -add_subdirectory(core) +# Add PSA core +if(CONFIG_MBEDTLS_PSA_CRYPTO_C) + add_subdirectory(core) +endif() -# Add drivers if enabled +# Add drivers (for legacy and PSA crypto build) add_subdirectory(drivers) -# Add legacy mbed TLS APIs -add_subdirectory(legacy) - -# Print all files in the mbedcrypto_target (with optional legacy-additions) -nrf_security_debug_list_target_files(${mbedcrypto_target}) +# Add legacy Mbed TLS APIs +if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C) + add_subdirectory(legacy) +endif() # In TF-M build, a psa_interface lib is created and we must inherit its settings set_property(TARGET ${mbedcrypto_target} diff --git a/subsys/nrf_security/src/core/CMakeLists.txt b/subsys/nrf_security/src/core/CMakeLists.txt index d88ec647d14a..35c46431c53e 100644 --- a/subsys/nrf_security/src/core/CMakeLists.txt +++ b/subsys/nrf_security/src/core/CMakeLists.txt @@ -4,6 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -if (CONFIG_MBEDTLS_PSA_CRYPTO_C) - add_subdirectory(nrf_oberon) -endif() +add_subdirectory(nrf_oberon) diff --git a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt index a4c034cddf88..9d4b0df6f4c7 100644 --- a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt @@ -7,7 +7,7 @@ append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_CORE_PATH}/library/ platform.c platform_util.c - ) +) append_with_prefix(src_crypto_core_oberon ${OBERON_PSA_CORE_PATH}/library/ psa_crypto.c @@ -42,6 +42,7 @@ target_compile_options(oberon_psa_core target_link_libraries(oberon_psa_core PRIVATE + psa_crypto_library_config mbedcrypto_base ) diff --git a/subsys/nrf_security/src/drivers/CMakeLists.txt b/subsys/nrf_security/src/drivers/CMakeLists.txt index 082e488b626f..4e0cdb3771e0 100644 --- a/subsys/nrf_security/src/drivers/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/CMakeLists.txt @@ -4,27 +4,88 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# If the PSA core is not built, then drivers are not needed -if(NOT (CONFIG_MBEDTLS_PSA_CRYPTO_C)) - return() -endif() - # nrf_cc3xx_platform is not a driver in the old APIs. Once ctr_drbg/hmac_drbg # gets real driver API support then the placement here makes more sense if(TARGET nrf_cc3xx_platform) add_subdirectory(nrf_cc3xx_platform) endif() -if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX) - add_subdirectory(nrf_cc3xx) +if(CONFIG_MBEDTLS_PSA_CRYPTO_C) + if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX) + add_subdirectory(nrf_cc3xx) + endif() + + if(CONFIG_PSA_CRYPTO_DRIVER_CRACEN) + add_subdirectory(cracen) + endif() + + add_subdirectory(zephyr) + + if(CONFIG_PSA_CRYPTO_DRIVER_OBERON) + add_subdirectory(nrf_oberon) + endif() +endif() + +# Add includes for any legacy Mbed TLS configurations + + +# Add the nrf_cc3xx platform include folder to library build (if it exists) +if(TARGET nrf_cc3xx_platform) + target_include_directories(psa_crypto_config + INTERFACE + $ + ) + + target_include_directories(psa_crypto_library_config + INTERFACE + $ + ) endif() -if(CONFIG_PSA_CRYPTO_DRIVER_CRACEN) - add_subdirectory(cracen) +# Add the nrf_cc3xx core include folder to interface/library build (if it exists) +if(TARGET nrf_cc3xx_core_imported) + target_include_directories(psa_crypto_config + INTERFACE + $ + ) + + target_include_directories(psa_crypto_library_config + INTERFACE + $ + ) endif() -add_subdirectory(zephyr) +# Add the mbedcrypto_oberon_mbedtls_imported include folder to interface/library build (if it exists) +if(TARGET mbedcrypto_oberon_mbedtls_imported) + target_include_directories(psa_crypto_config + INTERFACE + # Add nrf_oberon includes + ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ + ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls + $ + ) + + # Possibly duplicate + target_include_directories(psa_crypto_config + INTERFACE + $ + ) + target_include_directories(psa_crypto_library_config + INTERFACE + $ + ) + + # Add includes relevant for library build (not PSA crypto interface) + target_include_directories(psa_crypto_library_config + INTERFACE + # Add nrf_oberon includes + ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ + ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls + ) -if(CONFIG_PSA_CRYPTO_DRIVER_OBERON) - add_subdirectory(nrf_oberon) + target_link_libraries(mbedcrypto_oberon_mbedtls_imported + INTERFACE + psa_crypto_library_config + mbedcrypto_base + ) endif() diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 6e0e208b1749..a3eb40d6a2e0 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -25,7 +25,6 @@ add_library(cracen_psa_driver STATIC ${cracen_driver_sources} ) - # The CRACEN sources have not been written to comply with this gcc # warning target_compile_options(cracen_psa_driver diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index 3e2dcebe539c..8212fede61fb 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -7,14 +7,8 @@ # Build Oberon PSA crypto driver set(drivers_path ${OBERON_PSA_CORE_PATH}/oberon/drivers) -# Add includes relevant for library build (not PSA crypto interface) target_include_directories(psa_crypto_library_config INTERFACE - # Add nrf_oberon includes - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls - - # Add Oberon PSA Crypto Driver includes ${drivers_path} ) @@ -56,6 +50,11 @@ target_compile_options(oberon_psa_driver -Wno-unused-variable ) +target_include_directories(oberon_psa_driver + PRIVATE + ${OBERON_PSA_CORE_PATH}/oberon/drivers +) + # Link to the PSA interface and library PSA crypto configurations target_link_libraries(oberon_psa_driver PRIVATE diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 08610cef895b..ceebe2316d37 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -4,10 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -if(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) - return() -endif() - # Legacy APIs missing driver support or APIs assumed to be # deprecated with more PSA API awareness. append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library @@ -98,11 +94,6 @@ if(TARGET mbedcrypto_oberon_mbedtls_imported) mbedcrypto_oberon_mbedtls_imported ) - target_link_libraries(mbedcrypto_oberon_mbedtls_imported - INTERFACE - mbedcrypto_base - ) - # Add nrf_oberon Mbed TLS includes to mbedcrypto library target_include_directories(${mbedcrypto_target} INTERFACE @@ -110,14 +101,6 @@ if(TARGET mbedcrypto_oberon_mbedtls_imported) ) endif() -if(TARGET mbedcrypto_oberon_imported) - # Add nrf_oberon includes to mbedcrypto library - target_include_directories(${mbedcrypto_target} - INTERFACE - $ - ) -endif() - if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C AND CONFIG_CC3XX_BACKEND) # Link legacy nrf_cc3xx library if it is enabled # This will only be used for secure-only builds @@ -131,22 +114,7 @@ if(TARGET nrf_cc3xx_core_imported) # nrf_cc3xx needs functionality from mbedcrypto_base target_link_libraries(nrf_cc3xx_core_imported INTERFACE + psa_crypto_library_config mbedcrypto_base ) endif() - -# Add the nrf_cc3xx core include folder to library build (if it exists) -if (TARGET nrf_cc3xx_core_imported) - target_include_directories(psa_crypto_library_config - INTERFACE - $ - ) -endif() - -# Add the nrf_cc3xx platform include folder to library build (if it exists) -if (TARGET nrf_cc3xx_platform) - target_include_directories(psa_crypto_library_config - INTERFACE - $ - ) -endif() \ No newline at end of file From 1d49548be9a4affd8b35a8514f29095551f8c0fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 11:55:46 +0200 Subject: [PATCH 075/217] crypto: Fixup of threading for path resolvement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Adding threading support for PSA core (fixup of commit 0667ab218b543d1362ff6f74047699da5d317e7c= Signed-off-by: Frank Audun Kvamtrø --- .../src/drivers/cracen/CMakeLists.txt | 1 - .../src/threading/threading.cmake | 37 ++++++++----------- .../src/utils/nrf_security_utils.cmake | 5 +++ 3 files changed, 20 insertions(+), 23 deletions(-) diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index a3eb40d6a2e0..78c9941c16d5 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -8,7 +8,6 @@ set(cracen_driver_sources) # Add more CRACEN sources and include dirs from the ext directory -include(${NRF_SECURITY_ROOT}/src/utils/nrf_security_utils.cmake) include(sxsymcrypt/sxsymcrypt.cmake) include(silexpk/silexpk.cmake) include(sicrypto/sicrypto.cmake) diff --git a/subsys/nrf_security/src/threading/threading.cmake b/subsys/nrf_security/src/threading/threading.cmake index 5ea1259f4aa4..efe163c8896b 100644 --- a/subsys/nrf_security/src/threading/threading.cmake +++ b/subsys/nrf_security/src/threading/threading.cmake @@ -7,29 +7,22 @@ # This file includes threading support required by the PSA crypto core # Which was added in Mbed TLS 3.6.0. -# Return if threading is not enabled at all -if(NOT (CONFIG_MBEDTLS_THREADING_C OR CONFIG_MBEDTLS_PSA_CRYPTO_C)) - return() -endif() +if(CONFIG_MBEDTLS_THREADING_C AND NOT (CONFIG_PSA_CRYPTO_DRIVER_CC3XX OR CONFIG_CC3XX_BACKEND)) -# If we are in a local build where the CC3XX driver or CC3XX backend is enabed -# then there is already a solution for mutex for the core -if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX OR CONFIG_CC3XX_BACKEND) - return() -endif() + append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} + threading_alt.c + ) -append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} - threading_alt.c -) + # Add include of threading_alt.h in library build + target_include_directories(psa_crypto_library_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/include + ) -# Add include of threading_alt.h in library build -target_include_directories(psa_crypto_library_config - INTERFACE - ${CMAKE_CURRENT_LIST_DIR}/include -) + # Add include of threading_alt.h in interface build + target_include_directories(psa_crypto_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/include + ) -# Add include of threading_alt.h in interface build -target_include_directories(psa_crypto_config - INTERFACE - ${CMAKE_CURRENT_LIST_DIR}/include -) +endif() diff --git a/subsys/nrf_security/src/utils/nrf_security_utils.cmake b/subsys/nrf_security/src/utils/nrf_security_utils.cmake index a4c86816d03b..d26ab3e402d4 100644 --- a/subsys/nrf_security/src/utils/nrf_security_utils.cmake +++ b/subsys/nrf_security/src/utils/nrf_security_utils.cmake @@ -13,3 +13,8 @@ target_include_directories(psa_crypto_library_config INTERFACE ${CMAKE_CURRENT_LIST_DIR} ) + +target_include_directories(psa_crypto_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR} +) From 91006c5fe055541dd6c55a2690283948b2c9b727 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 12:00:06 +0200 Subject: [PATCH 076/217] crypto: Sep library and interface configs for nrf_security libs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit adds nrf_security_add_zephyr_options_library which adds includes from the zephyr_interface without PSA crypto interface configurations (include-folder addition where nrf-crypto.h is added) -Moving calls to nrf_security_add_zephyr_options closer to where the libraries are built (cleanup) -Made Oberon, CRACEN and core use nrf_security_add_zephyr_options_library Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/cmake/extensions.cmake | 32 +++++++++++++++++-- subsys/nrf_security/src/CMakeLists.txt | 2 ++ .../src/core/nrf_oberon/CMakeLists.txt | 2 +- .../src/drivers/cracen/CMakeLists.txt | 2 +- .../src/drivers/nrf_oberon/CMakeLists.txt | 2 +- subsys/nrf_security/src/zephyr/CMakeLists.txt | 4 --- 6 files changed, 34 insertions(+), 10 deletions(-) diff --git a/subsys/nrf_security/cmake/extensions.cmake b/subsys/nrf_security/cmake/extensions.cmake index e76a18a1f89f..877fcabf3dbe 100644 --- a/subsys/nrf_security/cmake/extensions.cmake +++ b/subsys/nrf_security/cmake/extensions.cmake @@ -139,22 +139,47 @@ endfunction(append_with_prefix) # macro(nrf_security_add_zephyr_options lib_name) if(TARGET zephyr_interface) - # Add compile options and includes from zephyr + # Add an all includes from zephyr_interface (unfiltered) target_compile_options(${lib_name} PRIVATE $) target_compile_definitions(${lib_name} PRIVATE $) + target_include_directories(${lib_name} PRIVATE $) + target_include_directories(${lib_name} PRIVATE $) + add_dependencies(${lib_name} zephyr_interface) + + # Unsure if these are needed any more + target_compile_options(${lib_name} PRIVATE ${TOOLCHAIN_C_FLAGS}) + target_ld_options(${lib_name} PRIVATE ${TOOLCHAIN_LD_FLAGS}) + else() + target_compile_options(${lib_name} PRIVATE "SHELL: -imacros ${ZEPHYR_AUTOCONF}") + target_include_directories(${lib_name} PRIVATE + $<$:$> + ) + endif() +endmacro() +# +# Add common configurations/options from the zephyr interface libraries (library version) +# +# This includes +# Compile options +# Standard includes +# C flags/Linker flags +# +macro(nrf_security_add_zephyr_options_library lib_name) + if(TARGET zephyr_interface) + # Add an an filtered version of zephyr_interface (PSA crypto interface filtered out) + target_compile_options(${lib_name} PRIVATE $) + target_compile_definitions(${lib_name} PRIVATE $) # Ensure that the PSA crypto interface include folder isn't added in library builds (filtered out) target_include_directories(${lib_name} PRIVATE $,EXCLUDE,${PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX}> ) - # Ensure that the PSA crypto interface include folder isn't added in library builds (filtered out) target_include_directories(${lib_name} PRIVATE $,EXCLUDE,${PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX}> ) - add_dependencies(${lib_name} zephyr_interface) # Unsure if these are needed any more @@ -168,5 +193,6 @@ macro(nrf_security_add_zephyr_options lib_name) endif() endmacro() + # Include debugging include(${CMAKE_CURRENT_LIST_DIR}/nrf_security_debug.cmake) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 8b287d6b3cd1..154f05d4b275 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -120,6 +120,8 @@ target_link_libraries(mbedcrypto_base psa_interface ) +nrf_security_add_zephyr_options(mbedcrypto_base) + # Misusing the psa_crypto_config and psa_crypto_library_config awareness to # set compiler-flags to ensure right floating-point types are set if(COMPILER_CP_FLAG) diff --git a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt index 9d4b0df6f4c7..8075cb4faec4 100644 --- a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt @@ -46,7 +46,7 @@ target_link_libraries(oberon_psa_core mbedcrypto_base ) -nrf_security_add_zephyr_options(oberon_psa_core) +nrf_security_add_zephyr_options_library(oberon_psa_core) target_link_libraries(${mbedcrypto_target} PRIVATE diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 78c9941c16d5..9809afc6b0b1 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -44,4 +44,4 @@ target_link_libraries(oberon_psa_core cracen_psa_driver ) -nrf_security_add_zephyr_options(cracen_psa_driver) +nrf_security_add_zephyr_options_library(cracen_psa_driver) diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index 8212fede61fb..a164bf2c2e62 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -75,4 +75,4 @@ target_link_libraries(oberon_psa_core oberon_psa_driver ) -nrf_security_add_zephyr_options(oberon_psa_driver) +nrf_security_add_zephyr_options_library(oberon_psa_driver) diff --git a/subsys/nrf_security/src/zephyr/CMakeLists.txt b/subsys/nrf_security/src/zephyr/CMakeLists.txt index e078cbe65719..b0c285271ea2 100644 --- a/subsys/nrf_security/src/zephyr/CMakeLists.txt +++ b/subsys/nrf_security/src/zephyr/CMakeLists.txt @@ -67,10 +67,6 @@ if(DEFINED src_zephyr) endif() -# Add configuration/options from zephyr interface libraries -nrf_security_add_zephyr_options(${mbedcrypto_target}) -nrf_security_add_zephyr_options(mbedcrypto_base) - # Add the generic mbedtls_external library to interface with zephyr add_library(mbedtls_external INTERFACE) From a34969f9aaf7e596b8c51e72fb3f0c338b4bb49d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 12:05:31 +0200 Subject: [PATCH 077/217] crypto: Clean up deps for psa_crypto_config/psa_interface MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: PSA core: Add psa_crypto_config and psa_crypto_library_config (fixup of commit cbf737a2bbbe33d66ad2e3d40fe235b529934360) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/CMakeLists.txt | 6 ------ subsys/nrf_security/src/CMakeLists.txt | 13 ++++++++++--- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index 190bb53c79e8..07aaa82639a5 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -113,12 +113,6 @@ target_compile_definitions(psa_crypto_library_config -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE}" ) -target_include_directories(psa_crypto_library_config - INTERFACE - ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} - ${NRF_SECURITY_ROOT}/include -) - # Add a library for crypto includes for the PSA interface (NS, S-only and TF-M) # The name and intent of this comes from TF-M distribution add_library(psa_interface INTERFACE) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 154f05d4b275..f7ec683ce872 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -26,7 +26,6 @@ string(REPLACE "/" "\\/" PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX ${PSA_CRYPTO_CON # Add include folders for psa_crypto_config (interface builds) target_include_directories(psa_crypto_config INTERFACE - #$ ${PSA_CRYPTO_CONFIG_INTERFACE_PATH} ${NRF_SECURITY_ROOT}/include ) @@ -35,6 +34,7 @@ target_include_directories(psa_crypto_config target_include_directories(psa_crypto_library_config INTERFACE ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} + ${NRF_SECURITY_ROOT}/include ) if(CONFIG_MBEDTLS_ENABLE_HEAP) @@ -73,6 +73,12 @@ add_library(${mbedcrypto_target} ${src_crypto} ) +target_link_libraries(${mbedcrypto_target} + INTERFACE + psa_crypto_config + psa_interface +) + if(CONFIG_PSA_SSF_CRYPTO_CLIENT) add_subdirectory(ssf_secdom) endif() @@ -114,9 +120,10 @@ add_library(mbedcrypto_base ) target_link_libraries(mbedcrypto_base + PRIVATE + psa_crypto_config + $ PUBLIC - # Enable the PSA crypto (client) interface or the library build - $,psa_crypto_library_config,psa_crypto_config> psa_interface ) From f055504b8fe71562c081f84e7ce56455a69310b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 16:06:33 +0200 Subject: [PATCH 078/217] crypto: MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER for Nordic security backend MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Fix legacy API support for TLS/DTLS and X.509 -This enables MBEDTLS_PSA_CRYPTO_KEY_ENCODES_OWNER to allow for NORDIC_SECURITY_BACKEND being used as a configuration when building with TF-M (fixup of commit da97260229fe6f70ad28e818e2f560337a6213a3) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/configs/legacy_crypto_config.h.template | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/configs/legacy_crypto_config.h.template b/subsys/nrf_security/configs/legacy_crypto_config.h.template index 9e3c3c5378c1..2a5c5bdfcf1b 100644 --- a/subsys/nrf_security/configs/legacy_crypto_config.h.template +++ b/subsys/nrf_security/configs/legacy_crypto_config.h.template @@ -1070,7 +1070,7 @@ * Note that this option is meant for internal use only and may be removed * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO. */ -//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +#cmakedefine MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /** * \def MBEDTLS_MEMORY_DEBUG From 7ea38d40e0c54b612d7a7f954c85ba95013c12b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 16:12:15 +0200 Subject: [PATCH 079/217] crypto: TF-M: Add filter for legacy API addition for ARoTs etc. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Fix legacy API support for TLS/DTLS and X.509 -This commit ensures that md/pk etc. is not added when building inside TF-M. There is a define called MBEDTLS_PSA_CRYPTO_SPM that is used as a signal that the SPM partition is going to be buitl, but unfortunately this configuration is too vague in our current build (fixup of commit da97260229fe6f70ad28e818e2f560337a6213a3) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index f7ec683ce872..786f44ba70ae 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -48,7 +48,7 @@ if(CONFIG_MBEDTLS_ENABLE_HEAP) endif() endif() -if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM) +if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM AND NOT PSA_CRYPTO_EXTERNAL_CORE) append_with_prefix(src_crypto ${ARM_MBEDTLS_PATH}/library pem.c pkcs12.c From 3e7a1f2e245eaf8f53f54bbfe00176a1d371fc76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 21:30:49 +0200 Subject: [PATCH 080/217] crypto: Threading: Ensure linking against libkernel.a by path MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Adding threading support for PSA core -This resolves an issue with CRACEN builds where trying to get a proper link to kernel involves using kernel library by full path to avoid issues in build. -Make includes local for nrf_security_mutexes/events -Establish nrf_security_utils library to localize the issue and to try to find a better way to resolve this in the future Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 1 + .../src/drivers/cracen/CMakeLists.txt | 1 + .../src/threading/threading_alt.c | 2 +- .../src/utils/nrf_security_events.c | 2 +- .../src/utils/nrf_security_mutexes.c | 2 +- .../src/utils/nrf_security_utils.cmake | 20 ++++++++++++------- 6 files changed, 18 insertions(+), 10 deletions(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 786f44ba70ae..5e4a0865198f 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -125,6 +125,7 @@ target_link_libraries(mbedcrypto_base $ PUBLIC psa_interface + nrf_security_utils ) nrf_security_add_zephyr_options(mbedcrypto_base) diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 9809afc6b0b1..13da7f487c50 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -36,6 +36,7 @@ target_link_libraries(cracen_psa_driver PRIVATE psa_crypto_library_config psa_interface + nrf_security_utils ) # Link oberon_psa_core with this PSA crypto driver diff --git a/subsys/nrf_security/src/threading/threading_alt.c b/subsys/nrf_security/src/threading/threading_alt.c index 2e7acb7395bb..49c93c94c991 100644 --- a/subsys/nrf_security/src/threading/threading_alt.c +++ b/subsys/nrf_security/src/threading/threading_alt.c @@ -10,7 +10,7 @@ #include #include -#include +#include "nrf_security_mutexes.h" #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" diff --git a/subsys/nrf_security/src/utils/nrf_security_events.c b/subsys/nrf_security/src/utils/nrf_security_events.c index d00b7058ad29..442d325f3a85 100644 --- a/subsys/nrf_security/src/utils/nrf_security_events.c +++ b/subsys/nrf_security/src/utils/nrf_security_events.c @@ -8,7 +8,7 @@ #include #include #include -#include +#include "nrf_security_events.h" #if defined(__NRF_TFM__) #include "cmsis.h" diff --git a/subsys/nrf_security/src/utils/nrf_security_mutexes.c b/subsys/nrf_security/src/utils/nrf_security_mutexes.c index dbd935773ce4..eb3159b0f33b 100644 --- a/subsys/nrf_security/src/utils/nrf_security_mutexes.c +++ b/subsys/nrf_security/src/utils/nrf_security_mutexes.c @@ -9,7 +9,7 @@ #include #include -#include +#include "nrf_security_mutexes.h" #if !defined(__NRF_TFM__) #include diff --git a/subsys/nrf_security/src/utils/nrf_security_utils.cmake b/subsys/nrf_security/src/utils/nrf_security_utils.cmake index d26ab3e402d4..cc0956d93c8f 100644 --- a/subsys/nrf_security/src/utils/nrf_security_utils.cmake +++ b/subsys/nrf_security/src/utils/nrf_security_utils.cmake @@ -4,17 +4,23 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -append_with_prefix(src_crypto_base ${CMAKE_CURRENT_LIST_DIR} - nrf_security_mutexes.c - nrf_security_events.c +add_library(nrf_security_utils STATIC + ${CMAKE_CURRENT_LIST_DIR}/nrf_security_mutexes.c + ${CMAKE_CURRENT_LIST_DIR}/nrf_security_events.c ) -target_include_directories(psa_crypto_library_config +target_include_directories(nrf_security_utils INTERFACE ${CMAKE_CURRENT_LIST_DIR} ) -target_include_directories(psa_crypto_config - INTERFACE - ${CMAKE_CURRENT_LIST_DIR} +# This special linking is done to give access to the zephyr kernel library +# which possibly isn't --whole-archived in the build. Trying to link to the +# kernel library directly will give cyclic dependency. The only way to avoid +# it seems to be to link with a full path instead. +target_link_libraries(nrf_security_utils + PRIVATE + ${CMAKE_BINARY_DIR}/zephyr/kernel/libkernel.a ) + +nrf_security_add_zephyr_options_library(nrf_security_utils) From b189486bd385f874443672d29046d42053a07046 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 21:33:45 +0200 Subject: [PATCH 081/217] crypto: TF-M: Add better filter for non PSA builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Fix legacy API support for TLS/DTLS and X.509 -This commit is unfortunate, but it is required as there is no cleanliness to legacy symbols in non SPM targets in TF-M. This commit can be changed with a properly supported BUILD_INSIDE_TFM or similar signal (fixup of commit da97260229fe6f70ad28e818e2f560337a6213a3) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 2 +- subsys/nrf_security/tfm/CMakeLists.txt | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 5e4a0865198f..9bc3e859b401 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -48,7 +48,7 @@ if(CONFIG_MBEDTLS_ENABLE_HEAP) endif() endif() -if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM AND NOT PSA_CRYPTO_EXTERNAL_CORE) +if(NOT CONFIG_MBEDTLS_PSA_CRYPTO_SPM AND NOT BUILD_INSIDE_TFM) append_with_prefix(src_crypto ${ARM_MBEDTLS_PATH}/library pem.c pkcs12.c diff --git a/subsys/nrf_security/tfm/CMakeLists.txt b/subsys/nrf_security/tfm/CMakeLists.txt index 582ed3763812..6edbbd0a8e00 100644 --- a/subsys/nrf_security/tfm/CMakeLists.txt +++ b/subsys/nrf_security/tfm/CMakeLists.txt @@ -10,6 +10,9 @@ include(${NRF_SECURITY_ROOT}/cmake/extensions.cmake) # Prefix targets as expected from TF-M set(mbedcrypto_target ${MBEDTLS_TARGET_PREFIX}mbedcrypto) +# Set BUILD_INSIDE_TFM to use only for legacy added files +set(BUILD_INSIDE_TFM True) + # Building nrf security for TF-M implies the following: # - Parse NRF_SECURITY_SETTINGS into CMake variables. # Variables transferred from Zephyr to nRF Security TF-M build includes: From 1e72acc4541b34d7e488870d19153a817d5573ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 16 Sep 2024 21:37:29 +0200 Subject: [PATCH 082/217] crypto: Resolve path-issues with CRACEN builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Cleaning up PSA driver and core CMake logic -This commit resolves some path-issue with HUK library where APIs internal to PSA crypto is required to be accessible in PSA crypto interface scope. Exposing the CRACEN API towards NCS libraries is currently unavoidable. (fixup of commit fc0112a5ec90e2b5872ca187748f9a862b191e1f) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/drivers/cracen/CMakeLists.txt | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 13da7f487c50..571b77f3f432 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -20,6 +20,12 @@ target_include_directories(psa_crypto_library_config ${cracen_driver_include_dirs} ) +target_include_directories(psa_crypto_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/common/include/ + ${cracen_driver_include_dirs} +) + add_library(cracen_psa_driver STATIC ${cracen_driver_sources} ) @@ -36,6 +42,7 @@ target_link_libraries(cracen_psa_driver PRIVATE psa_crypto_library_config psa_interface + mbedcrypto_base nrf_security_utils ) From 3ef326f888edd26261033fbcb0184ced044fb496 Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Tue, 17 Sep 2024 10:13:18 +0200 Subject: [PATCH 083/217] samples: wifi: privisioning: softap: add missing integration_platforms This is requires because sample documentation uses the table-from-sample-yaml directive. Signed-off-by: Gerard Marull-Paretas --- samples/wifi/provisioning/softap/sample.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/samples/wifi/provisioning/softap/sample.yaml b/samples/wifi/provisioning/softap/sample.yaml index 8eef7714c1e8..3294ec80d718 100644 --- a/samples/wifi/provisioning/softap/sample.yaml +++ b/samples/wifi/provisioning/softap/sample.yaml @@ -5,4 +5,6 @@ tests: sysbuild: true build_only: true platform_allow: nrf7002dk/nrf5340/cpuapp/ns + integration_platforms: + - nrf7002dk/nrf5340/cpuapp/ns tags: ci_build sysbuild ci_samples_wifi From c5d1dd732ff5ebc8325e7035fea1f293f0ec364a Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Tue, 17 Sep 2024 11:09:06 +0200 Subject: [PATCH 084/217] doc: nrf: update references to Zephyr docs Zephyr has increased usage of :zephyr:code-sample:, also some have changed their name. Signed-off-by: Gerard Marull-Paretas --- .../asset_tracker_v2/doc/sensor_module.rst | 4 +- applications/machine_learning/app_desc.rst | 6 +-- .../doc/adding_ble_bridged_device_service.rst | 2 +- .../doc/matter_bridge_description.rst | 4 +- .../doc/firmware_architecture.rst | 2 +- .../nrf5340_audio/doc/requirements.rst | 2 +- applications/nrf_desktop/integration.rst | 2 +- .../sysbuild/sysbuild_images.rst | 4 +- .../sysbuild/zephyr_samples_sysbuild.rst | 46 +++++++++---------- .../device_guides/nrf53/features_nrf53.rst | 10 ++-- .../nrf53/multi_image_nrf5340.rst | 4 +- .../nrf53/qspi_xip_guide_nrf5340.rst | 2 +- .../nrf54h/ug_nrf54h20_architecture_ipc.rst | 2 +- doc/nrf/drivers/bme68x_iaq.rst | 2 +- doc/nrf/drivers/paw3212.rst | 6 +-- doc/nrf/drivers/pmw3360.rst | 6 +-- doc/nrf/drivers/sensor_sim.rst | 2 +- doc/nrf/includes/matter_bridge_testing.txt | 2 +- .../bluetooth_services/mesh/sensor.rst | 4 +- doc/nrf/libraries/caf/sensor_manager.rst | 4 +- .../releases_and_maturity/known_issues.rst | 2 +- .../migration/migration_guide_2.7.rst | 2 +- .../migration/migration_sysbuild.rst | 4 +- .../releases/release-notes-1.3.0.rst | 2 +- .../releases/release-notes-1.4.0.rst | 4 +- .../releases/release-notes-1.5.0.rst | 6 +-- .../releases/release-notes-2.1.0.rst | 10 ++-- .../releases/release-notes-2.6.99-cs1.rst | 8 ++-- .../releases/release-notes-2.7.0.rst | 18 ++++---- .../central_and_peripheral_hr/README.rst | 20 ++++---- samples/bluetooth/central_hr_coded/README.rst | 2 +- samples/bluetooth/hci_lpuart/README.rst | 2 +- .../bluetooth/peripheral_hr_coded/README.rst | 2 +- .../lwm2m_client/sample_description.rst | 2 +- samples/nrf5340/netboot/README.rst | 2 +- samples/openthread/coprocessor/README.rst | 2 +- samples/wifi/provisioning/ble/README.rst | 2 +- 37 files changed, 103 insertions(+), 103 deletions(-) diff --git a/applications/asset_tracker_v2/doc/sensor_module.rst b/applications/asset_tracker_v2/doc/sensor_module.rst index a86d4db52215..351e55fd277d 100644 --- a/applications/asset_tracker_v2/doc/sensor_module.rst +++ b/applications/asset_tracker_v2/doc/sensor_module.rst @@ -36,7 +36,7 @@ The following table lists the sensors and sensor data types supported by the mod | Acceleration (Impact) | `ADXL372`_ | +-------------------------+-----------------+ -The module controls and collects data from the sensors by interacting with their :ref:`device drivers ` using :ref:`Zephyr's generic sensor API `. +The module controls and collects data from the sensors by interacting with their :ref:`device drivers ` using :ref:`Zephyr's generic sensor API `. Thingy:91 X has a `BME688`_ gas sensor and `ADXL367`_ motion sensor that can be used by the :ref:`asset_tracker_v2_sensor_module` module. @@ -189,7 +189,7 @@ Dependencies This module uses the following Zephyr API: -* :ref:`Generic sensor API ` +* :ref:`Generic sensor API ` API documentation ***************** diff --git a/applications/machine_learning/app_desc.rst b/applications/machine_learning/app_desc.rst index 6c9656b1b4eb..30512b2bda96 100644 --- a/applications/machine_learning/app_desc.rst +++ b/applications/machine_learning/app_desc.rst @@ -15,14 +15,14 @@ To learn more about Edge Impulse support in the |NCS| see :ref:`ug_edge_impulse` Application overview ******************** -To perform its tasks, the nRF Machine Learning application uses components available in Zephyr and the |NCS|, namely the :ref:`lib_caf` modules and :ref:`zephyr:sensor_api` for sampling sensors, and :ref:`zephyr:uart_api` or :ref:`nus_service_readme` for forwarding data. +To perform its tasks, the nRF Machine Learning application uses components available in Zephyr and the |NCS|, namely the :ref:`lib_caf` modules and :ref:`zephyr:sensor` for sampling sensors, and :ref:`zephyr:uart_api` or :ref:`nus_service_readme` for forwarding data. It also uses the `Edge Impulse's data forwarder`_ protocol. Sampling sensors ================ The application handles the sensor sampling using the :ref:`caf_sensor_manager`. -This module uses Zephyr's :ref:`zephyr:sensor_api` to handle the sampling. +This module uses Zephyr's :ref:`zephyr:sensor` to handle the sampling. This approach allows you to use any sensor available in Zephyr. By default, the following sensors are used by the application: @@ -659,7 +659,7 @@ Dependencies The application uses the following Zephyr drivers and libraries: -* :ref:`zephyr:sensor_api` +* :ref:`zephyr:sensor` * :ref:`zephyr:uart_api` * :ref:`zephyr:mcu_mgr` diff --git a/applications/matter_bridge/doc/adding_ble_bridged_device_service.rst b/applications/matter_bridge/doc/adding_ble_bridged_device_service.rst index c811ccc5ce58..f297036046ac 100644 --- a/applications/matter_bridge/doc/adding_ble_bridged_device_service.rst +++ b/applications/matter_bridge/doc/adding_ble_bridged_device_service.rst @@ -3,7 +3,7 @@ Adding support for a new Bluetooth LE service ############################################# -The Matter Bridge application supports bridging Bluetooth LE devices using :ref:`LED Button Service ` and :ref:`Environmental Sensing Service ` Bluetooth services. +The Matter Bridge application supports bridging Bluetooth LE devices using :ref:`LED Button Service ` and :zephyr:code-sample:`ble_peripheral_esp` Bluetooth services. You can also add support for a proprietary Bluetooth LE service, if required by your use case. The functionality of the added Bluetooth LE service has to be represented by one or more device types available in the :ref:`Matter Data Model `. For example, the :ref:`LED Button Service ` is represented by the Matter On/Off Light and Matter Generic Switch device types. diff --git a/applications/matter_bridge/doc/matter_bridge_description.rst b/applications/matter_bridge/doc/matter_bridge_description.rst index 6065d866cdad..4e657247032d 100644 --- a/applications/matter_bridge/doc/matter_bridge_description.rst +++ b/applications/matter_bridge/doc/matter_bridge_description.rst @@ -24,7 +24,7 @@ To test the Matter bridge application with the :ref:`Bluetooth LE bridged device * An additional development kit compatible with one of the following Bluetooth LE samples: * :ref:`peripheral_lbs` - * :ref:`peripheral_esp` + * :zephyr:code-sample:`ble_peripheral_esp` * A micro-USB cable for every development kit to connect it to the PC. @@ -119,7 +119,7 @@ The application supports two bridged device configurations that are mutually exc * Nordic Semiconductor's :ref:`LED Button Service ` - represented by the Matter On/Off Light and Generic Switch device types. The service can be configured to use the On/Off Light Switch instead of the Generic Switch device type. - * Zephyr's :ref:`Environmental Sensing Service ` - represented by the Matter Temperature Sensor and Humidity Sensor device types. + * Zephyr's :zephyr:code-sample:`ble_peripheral_esp` - represented by the Matter Temperature Sensor and Humidity Sensor device types. If the Bluetooth LE service required by your use case is not supported, you can extend the application. For information about how to add a new Bluetooth LE service support to the application, see the :ref:`matter_bridge_app_extending_ble_service` section. diff --git a/applications/nrf5340_audio/doc/firmware_architecture.rst b/applications/nrf5340_audio/doc/firmware_architecture.rst index 63a733d72242..7defcd5f21a7 100644 --- a/applications/nrf5340_audio/doc/firmware_architecture.rst +++ b/applications/nrf5340_audio/doc/firmware_architecture.rst @@ -274,7 +274,7 @@ Synchronization module flow The received audio data in the I2S-based firmware devices follows the following path: 1. The SoftDevice Controller running on the network core receives the compressed audio data. -#. The controller, running in the :ref:`zephyr:bluetooth-hci-ipc-sample` sample on the nRF5340 SoC network core, sends the audio data to the Zephyr Bluetooth LE host running on the nRF5340 SoC application core. +#. The controller, running in the :zephyr:code-sample:`bluetooth_hci_ipc` sample on the nRF5340 SoC network core, sends the audio data to the Zephyr Bluetooth LE host running on the nRF5340 SoC application core. #. The host sends the data to the stream control module. #. The data is sent to a FIFO buffer. #. The data is sent from the FIFO buffer to the :file:`audio_datapath.c` synchronization module. diff --git a/applications/nrf5340_audio/doc/requirements.rst b/applications/nrf5340_audio/doc/requirements.rst index 9cff78c3f531..cf1ecc6d1a48 100644 --- a/applications/nrf5340_audio/doc/requirements.rst +++ b/applications/nrf5340_audio/doc/requirements.rst @@ -62,4 +62,4 @@ For each application, only one of the following :file:`.conf` files is included See :ref:`nrf53_audio_app_building` for details. In addition, the application features the :file:`child_image` directory with :file:`hci_ipc.conf`. -This file contains the necessary configurations for nRF5340 Audio applications to run the :ref:`bluetooth-hci-ipc-sample` sample with :ref:`SoftDevice Controller for LE Isochronous Channels ` support. +This file contains the necessary configurations for nRF5340 Audio applications to run the :zephyr:code-sample:`bluetooth_hci_ipc` sample with :ref:`SoftDevice Controller for LE Isochronous Channels ` support. diff --git a/applications/nrf_desktop/integration.rst b/applications/nrf_desktop/integration.rst index e71912f24601..08f8b5c919a9 100644 --- a/applications/nrf_desktop/integration.rst +++ b/applications/nrf_desktop/integration.rst @@ -122,7 +122,7 @@ Add a new sensor driver First, create a new motion sensor driver that will provide code for communication with the sensor. Use the two existing |NCS| sensor drivers as an example. -The communication between the application and the sensor happens through a sensor driver API (see :ref:`sensor_api`). +The communication between the application and the sensor happens through a sensor driver API (see :ref:`zephyr:sensor`). For the motion module to work correctly, the driver must support a trigger (see ``sensor_trigger_set``) on a new data (see ``SENSOR_TRIG_DATA_READY`` trigger type). When the motion data is ready, the driver calls a registered callback. diff --git a/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_images.rst b/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_images.rst index 4214b9f15313..3b659e158337 100644 --- a/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_images.rst +++ b/doc/nrf/app_dev/config_and_build/sysbuild/sysbuild_images.rst @@ -37,11 +37,11 @@ These options determine whether the secure boot image is included on the network +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ | ``SB_CONFIG_NETCORE_EMPTY`` | |NCS| empty network core image :ref:`nrf5340_empty_net_core`. | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_HCI_IPC`` | Zephyr hci_ipc Bluetooth image :ref:`zephyr:bluetooth-hci-ipc-sample`. | +| ``SB_CONFIG_NETCORE_HCI_IPC`` | Zephyr hci_ipc Bluetooth image :zephyr:code-sample:`bluetooth_hci_ipc`. | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ | ``SB_CONFIG_NETCORE_RPC_HOST`` | |NCS| rpc_host Bluetooth image :ref:`ble_rpc_host`. | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_802154_RPMSG`` | Zephyr 802.15.4 image :ref:`zephyr:nrf-ieee802154-rpmsg-sample`. | +| ``SB_CONFIG_NETCORE_802154_RPMSG`` | Zephyr 802.15.4 image :zephyr:code-sample:`nrf_ieee802154_rpmsg`. | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ | ``SB_CONFIG_NETCORE_MULTIPROTOCOL_RPMSG`` | |NCS| multiprotocol_rpmsg Bluetooth and 802.15.4 image :ref:`multiprotocol-rpmsg-sample`. | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ diff --git a/doc/nrf/app_dev/config_and_build/sysbuild/zephyr_samples_sysbuild.rst b/doc/nrf/app_dev/config_and_build/sysbuild/zephyr_samples_sysbuild.rst index 2484d5816620..dc3298fa1caa 100644 --- a/doc/nrf/app_dev/config_and_build/sysbuild/zephyr_samples_sysbuild.rst +++ b/doc/nrf/app_dev/config_and_build/sysbuild/zephyr_samples_sysbuild.rst @@ -9,33 +9,33 @@ For applications and samples in the |NCS| repository, this is handled automatica .. note:: As nRF52 is a single core device, no additional images are needed for Bluetooth samples. -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| Sysbuild Kconfig option | Image | Bluetooth | 802.15.4 | Details | -+=========================================================+===========================================+===========+==========+=======================================================================================================================+ -| ``SB_CONFIG_NETCORE_EMPTY`` | :ref:`nrf5340_empty_net_core` | ✕ | ✕ | | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_HCI_IPC`` | :ref:`zephyr:bluetooth-hci-ipc-sample` | ✓ | ✕ | | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_RPC_HOST`` | :ref:`ble_rpc_host` | ✓ | ✕ | Requires that application be setup for this mode. | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_802154_RPMSG`` | :ref:`zephyr:nrf-ieee802154-rpmsg-sample` | ✕ | ✓ | | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_MULTIPROTOCOL_RPMSG`` | :ref:`multiprotocol-rpmsg-sample` | ✓ | ✓ | | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_IPC_RADIO`` | :ref:`ipc_radio` | ✓ | ✓ | Requires additional configuration. The following Kconfig options provide predefined configurations: | -| | | | | ``SB_CONFIG_NETCORE_IPC_RADIO_BT_HCI_IPC`` enables HCI serialization | -| | | | | for Bluetooth, ``SB_CONFIG_NETCORE_IPC_RADIO_BT_RPC`` enables nRF RPC serialization for Bluetooth, or | -| | | | | ``SB_CONFIG_NETCORE_IPC_RADIO_IEEE802154`` enables spinel serialization for IEEE 802.15.4. | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_NONE`` | No image | n/a | n/a | | -+---------------------------------------------------------+-------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| Sysbuild Kconfig option | Image | Bluetooth | 802.15.4 | Details | ++=========================================================+============================================+===========+==========+=======================================================================================================================+ +| ``SB_CONFIG_NETCORE_EMPTY`` | :ref:`nrf5340_empty_net_core` | ✕ | ✕ | | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| ``SB_CONFIG_NETCORE_HCI_IPC`` | :zephyr:code-sample:`bluetooth_hci_ipc` | ✓ | ✕ | | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| ``SB_CONFIG_NETCORE_RPC_HOST`` | :ref:`ble_rpc_host` | ✓ | ✕ | Requires that application be setup for this mode. | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| ``SB_CONFIG_NETCORE_802154_RPMSG`` | :zephyr:code-sample:`nrf_ieee802154_rpmsg` | ✕ | ✓ | | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| ``SB_CONFIG_NETCORE_MULTIPROTOCOL_RPMSG`` | :ref:`multiprotocol-rpmsg-sample` | ✓ | ✓ | | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| ``SB_CONFIG_NETCORE_IPC_RADIO`` | :ref:`ipc_radio` | ✓ | ✓ | Requires additional configuration. The following Kconfig options provide predefined configurations: | +| | | | | ``SB_CONFIG_NETCORE_IPC_RADIO_BT_HCI_IPC`` enables HCI serialization | +| | | | | for Bluetooth, ``SB_CONFIG_NETCORE_IPC_RADIO_BT_RPC`` enables nRF RPC serialization for Bluetooth, or | +| | | | | ``SB_CONFIG_NETCORE_IPC_RADIO_IEEE802154`` enables spinel serialization for IEEE 802.15.4. | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ +| ``SB_CONFIG_NETCORE_NONE`` | No image | n/a | n/a | | ++---------------------------------------------------------+--------------------------------------------+-----------+----------+-----------------------------------------------------------------------------------------------------------------------+ The default for Thingy:53 is the :ref:`nrf5340_empty_net_core` sample application. The default for other nRF53 devices is having no image added to the build. -When configuring an application, such as :ref:`zephyr:peripheral_hr`, you must configure it with a supported network core image to ensure proper functionality. -For basic Bluetooth samples, you can use :ref:`zephyr:bluetooth-hci-ipc-sample`, :ref:`multiprotocol-rpmsg-sample`, or :ref:`ipc_radio` (one of the :ref:`companion components `). -Use one of the following command patterns to build a sample with the :ref:`zephyr:bluetooth-hci-ipc-sample` network image selected (with the relevant *board_target*, path to your application *app_dir*, and path to Zephyr's shared sysbuild directory */share/sysbuild*): +When configuring an application, such as :zephyr:code-sample:`ble_peripheral_hr`, you must configure it with a supported network core image to ensure proper functionality. +For basic Bluetooth samples, you can use :zephyr:code-sample:`bluetooth_hci_ipc`, :ref:`multiprotocol-rpmsg-sample`, or :ref:`ipc_radio` (one of the :ref:`companion components `). +Use one of the following command patterns to build a sample with the :zephyr:code-sample:`bluetooth_hci_ipc` network image selected (with the relevant *board_target*, path to your application *app_dir*, and path to Zephyr's shared sysbuild directory */share/sysbuild*): .. tabs:: diff --git a/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst b/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst index b261019c4fea..9f55887bda62 100644 --- a/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst +++ b/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst @@ -127,7 +127,7 @@ Bluetooth Low Energy * - Network core - Application core - * - :ref:`zephyr:bluetooth-hci-ipc-sample` + * - :zephyr:code-sample:`bluetooth_hci_ipc` - | :ref:`Bluetooth Low Energy samples ` | :ref:`Bluetooth samples in Zephyr ` * - :ref:`ble_rpc_host` (supported for development) @@ -143,7 +143,7 @@ Split Controller and Host When splitting the Bluetooth LE Controller and the Host, run the Bluetooth LE Controller on the network core and the host part of the Bluetooth LE stack and the application logic on the application core. -For the network core, the |NCS| provides the :ref:`zephyr:bluetooth-hci-ipc-sample` sample. +For the network core, the |NCS| provides the :zephyr:code-sample:`bluetooth_hci_ipc` sample. This Zephyr sample is designed specifically to enable the Bluetooth LE Controller functionality on a remote MCU using the `RPMsg Messaging Protocol`_ as a transport for Bluetooth HCI. The sample implements the RPMsg transport using the `OpenAMP`_ library to communicate with a Bluetooth Host stack that runs on a separate core (in this case, the nRF5340 application core). @@ -182,7 +182,7 @@ IEEE 802.15.4 (Thread and Zigbee) * - Network core - Application core - * - :ref:`zephyr:nrf-ieee802154-rpmsg-sample` + * - :zephyr:code-sample:`nrf_ieee802154_rpmsg` - | :ref:`Thread samples ` | :ref:`Zigbee samples ` | :ref:`Matter samples ` @@ -194,7 +194,7 @@ When using IEEE 802.15.4 on the nRF5340, run the IEEE 802.15.4 radio driver on t IEEE 802.15.4 Protocol architecture in multicore SoC -For the network core, the |NCS| provides the :ref:`zephyr:nrf-ieee802154-rpmsg-sample` sample. +For the network core, the |NCS| provides the :zephyr:code-sample:`nrf_ieee802154_rpmsg` sample. This Zephyr sample is designed specifically to enable the nRF IEEE 802.15.4 radio driver and its serialization library on a remote MCU using the `RPMsg Messaging Protocol`_ as a transport for the nRF 802.15.4 radio driver serialization. The sample implements the RPMsg transport using the `OpenAMP`_ library to communicate with the nRF IEEE 802.15.4 radio driver serialization host that runs on a separate core (in this case, the nRF5340 application core). @@ -229,7 +229,7 @@ When using Thread or Zigbee in parallel with Bluetooth LE, run the low-level rad Bluetooth LE and IEEE 802.15.4 multiprotocol architecture in multicore SoC For the network core, the |NCS| provides the :ref:`multiprotocol-rpmsg-sample` sample. -It is a combination of the :ref:`zephyr:bluetooth-hci-ipc-sample` sample (for Bluetooth LE) and the :ref:`zephyr:nrf-ieee802154-rpmsg-sample` sample (for IEEE 802.15.4). +It is a combination of the :zephyr:code-sample:`bluetooth_hci_ipc` sample (for Bluetooth LE) and the :zephyr:code-sample:`nrf_ieee802154_rpmsg` sample (for IEEE 802.15.4). This means that it enables both the Bluetooth LE Controller and the nRF IEEE 802.15.4 radio driver and simultaneously exposes the functionality of both stacks to the application core using the `RPMsg Messaging Protocol`_. Separate RPMsg endpoints are used to obtain independent inter-core connections for each stack. diff --git a/doc/nrf/app_dev/device_guides/nrf53/multi_image_nrf5340.rst b/doc/nrf/app_dev/device_guides/nrf53/multi_image_nrf5340.rst index 6819dbcf3299..f1e54f7e5bc1 100644 --- a/doc/nrf/app_dev/device_guides/nrf53/multi_image_nrf5340.rst +++ b/doc/nrf/app_dev/device_guides/nrf53/multi_image_nrf5340.rst @@ -42,10 +42,10 @@ The combination of these options determines which (if any) sample is included in - Child image sample for the network core - Child image sample for the application core * - :kconfig:option:`CONFIG_BT_HCI_IPC` - - :ref:`zephyr:bluetooth-hci-ipc-sample` + - :zephyr:code-sample:`bluetooth_hci_ipc` - --- * - :kconfig:option:`CONFIG_NRF_802154_SER_HOST` - - :ref:`zephyr:nrf-ieee802154-rpmsg-sample` + - :zephyr:code-sample:`nrf_ieee802154_rpmsg` - --- * - :kconfig:option:`CONFIG_BT_HCI_IPC` and :kconfig:option:`CONFIG_NRF_802154_SER_HOST` - :ref:`multiprotocol-rpmsg-sample` diff --git a/doc/nrf/app_dev/device_guides/nrf53/qspi_xip_guide_nrf5340.rst b/doc/nrf/app_dev/device_guides/nrf53/qspi_xip_guide_nrf5340.rst index 363888c79d7d..621b2f053ef2 100644 --- a/doc/nrf/app_dev/device_guides/nrf53/qspi_xip_guide_nrf5340.rst +++ b/doc/nrf/app_dev/device_guides/nrf53/qspi_xip_guide_nrf5340.rst @@ -17,7 +17,7 @@ NCS supports dividing an application into an internal and external part, along w For more information about QSPI XIP hardware support, the `Execute in place page in the nRF5340 Product Specification`_. -For placing individual source code files into defined memory regions, check the :ref:`zephyr:code_relocation_nocopy` sample in Zephyr. +For placing individual source code files into defined memory regions, check the :zephyr:code-sample:`code_relocation_nocopy` sample in Zephyr. Enabling configuration options ****************************** diff --git a/doc/nrf/app_dev/device_guides/working_with_nrf/nrf54h/ug_nrf54h20_architecture_ipc.rst b/doc/nrf/app_dev/device_guides/working_with_nrf/nrf54h/ug_nrf54h20_architecture_ipc.rst index 011720430619..d33448e91c37 100644 --- a/doc/nrf/app_dev/device_guides/working_with_nrf/nrf54h/ug_nrf54h20_architecture_ipc.rst +++ b/doc/nrf/app_dev/device_guides/working_with_nrf/nrf54h/ug_nrf54h20_architecture_ipc.rst @@ -125,7 +125,7 @@ However, you must use as data plane memory allocation mechanisms optimized for b The ownership of the shared buffers is passed between the cores using the control plane, but only one of the cores is responsible for managing (allocating, resizing, freeing) the buffers. For more information on ICMsg, consult the :ref:`ICMsg ` backend documentation. -For more information on ICBMsg, consult the :ref:`ICMsg ` page. +For more information on ICBMsg, consult the :zephyr:code-sample:`ipc_multi_endpoint` page. Session diff --git a/doc/nrf/drivers/bme68x_iaq.rst b/doc/nrf/drivers/bme68x_iaq.rst index 408700ac87d6..4e5dabc71e9e 100644 --- a/doc/nrf/drivers/bme68x_iaq.rst +++ b/doc/nrf/drivers/bme68x_iaq.rst @@ -26,7 +26,7 @@ Configuration To use the driver, configure the following Kconfig option: -* :kconfig:option:`CONFIG_BME680`- Set to ``n`` to disable the :ref:`bme680` Zephyr driver. +* :kconfig:option:`CONFIG_BME680`- Set to ``n`` to disable the BME680 Zephyr driver. * :kconfig:option:`CONFIG_SETTINGS` - Configure the Kconfig option and a settings backend to save the persistent state of the BSEC library. * :ref:`CONFIG_BME68X_IAQ ` - To enable this driver. diff --git a/doc/nrf/drivers/paw3212.rst b/doc/nrf/drivers/paw3212.rst index aa8ff823f23c..15caac21f23a 100644 --- a/doc/nrf/drivers/paw3212.rst +++ b/doc/nrf/drivers/paw3212.rst @@ -7,7 +7,7 @@ PAW3212 driver :local: :depth: 2 -The PAW3212 driver implements a PAW3212 motion sensor driver that is compatible with Zephyr's :ref:`zephyr:sensor_api`. +The PAW3212 driver implements a PAW3212 motion sensor driver that is compatible with Zephyr's :ref:`zephyr:sensor`. The sensor driver supports the following features: @@ -106,7 +106,7 @@ See :ref:`kconfig_tips_and_tricks` for information about Kconfig. Sensor API calls **************** -Read the following sections for information about the :ref:`zephyr:sensor_api` calls supported by the motion sensor. +Read the following sections for information about the :ref:`zephyr:sensor` calls supported by the motion sensor. .. note:: Driver initialization is performed asynchronously using a delayed work that resubmits itself. @@ -132,7 +132,7 @@ The trigger handler is called when motion is detected. Sensor attributes ================= -The sensor supports a custom set of attributes that are not part of generic sensor attributes defined by Zephyr's :ref:`zephyr:sensor_api` API. +The sensor supports a custom set of attributes that are not part of generic sensor attributes defined by Zephyr's :ref:`zephyr:sensor` API. The attributes are defined as private to the motion sensor in the sensor's header file. See API documentation for details. diff --git a/doc/nrf/drivers/pmw3360.rst b/doc/nrf/drivers/pmw3360.rst index 69710dbfa41e..3cde59d83481 100644 --- a/doc/nrf/drivers/pmw3360.rst +++ b/doc/nrf/drivers/pmw3360.rst @@ -7,7 +7,7 @@ PMW3360 driver :local: :depth: 2 -The PMW3360 driver implements a PMW3360 motion sensor driver that is compatible with Zephyr's :ref:`zephyr:sensor_api`. +The PMW3360 driver implements a PMW3360 motion sensor driver that is compatible with Zephyr's :ref:`zephyr:sensor`. The sensor driver supports the following features: @@ -109,7 +109,7 @@ See :ref:`kconfig_tips_and_tricks` for information about Kconfig. Sensor API calls **************** -Read the following sections for information about the :ref:`zephyr:sensor_api` calls supported by the motion sensor. +Read the following sections for information about the :ref:`zephyr:sensor` calls supported by the motion sensor. .. note:: Driver initialization is performed asynchronously using a delayed work that resubmits itself. @@ -135,7 +135,7 @@ The trigger handler is called when motion is detected. Sensor attributes ================= -The sensor supports a custom set of attributes that are not part of generic sensor attributes defined by Zephyr's :ref:`zephyr:sensor_api` API. +The sensor supports a custom set of attributes that are not part of generic sensor attributes defined by Zephyr's :ref:`zephyr:sensor` API. The attributes are defined as private to the motion sensor in the sensor's header file. See API documentation for details. diff --git a/doc/nrf/drivers/sensor_sim.rst b/doc/nrf/drivers/sensor_sim.rst index 83559ca3efef..a4892fff93d5 100644 --- a/doc/nrf/drivers/sensor_sim.rst +++ b/doc/nrf/drivers/sensor_sim.rst @@ -7,7 +7,7 @@ Simulated sensor driver :local: :depth: 2 -The simulated sensor driver implements a simulated sensor that is compatible with Zephyr's :ref:`zephyr:sensor_api`. +The simulated sensor driver implements a simulated sensor that is compatible with Zephyr's :ref:`zephyr:sensor`. The sensor provides readouts for predefined set of sensor channels and supports sensor triggers. Configuration diff --git a/doc/nrf/includes/matter_bridge_testing.txt b/doc/nrf/includes/matter_bridge_testing.txt index 25722bb122bd..237a39dde14a 100644 --- a/doc/nrf/includes/matter_bridge_testing.txt +++ b/doc/nrf/includes/matter_bridge_testing.txt @@ -39,7 +39,7 @@ a. Build and program the one of the following Bluetooth LE samples to an additional development kit compatible with the sample: * :ref:`peripheral_lbs` - * :ref:`peripheral_esp` + * :zephyr:code-sample:`ble_peripheral_esp` #. Connect the development kit that is running the Bluetooth LE sample to the PC. #. |connect_terminal_ANSI| diff --git a/doc/nrf/libraries/bluetooth_services/mesh/sensor.rst b/doc/nrf/libraries/bluetooth_services/mesh/sensor.rst index d8331eda6708..b8428fbe8d54 100644 --- a/doc/nrf/libraries/bluetooth_services/mesh/sensor.rst +++ b/doc/nrf/libraries/bluetooth_services/mesh/sensor.rst @@ -79,7 +79,7 @@ Applications will normally not access :c:member:`bt_mesh_sensor_value.raw` or th Instead, API functions for converting between :c:struct:`bt_mesh_sensor_value` and the values suitable for application use are used. An exception to this is when statically initializing :c:struct:`bt_mesh_sensor_value` at compile-time, in which case the API functions cannot be used. -The sensor API is built to integrate well with the Zephyr :ref:`zephyr:sensor_api` API, and provides functions for converting to and from :c:struct:`sensor_value`. +The sensor API is built to integrate well with the Zephyr :ref:`zephyr:sensor` API, and provides functions for converting to and from :c:struct:`sensor_value`. .. _bt_mesh_sensor_types: @@ -293,7 +293,7 @@ A pointer to the format for a given channel can be found through the :c:struct:` sensor->type->channels[0].format; } -The sensor data in the callback typically comes from a sensor using the :ref:`Zephyr sensor API `. +The sensor data in the callback typically comes from a sensor using the :ref:`Zephyr sensor API `. The Zephyr sensor API records samples in two steps: 1. diff --git a/doc/nrf/libraries/caf/sensor_manager.rst b/doc/nrf/libraries/caf/sensor_manager.rst index 4446ae89c9a0..78a109e55b5a 100644 --- a/doc/nrf/libraries/caf/sensor_manager.rst +++ b/doc/nrf/libraries/caf/sensor_manager.rst @@ -18,7 +18,7 @@ Configuration The following Kconfig options are required: * :kconfig:option:`CONFIG_CAF_SENSOR_MANAGER` - This option enables the |sensor_manager|. -* :kconfig:option:`CONFIG_SENSOR` - This option enables Zephyr's :ref:`zephyr:sensor_api` driver, which is required for interacting with the sensors. +* :kconfig:option:`CONFIG_SENSOR` - This option enables Zephyr's :ref:`zephyr:sensor` driver, which is required for interacting with the sensors. The following Kconfig options are also available for the module: @@ -90,7 +90,7 @@ Enabling sensor trigger The |sensor_manager| supports the sensor trigger functionality. This functionality allows the |sensor_manager| to stop sampling a specific sensor when specified conditions are met. -For more details about the sensor trigger, see Zephyr's :ref:`zephyr:sensor_api` driver. +For more details about the sensor trigger, see Zephyr's :ref:`zephyr:sensor` driver. .. note:: Not all sensors support the trigger functionality. diff --git a/doc/nrf/releases_and_maturity/known_issues.rst b/doc/nrf/releases_and_maturity/known_issues.rst index 10f0ec37650f..8fda6e8dd6ce 100644 --- a/doc/nrf/releases_and_maturity/known_issues.rst +++ b/doc/nrf/releases_and_maturity/known_issues.rst @@ -4818,7 +4818,7 @@ NCSDK-6330: USB Mass Storage Sample Application fails MSC Tests from USB3CV test .. rst-class:: v1-4-2 v1-4-1 v1-4-0 NCSDK-6328: USB CDC ACM Composite Sample Application fails Chapter 9 Tests from USB3CV test tool - :zephyr:code-sample:`usb-cdc-acm-composite` fails the USB3CV compliance TD 9.1: Device Descriptor Test from the Chapter 9 Test suite. + USB CDC ACM Composite sample application fails the USB3CV compliance TD 9.1: Device Descriptor Test from the Chapter 9 Test suite. .. rst-class:: v1-4-2 v1-4-1 v1-4-0 diff --git a/doc/nrf/releases_and_maturity/migration/migration_guide_2.7.rst b/doc/nrf/releases_and_maturity/migration/migration_guide_2.7.rst index 9aff67be8054..6921ef6bee69 100644 --- a/doc/nrf/releases_and_maturity/migration/migration_guide_2.7.rst +++ b/doc/nrf/releases_and_maturity/migration/migration_guide_2.7.rst @@ -58,7 +58,7 @@ Samples and applications using short-range radio All samples and applications built for multi-core SoCs were migrated to use :ref:`ipc_radio` as the default image for the network core (on nRF5340) or the radio core (on nRF54H20). - The samples previously built for those cores are no longer used in the default builds: :ref:`zephyr:bluetooth-hci-ipc-sample`, :ref:`zephyr:nrf-ieee802154-rpmsg-sample`, :ref:`multiprotocol-rpmsg-sample`, and :ref:`ble_rpc_host`. + The samples previously built for those cores are no longer used in the default builds: :zephyr:code-sample:`bluetooth_hci_ipc`, :zephyr:code-sample:`nrf_ieee802154_rpmsg`, :ref:`multiprotocol-rpmsg-sample`, and :ref:`ble_rpc_host`. .. _nrf5340_audio_migration_notes_2.7: diff --git a/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst b/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst index 459937ea0629..8196089eeb73 100644 --- a/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst +++ b/doc/nrf/releases_and_maturity/migration/migration_sysbuild.rst @@ -90,11 +90,11 @@ The following Kconfig options are available to include the desired image in the +=========================================================+===========================================================================================================+ | ``SB_CONFIG_NETCORE_EMPTY`` | Empty network core image: :ref:`nrf5340_empty_net_core` | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_HCI_IPC`` | Zephyr hci_ipc Bluetooth image: :ref:`zephyr:bluetooth-hci-ipc-sample` | +| ``SB_CONFIG_NETCORE_HCI_IPC`` | Zephyr hci_ipc Bluetooth image: :zephyr:code-sample:`bluetooth_hci_ipc` | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ | ``SB_CONFIG_NETCORE_RPC_HOST`` | |NCS| rpc_host Bluetooth image: :ref:`ble_rpc_host` | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ -| ``SB_CONFIG_NETCORE_802154_RPMSG`` | Zephyr 802.15.4 image: :ref:`zephyr:nrf-ieee802154-rpmsg-sample` | +| ``SB_CONFIG_NETCORE_802154_RPMSG`` | Zephyr 802.15.4 image: :zephyr:code-sample:`nrf_ieee802154_rpmsg` | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ | ``SB_CONFIG_NETCORE_MULTIPROTOCOL_RPMSG`` | |NCS| multiprotocol_rpmsg Bluetooth and 802.15.4 image: :ref:`multiprotocol-rpmsg-sample` | +---------------------------------------------------------+-----------------------------------------------------------------------------------------------------------+ diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst index 76592298c2dd..c42947056d7a 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-1.3.0.rst @@ -168,7 +168,7 @@ nRF5340 SoC ----------- * Added :ref:`nrf5340_empty_app_core` for samples running purely on the nRF5340 network core. -* When building a Bluetooth sample for nRF5340, the :ref:`zephyr:bluetooth-hci-ipc-sample` sample is now automatically built as child image. +* When building a Bluetooth sample for nRF5340, the :zephyr:code-sample:`bluetooth_hci_ipc` sample is now automatically built as child image. Multiprotocol Service Layer (MPSL) ----------------------------------- diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-1.4.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-1.4.0.rst index f415d7c7d625..dc16976fee6a 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-1.4.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-1.4.0.rst @@ -140,7 +140,7 @@ nRF9160 * Added handling of sensor channel ``get`` commands received from `nRF Connect for Cloud`_. * Added event handler for :ref:`lte_lc_readme` events. * Added the detection feature when there is no SIM card in the slot. - * Added support for Bosch BSEC library 1.4.8.0 (see :ref:`zephyr:bme680`). + * Added support for Bosch BSEC library 1.4.8.0 (see Zephyr BME680 sample). This breaks compatibility with older versions of the library. * Added a timestamp for sensor or cloud data, or both. * Added the ``CONFIG_UI_LED_PWM_FREQUENCY`` Kconfig option for setting the LED PWM frequency. @@ -482,7 +482,7 @@ Build system * Added the ``ncs_add_partition_manager_config`` function that allows out-of-tree users to specify partition manager configuration files. * Added a warning if no static partition manager configuration is provided when one image (or more) is not built from source in a multi-image build. -* Enabled choosing a build strategy for Zephyr's :ref:`zephyr:bluetooth-hci-ipc-sample` sample when it is built as a child image. +* Enabled choosing a build strategy for Zephyr's :zephyr:code-sample:`bluetooth_hci_ipc` sample when it is built as a child image. See :ref:`ug_multi_image` for details. * Improved multi-core builds by disassociating domain names from board names. * Bugfixes: diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-1.5.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-1.5.0.rst index 24d0049c7094..b4a04a249307 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-1.5.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-1.5.0.rst @@ -153,7 +153,7 @@ nRF5340 SoC * :ref:`esb_readme` subsystem - Added support for nRF5340 (CPUNET) in the ESB subsystem. * Secure Partition Manager (SPM) subsystem - Added support for nRF5340 peripherals in non-secure applications. - * :ref:`ble_samples` - Added configuration overlays for child image to the required Bluetooth LE samples so that no Kconfig updates in the :ref:`zephyr:bluetooth-hci-ipc-sample` sample are needed by default. + * :ref:`ble_samples` - Added configuration overlays for child image to the required Bluetooth LE samples so that no Kconfig updates in the :zephyr:code-sample:`bluetooth_hci_ipc` sample are needed by default. * :ref:`nrf5340_empty_app_core` sample - Disabled the kernel memory pool option :kconfig:option:`CONFIG_KERNEL_MEM_POOL` to reduce the memory footprint. * ``bl_boot`` library - Disabled clock interrupts before booting the application. This change fixes an issue where the :ref:`bootloader` sample would not be able to boot a Zephyr application on the nRF5340 SoC. @@ -866,12 +866,12 @@ The following list summarizes the most important changes inherited from upstream * Samples: - * Added :ref:`zephyr:nrf-ieee802154-rpmsg-sample`. + * Added :zephyr:code-sample:`nrf_ieee802154_rpmsg`. * Added :zephyr:code-sample:`tagoio-http-post`. * Added Civetweb WebSocket Server sample. * :zephyr:code-sample:`led-strip`: Updated to force SPIM on nRF52 DK. * :zephyr:code-sample:`cfb-custom-fonts`: Added support for ssd1306fb. - * :zephyr:code-sample:`gsm-modem`: Added suspend/resume shell commands. + * Generic GSM modem: Added suspend/resume shell commands. * :zephyr:code-sample:`updatehub-fota`: Added support for Bluetooth LE IPSP, 802.15.4, modem, and Wi-Fi. * Logging: diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.1.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.1.0.rst index c2a8ed61b39b..7a544f88b909 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.1.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.1.0.rst @@ -423,7 +423,7 @@ Bluetooth samples * Automatic switching to the not discoverable advertising with the show UI indication mode after 10 minutes of discoverable advertising. * Automatic switching from discoverable advertising to the not discoverable advertising with the show UI indication mode after a Bluetooth Central successfully pairs. -* :ref:`bluetooth_direction_finding_connectionless_tx` sample: +* :zephyr:code-sample:`ble_direction_finding_connectionless_tx` sample: * Fixed a build error related to the missing :kconfig:option:`CONFIG_BT_DF_CONNECTIONLESS_CTE_TX` Kconfig option. The option has been added and set to ``y`` in the sample's :file:`prj.conf` file. @@ -434,22 +434,22 @@ Bluetooth samples These were too low because the total transfer time incorrectly included 500ms delay without including the actual transfer. * Updated by optimizing throughput speed by increasing MTU to 498 and using the maximum connection event time. -* :ref:`bluetooth_direction_finding_central` sample: +* :zephyr:code-sample:`bluetooth_direction_finding_central` sample: * Added devicetree overlay file for the nRF5340 application core that configures GPIO pin forwarding. This enables the radio peripheral's Direction Finding Extension for antenna switching. -* :ref:`bluetooth_direction_finding_connectionless_rx` sample: +* :zephyr:code-sample:`ble_direction_finding_connectionless_rx` sample: * Added devicetree overlay file for the nRF5340 application core that configures GPIO pin forwarding. This enables the radio peripheral's Direction Finding Extension for antenna switching. -* :ref:`bluetooth_direction_finding_connectionless_tx` sample: +* :zephyr:code-sample:`ble_direction_finding_connectionless_tx` sample: * Added devicetree overlay file for the nRF5340 application core that configures GPIO pin forwarding. This enables the radio peripheral's Direction Finding Extension for antenna switching. -* :ref:`bluetooth_direction_finding_peripheral` sample: +* :zephyr:code-sample:`bluetooth_direction_finding_peripheral` sample: * Added devicetree overlay file for the nRF5340 application core that configures GPIO pin forwarding. This enables the radio peripheral's Direction Finding Extension for antenna switching. diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst index b57a87f4dc8a..2774b3d58373 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst @@ -230,10 +230,10 @@ Zephyr samples * :zephyr:code-sample:`blinky` * :ref:`zephyr:hello_world` * :zephyr:code-sample:`settings` - * :ref:`zephyr:bluetooth-observer-sample` - * :ref:`zephyr:nrf-system-off-sample` - * :ref:`zephyr:peripheral_hr` - * :ref:`zephyr:bluetooth_central_hr` + * :zephyr:code-sample:`bluetooth_observer` + * :zephyr:code-sample:`nrf_system_off` + * :zephyr:code-sample:`ble_peripheral_hr` + * :zephyr:code-sample:`ble_central_hr` * :zephyr:code-sample:`smp-svr` Current nRF54L15 PDK Limitations diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst index 4ca9c8c36471..9fb8a84f86e1 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.7.0.rst @@ -59,7 +59,7 @@ Added the following features as supported: * :ref:`zephyr:sysbuild`, an improved and extensible system for multi-image build, replacing :ref:`ug_multi_image` (parent/child images). See `Migrating from multi-image builds to sysbuild`_. * Samples and applications that use short-range radio and run on multi-core SoCs were migrated to use the :ref:`ipc_radio` as the default image for the network/radio core. - Samples previously used for the network/radio core are no longer used in the default builds: :ref:`zephyr:bluetooth-hci-ipc-sample`, :ref:`zephyr:nrf-ieee802154-rpmsg-sample`, :ref:`multiprotocol-rpmsg-sample`, and :ref:`ble_rpc_host`. + Samples previously used for the network/radio core are no longer used in the default builds: :zephyr:code-sample:`bluetooth_hci_ipc`, :zephyr:code-sample:`nrf_ieee802154_rpmsg`, :ref:`multiprotocol-rpmsg-sample`, and :ref:`ble_rpc_host`. Added the following features as experimental: @@ -389,7 +389,7 @@ Applications This section provides detailed lists of changes by :ref:`application `. -Applications that used :ref:`zephyr:bluetooth-hci-ipc-sample`, :ref:`zephyr:nrf-ieee802154-rpmsg-sample`, or :ref:`multiprotocol-rpmsg-sample` radio core firmware, now use the :ref:`ipc_radio`. +Applications that used :zephyr:code-sample:`bluetooth_hci_ipc`, :zephyr:code-sample:`nrf_ieee802154_rpmsg`, or :ref:`multiprotocol-rpmsg-sample` radio core firmware, now use the :ref:`ipc_radio`. Asset Tracker v2 ---------------- @@ -612,7 +612,7 @@ Bluetooth samples * :ref:`peripheral_uart` sample * :ref:`central_uart` sample -* Updated the Bluetooth samples that used the :ref:`zephyr:bluetooth-hci-ipc-sample` radio core firmware so that now they use the :ref:`ipc_radio`. +* Updated the Bluetooth samples that used the :zephyr:code-sample:`bluetooth_hci_ipc` radio core firmware so that now they use the :ref:`ipc_radio`. * :ref:`direct_test_mode` sample: @@ -631,7 +631,7 @@ Bluetooth Fast Pair samples * Updated: * The sample is moved to the :ref:`bt_fast_pair_samples` category. - * Replaced the :ref:`zephyr:bluetooth-hci-ipc-sample` radio core firmware with the :ref:`ipc_radio`. + * Replaced the :zephyr:code-sample:`bluetooth_hci_ipc` radio core firmware with the :ref:`ipc_radio`. * Removed unnecessary :kconfig:option:`CONFIG_HEAP_MEM_POOL_SIZE` Kconfig configuration. @@ -652,7 +652,7 @@ Bluetooth Mesh samples * :ref:`bluetooth_mesh_light_lc` sample * :ref:`ble_mesh_dfu_distributor` sample -* Updated the Bluetooth Mesh samples that used the :ref:`zephyr:bluetooth-hci-ipc-sample` radio core firmware so that they now use the :ref:`ipc_radio`. +* Updated the Bluetooth Mesh samples that used the :zephyr:code-sample:`bluetooth_hci_ipc` radio core firmware so that they now use the :ref:`ipc_radio`. * :ref:`bluetooth_mesh_sensor_client` sample: @@ -811,7 +811,7 @@ Matter samples * Updated: - * Matter samples that used :ref:`zephyr:nrf-ieee802154-rpmsg-sample` or :ref:`multiprotocol-rpmsg-sample` radio core firmware, now use the :ref:`ipc_radio`. + * Matter samples that used :zephyr:code-sample:`nrf_ieee802154_rpmsg` or :ref:`multiprotocol-rpmsg-sample` radio core firmware, now use the :ref:`ipc_radio`. * Enabled the Bluetooth LE Extended Announcement feature for all samples, and increased advertising timeout from 15 minutes to 1 hour. * Removed: @@ -913,7 +913,7 @@ Thread samples * Added new :ref:`feature set ` Kconfig option :kconfig:option:`CONFIG_OPENTHREAD_NORDIC_LIBRARY_RCP`. -* Updated the Thread samples that used :ref:`zephyr:nrf-ieee802154-rpmsg-sample` or :ref:`multiprotocol-rpmsg-sample` radio core firmware, so that they now use the :ref:`ipc_radio`. +* Updated the Thread samples that used :zephyr:code-sample:`nrf_ieee802154_rpmsg` or :ref:`multiprotocol-rpmsg-sample` radio core firmware, so that they now use the :ref:`ipc_radio`. * :ref:`ot_cli_sample` sample: @@ -927,7 +927,7 @@ Thread samples Zigbee samples -------------- -* Updated the Zigbee samples that used :ref:`zephyr:nrf-ieee802154-rpmsg-sample` or :ref:`multiprotocol-rpmsg-sample` radio core firmware, so that they now use the :ref:`ipc_radio`. +* Updated the Zigbee samples that used :zephyr:code-sample:`nrf_ieee802154_rpmsg` or :ref:`multiprotocol-rpmsg-sample` radio core firmware, so that they now use the :ref:`ipc_radio`. Wi-Fi samples ------------- @@ -938,7 +938,7 @@ Wi-Fi samples * The :ref:`wifi_thread_coex_sample` sample that demonstrates Wi-Fi and Thread coexistence. * The :ref:`wifi_promiscuous_sample` sample that demonstrates how to set Promiscuous mode, establish a connection to an Access Point (AP), analyze incoming Wi-Fi packets, and print packet statistics. -* Updated the Wi-Fi samples that used :ref:`zephyr:bluetooth-hci-ipc-sample` or :ref:`zephyr:nrf-ieee802154-rpmsg-sample` radio core firmware, so that they now use the :ref:`ipc_radio`. +* Updated the Wi-Fi samples that used :zephyr:code-sample:`bluetooth_hci_ipc` or :zephyr:code-sample:`nrf_ieee802154_rpmsg` radio core firmware, so that they now use the :ref:`ipc_radio`. * :ref:`wifi_softap_sample` sample: diff --git a/samples/bluetooth/central_and_peripheral_hr/README.rst b/samples/bluetooth/central_and_peripheral_hr/README.rst index e0983b319f86..b71cb5ee918d 100644 --- a/samples/bluetooth/central_and_peripheral_hr/README.rst +++ b/samples/bluetooth/central_and_peripheral_hr/README.rst @@ -24,17 +24,17 @@ The sample supports the following development kits: To test just the Bluetooth® LE Central Role operation, you need one of the following setups: * A smartphone or a tablet running a compatible application. - * Another development kit running the :ref:`zephyr:peripheral_hr` sample. + * Another development kit running the :zephyr:code-sample:`ble_peripheral_hr` sample. See the documentation for that sample for detailed instructions. To test the Relay mode operation, you need one of the following setups: * A smartphone or a tablet running a compatible application. - * Two additional development kits running :ref:`zephyr:bluetooth_central_hr` and :ref:`zephyr:peripheral_hr` samples. + * Two additional development kits running :zephyr:code-sample:`ble_central_hr` and :zephyr:code-sample:`ble_peripheral_hr` samples. You can also mix devices when testing this sample. For a simple echo test, you only need one additional device. -Alternatively, you can use a smartphone providing the HRS functionality and a development kit running the :ref:`zephyr:bluetooth_central_hr` sample. +Alternatively, you can use a smartphone providing the HRS functionality and a development kit running the :zephyr:code-sample:`ble_central_hr` sample. For testing, you can also use `nRF Connect for Desktop`_. @@ -91,7 +91,7 @@ Building and running Testing ======= -After programming the sample to your development kit, test it either by connecting to other development kits that are running the :ref:`zephyr:peripheral_hr` sample, or by using the Bluetooth Low Energy app from the `nRF Connect for Desktop`_, which emulates an HRS server. +After programming the sample to your development kit, test it either by connecting to other development kits that are running the :zephyr:code-sample:`ble_peripheral_hr` sample, or by using the Bluetooth Low Energy app from the `nRF Connect for Desktop`_, which emulates an HRS server. Testing with other development kits ----------------------------------- @@ -101,7 +101,7 @@ Testing with other development kits .. group-tab:: nRF52 and nRF53 DKs 1. |connect_terminal_specific| - #. Program the other development kit with the :ref:`zephyr:peripheral_hr` sample and reset it. + #. Program the other development kit with the :zephyr:code-sample:`ble_peripheral_hr` sample and reset it. #. Wait until the HRS is detected by the central. Observe that **LED 2** is on. #. In the terminal window, check for information similar to the following:: @@ -119,10 +119,10 @@ Testing with other development kits Notifications will be displayed periodically with a frequency determined by the HR server. - #. Program another development kit with the :ref:`zephyr:bluetooth_central_hr` sample and reset it. + #. Program another development kit with the :zephyr:code-sample:`ble_central_hr` sample and reset it. #. Wait until central is connected to your development kit. Observe that **LED 3** is lit. - #. In terminal windows connected to device with the :ref:`zephyr:bluetooth_central_hr` sample, check for information similar to following:: + #. In terminal windows connected to device with the :zephyr:code-sample:`ble_central_hr` sample, check for information similar to following:: [NOTIFICATION] data 0x20006779 length 2 @@ -131,7 +131,7 @@ Testing with other development kits .. group-tab:: nRF54 DKs 1. |connect_terminal_specific| - #. Program the other development kit with the :ref:`zephyr:peripheral_hr` sample and reset it. + #. Program the other development kit with the :zephyr:code-sample:`ble_peripheral_hr` sample and reset it. #. Wait until the HRS is detected by the central. Observe that **LED 1** is on. #. In the terminal window, check for information similar to the following:: @@ -149,10 +149,10 @@ Testing with other development kits Notifications will be displayed periodically with a frequency determined by the HR server. - #. Program another development kit with the :ref:`zephyr:bluetooth_central_hr` sample and reset it. + #. Program another development kit with the :zephyr:code-sample:`ble_central_hr` sample and reset it. #. Wait until central is connected to your development kit. Observe that **LED 2** is lit. - #. In terminal windows connected to device with the :ref:`zephyr:bluetooth_central_hr` sample, check for information similar to following:: + #. In terminal windows connected to device with the :zephyr:code-sample:`ble_central_hr` sample, check for information similar to following:: [NOTIFICATION] data 0x20006779 length 2 diff --git a/samples/bluetooth/central_hr_coded/README.rst b/samples/bluetooth/central_hr_coded/README.rst index 9d5697d109cf..cd360d1da849 100644 --- a/samples/bluetooth/central_hr_coded/README.rst +++ b/samples/bluetooth/central_hr_coded/README.rst @@ -7,7 +7,7 @@ Bluetooth: Central Heart Rate Monitor with Coded PHY :local: :depth: 2 -The Central Heart Rate Monitor with Coded PHY offers similar functionality to the :ref:`zephyr:bluetooth_central_hr` sample from Zephyr. +The Central Heart Rate Monitor with Coded PHY offers similar functionality to the :zephyr:code-sample:`ble_central_hr` sample from Zephyr. However, this sample specifically looks for heart rate monitors using LE Coded PHY. Requirements diff --git a/samples/bluetooth/hci_lpuart/README.rst b/samples/bluetooth/hci_lpuart/README.rst index d27c7c5526ea..635bbcc9d7a1 100644 --- a/samples/bluetooth/hci_lpuart/README.rst +++ b/samples/bluetooth/hci_lpuart/README.rst @@ -7,7 +7,7 @@ Bluetooth: HCI low power UART :local: :depth: 2 -The HCI low power UART sample is based on the :ref:`zephyr:bluetooth-hci-uart-sample` but is using the :ref:`uart_nrf_sw_lpuart` for HCI UART communication. +The HCI low power UART sample is based on the :zephyr:code-sample:`bluetooth_hci_uart` but is using the :ref:`uart_nrf_sw_lpuart` for HCI UART communication. Requirements ************ diff --git a/samples/bluetooth/peripheral_hr_coded/README.rst b/samples/bluetooth/peripheral_hr_coded/README.rst index af104d2bf0d7..5a1770699142 100644 --- a/samples/bluetooth/peripheral_hr_coded/README.rst +++ b/samples/bluetooth/peripheral_hr_coded/README.rst @@ -7,7 +7,7 @@ Bluetooth: Peripheral Heart Rate Monitor with Coded PHY :local: :depth: 2 -The Peripheral Heart Rate Monitor with Coded PHY offers similar functionality to the :ref:`zephyr:peripheral_hr` sample from Zephyr. +The Peripheral Heart Rate Monitor with Coded PHY offers similar functionality to the :zephyr:code-sample:`ble_peripheral_hr` sample from Zephyr. However, this sample supports LE Coded PHY. Requirements diff --git a/samples/cellular/lwm2m_client/sample_description.rst b/samples/cellular/lwm2m_client/sample_description.rst index eb5e298512d3..1f2b4d7844be 100644 --- a/samples/cellular/lwm2m_client/sample_description.rst +++ b/samples/cellular/lwm2m_client/sample_description.rst @@ -845,7 +845,7 @@ It uses the following Zephyr libraries: * :ref:`gpio_api` * :ref:`lwm2m_interface` * :ref:`pwm_api` -* :ref:`sensor_api` +* :ref:`zephyr:sensor` In addition, it uses the following secure firmware component: diff --git a/samples/nrf5340/netboot/README.rst b/samples/nrf5340/netboot/README.rst index 34edacd8ba8a..50a12c849f90 100644 --- a/samples/nrf5340/netboot/README.rst +++ b/samples/nrf5340/netboot/README.rst @@ -84,7 +84,7 @@ Then follow the instructions in :ref:`ug_nrf5340_building` to build and program .. note:: To try out the network core bootloader sample, use the :ref:`peripheral_uart` sample as the basis for the multi-image build. - This sample automatically includes the network core sample :ref:`bluetooth-hci-ipc-sample` when built for the nRF5340 DK. + This sample automatically includes the network core sample :zephyr:code-sample:`bluetooth_hci_ipc` when built for the nRF5340 DK. Then apply the options mentioned to include the network core bootloader sample with MCUboot. Testing diff --git a/samples/openthread/coprocessor/README.rst b/samples/openthread/coprocessor/README.rst index bf8398534828..03cce6c591e3 100644 --- a/samples/openthread/coprocessor/README.rst +++ b/samples/openthread/coprocessor/README.rst @@ -144,7 +144,7 @@ After building the sample and programming it to your development kit, complete t #. Get the kit's serial port name (for example, :file:`/dev/ttyACM0`). #. Run and configure ot-cli as described in :ref:`ug_thread_tools_ot_apps`. #. From this point, you can follow the :ref:`ot_cli_sample_testing` instructions in the CLI sample by removing the `ot` prefix for each command. - If you are using HCI, follow the instructions for the :ref:`zephyr:bluetooth-hci-uart-sample` sample in the Zephyr documentation. + If you are using HCI, follow the instructions for the :zephyr:code-sample:`bluetooth_hci_uart` sample in the Zephyr documentation. You can follow these instead of or in addition to the CLI sample instructions. Dependencies diff --git a/samples/wifi/provisioning/ble/README.rst b/samples/wifi/provisioning/ble/README.rst index 238973acb39b..d3dcdd01a135 100644 --- a/samples/wifi/provisioning/ble/README.rst +++ b/samples/wifi/provisioning/ble/README.rst @@ -105,7 +105,7 @@ Building and running The sample generates header and source files based on protocol buffer definitions in :file:`.proto` files during the build process. You must install a protocol buffer compiler to generate the files. -See the :ref:`zephyr:nanopb_sample` in the Zephyr documentation for more information. +See the :zephyr:code-sample:`nanopb` in the Zephyr documentation for more information. Testing ======= From 858c869d57f3012d880d59cb135d2321dbe25081 Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Tue, 17 Sep 2024 12:38:55 +0200 Subject: [PATCH 085/217] doc: redirects: remove invalid entries Redirects are now validated against all available documents within a docset, so we cannot have random redirects to external docsets. Delete entries which were crossing boundaries, these will need to be handled manually somewhere else. Signed-off-by: Gerard Marull-Paretas --- doc/_utils/redirects.py | 1 - 1 file changed, 1 deletion(-) diff --git a/doc/_utils/redirects.py b/doc/_utils/redirects.py index 683d5aedf07f..cf1300b99479 100644 --- a/doc/_utils/redirects.py +++ b/doc/_utils/redirects.py @@ -427,7 +427,6 @@ ("samples/wifi/sr_coex/README", "samples/wifi/ble_coex/README"), # Wi-Fi: Bluetooth LE coexistence ("samples/samples_zigbee", "samples/zigbee"), # Zigbee samples (landing) ("samples/samples_other", "samples/other"), # Other samples (landing) - ("libraries/bin/bt_ll_acs_nrf53/index", "../nrfxlib/softdevice_controller/doc/isochronous_channels"), # LE Audio controller for nRF5340 (removed for 2.7.0) ("libraries/networking/nrf_cloud_agps", "libraries/networking/nrf_cloud_agnss"), # nRF Cloud A-GNSS ("libraries/bootloader/index", "libraries/security/bootloader/index"), # Bootloader libraries (landing) ("libraries/bootloader/bl_crypto", "libraries/security/bootloader/bl_crypto"), # Bootloader crypto From a0f336bb3d654215cebf39b1875821c9bd51b9cd Mon Sep 17 00:00:00 2001 From: Dawid Przybylo Date: Tue, 17 Sep 2024 14:43:11 +0200 Subject: [PATCH 086/217] ieee802154: 802154_rpmsg: Fix path in CMake and sysbuild conf Fix ieee802154/802154_rpmsg path in CMake and sysbuild conf. Signed-off-by: Dawid Przybylo --- samples/CMakeLists.txt | 2 +- sysbuild/Kconfig.netcore | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/CMakeLists.txt b/samples/CMakeLists.txt index dd135de19e3b..cbe5f9ba71b0 100644 --- a/samples/CMakeLists.txt +++ b/samples/CMakeLists.txt @@ -86,7 +86,7 @@ if (CONFIG_NCS_INCLUDE_RPMSG_CHILD_IMAGE OR CONFIG_NCS_SAMPLE_EMPTY_NET_CORE_CHI elseif (CONFIG_NCS_SAMPLE_802154_RPMSG_CHILD_IMAGE) set(CHILD_IMAGE_NAME "802154_rpmsg") - set(CHILD_IMAGE_PATH "${ZEPHYR_BASE}/samples/boards/nrf/ieee802154/802154_rpmsg") + set(CHILD_IMAGE_PATH "${ZEPHYR_BASE}/samples/boards/nordic/ieee802154/802154_rpmsg") elseif (CONFIG_NCS_SAMPLE_RPC_HOST_CHILD_IMAGE) set(CHILD_IMAGE_NAME "rpc_host") diff --git a/sysbuild/Kconfig.netcore b/sysbuild/Kconfig.netcore index ef48a57c78ea..65c10bf27b7b 100644 --- a/sysbuild/Kconfig.netcore +++ b/sysbuild/Kconfig.netcore @@ -157,7 +157,7 @@ config NETCORE_IMAGE_PATH default "${ZEPHYR_NRF_MODULE_DIR}/samples/nrf5340/empty_net_core" if NETCORE_EMPTY default "${ZEPHYR_BASE}/samples/bluetooth/hci_ipc" if NETCORE_HCI_IPC default "${ZEPHYR_NRF_MODULE_DIR}/samples/bluetooth/rpc_host" if NETCORE_RPC_HOST - default "${ZEPHYR_BASE}/samples/boards/nrf/ieee802154/802154_rpmsg" if NETCORE_802154_RPMSG + default "${ZEPHYR_BASE}/samples/boards/nordic/ieee802154/802154_rpmsg" if NETCORE_802154_RPMSG default "${ZEPHYR_NRF_MODULE_DIR}/samples/nrf5340/multiprotocol_rpmsg" if NETCORE_MULTIPROTOCOL_RPMSG default "${ZEPHYR_NRF_MODULE_DIR}/applications/ipc_radio" if NETCORE_IPC_RADIO help From 240504fe1379021d9f412010bd8269a2bb77c3da Mon Sep 17 00:00:00 2001 From: Dominik Chat Date: Fri, 13 Sep 2024 11:10:48 +0200 Subject: [PATCH 087/217] samples: Align samples to new recommeneded net_buf API. Align the usage of net_buf_put/get to use k_fifo_put/get as recommended per Zephyr upstream. Signed-off-by: Dominik Chat --- .../bluetooth/direct_test_mode/remote_hci/src/main.c | 4 ++-- .../bluetooth/direct_test_mode/src/transport/dtm_hci.c | 4 ++-- .../direct_test_mode/src/transport/hci_uart.c | 4 ++-- samples/nrf5340/multiprotocol_rpmsg/src/main.c | 6 +++--- samples/openthread/coprocessor/src/rcp_hci.c | 10 +++++----- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/samples/bluetooth/direct_test_mode/remote_hci/src/main.c b/samples/bluetooth/direct_test_mode/remote_hci/src/main.c index 5cb103de60ae..9bea1d4ad8da 100644 --- a/samples/bluetooth/direct_test_mode/remote_hci/src/main.c +++ b/samples/bluetooth/direct_test_mode/remote_hci/src/main.c @@ -124,7 +124,7 @@ NRF_RPC_CBOR_CMD_DECODER(hci_group, hci_uart_init, RPC_HCI_UART_INIT_CMD, static void dtm_hci_put_wrapper(struct net_buf *buf) { - net_buf_put(&dtm_put_queue, buf); + k_fifo_put(&dtm_put_queue, buf); } static void dtm_put_thread(void) @@ -132,7 +132,7 @@ static void dtm_put_thread(void) struct net_buf *buf; for (;;) { - buf = net_buf_get(&dtm_put_queue, K_FOREVER); + buf = k_fifo_get(&dtm_put_queue, K_FOREVER); __ASSERT_NO_MSG(buf != NULL); diff --git a/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c b/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c index c9f1b79a34d5..99c9ed013d0c 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c +++ b/samples/bluetooth/direct_test_mode/src/transport/dtm_hci.c @@ -712,7 +712,7 @@ static int hci_cmd(const struct bt_hci_cmd_hdr *hdr, const uint8_t *data) static void dtm_hci_put(struct net_buf *buf) { - net_buf_put(&hci_rx_queue, buf); + k_fifo_put(&hci_rx_queue, buf); } int dtm_tr_init(void) @@ -738,7 +738,7 @@ union dtm_tr_packet dtm_tr_get(void) { union dtm_tr_packet tmp; - tmp.hci = net_buf_get(&hci_rx_queue, K_FOREVER); + tmp.hci = k_fifo_get(&hci_rx_queue, K_FOREVER); return tmp; } diff --git a/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c b/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c index d0f4315c4649..bdbd5f51e0dd 100644 --- a/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c +++ b/samples/bluetooth/direct_test_mode/src/transport/hci_uart.c @@ -249,7 +249,7 @@ static void tx_thread(void) * and it's not supposed to be sent over uart. * The pointer is an address to the associated net_buf. */ - buf = net_buf_get(&hci_tx_queue, K_FOREVER); + buf = k_fifo_get(&hci_tx_queue, K_FOREVER); uart_tx(hci_uart_dev, &buf->data[sizeof(buf)], buf->len - sizeof(buf), SYS_FOREVER_US); } @@ -304,6 +304,6 @@ int hci_uart_write(uint8_t type, const uint8_t *hdr, size_t hdr_len, const uint8 net_buf_add_mem(buf, hdr, hdr_len); net_buf_add_mem(buf, pld, len); - net_buf_put(&hci_tx_queue, buf); + k_fifo_put(&hci_tx_queue, buf); return 0; } diff --git a/samples/nrf5340/multiprotocol_rpmsg/src/main.c b/samples/nrf5340/multiprotocol_rpmsg/src/main.c index 7fcc2c0c0486..cfdff24185c1 100644 --- a/samples/nrf5340/multiprotocol_rpmsg/src/main.c +++ b/samples/nrf5340/multiprotocol_rpmsg/src/main.c @@ -131,7 +131,7 @@ static void hci_rpmsg_rx(uint8_t *data, size_t len) } if (buf) { - net_buf_put(&tx_queue, buf); + k_fifo_put(&tx_queue, buf); LOG_HEXDUMP_DBG(buf->data, buf->len, "Final net buffer:"); } @@ -144,7 +144,7 @@ static void tx_thread(void *p1, void *p2, void *p3) int err; /* Wait until a buffer is available */ - buf = net_buf_get(&tx_queue, K_FOREVER); + buf = k_fifo_get(&tx_queue, K_FOREVER); /* Pass buffer to the stack */ err = bt_send(buf); if (err) { @@ -253,7 +253,7 @@ int main(void) while (1) { struct net_buf *buf; - buf = net_buf_get(&rx_queue, K_FOREVER); + buf = k_fifo_get(&rx_queue, K_FOREVER); err = hci_rpmsg_send(buf); if (err) { LOG_ERR("Failed to send (err %d)", err); diff --git a/samples/openthread/coprocessor/src/rcp_hci.c b/samples/openthread/coprocessor/src/rcp_hci.c index 2f7b8b2e16e3..937200863519 100644 --- a/samples/openthread/coprocessor/src/rcp_hci.c +++ b/samples/openthread/coprocessor/src/rcp_hci.c @@ -162,7 +162,7 @@ static void rx_isr(void) if (remaining == 0) { /* Packet received */ LOG_DBG("putting RX packet in queue."); - net_buf_put(&tx_queue, buf); + k_fifo_put(&tx_queue, buf); state = ST_IDLE; } break; @@ -192,7 +192,7 @@ static void tx_isr(void) int len; if (!buf) { - buf = net_buf_get(&uart_tx_queue, K_NO_WAIT); + buf = k_fifo_get(&uart_tx_queue, K_NO_WAIT); if (!buf) { uart_irq_tx_disable(hci_uart_dev); return; @@ -232,7 +232,7 @@ static void tx_thread(void *p1, void *p2, void *p3) int err; /* Wait until a buffer is available */ - buf = net_buf_get(&tx_queue, K_FOREVER); + buf = k_fifo_get(&tx_queue, K_FOREVER); /* Pass buffer to the stack */ err = bt_send(buf); if (err) { @@ -251,7 +251,7 @@ static int h4_send(struct net_buf *buf) { LOG_DBG("buf %p type %u len %u", buf, bt_buf_get_type(buf), buf->len); - net_buf_put(&uart_tx_queue, buf); + k_fifo_put(&uart_tx_queue, buf); uart_irq_tx_enable(hci_uart_dev); return 0; @@ -369,7 +369,7 @@ void run_hci(void) while (1) { struct net_buf *buf; - buf = net_buf_get(&rx_queue, K_FOREVER); + buf = k_fifo_get(&rx_queue, K_FOREVER); err = h4_send(buf); if (err) { LOG_ERR("Failed to send"); From fa459ec4a72484a8e515dd0b418dffac167b7ab9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 17 Sep 2024 15:15:29 +0200 Subject: [PATCH 088/217] tf-m: Add ${NRF_DIR} to external core and added include MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! tf-m: Add support for building PSA core externally -This adds include for /nrf/include/tfm which has a file used for builtin key support. This is using the same mechanism as other types of paths passed to TF-M (fixup of commit 96a592405b95a14c79fbd8b71a8dfb23ef0f8604) Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/tfm_boards/external_core.cmake | 6 ++++-- subsys/nrf_security/configs/config_extra.cmake.in | 1 + 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake index 08db5fd8c86f..38e8d4bf80d2 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -69,7 +69,8 @@ if(TARGET psa_crypto_config) INTERFACE ${PSA_CRYPTO_CONFIG_INTERFACE_PATH} ${NRF_SECURITY_ROOT}/include - ${OBERON_PSA_CORE_PATH}/include/ + ${OBERON_PSA_CORE_PATH}/include + ${NRF_DIR}/include/tfm ) endif() @@ -87,7 +88,8 @@ if(TARGET psa_crypto_library_config) INTERFACE ${PSA_CRYPTO_CONFIG_LIBRARY_PATH} ${NRF_SECURITY_ROOT}/include - ${OBERON_PSA_CORE_PATH}/include/ + ${OBERON_PSA_CORE_PATH}/include + ${NRF_DIR}/include/tfm ) endif() diff --git a/subsys/nrf_security/configs/config_extra.cmake.in b/subsys/nrf_security/configs/config_extra.cmake.in index e17bf0021c64..e52319bc5e0b 100644 --- a/subsys/nrf_security/configs/config_extra.cmake.in +++ b/subsys/nrf_security/configs/config_extra.cmake.in @@ -15,6 +15,7 @@ set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR} CACHE STRING "n set(NRF_SECURITY_ROOT ${NRF_DIR}/subsys/nrf_security CACHE STRING "nrf_security root folder") set(OBERON_PSA_CORE_PATH ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR} CACHE STRING "oberon-psa-core folder") set(ARM_MBEDTLS_PATH ${ZEPHYR_MBEDTLS_MODULE_DIR} CACHE STRING "Mbed TLS folder") +set(NRF_DIR ${NRF_DIR} CACHE STRING "NRF folder") # This file is populated with the Mbed TLS config file names set(MBEDTLS_CONFIG_FILE ${CONFIG_MBEDTLS_CFG_FILE} CACHE STRING "Mbed TLS Config file") From 909835f6a3c84040f8bf7e95e8b6352559022f7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 18 Sep 2024 23:01:20 +0200 Subject: [PATCH 089/217] crypto: Handling threading support a bit more accurately MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Adding threading support for PSA core -This commit ensures the appropriate linking from nrf-security_utils to libraries in tf-M related to low-level OS integration like the addition of __assert.h and the debvug log used whe asserts happen -This commit also moves nrf_security_utils into private scope for mbedcrypto-base and cracen PSA crypto library Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 2 +- .../src/core/nrf_oberon/CMakeLists.txt | 1 + .../src/drivers/cracen/CMakeLists.txt | 12 +++++++++ .../src/utils/nrf_security_utils.cmake | 27 +++++++++++++------ 4 files changed, 33 insertions(+), 9 deletions(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 9bc3e859b401..a5acff8644c1 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -123,9 +123,9 @@ target_link_libraries(mbedcrypto_base PRIVATE psa_crypto_config $ + nrf_security_utils PUBLIC psa_interface - nrf_security_utils ) nrf_security_add_zephyr_options(mbedcrypto_base) diff --git a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt index 8075cb4faec4..50702f72589d 100644 --- a/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt @@ -44,6 +44,7 @@ target_link_libraries(oberon_psa_core PRIVATE psa_crypto_library_config mbedcrypto_base + nrf_security_utils ) nrf_security_add_zephyr_options_library(oberon_psa_core) diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index 571b77f3f432..dbb5a89399bd 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -46,6 +46,18 @@ target_link_libraries(cracen_psa_driver nrf_security_utils ) +# Give access to cmsis, nrfx and MDK inside TF-M build +# to allow for referencing nRF events. Note that +# tfm_sp_log needs to be added because __assert.h requires +# it +if(BUILD_INSIDE_TFM) + target_link_libraries(cracen_psa_driver + PRIVATE + platform_s + tfm_sp_log + ) +endif() + # Link oberon_psa_core with this PSA crypto driver target_link_libraries(oberon_psa_core PRIVATE diff --git a/subsys/nrf_security/src/utils/nrf_security_utils.cmake b/subsys/nrf_security/src/utils/nrf_security_utils.cmake index cc0956d93c8f..a2c1a2db4708 100644 --- a/subsys/nrf_security/src/utils/nrf_security_utils.cmake +++ b/subsys/nrf_security/src/utils/nrf_security_utils.cmake @@ -14,13 +14,24 @@ target_include_directories(nrf_security_utils ${CMAKE_CURRENT_LIST_DIR} ) -# This special linking is done to give access to the zephyr kernel library -# which possibly isn't --whole-archived in the build. Trying to link to the -# kernel library directly will give cyclic dependency. The only way to avoid -# it seems to be to link with a full path instead. -target_link_libraries(nrf_security_utils - PRIVATE - ${CMAKE_BINARY_DIR}/zephyr/kernel/libkernel.a -) +if(BUILD_INSIDE_TFM) + # This gives access to cmsis, nrfx and mdk and the tfm_sp_log used by + # __assert.h + target_link_libraries(nrf_security_utils + PUBLIC + platform_s + tfm_sp_log + tfm_psa_rot_partition_crypto + ) +else() + # This special linking is done to give access to the zephyr kernel library + # which possibly isn't --whole-archived in the build. Trying to link to the + # kernel library directly will give cyclic dependency. The only way to avoid + # it seems to be to link with a full path instead. + target_link_libraries(nrf_security_utils + PRIVATE + ${CMAKE_BINARY_DIR}/zephyr/kernel/libkernel.a + ) +endif() nrf_security_add_zephyr_options_library(nrf_security_utils) From f47a5438ea15ee20e24de058d3d9f037b40767a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 18 Sep 2024 22:13:45 +0200 Subject: [PATCH 090/217] ble: Fix const correctness for bt_le_adv_parms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This fixes build warnings for certain samples for BLE Signed-off-by: Frank Audun Kvamtrø --- .../mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c | 2 +- samples/openthread/cli/src/ble.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c b/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c index 3a2c627a5703..9d9ccebabc05 100644 --- a/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c +++ b/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c @@ -41,7 +41,7 @@ static const struct bt_data sd[] = { }; static struct bt_le_ext_adv *adv; -static struct bt_le_adv_param *adv_params = BT_LE_ADV_CONN; +static const struct bt_le_adv_param *adv_params = BT_LE_ADV_CONN; static bool ble_button_state; static void connected(struct bt_conn *conn, uint8_t err) diff --git a/samples/openthread/cli/src/ble.c b/samples/openthread/cli/src/ble.c index 02a01b1b3e79..6ad0c996f1a8 100644 --- a/samples/openthread/cli/src/ble.c +++ b/samples/openthread/cli/src/ble.c @@ -24,7 +24,7 @@ static struct bt_conn_cb conn_callbacks; void ble_enable(void) { - struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM( + const struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM( BT_LE_ADV_OPT_CONNECTABLE | BT_LE_ADV_OPT_ONE_TIME, ADV_INT_MIN, ADV_INT_MAX, NULL); bt_enable(NULL); From 4032731d64e84466f7d06bf80d43d6db4684eebd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 18 Sep 2024 22:49:01 +0200 Subject: [PATCH 091/217] crypto: Resolving more PSA features from legacy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: legacy: Enable more PSA core/crypto awareness -This commit enabled MBEDTLS_WANT_KEY_TYPE_AES for any cipher-usge (by select) -This commit resolves PSA_WANT_ALG_ECB_NO_PADDING when MBEDTLS_CMAC_C is set -The changes is made to conform with check_config.h (fixup of commit 39f2cbc3a10bef67819704f4ccb3092cccc1e85a) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 19ee00beef94..d4b5abc983d6 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -388,6 +388,7 @@ config MBEDTLS_CIPHER_MODE_CBC bool "AES-CBC - AES Cipher Block Chaining mode" default y if !NET_L2_OPENTHREAD select PSA_WANT_ALG_CBC_NO_PADDING if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help Enable the AES Cipher Block Chaining (CBC) mode, MBEDTLS_CIPHER_MODE_CBC setting in mbed TLS config file. @@ -400,6 +401,7 @@ config MBEDTLS_CIPHER_PADDING_PKCS7 prompt "Enable MBEDTLS_CIPHER_PADDING_PKCS7" default y if !NET_L2_OPENTHREAD select PSA_WANT_ALG_CBC_PKCS7 if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help Enable support for PKCS7 padding for CBC cipher functions in mbedTLS. That is, fill buffer with ll bytes, where ll is padding length. @@ -450,6 +452,7 @@ config MBEDTLS_CIPHER_MODE_CTR bool "AES-CTR - AES Counter Block Cipher mode" default y select PSA_WANT_ALG_CTR if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help Enable the AES Counter Block Cipher mode (CTR) mode, MBEDTLS_CIPHER_MODE_CTR setting in mbed TLS config file. @@ -466,6 +469,8 @@ config MBEDTLS_CMAC_C bool "AES-CMAC - AES Cipher-based Message Authentication Code mode for block ciphers" default y if !PSA_CRYPTO_CLIENT select PSA_WANT_ALG_CMAC if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_ECB_NO_PADDING + select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help Enable AES CMAC support. @@ -478,6 +483,7 @@ config MBEDTLS_CCM_C depends on MBEDTLS_AES_C default y if !PSA_CRYPTO_CLIENT select PSA_WANT_ALG_CCM if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. This also includes CCM* @@ -488,6 +494,7 @@ config MBEDTLS_GCM_C prompt "AES-GCM - AES Galois/Counter Mode support" default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) select PSA_WANT_ALG_GCM if PSA_CRYPTO_CLIENT + select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help Enable the GCM module. MBEDTLS_GCM_C setting in mbed TLS config file. From 63f9f1b52840fe738952a646457a47a5417f57d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 18 Sep 2024 22:50:05 +0200 Subject: [PATCH 092/217] crypto: Made imported (legacy) libraries use psa_crypto-config MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Cleaning up PSA driver and core CMake logic -This commit changes link dependency on nrf_cc3xx_core_imported towards psa_crypto_config (was _config_library) to prevent propagation of multiple sets of configs -Same also done for mbedcrypto-oberon_mbedtls_imported Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/drivers/CMakeLists.txt | 2 +- subsys/nrf_security/src/legacy/CMakeLists.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/subsys/nrf_security/src/drivers/CMakeLists.txt b/subsys/nrf_security/src/drivers/CMakeLists.txt index 4e0cdb3771e0..70fe59368049 100644 --- a/subsys/nrf_security/src/drivers/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/CMakeLists.txt @@ -85,7 +85,7 @@ if(TARGET mbedcrypto_oberon_mbedtls_imported) target_link_libraries(mbedcrypto_oberon_mbedtls_imported INTERFACE - psa_crypto_library_config + psa_crypto_config mbedcrypto_base ) endif() diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index ceebe2316d37..e8c3653364b1 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -114,7 +114,7 @@ if(TARGET nrf_cc3xx_core_imported) # nrf_cc3xx needs functionality from mbedcrypto_base target_link_libraries(nrf_cc3xx_core_imported INTERFACE - psa_crypto_library_config + psa_crypto_config mbedcrypto_base ) endif() From dc24603db366b4dcf48af423978cb4eb8ff5db48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 18 Sep 2024 22:52:13 +0200 Subject: [PATCH 093/217] modem: tests: Change z => zvfs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Changed z_reserve_fd => zvfs_reserve_fd -Changed z-free_fd => zvfs_free-fd -Changed z_finalize_fd => zvfs_finalize-fd -Bonus points: fixed comments referencing the non-existent APIs, as well Signed-off-by: Frank Audun Kvamtrø --- lib/nrf_modem_lib/nrf9x_sockets.c | 16 ++++++++-------- .../nrf9x_sockets/src/nrf9x_sockets_test.c | 8 ++++---- .../net/lib/download_client/src/mock/socket.c | 6 +++--- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lib/nrf_modem_lib/nrf9x_sockets.c b/lib/nrf_modem_lib/nrf9x_sockets.c index cd1aa5d0bfd4..663d56bd2d49 100644 --- a/lib/nrf_modem_lib/nrf9x_sockets.c +++ b/lib/nrf_modem_lib/nrf9x_sockets.c @@ -338,7 +338,7 @@ static int nrf9x_socket_offload_socket(int family, int type, int proto) static int nrf9x_socket_offload_accept(void *obj, struct sockaddr *addr, socklen_t *addrlen) { - int fd = z_reserve_fd(); + int fd = zvfs_reserve_fd(); int sd = OBJ_TO_SD(obj); int new_sd = -1; struct nrf_sock_ctx *ctx = NULL; @@ -348,7 +348,7 @@ static int nrf9x_socket_offload_accept(void *obj, struct sockaddr *addr, struct nrf_sockaddr_in6 nrf_addr; nrf_socklen_t nrf_addrlen; - /* `z_reserve_fd()` can fail */ + /* `zvfs_reserve_fd()` can fail */ if (fd < 0) { return -1; } @@ -395,7 +395,7 @@ static int nrf9x_socket_offload_accept(void *obj, struct sockaddr *addr, } } - z_finalize_fd(fd, ctx, + zvfs_finalize_fd(fd, ctx, (const struct fd_op_vtable *)&nrf9x_socket_fd_op_vtable); return fd; @@ -409,7 +409,7 @@ static int nrf9x_socket_offload_accept(void *obj, struct sockaddr *addr, release_ctx(ctx); } - z_free_fd(fd); + zvfs_free_fd(fd); return -1; } @@ -1083,14 +1083,14 @@ static int nrf9x_socket_create(int family, int type, int proto) return native_socket(family, type, proto, &tls_offload_disabled); } - fd = z_reserve_fd(); + fd = zvfs_reserve_fd(); if (fd < 0) { return -1; } sd = nrf9x_socket_offload_socket(family, type, proto); if (sd < 0) { - z_free_fd(fd); + zvfs_free_fd(fd); return -1; } @@ -1098,11 +1098,11 @@ static int nrf9x_socket_create(int family, int type, int proto) if (ctx == NULL) { errno = ENOMEM; nrf_close(sd); - z_free_fd(fd); + zvfs_free_fd(fd); return -1; } - z_finalize_fd(fd, ctx, + zvfs_finalize_fd(fd, ctx, (const struct fd_op_vtable *)&nrf9x_socket_fd_op_vtable); return fd; diff --git a/tests/lib/nrf_modem_lib/nrf9x_sockets/src/nrf9x_sockets_test.c b/tests/lib/nrf_modem_lib/nrf9x_sockets/src/nrf9x_sockets_test.c index 63f9fc7a120c..5e8b32b4da50 100644 --- a/tests/lib/nrf_modem_lib/nrf9x_sockets/src/nrf9x_sockets_test.c +++ b/tests/lib/nrf_modem_lib/nrf9x_sockets/src/nrf9x_sockets_test.c @@ -678,7 +678,7 @@ void test_nrf9x_socket_offload_accept_ipv4_success(void) int addrlen = sizeof(address); int addrlen_unchanged = addrlen; int backlog = 1; - /* `z_reserve_fd` reserves fd = 1 first */ + /* `zvfs_reserve_fd` reserves fd = 1 first */ int z_fd = 1; __cmock_nrf_socket_ExpectAndReturn(NRF_AF_INET, NRF_SOCK_STREAM, 0, nrf_fd); @@ -716,7 +716,7 @@ void test_nrf9x_socket_offload_accept_ipv4_success(void) TEST_ASSERT_EQUAL(ret, 0); - z_free_fd(z_fd); + zvfs_free_fd(z_fd); } void test_nrf9x_socket_offload_accept_ipv6_success(void) @@ -729,7 +729,7 @@ void test_nrf9x_socket_offload_accept_ipv6_success(void) int addrlen = sizeof(address); int addrlen_unchanged = addrlen; int backlog = 1; - /* `z_reserve_fd` reserves fd = 1 first */ + /* `zvfs_reserve_fd` reserves fd = 1 first */ int z_fd = 1; __cmock_nrf_socket_ExpectAndReturn(NRF_AF_INET6, NRF_SOCK_STREAM, 0, nrf_fd); @@ -767,7 +767,7 @@ void test_nrf9x_socket_offload_accept_ipv6_success(void) TEST_ASSERT_EQUAL(ret, 0); - z_free_fd(z_fd); + zvfs_free_fd(z_fd); } void test_nrf9x_socket_offload_setsockopt_ebadf(void) diff --git a/tests/subsys/net/lib/download_client/src/mock/socket.c b/tests/subsys/net/lib/download_client/src/mock/socket.c index 22a719af6f47..1583389570a7 100644 --- a/tests/subsys/net/lib/download_client/src/mock/socket.c +++ b/tests/subsys/net/lib/download_client/src/mock/socket.c @@ -240,7 +240,7 @@ bool mock_socket_is_supported(int family, int type, int proto) int mock_socket_create(int family, int type, int proto) { - int fd = z_reserve_fd(); + int fd = zvfs_reserve_fd(); struct net_context *ctx; int res; @@ -260,7 +260,7 @@ int mock_socket_create(int family, int type, int proto) res = net_context_get(family, type, proto, &ctx); if (res < 0) { - z_free_fd(fd); + zvfs_free_fd(fd); errno = -res; return -1; } @@ -290,7 +290,7 @@ int mock_socket_create(int family, int type, int proto) net_context_ref(ctx); } - z_finalize_fd(fd, ctx, (const struct fd_op_vtable *)&mock_socket_fd_op_vtable); + zvfs_finalize_fd(fd, ctx, (const struct fd_op_vtable *)&mock_socket_fd_op_vtable); return fd; } From 941d8fe52271e459cfe5ac60524c63cf725a0982 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 18 Sep 2024 22:54:03 +0200 Subject: [PATCH 094/217] net: download client: Added K_THREAD_STACK_MEMBER definition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -One of the structures in this file was using K_THREAD_STACK_MEMBER which didn't exists. Added a define to point to K_KERNEL_STACK_MEMBER in the header-file to resolve some build issues Signed-off-by: Frank Audun Kvamtrø --- include/net/download_client.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/net/download_client.h b/include/net/download_client.h index 3d6fc294addf..84e5a7953099 100644 --- a/include/net/download_client.h +++ b/include/net/download_client.h @@ -28,6 +28,8 @@ extern "C" { #endif +#define K_THREAD_STACK_MEMBER K_KERNEL_STACK_MEMBER + /** * @brief Download client event IDs. */ From b767aa414423a64c270d6926c7f1f7bc444c19b8 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Thu, 19 Sep 2024 12:32:54 +0200 Subject: [PATCH 095/217] bluetooth: controller: align softdevice with BT_CTLR_CRYPTO_SUPPORT Aligned the Softdevice controller with the BT_CTLR_CRYPTO_SUPPORT Kconfig from upstream. Signed-off-by: Bjarki Arge Andreasen --- subsys/bluetooth/controller/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/bluetooth/controller/Kconfig b/subsys/bluetooth/controller/Kconfig index 526df9cf3660..793930da6907 100644 --- a/subsys/bluetooth/controller/Kconfig +++ b/subsys/bluetooth/controller/Kconfig @@ -12,6 +12,7 @@ config BT_LL_SOFTDEVICE bool "SoftDevice Link Layer" select MPSL select ZERO_LATENCY_IRQS if !SOC_SERIES_BSIM_NRFXX + select BT_CTLR_ENTROPY_SUPPORT select BT_CTLR_LE_ENC_SUPPORT select BT_CTLR_ECDH_SUPPORT select BT_CTLR_EXT_REJ_IND_SUPPORT From a91ed9e9100f1d897fd6682001acce921c19fb6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 19 Sep 2024 14:02:30 +0200 Subject: [PATCH 096/217] tests: nrf_compress: Enable legacy crypto for mbedtls_sha256_c MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This enables two missing configurations for this test: CONFIG_MBEDTLS_SHA256_C CONFIG_MBEDTLS-LEGACY_CRYPTO_C Signed-off-by: Frank Audun Kvamtrø --- tests/subsys/nrf_compress/decompression/lzma/prj.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/subsys/nrf_compress/decompression/lzma/prj.conf b/tests/subsys/nrf_compress/decompression/lzma/prj.conf index aef321c8bc8c..9429b35f03a7 100644 --- a/tests/subsys/nrf_compress/decompression/lzma/prj.conf +++ b/tests/subsys/nrf_compress/decompression/lzma/prj.conf @@ -11,3 +11,6 @@ CONFIG_NRF_COMPRESS_DECOMPRESSION=y CONFIG_NRF_COMPRESS_LZMA=y CONFIG_LOG=y CONFIG_MBEDTLS=y +CONFIG_MBEDTLS_SHA256_C=y +CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y + From e4a5f2ec0d2743672d291e7425bca385bab3b116 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 19 Sep 2024 14:39:13 +0200 Subject: [PATCH 097/217] crypto: Adding "-Wno-unused-function" to avoid oberon_ecdsa errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit allows unused functions for Oberon PSA crypto driver Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index a164bf2c2e62..ea95fbb9e1ad 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -48,6 +48,7 @@ target_compile_options(oberon_psa_driver -Wno-uninitialized -Wno-maybe-uninitialized -Wno-unused-variable + -Wno-unused-function ) target_include_directories(oberon_psa_driver From 673dfcc17b02b880255dff37b38252758bb5dc10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 19 Sep 2024 15:42:43 +0200 Subject: [PATCH 098/217] crypto: Resolving CHACHA20 into PSA crypto configs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: legacy: Enable more PSA core/crypto awareness -Resolving PSA_WANT_ALG_STREAM_CIPHER if MBEDTLS_CHACHA20_C is set (fixup of commit 39f2cbc3a10bef67819704f4ccb3092cccc1e85a) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index d4b5abc983d6..312415e1c876 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -505,6 +505,7 @@ config MBEDTLS_CHACHA20_C default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) select PSA_WANT_ALG_CHACHA20 if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_STREAM_CIPHER if PSA_CRYPTO_CLIENT help Enable the CHACHA20 stream cipher. MBEDTLS_CHACHA20_C setting in mbed TLS config file. From 6f8d00585983f5d0aa1716afa85befff75ad8c3e Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Thu, 19 Sep 2024 16:15:08 +0200 Subject: [PATCH 099/217] boards: thingy91x: replace removed Kconfig option `CONFIG_SPI_NOR_IDLE_IN_DPD` doesn't exist anymore. `CONFIG_PM_DEVICE_RUNTIME` enables its previous behavior, which is now tunable with `CONFIG_SPI_NOR_ACTIVE_DWELL_MS`. Signed-off-by: Tomi Fontanilles --- boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig | 2 +- samples/cellular/modem_trace_flash/README.rst | 4 ++-- .../sysbuild/mcuboot/boards/thingy91x_nrf5340_cpuapp.conf | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig b/boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig index 59c887b3ba70..dd7f3c95ec63 100644 --- a/boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig +++ b/boards/nordic/thingy91x/thingy91x_nrf9151_ns_defconfig @@ -34,7 +34,7 @@ CONFIG_FLASH=y CONFIG_SPI_NOR=y CONFIG_SPI_NOR_SFDP_DEVICETREE=y CONFIG_SPI_NOR_FLASH_LAYOUT_PAGE_SIZE=4096 -CONFIG_SPI_NOR_IDLE_IN_DPD=y +CONFIG_PM_DEVICE_RUNTIME=y # Enable sensor (for nPM1300 charger) CONFIG_SENSOR=y diff --git a/samples/cellular/modem_trace_flash/README.rst b/samples/cellular/modem_trace_flash/README.rst index 76704af302d7..d756972cabf8 100644 --- a/samples/cellular/modem_trace_flash/README.rst +++ b/samples/cellular/modem_trace_flash/README.rst @@ -46,8 +46,8 @@ The high-performance mode consumes more power but is able to erase and write at Use the device tree property ``mxicy,mx25r-power-mode`` to configure MX25R6435 in either high-performance or low-power mode. In this sample, the MX25R6435 is configured in high-performance mode. -The use of :kconfig:option:`CONFIG_SPI_NOR_IDLE_IN_DPD` option to enable deep-power-down mode significantly reduces the stand-by power consumption. -However, it adds overhead for each SPI instruction, which causes an approximately 20% reduction in write performance. +The use of :kconfig:option:`CONFIG_PM_DEVICE_RUNTIME` option to enable deep-power-down mode significantly reduces the stand-by power consumption. +However, it adds overhead to SPI instructions, which causes a reduction in write performance. The sample uses the :ref:`nrfxlib:nrf_modem` to turn on and off the modem traces and also enable and disable the modem. In addition, it uses the :ref:`zephyr:uart_api` to send modem traces over UART1. diff --git a/samples/wifi/shell/sysbuild/mcuboot/boards/thingy91x_nrf5340_cpuapp.conf b/samples/wifi/shell/sysbuild/mcuboot/boards/thingy91x_nrf5340_cpuapp.conf index 4b96eaa80f37..17dbb54d2e6f 100644 --- a/samples/wifi/shell/sysbuild/mcuboot/boards/thingy91x_nrf5340_cpuapp.conf +++ b/samples/wifi/shell/sysbuild/mcuboot/boards/thingy91x_nrf5340_cpuapp.conf @@ -82,4 +82,4 @@ CONFIG_MFD_NPM1300=n CONFIG_BOOT_SERIAL_NO_APPLICATION=y -CONFIG_SPI_NOR_IDLE_IN_DPD=y +CONFIG_PM_DEVICE_RUNTIME=y From 61ce946c7b8a84b7e9bce8dd0bc6e8865cc27f54 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Thu, 19 Sep 2024 16:37:12 +0200 Subject: [PATCH 100/217] applications: serial_lte_modem: fix "'noreturn' function does return" Remove the `noreturn` attribute from functions because functions they call (e.g. `nrf_regulators_system_off()`) miss it. Signed-off-by: Tomi Fontanilles --- applications/serial_lte_modem/src/main.c | 6 +++--- applications/serial_lte_modem/src/slm_util.h | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/applications/serial_lte_modem/src/main.c b/applications/serial_lte_modem/src/main.c index a29f4ca090e7..b31b1b5a7117 100644 --- a/applications/serial_lte_modem/src/main.c +++ b/applications/serial_lte_modem/src/main.c @@ -309,7 +309,7 @@ void slm_enter_idle(void) } } -FUNC_NORETURN static void enter_sleep_no_uninit(void) +static void enter_sleep_no_uninit(void) { LOG_INF("Entering sleep."); LOG_PANIC(); @@ -321,7 +321,7 @@ FUNC_NORETURN static void enter_sleep_no_uninit(void) assert(false); } -FUNC_NORETURN void slm_enter_sleep(void) +void slm_enter_sleep(void) { slm_at_host_uninit(); @@ -336,7 +336,7 @@ FUNC_NORETURN void slm_enter_sleep(void) #endif /* POWER_PIN_IS_ENABLED */ -FUNC_NORETURN void slm_enter_shutdown(void) +void slm_enter_shutdown(void) { LOG_INF("Entering shutdown."); diff --git a/applications/serial_lte_modem/src/slm_util.h b/applications/serial_lte_modem/src/slm_util.h index 564110c824a5..a0ade7142053 100644 --- a/applications/serial_lte_modem/src/slm_util.h +++ b/applications/serial_lte_modem/src/slm_util.h @@ -32,8 +32,8 @@ int slm_power_off_modem(void); FUNC_NORETURN void slm_reset(void); void slm_enter_idle(void); -FUNC_NORETURN void slm_enter_sleep(void); -FUNC_NORETURN void slm_enter_shutdown(void); +void slm_enter_sleep(void); +void slm_enter_shutdown(void); /** @brief Temporarily sets the indicate pin high. */ int slm_indicate(void); From e56fb02025f1bdfc8c6f0a6144658f67a49a8a62 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Thu, 19 Sep 2024 18:21:25 +0200 Subject: [PATCH 101/217] nrf_security: add missing Mbed TLS source file Add block_cipher.c to fix undefined references to functions in there. Signed-off-by: Tomi Fontanilles --- subsys/nrf_security/src/CMakeLists.txt | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index a5acff8644c1..06c2d1a759e6 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -92,6 +92,7 @@ append_with_prefix(src_crypto_base ${ARM_MBEDTLS_PATH}/library base64.c bignum.c bignum_core.c + block_cipher.c nist_kw.c oid.c padlock.c @@ -130,7 +131,7 @@ target_link_libraries(mbedcrypto_base nrf_security_add_zephyr_options(mbedcrypto_base) -# Misusing the psa_crypto_config and psa_crypto_library_config awareness to +# Misusing the psa_crypto_config and psa_crypto_library_config awareness to # set compiler-flags to ensure right floating-point types are set if(COMPILER_CP_FLAG) target_compile_options(psa_crypto_config @@ -144,7 +145,7 @@ if(COMPILER_CP_FLAG) ) endif() -# Misusing the psa_crypto_config and psa_crypto_library_config awareness to +# Misusing the psa_crypto_config and psa_crypto_library_config awareness to # set linker-options to ensure right floating-point types are set if(LINKER_CP_OPTION) target_link_options(psa_crypto_config @@ -163,9 +164,9 @@ target_link_libraries(${mbedcrypto_target} mbedcrypto_base ) -# Disable compile warnings for Mbed TLS sources for files that are +# Disable compile warnings for Mbed TLS sources for files that are # added to the build for legacy APIs but are not enabled due to -# configurations not being set. +# configurations not being set. # # These can be removed when NCSDK-28901 is addressed. target_compile_options(${mbedcrypto_target} @@ -216,7 +217,7 @@ if (CONFIG_MBEDTLS_X509_LIBRARY) ${src_x509} ) - # Link with + # Link with target_link_libraries(mbedx509 PRIVATE psa_crypto_config From ce666563ce7ba4475388b270cffe0b2a876c61d3 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Thu, 19 Sep 2024 18:24:01 +0200 Subject: [PATCH 102/217] nrf_security: fix MBEDTLS_HKDF_C dependency Make it select PSA_WANT_ALG_HMAC as the latter is a requirement of the former. Signed-off-by: Tomi Fontanilles --- subsys/nrf_security/Kconfig.legacy | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 312415e1c876..cb4b400e1f75 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -709,6 +709,7 @@ config MBEDTLS_HKDF_C bool prompt "HKDF support" default y if !PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_HMAC if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_HKDF if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_TLS12_PRF if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY select PSA_WANT_ALG_TLS12_PSK_TO_MS if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY @@ -857,7 +858,7 @@ config MBEDTLS_PK_PARSE_EC_EXTENDED prompt "Enhance support for reading EC keys" default y depends on MBEDTLS_PK_PARSE_C - + config MBEDTLS_PEM_PARSE_C bool prompt "Support parsing PEM files" From 7dd226c18ad611a1379b15d1d9897b8edf958b06 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Thu, 19 Sep 2024 18:25:28 +0200 Subject: [PATCH 103/217] tests: crypto: add missing Mbed TLS Kconfig options With the default-enabled Mbed TLS Kconfig options having been reduced in Zephyr, it's now necessary to manually enable them. Signed-off-by: Tomi Fontanilles --- tests/crypto/prj.conf | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/crypto/prj.conf b/tests/crypto/prj.conf index 804a7202c6d3..9512608a106e 100644 --- a/tests/crypto/prj.conf +++ b/tests/crypto/prj.conf @@ -16,3 +16,14 @@ CONFIG_SPEED_OPTIMIZATIONS=y CONFIG_NORDIC_SECURITY_BACKEND=y CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=16384 + +CONFIG_MBEDTLS_AES_C=y +CONFIG_MBEDTLS_CIPHER_MODE_CBC=y +CONFIG_MBEDTLS_CCM_C=y +CONFIG_MBEDTLS_SHA512_C=y +CONFIG_MBEDTLS_HKDF_C=y +CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y +CONFIG_MBEDTLS_ECP_C=y +CONFIG_MBEDTLS_ECDH_C=y +CONFIG_MBEDTLS_ECDSA_C=y +CONFIG_MBEDTLS_CMAC_C=y From d1716d68896efdae77da9ec047174e28c3d15c72 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Thu, 19 Sep 2024 19:09:16 +0200 Subject: [PATCH 104/217] bindings: usb: zephyr,hid-device: rename in-polling-rate in-polling-rate has been renamed in-polling-period-us, adapt nrf overlays to reflect this. Signed-off-by: Bjarki Arge Andreasen --- .../nrf52820dongle_nrf52820/app.overlay | 4 ++-- .../configuration/nrf52833dk_nrf52820/app.overlay | 4 ++-- .../configuration/nrf52833dk_nrf52833/app.overlay | 4 ++-- .../nrf52833dongle_nrf52833/app.overlay | 4 ++-- .../configuration/nrf52840dk_nrf52840/app.overlay | 2 +- .../nrf52840dk_nrf52840/app_dongle.overlay | 4 ++-- .../nrf52840dk_nrf52840/app_keyboard.overlay | 2 +- .../nrf52840dk_nrf52840/app_mcuboot_qspi.overlay | 2 +- .../nrf52840dongle_nrf52840/app.overlay | 4 ++-- .../nrf52840dongle_nrf52840/app_3bleconn.overlay | 12 ++++++------ .../nrf52840dongle_nrf52840/app_4llpmconn.overlay | 12 ++++++------ .../app_release_4llpmconn.overlay | 12 ++++++------ .../nrf52840gmouse_nrf52840/app.overlay | 2 +- .../nrf5340dk_nrf5340_cpuapp/app.overlay | 4 ++-- .../nrf54h20dk_nrf54h20_cpuapp/app.overlay | 2 +- applications/nrf_desktop/description.rst | 2 +- applications/nrf_desktop/doc/usb_state.rst | 2 +- 17 files changed, 39 insertions(+), 39 deletions(-) diff --git a/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/app.overlay b/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/app.overlay index d5fd65eccb19..6737cfd9719b 100644 --- a/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/app.overlay @@ -8,14 +8,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/app.overlay b/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/app.overlay index 72c29d7ae8c5..726f58de8bb4 100644 --- a/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/app.overlay @@ -8,14 +8,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52833dk_nrf52833/app.overlay b/applications/nrf_desktop/configuration/nrf52833dk_nrf52833/app.overlay index 97d5c1d1212c..b376689208a0 100644 --- a/applications/nrf_desktop/configuration/nrf52833dk_nrf52833/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52833dk_nrf52833/app.overlay @@ -4,14 +4,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52833dongle_nrf52833/app.overlay b/applications/nrf_desktop/configuration/nrf52833dongle_nrf52833/app.overlay index 6a52f217e6cc..8fdddc815092 100644 --- a/applications/nrf_desktop/configuration/nrf52833dongle_nrf52833/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52833dongle_nrf52833/app.overlay @@ -4,14 +4,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app.overlay b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app.overlay index 83411087e746..472963d9248c 100644 --- a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app.overlay @@ -15,7 +15,7 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "mouse"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_dongle.overlay b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_dongle.overlay index a364e24d76c2..bc0d63e8e8c1 100644 --- a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_dongle.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_dongle.overlay @@ -15,14 +15,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "keyboard"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "keyboard"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_keyboard.overlay b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_keyboard.overlay index bf54663a586f..2c71c9afa1cd 100644 --- a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_keyboard.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_keyboard.overlay @@ -15,7 +15,7 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "keyboard"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_mcuboot_qspi.overlay b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_mcuboot_qspi.overlay index 39eb4cb71622..8b22ad455860 100644 --- a/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_mcuboot_qspi.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dk_nrf52840/app_mcuboot_qspi.overlay @@ -21,7 +21,7 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "mouse"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app.overlay b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app.overlay index 0eee259c36cc..3374688633f6 100644 --- a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app.overlay @@ -16,14 +16,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_3bleconn.overlay b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_3bleconn.overlay index 52c6c7f3e086..c3a61cfa68ce 100644 --- a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_3bleconn.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_3bleconn.overlay @@ -15,42 +15,42 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_2: hid_dev_2 { compatible = "zephyr,hid-device"; interface-name = "HID2"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_3: hid_dev_3 { compatible = "zephyr,hid-device"; interface-name = "HID3"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_4: hid_dev_4 { compatible = "zephyr,hid-device"; interface-name = "HID4"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_5: hid_dev_5 { compatible = "zephyr,hid-device"; interface-name = "HID5"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_4llpmconn.overlay b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_4llpmconn.overlay index 52c6c7f3e086..c3a61cfa68ce 100644 --- a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_4llpmconn.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_4llpmconn.overlay @@ -15,42 +15,42 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_2: hid_dev_2 { compatible = "zephyr,hid-device"; interface-name = "HID2"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_3: hid_dev_3 { compatible = "zephyr,hid-device"; interface-name = "HID3"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_4: hid_dev_4 { compatible = "zephyr,hid-device"; interface-name = "HID4"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_5: hid_dev_5 { compatible = "zephyr,hid-device"; interface-name = "HID5"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_release_4llpmconn.overlay b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_release_4llpmconn.overlay index 52c6c7f3e086..c3a61cfa68ce 100644 --- a/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_release_4llpmconn.overlay +++ b/applications/nrf_desktop/configuration/nrf52840dongle_nrf52840/app_release_4llpmconn.overlay @@ -15,42 +15,42 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_2: hid_dev_2 { compatible = "zephyr,hid-device"; interface-name = "HID2"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_3: hid_dev_3 { compatible = "zephyr,hid-device"; interface-name = "HID3"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_4: hid_dev_4 { compatible = "zephyr,hid-device"; interface-name = "HID4"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_5: hid_dev_5 { compatible = "zephyr,hid-device"; interface-name = "HID5"; protocol-code = "none"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf52840gmouse_nrf52840/app.overlay b/applications/nrf_desktop/configuration/nrf52840gmouse_nrf52840/app.overlay index 678c7a98a076..2ca17fcf1dab 100644 --- a/applications/nrf_desktop/configuration/nrf52840gmouse_nrf52840/app.overlay +++ b/applications/nrf_desktop/configuration/nrf52840gmouse_nrf52840/app.overlay @@ -14,7 +14,7 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "mouse"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf5340dk_nrf5340_cpuapp/app.overlay b/applications/nrf_desktop/configuration/nrf5340dk_nrf5340_cpuapp/app.overlay index efef4da7ddfe..308b5230bcbf 100644 --- a/applications/nrf_desktop/configuration/nrf5340dk_nrf5340_cpuapp/app.overlay +++ b/applications/nrf_desktop/configuration/nrf5340dk_nrf5340_cpuapp/app.overlay @@ -4,14 +4,14 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "keyboard"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; hid_dev_1: hid_dev_1 { compatible = "zephyr,hid-device"; interface-name = "HID1"; protocol-code = "keyboard"; - in-polling-rate = <1000>; + in-polling-period-us = <1000>; in-report-size = <64>; }; diff --git a/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay b/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay index 80f57093771f..3dbb5f962ee4 100644 --- a/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay +++ b/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay @@ -56,7 +56,7 @@ compatible = "zephyr,hid-device"; interface-name = "HID0"; protocol-code = "mouse"; - in-polling-rate = <125>; + in-polling-period-us = <125>; in-report-size = <64>; }; }; diff --git a/applications/nrf_desktop/description.rst b/applications/nrf_desktop/description.rst index 818df278a4b2..f4a14c6258a9 100644 --- a/applications/nrf_desktop/description.rst +++ b/applications/nrf_desktop/description.rst @@ -1054,7 +1054,7 @@ See the following list of possible scenarios and best practices: * If you use the USB legacy stack, you can configure your preferred USB HID poll interval using the :kconfig:option:`CONFIG_USB_HID_POLL_INTERVAL_MS` Kconfig option. By default, the :kconfig:option:`CONFIG_USB_HID_POLL_INTERVAL_MS` Kconfig option is set to ``1`` to request the lowest possible poll interval. - * If you use the USB next stack, you can configure your preferred USB HID polling rate using the ``in-polling-rate`` property of a DTS node compatible with ``zephyr,hid-device``. + * If you use the USB next stack, you can configure your preferred USB HID polling rate using the ``in-polling-period-us`` property of a DTS node compatible with ``zephyr,hid-device``. The lowest polling rate that is supported by the USB High-Speed is 125 µs, which corresponds to 8 kHz report rate. The lowest polling rate supported by devices that do not support USB High-Speed is 1000 µs, which corresponds to 1 kHz report rate. diff --git a/applications/nrf_desktop/doc/usb_state.rst b/applications/nrf_desktop/doc/usb_state.rst index a389a08c789e..2c0fa7229719 100644 --- a/applications/nrf_desktop/doc/usb_state.rst +++ b/applications/nrf_desktop/doc/usb_state.rst @@ -167,7 +167,7 @@ USB HID configuration in USB next stack For the USB next stack, the :ref:`CONFIG_DESKTOP_USB_STACK_NEXT ` selects the :kconfig:option:`CONFIG_USB_DEVICE_STACK_NEXT` Kconfig option. Every USB HID-class instance is configured through a separate DTS node compatible with ``zephyr,hid-device``. The DTS node configures, among others, the used HID boot protocol, the size of the longest HID input report, and the HID polling rate. -You can configure your preferred USB HID polling rate using the ``in-polling-rate`` property of the DTS node. +You can configure your preferred USB HID polling rate using the ``in-polling-period-us`` property of the DTS node. The lowest polling rate that is supported by the USB High-Speed is 125 µs, which corresponds to 8 kHz report rate. The lowest polling rate supported by devices that do not support USB High-Speed is 1000 µs, which corresponds to 1 kHz report rate. Make sure to update the DTS configuration to match requirements of your application. From c835aa808522e78ac661b1cf8e1afdf97dbd2183 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Thu, 19 Sep 2024 19:24:39 +0200 Subject: [PATCH 105/217] applications: nrf_desktop: update usbd config define macro usage Update USBD_CONFIGURATION_DEFINE() macro usage in nrf_desktop app. Signed-off-by: Bjarki Arge Andreasen --- applications/nrf_desktop/src/modules/usb_state.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/applications/nrf_desktop/src/modules/usb_state.c b/applications/nrf_desktop/src/modules/usb_state.c index 0118597a2a4f..f9116b91d37a 100644 --- a/applications/nrf_desktop/src/modules/usb_state.c +++ b/applications/nrf_desktop/src/modules/usb_state.c @@ -1424,8 +1424,8 @@ static struct usbd_context *usb_init_next_usbd_init(void) static const uint8_t attributes = IS_ENABLED(CONFIG_DESKTOP_USB_REMOTE_WAKEUP) ? (USB_SCD_REMOTE_WAKEUP) : (0); - USBD_CONFIGURATION_DEFINE(fs_config, attributes, max_power); - USBD_CONFIGURATION_DEFINE(hs_config, attributes, max_power); + USBD_CONFIGURATION_DEFINE(fs_config, attributes, max_power, NULL); + USBD_CONFIGURATION_DEFINE(hs_config, attributes, max_power, NULL); if (!usbd_can_detect_vbus(&usbd)) { LOG_ERR("USBD controller cannot detect VBUS state change"); From 96683937fb0cb42d39fc91e1576e8200be3f7363 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 20 Sep 2024 12:31:30 +0200 Subject: [PATCH 106/217] crypto: Add fallback to get PSA crypto driver APIs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This is necessary to avoid failing to include psa/crypto.h when BUILD_WITH_TFM or MBEDTLS_PSA_CRYPTO_C is not set Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 06c2d1a759e6..388dee663b68 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -30,6 +30,16 @@ target_include_directories(psa_crypto_config ${NRF_SECURITY_ROOT}/include ) +# Add fallback include folders from Mbed TLS for driver context structures +# This is only necessary when building with legacy code which will include +if(NOT (CMAKE_BUILD_WITH_TFM OR CONFIG_MBEDTLS_PSA_CRYPTO_C)) +target_include_directories(psa_crypto_config + INTERFACE + ${ARM_MBEDTLS_PATH}/include +) +endif() + + # Add include folders for psa_crypto_library_config (library build in S-only and inside TF-M) target_include_directories(psa_crypto_library_config INTERFACE From 941f026e1df51a3e9d91e200f71f0e7dd97adc98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 20 Sep 2024 13:24:33 +0200 Subject: [PATCH 107/217] crypto: Fix collision with mbedtls_ecdsa_can_do for nrf_oberon MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This adds a copy of ecdsa.c from Mbed TLS to allow us to adjust the code to remove a symbol inside the ecdsa.c which is duplicated in the library. -The nrf_oberon Mbed TLS library needs to be rebuilt without this symbol to be able to remove this special adjustment Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 15 +- subsys/nrf_security/src/legacy/ecdsa_oberon.c | 854 ++++++++++++++++++ 2 files changed, 868 insertions(+), 1 deletion(-) create mode 100644 subsys/nrf_security/src/legacy/ecdsa_oberon.c diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index e8c3653364b1..acf33fc75aac 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -27,7 +27,6 @@ if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR ccm.c chachapoly.c ecdh.c - ecdsa.c ecp.c ecp_curves.c ecp_curves_new.c @@ -39,6 +38,20 @@ if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR ) endif() +# There is a symbol inside the nrf_oberon ECDSA implementation (built lib) that is +# colliding with a symbol in ecdsa.c in mbedtls: mbedtls_ecdsa_can_do. +# To solve this quickly a copy of ecdsa.c is added here in case oberon is built +if(CONFIG_OBERON_BACKEND) + list(APPEND src_crypto_legacy + ${CMAKE_CURRENT_LIST_DIR}/ecdsa_oberon.c + ) +else() + list(APPEND src_crypto_legacy + ${ARM_MBEDTLS_PATH}/library/ecdsa.c + ) +endif() + + if(CONFIG_HAS_HW_NRF_CC310) append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library gcm.c diff --git a/subsys/nrf_security/src/legacy/ecdsa_oberon.c b/subsys/nrf_security/src/legacy/ecdsa_oberon.c new file mode 100644 index 000000000000..256497d44671 --- /dev/null +++ b/subsys/nrf_security/src/legacy/ecdsa_oberon.c @@ -0,0 +1,854 @@ +/* + * Elliptic curve DSA + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +/* + * References: + * + * SEC1 https://www.secg.org/sec1-v2.pdf + */ + +#include "common.h" + +#if defined(MBEDTLS_ECDSA_C) + +#include "mbedtls/ecdsa.h" +#include "mbedtls/asn1write.h" + +#include + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#include "mbedtls/hmac_drbg.h" +#endif + +#include "mbedtls/platform.h" + +#include "mbedtls/platform_util.h" +#include "mbedtls/error.h" + +#if defined(MBEDTLS_ECP_RESTARTABLE) + +/* + * Sub-context for ecdsa_verify() + */ +struct mbedtls_ecdsa_restart_ver { + mbedtls_mpi u1, u2; /* intermediate values */ + enum { /* what to do next? */ + ecdsa_ver_init = 0, /* getting started */ + ecdsa_ver_muladd, /* muladd step */ + } state; +}; + +/* + * Init verify restart sub-context + */ +static void ecdsa_restart_ver_init(mbedtls_ecdsa_restart_ver_ctx *ctx) +{ + mbedtls_mpi_init(&ctx->u1); + mbedtls_mpi_init(&ctx->u2); + ctx->state = ecdsa_ver_init; +} + +/* + * Free the components of a verify restart sub-context + */ +static void ecdsa_restart_ver_free(mbedtls_ecdsa_restart_ver_ctx *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_mpi_free(&ctx->u1); + mbedtls_mpi_free(&ctx->u2); + + ecdsa_restart_ver_init(ctx); +} + +/* + * Sub-context for ecdsa_sign() + */ +struct mbedtls_ecdsa_restart_sig { + int sign_tries; + int key_tries; + mbedtls_mpi k; /* per-signature random */ + mbedtls_mpi r; /* r value */ + enum { /* what to do next? */ + ecdsa_sig_init = 0, /* getting started */ + ecdsa_sig_mul, /* doing ecp_mul() */ + ecdsa_sig_modn, /* mod N computations */ + } state; +}; + +/* + * Init verify sign sub-context + */ +static void ecdsa_restart_sig_init(mbedtls_ecdsa_restart_sig_ctx *ctx) +{ + ctx->sign_tries = 0; + ctx->key_tries = 0; + mbedtls_mpi_init(&ctx->k); + mbedtls_mpi_init(&ctx->r); + ctx->state = ecdsa_sig_init; +} + +/* + * Free the components of a sign restart sub-context + */ +static void ecdsa_restart_sig_free(mbedtls_ecdsa_restart_sig_ctx *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_mpi_free(&ctx->k); + mbedtls_mpi_free(&ctx->r); +} + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +/* + * Sub-context for ecdsa_sign_det() + */ +struct mbedtls_ecdsa_restart_det { + mbedtls_hmac_drbg_context rng_ctx; /* DRBG state */ + enum { /* what to do next? */ + ecdsa_det_init = 0, /* getting started */ + ecdsa_det_sign, /* make signature */ + } state; +}; + +/* + * Init verify sign_det sub-context + */ +static void ecdsa_restart_det_init(mbedtls_ecdsa_restart_det_ctx *ctx) +{ + mbedtls_hmac_drbg_init(&ctx->rng_ctx); + ctx->state = ecdsa_det_init; +} + +/* + * Free the components of a sign_det restart sub-context + */ +static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_hmac_drbg_free(&ctx->rng_ctx); + + ecdsa_restart_det_init(ctx); +} +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + +#define ECDSA_RS_ECP (rs_ctx == NULL ? NULL : &rs_ctx->ecp) + +/* Utility macro for checking and updating ops budget */ +#define ECDSA_BUDGET(ops) \ + MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, ECDSA_RS_ECP, ops)); + +/* Call this when entering a function that needs its own sub-context */ +#define ECDSA_RS_ENTER(SUB) do { \ + /* reset ops count for this call if top-level */ \ + if (rs_ctx != NULL && rs_ctx->ecp.depth++ == 0) \ + rs_ctx->ecp.ops_done = 0; \ + \ + /* set up our own sub-context if needed */ \ + if (mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL) \ + { \ + rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB)); \ + if (rs_ctx->SUB == NULL) \ + return MBEDTLS_ERR_ECP_ALLOC_FAILED; \ + \ + ecdsa_restart_## SUB ##_init(rs_ctx->SUB); \ + } \ +} while (0) + +/* Call this when leaving a function that needs its own sub-context */ +#define ECDSA_RS_LEAVE(SUB) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if (rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS) \ + { \ + ecdsa_restart_## SUB ##_free(rs_ctx->SUB); \ + mbedtls_free(rs_ctx->SUB); \ + rs_ctx->SUB = NULL; \ + } \ + \ + if (rs_ctx != NULL) \ + rs_ctx->ecp.depth--; \ +} while (0) + +#else /* MBEDTLS_ECP_RESTARTABLE */ + +#define ECDSA_RS_ECP NULL + +#define ECDSA_BUDGET(ops) /* no-op; for compatibility */ + +#define ECDSA_RS_ENTER(SUB) (void) rs_ctx +#define ECDSA_RS_LEAVE(SUB) (void) rs_ctx + +#endif /* MBEDTLS_ECP_RESTARTABLE */ + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \ + !defined(MBEDTLS_ECDSA_SIGN_ALT) || \ + !defined(MBEDTLS_ECDSA_VERIFY_ALT) +/* + * Derive a suitable integer for group grp from a buffer of length len + * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 + */ +static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x, + const unsigned char *buf, size_t blen) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n_size = (grp->nbits + 7) / 8; + size_t use_size = blen > n_size ? n_size : blen; + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(x, buf, use_size)); + if (use_size * 8 > grp->nbits) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(x, use_size * 8 - grp->nbits)); + } + + /* While at it, reduce modulo N */ + if (mbedtls_mpi_cmp_mpi(x, &grp->N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(x, x, &grp->N)); + } + +cleanup: + return ret; +} +#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */ + +#if !defined(MBEDTLS_ECDSA_SIGN_ALT) +/* + * Compute ECDSA signature of a hashed message (SEC1 4.1.3) + * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) + */ +int mbedtls_ecdsa_sign_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) +{ + int ret, key_tries, sign_tries; + int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries; + mbedtls_ecp_point R; + mbedtls_mpi k, e, t; + mbedtls_mpi *pk = &k, *pr = r; + + /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ + if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + /* Make sure d is in range 1..n-1 */ + if (mbedtls_mpi_cmp_int(d, 1) < 0 || mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } + + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&k); mbedtls_mpi_init(&e); mbedtls_mpi_init(&t); + + ECDSA_RS_ENTER(sig); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { + /* redirect to our context */ + p_sign_tries = &rs_ctx->sig->sign_tries; + p_key_tries = &rs_ctx->sig->key_tries; + pk = &rs_ctx->sig->k; + pr = &rs_ctx->sig->r; + + /* jump to current step */ + if (rs_ctx->sig->state == ecdsa_sig_mul) { + goto mul; + } + if (rs_ctx->sig->state == ecdsa_sig_modn) { + goto modn; + } + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + + *p_sign_tries = 0; + do { + if ((*p_sign_tries)++ > 10) { + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; + goto cleanup; + } + + /* + * Steps 1-3: generate a suitable ephemeral keypair + * and set r = xR mod n + */ + *p_key_tries = 0; + do { + if ((*p_key_tries)++ > 10) { + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; + goto cleanup; + } + + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, pk, f_rng, p_rng)); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { + rs_ctx->sig->state = ecdsa_sig_mul; + } + +mul: +#endif + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &R, pk, &grp->G, + f_rng_blind, + p_rng_blind, + ECDSA_RS_ECP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pr, &R.X, &grp->N)); + } while (mbedtls_mpi_cmp_int(pr, 0) == 0); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { + rs_ctx->sig->state = ecdsa_sig_modn; + } + +modn: +#endif + /* + * Accounting for everything up to the end of the loop + * (step 6, but checking now avoids saving e and t) + */ + ECDSA_BUDGET(MBEDTLS_ECP_OPS_INV + 4); + + /* + * Step 5: derive MPI from hashed message + */ + MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); + + /* + * Generate a random value to blind inv_mod in next step, + * avoiding a potential timing leak. + */ + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, &t, f_rng_blind, + p_rng_blind)); + + /* + * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n + */ + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, pr, d)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&e, &e, s)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&e, &e, &t)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pk, pk, &t)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pk, pk, &grp->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(s, pk, &grp->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, s, &e)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(s, s, &grp->N)); + } while (mbedtls_mpi_cmp_int(s, 0) == 0); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(r, pr)); + } +#endif + +cleanup: + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&k); mbedtls_mpi_free(&e); mbedtls_mpi_free(&t); + + ECDSA_RS_LEAVE(sig); + + return ret; +} + +/* + * Compute ECDSA signature of a hashed message + */ +int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ + /* Use the same RNG for both blinding and ephemeral key generation */ + return mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, + f_rng, p_rng, f_rng, p_rng, NULL); +} +#endif /* !MBEDTLS_ECDSA_SIGN_ALT */ + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +/* + * Deterministic signature wrapper + * + * note: The f_rng_blind parameter must not be NULL. + * + */ +int mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_hmac_drbg_context rng_ctx; + mbedtls_hmac_drbg_context *p_rng = &rng_ctx; + unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; + size_t grp_len = (grp->nbits + 7) / 8; + const mbedtls_md_info_t *md_info; + mbedtls_mpi h; + + if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + mbedtls_mpi_init(&h); + mbedtls_hmac_drbg_init(&rng_ctx); + + ECDSA_RS_ENTER(det); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->det != NULL) { + /* redirect to our context */ + p_rng = &rs_ctx->det->rng_ctx; + + /* jump to current step */ + if (rs_ctx->det->state == ecdsa_det_sign) { + goto sign; + } + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + + /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len)); + MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len)); + MBEDTLS_MPI_CHK(mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len)); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->det != NULL) { + rs_ctx->det->state = ecdsa_det_sign; + } + +sign: +#endif +#if defined(MBEDTLS_ECDSA_SIGN_ALT) + (void) f_rng_blind; + (void) p_rng_blind; + ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng); +#else + ret = mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx); +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ + +cleanup: + mbedtls_hmac_drbg_free(&rng_ctx); + mbedtls_mpi_free(&h); + + ECDSA_RS_LEAVE(det); + + return ret; +} + +/* + * Deterministic signature wrapper + */ +int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, + size_t), + void *p_rng_blind) +{ + return mbedtls_ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, + f_rng_blind, p_rng_blind, NULL); +} +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + +#if !defined(MBEDTLS_ECDSA_VERIFY_ALT) +/* + * Verify ECDSA signature of hashed message (SEC1 4.1.4) + * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) + */ +int mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s, + mbedtls_ecdsa_restart_ctx *rs_ctx) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi e, s_inv, u1, u2; + mbedtls_ecp_point R; + mbedtls_mpi *pu1 = &u1, *pu2 = &u2; + + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&e); mbedtls_mpi_init(&s_inv); + mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2); + + /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ + if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + ECDSA_RS_ENTER(ver); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->ver != NULL) { + /* redirect to our context */ + pu1 = &rs_ctx->ver->u1; + pu2 = &rs_ctx->ver->u2; + + /* jump to current step */ + if (rs_ctx->ver->state == ecdsa_ver_muladd) { + goto muladd; + } + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + + /* + * Step 1: make sure r and s are in range 1..n-1 + */ + if (mbedtls_mpi_cmp_int(r, 1) < 0 || mbedtls_mpi_cmp_mpi(r, &grp->N) >= 0 || + mbedtls_mpi_cmp_int(s, 1) < 0 || mbedtls_mpi_cmp_mpi(s, &grp->N) >= 0) { + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + goto cleanup; + } + + /* + * Step 3: derive MPI from hashed message + */ + MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); + + /* + * Step 4: u1 = e / s mod n, u2 = r / s mod n + */ + ECDSA_BUDGET(MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2); + + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&s_inv, s, &grp->N)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu1, &e, &s_inv)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu1, pu1, &grp->N)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu2, r, &s_inv)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu2, pu2, &grp->N)); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if (rs_ctx != NULL && rs_ctx->ver != NULL) { + rs_ctx->ver->state = ecdsa_ver_muladd; + } + +muladd: +#endif + /* + * Step 5: R = u1 G + u2 Q + */ + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd_restartable(grp, + &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP)); + + if (mbedtls_ecp_is_zero(&R)) { + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + goto cleanup; + } + + /* + * Step 6: convert xR to an integer (no-op) + * Step 7: reduce xR mod n (gives v) + */ + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&R.X, &R.X, &grp->N)); + + /* + * Step 8: check if v (that is, R.X) is equal to r + */ + if (mbedtls_mpi_cmp_mpi(&R.X, r) != 0) { + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + goto cleanup; + } + +cleanup: + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&e); mbedtls_mpi_free(&s_inv); + mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2); + + ECDSA_RS_LEAVE(ver); + + return ret; +} + +/* + * Verify ECDSA signature of hashed message + */ +int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s) +{ + return mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); +} +#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ + +/* + * Convert a signature (given by context) to ASN.1 + */ +static int ecdsa_signature_to_asn1(const mbedtls_mpi *r, const mbedtls_mpi *s, + unsigned char *sig, size_t sig_size, + size_t *slen) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = { 0 }; + unsigned char *p = buf + sizeof(buf); + size_t len = 0; + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, s)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, r)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + if (len > sig_size) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } + + memcpy(sig, p, len); + *slen = len; + + return 0; +} + +/* + * Compute and write signature + */ +int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t sig_size, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi r, s; + if (f_rng == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, md_alg, f_rng, + p_rng, rs_ctx)); +#else + (void) md_alg; + +#if defined(MBEDTLS_ECDSA_SIGN_ALT) + (void) rs_ctx; + + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng)); +#else + /* Use the same RNG for both blinding and ephemeral key generation */ + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng, f_rng, + p_rng, rs_ctx)); +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + + MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, sig_size, slen)); + +cleanup: + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + + return ret; +} + +/* + * Compute and write signature + */ +int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t sig_size, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + return mbedtls_ecdsa_write_signature_restartable( + ctx, md_alg, hash, hlen, sig, sig_size, slen, + f_rng, p_rng, NULL); +} + +/* + * Read and check signature + */ +int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen) +{ + return mbedtls_ecdsa_read_signature_restartable( + ctx, hash, hlen, sig, slen, NULL); +} + +/* + * Restartable read and check signature + */ +int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *p = (unsigned char *) sig; + const unsigned char *end = sig + slen; + size_t len; + mbedtls_mpi r, s; + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } + + if (p + len != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + goto cleanup; + } + + if ((ret = mbedtls_asn1_get_mpi(&p, end, &r)) != 0 || + (ret = mbedtls_asn1_get_mpi(&p, end, &s)) != 0) { + ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) + (void) rs_ctx; + + if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s)) != 0) { + goto cleanup; + } +#else + if ((ret = mbedtls_ecdsa_verify_restartable(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s, rs_ctx)) != 0) { + goto cleanup; + } +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + + /* At this point we know that the buffer starts with a valid signature. + * Return 0 if the buffer just contains the signature, and a specific + * error code if the valid signature is followed by more data. */ + if (p != end) { + ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH; + } + +cleanup: + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + + return ret; +} + +#if !defined(MBEDTLS_ECDSA_GENKEY_ALT) +/* + * Generate key pair + */ +int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ + int ret = 0; + ret = mbedtls_ecp_group_load(&ctx->grp, gid); + if (ret != 0) { + return ret; + } + + return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d, + &ctx->Q, f_rng, p_rng); +} +#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ + +/* + * Set context from an mbedtls_ecp_keypair + */ +int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + if ((ret = mbedtls_ecp_group_copy(&ctx->grp, &key->grp)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0 || + (ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0) { + mbedtls_ecdsa_free(ctx); + } + + return ret; +} + +/* + * Initialize context + */ +void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx) +{ + mbedtls_ecp_keypair_init(ctx); +} + +/* + * Free context + */ +void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_ecp_keypair_free(ctx); +} + +#if defined(MBEDTLS_ECP_RESTARTABLE) +/* + * Initialize a restart context + */ +void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx) +{ + mbedtls_ecp_restart_init(&ctx->ecp); + + ctx->ver = NULL; + ctx->sig = NULL; +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + ctx->det = NULL; +#endif +} + +/* + * Free the components of a restart context + */ +void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_ecp_restart_free(&ctx->ecp); + + ecdsa_restart_ver_free(ctx->ver); + mbedtls_free(ctx->ver); + ctx->ver = NULL; + + ecdsa_restart_sig_free(ctx->sig); + mbedtls_free(ctx->sig); + ctx->sig = NULL; + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + ecdsa_restart_det_free(ctx->det); + mbedtls_free(ctx->det); + ctx->det = NULL; +#endif +} +#endif /* MBEDTLS_ECP_RESTARTABLE */ + +#endif /* MBEDTLS_ECDSA_C */ From 0026c55ab3e6e9dd49f2e09f123d8eaf268edba5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 20 Sep 2024 13:29:15 +0200 Subject: [PATCH 108/217] crypto: Fix access to Mbed TLS base APIs for nrf_cc3xx imported libs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This provides access to more APIs from legacy Mbed TLS for the imported nrf_cc3xx libraries, which should fix some build issues Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index acf33fc75aac..b168121cb04f 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -128,6 +128,6 @@ if(TARGET nrf_cc3xx_core_imported) target_link_libraries(nrf_cc3xx_core_imported INTERFACE psa_crypto_config - mbedcrypto_base + ${mbedcrypto_target} ) endif() From d4bd2015eaf947681f5ffad4468bd798100ca589 Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Fri, 20 Sep 2024 15:58:58 +0200 Subject: [PATCH 109/217] samples: bluetooth: fast_pair: locator_tag: align Kconfigs from libc Aligned the Kconfig options from the libc library related to the dynamic memory allocation with the newest Zephyr synchronization point. The library-specific Kconfigs were renamed and placed in the common directory. Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- .../fast_pair/locator_tag/sysbuild/mcuboot/prj.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/samples/bluetooth/fast_pair/locator_tag/sysbuild/mcuboot/prj.conf b/samples/bluetooth/fast_pair/locator_tag/sysbuild/mcuboot/prj.conf index ead4202d9180..f061cba0d7b7 100644 --- a/samples/bluetooth/fast_pair/locator_tag/sysbuild/mcuboot/prj.conf +++ b/samples/bluetooth/fast_pair/locator_tag/sysbuild/mcuboot/prj.conf @@ -26,9 +26,9 @@ CONFIG_CLOCK_CONTROL=n CONFIG_GPIO=n CONFIG_I2C=n CONFIG_KERNEL_MEM_POOL=n -CONFIG_MINIMAL_LIBC_CALLOC=n -CONFIG_MINIMAL_LIBC_MALLOC=n -CONFIG_MINIMAL_LIBC_REALLOCARRAY=n +CONFIG_COMMON_LIBC_MALLOC=n +CONFIG_COMMON_LIBC_CALLOC=n +CONFIG_COMMON_LIBC_REALLOCARRAY=n CONFIG_NCS_SAMPLES_DEFAULTS=n CONFIG_NO_RUNTIME_CHECKS=y CONFIG_NORDIC_QSPI_NOR=n From b6ec9cb19fe94a5c7ad84c476c1d4519c50022cd Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Fri, 20 Sep 2024 12:36:24 +0200 Subject: [PATCH 110/217] bluetooth: controller: ecdh: enable security backend for tf-m builds Enabled the CONFIG_NORDIC_SECURITY_BACKEND Kconfig for TF-m builds when the CONFIG_BT_CTLR_ECDH_LIB_OBERON is enabled in the Bluetooth Controller library. The change is required as previously the CONFIG_NORDIC_SECURITY_BACKEND Kconfig was enabled for TF-m builds (CONFIG_BUILD_WITH_TFM). Signed-off-by: Kamil Piszczek --- subsys/bluetooth/controller/Kconfig | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/subsys/bluetooth/controller/Kconfig b/subsys/bluetooth/controller/Kconfig index 793930da6907..5d602dd416e0 100644 --- a/subsys/bluetooth/controller/Kconfig +++ b/subsys/bluetooth/controller/Kconfig @@ -358,7 +358,8 @@ choice BT_CTLR_ECDH_LIB prompt "SoftDevice Controller ECDH library" config BT_CTLR_ECDH_LIB_OBERON - select NRF_OBERON + select NRF_OBERON if !BUILD_WITH_TFM + select NORDIC_SECURITY_BACKEND if BUILD_WITH_TFM depends on !SOC_SERIES_BSIM_NRFXX bool "nRF Oberon (SW)" From 77a59ebd716d24da18c702475213298397d950fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Sat, 21 Sep 2024 13:25:23 +0200 Subject: [PATCH 111/217] crypto: Adding legacy headers gave mismatch for nRF54H SSF samples MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Fallback to include ARM includes was a bad idea. This changes it to Oberon-psa-crypto include folder instead. This issue impacted nRF54H20 samples which isn't building the PSA core locally (meaning the build has PSA crypto APIs available, but is a coreless build). Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 388dee663b68..fd8f46324007 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -35,7 +35,7 @@ target_include_directories(psa_crypto_config if(NOT (CMAKE_BUILD_WITH_TFM OR CONFIG_MBEDTLS_PSA_CRYPTO_C)) target_include_directories(psa_crypto_config INTERFACE - ${ARM_MBEDTLS_PATH}/include + ${OBERON_PSA_CORE_PATH}/include ) endif() From 6e7858a1cf7c2d4c97ff8c7b3120ce64460b7dee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Sat, 21 Sep 2024 14:35:00 +0200 Subject: [PATCH 112/217] tfm: tests: Enable PSA_WANT_ALG_ECDSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -The regression test config (prj.conf) was missing PSA_WANT_ALG_ECDSA and likely was assuming that setting PSA_WANT_ALG_DETERMINISTIC_ECDSA would internally resolve both. This is not the case. This commit fixes this Signed-off-by: Frank Audun Kvamtrø --- tests/tfm/tfm_regression_test/prj.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/tfm/tfm_regression_test/prj.conf b/tests/tfm/tfm_regression_test/prj.conf index a072b1f5b6d1..90fcd54a0299 100644 --- a/tests/tfm/tfm_regression_test/prj.conf +++ b/tests/tfm/tfm_regression_test/prj.conf @@ -59,6 +59,7 @@ CONFIG_PSA_WANT_ALG_GCM=y # ECC CONFIG_PSA_WANT_ALG_ECDH=y +CONFIG_PSA_WANT_ALG_ECDSA=y CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA=y # ECC curves From c20ec0fdd53acf0842363723a9de2d3d0af2a786 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Sat, 21 Sep 2024 14:52:51 +0200 Subject: [PATCH 113/217] tf-m: tests: Add better filtering of CRACEN devices for regression tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -The nRF54L15 device only supports enabling CRACEN, an attempt to enable PSA_CRYPTO_DRIVER_OBERON will lead to a Kconfig warning stating that something tried to set it to 'y' and then it got the value 'n'. This commit moves platform_allow/integration_platforms from common scope in to per-testcase, as well as adding cracen test target for certain regression tests Signed-off-by: Frank Audun Kvamtrø --- tests/tfm/tfm_regression_test/testcase.yaml | 87 ++++++++++++++++++--- 1 file changed, 75 insertions(+), 12 deletions(-) diff --git a/tests/tfm/tfm_regression_test/testcase.yaml b/tests/tfm/tfm_regression_test/testcase.yaml index 7b40b617fd07..e21ec309a2cd 100644 --- a/tests/tfm/tfm_regression_test/testcase.yaml +++ b/tests/tfm/tfm_regression_test/testcase.yaml @@ -1,18 +1,6 @@ common: tags: tfm ci_tests_tfm build_only: true - platform_allow: - - nrf5340dk/nrf5340/cpuapp/ns - - nrf9151dk/nrf9151/ns - - nrf9160dk/nrf9160/ns - - nrf9161dk/nrf9161/ns - - nrf54l15pdk/nrf54l15/cpuapp/ns - integration_platforms: - - nrf5340dk/nrf5340/cpuapp/ns - - nrf9151dk/nrf9151/ns - - nrf9160dk/nrf9160/ns - - nrf9161dk/nrf9161/ns - - nrf54l15pdk/nrf54l15/cpuapp/ns harness: console harness_config: type: multi_line @@ -27,27 +15,102 @@ tests: tags: tfm_lvl1 sysbuild ci_tests_tfm extra_args: CONFIG_TFM_IPC=y CONFIG_TFM_ISOLATION_LEVEL=1 timeout: 200 + platform_allow: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf54l15pdk/nrf54l15/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + integration_platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf54l15pdk/nrf54l15/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns tfm.regression_ipc_lvl2.cc3xx: sysbuild: true tags: tfm_lvl2 sysbuild ci_tests_tfm extra_args: CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y CONFIG_PSA_CRYPTO_DRIVER_OBERON=n timeout: 200 + platform_allow: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + integration_platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns tfm.regression_ipc_lvl2.oberon: sysbuild: true tags: tfm_lvl2 sysbuild ci_tests_tfm extra_args: CONFIG_PSA_CRYPTO_DRIVER_CC3XX=n CONFIG_PSA_CRYPTO_DRIVER_OBERON=y timeout: 200 + platform_allow: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + integration_platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns tfm.regression_ipc_lvl2.cc3xx_oberon: sysbuild: true tags: tfm_lvl2 sysbuild ci_tests_tfm extra_args: CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y CONFIG_PSA_CRYPTO_DRIVER_OBERON=y timeout: 200 + platform_allow: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + integration_platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + tfm.regression_ipc_lvl2.cracen: + sysbuild: true + tags: tfm_lvl2 sysbuild ci_tests_tfm + extra_args: CONFIG_PSA_CRYPTO_DRIVER_CRACEN=y CONFIG_PSA_CRYPTO_DRIVER_OBERON=n + timeout: 200 + platform_allow: + - nrf54l15pdk/nrf54l15/cpuapp/ns + integration_platforms: + - nrf54l15pdk/nrf54l15/cpuapp/ns tfm.regression_sfn_lvl1: sysbuild: true tags: tfm_lvl1 sysbuild ci_tests_tfm extra_args: CONFIG_TFM_SFN=y CONFIG_TFM_ISOLATION_LEVEL=1 timeout: 200 + platform_allow: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf54l15pdk/nrf54l15/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + integration_platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf54l15pdk/nrf54l15/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns tfm.regression_fp_hardabi: sysbuild: true tags: tfm_fp sysbuild ci_tests_tfm extra_args: CONFIG_FPU=y CONFIG_FP_HARDABI=y + platform_allow: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf54l15pdk/nrf54l15/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns + integration_platforms: + - nrf5340dk/nrf5340/cpuapp/ns + - nrf54l15pdk/nrf54l15/cpuapp/ns + - nrf9151dk/nrf9151/ns + - nrf9160dk/nrf9160/ns + - nrf9161dk/nrf9161/ns From e6703fb247d5dedefec526b7d7b9a344af7f9b78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Sun, 22 Sep 2024 13:49:12 +0200 Subject: [PATCH 114/217] crypto: Simplify include folder passing in legacy crypto binaries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Cleaning up PSA driver and core CMake logic -Simplify include folders for legacy usage by moving resolving of include folder for nrf_cc3xx and nrf_oberon binary libraries into drivers/legacy/CMakeLists.txt. -This commit also resolves an issue with include-folders used for Mbed TLS legacy APIs for nrf_oberon as well as resolving a linkage towards legacy APIs used in context of nrf_oberon Mbed TLS library Signed-off-by: Frank Audun Kvamtrø --- .../nrf_security/src/drivers/CMakeLists.txt | 67 ++----------------- .../src/drivers/legacy/CMakeLists.txt | 36 ++++++++++ .../drivers/nrf_cc3xx_platform/CMakeLists.txt | 7 +- .../src/drivers/nrf_oberon/CMakeLists.txt | 9 ++- 4 files changed, 50 insertions(+), 69 deletions(-) create mode 100644 subsys/nrf_security/src/drivers/legacy/CMakeLists.txt diff --git a/subsys/nrf_security/src/drivers/CMakeLists.txt b/subsys/nrf_security/src/drivers/CMakeLists.txt index 70fe59368049..bf04e28a374d 100644 --- a/subsys/nrf_security/src/drivers/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/CMakeLists.txt @@ -10,6 +10,7 @@ if(TARGET nrf_cc3xx_platform) add_subdirectory(nrf_cc3xx_platform) endif() +# Only build the PSA crypto drivers when Oberon if(CONFIG_MBEDTLS_PSA_CRYPTO_C) if(CONFIG_PSA_CRYPTO_DRIVER_CC3XX) add_subdirectory(nrf_cc3xx) @@ -19,73 +20,15 @@ if(CONFIG_MBEDTLS_PSA_CRYPTO_C) add_subdirectory(cracen) endif() - add_subdirectory(zephyr) - if(CONFIG_PSA_CRYPTO_DRIVER_OBERON) add_subdirectory(nrf_oberon) endif() -endif() - -# Add includes for any legacy Mbed TLS configurations - - -# Add the nrf_cc3xx platform include folder to library build (if it exists) -if(TARGET nrf_cc3xx_platform) - target_include_directories(psa_crypto_config - INTERFACE - $ - ) - target_include_directories(psa_crypto_library_config - INTERFACE - $ - ) -endif() - -# Add the nrf_cc3xx core include folder to interface/library build (if it exists) -if(TARGET nrf_cc3xx_core_imported) - target_include_directories(psa_crypto_config - INTERFACE - $ - ) - - target_include_directories(psa_crypto_library_config - INTERFACE - $ - ) + add_subdirectory(zephyr) endif() -# Add the mbedcrypto_oberon_mbedtls_imported include folder to interface/library build (if it exists) -if(TARGET mbedcrypto_oberon_mbedtls_imported) - target_include_directories(psa_crypto_config - INTERFACE - # Add nrf_oberon includes - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls - $ - ) - - # Possibly duplicate - target_include_directories(psa_crypto_config - INTERFACE - $ - ) - target_include_directories(psa_crypto_library_config - INTERFACE - $ - ) - - # Add includes relevant for library build (not PSA crypto interface) - target_include_directories(psa_crypto_library_config - INTERFACE - # Add nrf_oberon includes - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/ - ${NRFXLIB_DIR}/crypto/nrf_oberon/include/mbedtls - ) - target_link_libraries(mbedcrypto_oberon_mbedtls_imported - INTERFACE - psa_crypto_config - mbedcrypto_base - ) +# Includes need to be added regardless if PSA crypto drivers are built +if(NOT BUILD_INSIDE_TFM) + add_subdirectory(legacy) endif() diff --git a/subsys/nrf_security/src/drivers/legacy/CMakeLists.txt b/subsys/nrf_security/src/drivers/legacy/CMakeLists.txt new file mode 100644 index 000000000000..4f997f5fc175 --- /dev/null +++ b/subsys/nrf_security/src/drivers/legacy/CMakeLists.txt @@ -0,0 +1,36 @@ +# +# Copyright (c) 2024 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +# This include resolves include-folders from binaries for legacy API usage +# This is not used inside TF-M which doesn't use legacy APIs + +if(TARGET nrf_cc3xx_platform) + target_include_directories(${mbedcrypto_target} + INTERFACE + $ + ) +endif() + +if(TARGET nrf_cc3xx_core_imported) + target_include_directories(${mbedcrypto_target} + INTERFACE + $ + ) +endif() + +if(TARGET mbedcrypto_oberon_imported) + target_include_directories(${mbedcrypto_target} + INTERFACE + $ + ) +endif() + +if(TARGET mbedcrypto_oberon_mbedtls_imported) + target_include_directories(${mbedcrypto_target} + INTERFACE + $ + ) +endif() diff --git a/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt index 32eece9192ce..9366c18eee9c 100644 --- a/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_cc3xx_platform/CMakeLists.txt @@ -4,15 +4,10 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# Get include directories for nrf_cc3xx_platform -get_target_property(NRF_CC3XX_PLATFORM_INCLUDE_DIRECTORIES - nrf_cc3xx_platform INTERFACE_INCLUDE_DIRECTORIES -) - # Add nrf_cc3xx_platform includes for mbedcrypto target_include_directories(psa_crypto_library_config INTERFACE - ${NRF_CC3XX_PLATFORM_INCLUDE_DIRECTORIES} + $ ) # Link the Oberon PSA core with nrf_cc3xx_platform diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index ea95fbb9e1ad..3cd93cc2b63a 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -53,7 +53,7 @@ target_compile_options(oberon_psa_driver target_include_directories(oberon_psa_driver PRIVATE - ${OBERON_PSA_CORE_PATH}/oberon/drivers + $ ) # Link to the PSA interface and library PSA crypto configurations @@ -63,6 +63,7 @@ target_link_libraries(oberon_psa_driver psa_interface ) + # Link to imported libraries for Oberon APIs. target_link_libraries(oberon_psa_driver PRIVATE @@ -76,4 +77,10 @@ target_link_libraries(oberon_psa_core oberon_psa_driver ) +target_link_libraries(mbedcrypto_oberon_mbedtls_imported + INTERFACE + psa_crypto_config + ${mbedcrypto_target} +) + nrf_security_add_zephyr_options_library(oberon_psa_driver) From adf999af91a299a7596f71ac0cfc5abfef1bef57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Sun, 22 Sep 2024 14:21:13 +0200 Subject: [PATCH 115/217] crypto: Avoid OpenThread issue with MBEDTLS_SSL_EXPORT_KEYS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Mbed TLS has decided that MBEDLS_SSL_EXPORT_KEYS is always set but this is not reflected in nrf_security or in OpenThread (where the config is passed regardless). This commit tries to circumvent issues by adding ifndef checks before potentially doubly defining this Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/configs/legacy_crypto_config.h.template | 2 ++ subsys/nrf_security/configs/nrf-config.h.template | 2 ++ 2 files changed, 4 insertions(+) diff --git a/subsys/nrf_security/configs/legacy_crypto_config.h.template b/subsys/nrf_security/configs/legacy_crypto_config.h.template index 2a5c5bdfcf1b..2eea6ad67458 100644 --- a/subsys/nrf_security/configs/legacy_crypto_config.h.template +++ b/subsys/nrf_security/configs/legacy_crypto_config.h.template @@ -1616,7 +1616,9 @@ * * Comment this macro to disable support for key export */ +#ifndef MBEDTLS_SSL_EXPORT_KEYS #cmakedefine MBEDTLS_SSL_EXPORT_KEYS +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ /** * \def MBEDTLS_SSL_SERVER_NAME_INDICATION diff --git a/subsys/nrf_security/configs/nrf-config.h.template b/subsys/nrf_security/configs/nrf-config.h.template index 37321aee405d..47f6caac3164 100644 --- a/subsys/nrf_security/configs/nrf-config.h.template +++ b/subsys/nrf_security/configs/nrf-config.h.template @@ -121,7 +121,9 @@ #cmakedefine MBEDTLS_SSL_DTLS_SRTP #cmakedefine MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE #cmakedefine MBEDTLS_SSL_SESSION_TICKETS +#ifndef MBEDTLS_SSL_EXPORT_KEYS #cmakedefine MBEDTLS_SSL_EXPORT_KEYS +#endif #cmakedefine MBEDTLS_SSL_SERVER_NAME_INDICATION #cmakedefine MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH #cmakedefine MBEDTLS_SSL_CACHE_C From 29a83bb794b2655bcf2d961a9aafc18885bf097f Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Mon, 23 Sep 2024 11:11:45 +0200 Subject: [PATCH 116/217] samples: bluetooth: Remove CONFIG_BT_DEBUG_LOG use CONFIG_BT_DEBUG_LOG no longer exists, a hidden symbol CONFIG_BT_LOG should be enabled instead, hence make sure the dependencies for the symbol are satisfied (CONFIG_BT && CONFIG_LOG). Signed-off-by: Robert Lubos --- samples/bluetooth/central_bas/prj.conf | 1 - samples/bluetooth/central_hids/prj.conf | 1 - samples/bluetooth/central_hr_coded/prj.conf | 1 - samples/bluetooth/central_smp_client/prj.conf | 1 - samples/bluetooth/direction_finding_central/prj.conf | 2 +- samples/bluetooth/direction_finding_peripheral/prj.conf | 2 +- samples/bluetooth/hci_lpuart/debug.conf | 2 +- samples/bluetooth/llpm/prj.conf | 1 - samples/bluetooth/peripheral_gatt_dm/prj.conf | 2 +- samples/bluetooth/peripheral_hids_keyboard/prj.conf | 1 - samples/bluetooth/peripheral_hr_coded/prj.conf | 1 - samples/bluetooth/subrating/prj.conf | 1 - samples/bluetooth/throughput/prj.conf | 1 - samples/cellular/modem_shell/overlay-bt.conf | 2 +- tests/bluetooth/tester/boards/qemu_cortex_m3.conf | 2 +- 15 files changed, 6 insertions(+), 15 deletions(-) diff --git a/samples/bluetooth/central_bas/prj.conf b/samples/bluetooth/central_bas/prj.conf index 3b548c9fd634..eb0d3394336c 100644 --- a/samples/bluetooth/central_bas/prj.conf +++ b/samples/bluetooth/central_bas/prj.conf @@ -6,7 +6,6 @@ CONFIG_NCS_SAMPLES_DEFAULTS=y CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_CENTRAL=y CONFIG_BT_SMP=y CONFIG_BT_GATT_CLIENT=y diff --git a/samples/bluetooth/central_hids/prj.conf b/samples/bluetooth/central_hids/prj.conf index 0274a0109bd9..fbf6615f2c78 100644 --- a/samples/bluetooth/central_hids/prj.conf +++ b/samples/bluetooth/central_hids/prj.conf @@ -6,7 +6,6 @@ CONFIG_NCS_SAMPLES_DEFAULTS=y CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_CENTRAL=y CONFIG_BT_SMP=y CONFIG_BT_ATT_TX_COUNT=5 diff --git a/samples/bluetooth/central_hr_coded/prj.conf b/samples/bluetooth/central_hr_coded/prj.conf index 882cb4270fc8..4d7b28925ad1 100644 --- a/samples/bluetooth/central_hr_coded/prj.conf +++ b/samples/bluetooth/central_hr_coded/prj.conf @@ -9,7 +9,6 @@ CONFIG_NCS_SAMPLES_DEFAULTS=y CONFIG_HEAP_MEM_POOL_SIZE=2048 CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_CENTRAL=y CONFIG_BT_GATT_CLIENT=y CONFIG_BT_HRS_CLIENT=y diff --git a/samples/bluetooth/central_smp_client/prj.conf b/samples/bluetooth/central_smp_client/prj.conf index 051631024231..094ad5d4be48 100644 --- a/samples/bluetooth/central_smp_client/prj.conf +++ b/samples/bluetooth/central_smp_client/prj.conf @@ -6,7 +6,6 @@ CONFIG_NCS_SAMPLES_DEFAULTS=y CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_CENTRAL=y CONFIG_BT_SMP=y CONFIG_BT_GATT_CLIENT=y diff --git a/samples/bluetooth/direction_finding_central/prj.conf b/samples/bluetooth/direction_finding_central/prj.conf index e9e49ab9b60d..f696c4664e63 100644 --- a/samples/bluetooth/direction_finding_central/prj.conf +++ b/samples/bluetooth/direction_finding_central/prj.conf @@ -5,7 +5,7 @@ # CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y +CONFIG_LOG=y CONFIG_BT_DEVICE_NAME="Direction Finding Central" CONFIG_BT_CENTRAL=y diff --git a/samples/bluetooth/direction_finding_peripheral/prj.conf b/samples/bluetooth/direction_finding_peripheral/prj.conf index 47753b7024fd..f83c14834a7f 100644 --- a/samples/bluetooth/direction_finding_peripheral/prj.conf +++ b/samples/bluetooth/direction_finding_peripheral/prj.conf @@ -5,7 +5,7 @@ # CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y +CONFIG_LOG=y CONFIG_BT_DEVICE_NAME="DF Conn App" CONFIG_BT_SMP=y diff --git a/samples/bluetooth/hci_lpuart/debug.conf b/samples/bluetooth/hci_lpuart/debug.conf index bd43b724f9eb..7d0c43dab62f 100644 --- a/samples/bluetooth/hci_lpuart/debug.conf +++ b/samples/bluetooth/hci_lpuart/debug.conf @@ -8,7 +8,7 @@ CONFIG_THREAD_ANALYZER_RUN_UNLOCKED=y CONFIG_HW_STACK_PROTECTION=y CONFIG_CONSOLE=y -CONFIG_BT_DEBUG_LOG=y +CONFIG_LOG=y CONFIG_LOG_BUFFER_SIZE=4096 CONFIG_RTT_CONSOLE=y CONFIG_LOG_BACKEND_RTT=y diff --git a/samples/bluetooth/llpm/prj.conf b/samples/bluetooth/llpm/prj.conf index 44569bb01cea..b8802fc9c754 100644 --- a/samples/bluetooth/llpm/prj.conf +++ b/samples/bluetooth/llpm/prj.conf @@ -14,7 +14,6 @@ CONFIG_BT_CTLR_SDC_LLPM=y CONFIG_BT_DEVICE_NAME="Nordic_LLPM" CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_SMP=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_CENTRAL=y diff --git a/samples/bluetooth/peripheral_gatt_dm/prj.conf b/samples/bluetooth/peripheral_gatt_dm/prj.conf index a2ec483d3fcb..5fd748c51f97 100644 --- a/samples/bluetooth/peripheral_gatt_dm/prj.conf +++ b/samples/bluetooth/peripheral_gatt_dm/prj.conf @@ -15,7 +15,7 @@ CONFIG_HEAP_MEM_POOL_SIZE=1024 CONFIG_BT_GATT_DM_DATA_PRINT=y # Needed to print UUID. -CONFIG_BT_DEBUG_LOG=y +CONFIG_LOG=y CONFIG_BT_GATT_DM_DATA_PRINT=y CONFIG_DK_LIBRARY=y diff --git a/samples/bluetooth/peripheral_hids_keyboard/prj.conf b/samples/bluetooth/peripheral_hids_keyboard/prj.conf index 8c71f4d16806..793480463329 100644 --- a/samples/bluetooth/peripheral_hids_keyboard/prj.conf +++ b/samples/bluetooth/peripheral_hids_keyboard/prj.conf @@ -6,7 +6,6 @@ CONFIG_NCS_SAMPLES_DEFAULTS=y CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_MAX_CONN=2 CONFIG_BT_MAX_PAIRED=2 CONFIG_BT_SMP=y diff --git a/samples/bluetooth/peripheral_hr_coded/prj.conf b/samples/bluetooth/peripheral_hr_coded/prj.conf index 9493bd58602f..083250222ff4 100644 --- a/samples/bluetooth/peripheral_hr_coded/prj.conf +++ b/samples/bluetooth/peripheral_hr_coded/prj.conf @@ -8,7 +8,6 @@ CONFIG_NCS_SAMPLES_DEFAULTS=y CONFIG_DK_LIBRARY=y CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_DEVICE_NAME="Nordic_HRS" CONFIG_BT_BAS=y diff --git a/samples/bluetooth/subrating/prj.conf b/samples/bluetooth/subrating/prj.conf index e0fa68c04be1..d20f4b8a72a0 100644 --- a/samples/bluetooth/subrating/prj.conf +++ b/samples/bluetooth/subrating/prj.conf @@ -12,7 +12,6 @@ CONFIG_CONSOLE_GETCHAR=y CONFIG_BT_DEVICE_NAME="Nordic_Subrating" CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_CENTRAL=y CONFIG_BT_SUBRATING=y diff --git a/samples/bluetooth/throughput/prj.conf b/samples/bluetooth/throughput/prj.conf index 01e85f9b017c..b31021e1bf34 100644 --- a/samples/bluetooth/throughput/prj.conf +++ b/samples/bluetooth/throughput/prj.conf @@ -9,7 +9,6 @@ CONFIG_SHELL=y CONFIG_BT_DEVICE_NAME="Nordic_Throughput" CONFIG_BT=y -CONFIG_BT_DEBUG_LOG=y CONFIG_BT_SMP=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_CENTRAL=y diff --git a/samples/cellular/modem_shell/overlay-bt.conf b/samples/cellular/modem_shell/overlay-bt.conf index d4e2317fdf85..1d53de693974 100644 --- a/samples/cellular/modem_shell/overlay-bt.conf +++ b/samples/cellular/modem_shell/overlay-bt.conf @@ -22,7 +22,7 @@ CONFIG_BT_BROADCASTER=y CONFIG_BT_OBSERVER=y CONFIG_BT_DEBUG_NONE=y -#CONFIG_BT_DEBUG_LOG=y +#CONFIG_LOG=y CONFIG_BT_LOG_LEVEL_OFF=y #CONFIG_BT_DEBUG_HCI_CORE=y CONFIG_BT_SHELL=y diff --git a/tests/bluetooth/tester/boards/qemu_cortex_m3.conf b/tests/bluetooth/tester/boards/qemu_cortex_m3.conf index c361f198cb14..9420a9e66f44 100644 --- a/tests/bluetooth/tester/boards/qemu_cortex_m3.conf +++ b/tests/bluetooth/tester/boards/qemu_cortex_m3.conf @@ -1,6 +1,6 @@ CONFIG_INIT_STACKS=y CONFIG_PRINTK=y -CONFIG_BT_DEBUG_LOG=y +CONFIG_LOG=y CONFIG_BT_DEBUG_HCI_CORE=y CONFIG_BT_DEBUG_CONN=y CONFIG_BT_DEBUG_L2CAP=y From eebde4575722bf84993d3c6923d4d9d540615efe Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Mon, 23 Sep 2024 10:42:21 +0200 Subject: [PATCH 117/217] applications: remove Kconfig for selecting HCI driver Removed the BT_HCI_IPC Kconfig from the application configuration, as this option for selecting the Bluetooth HCI driver over IPC does not have a Kconfig prompt anymore. The selection of the Bluetooth HCI driver is now done using DTS. Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- .../configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf | 1 - .../nrf54h20dk_nrf54h20_cpuapp/prj_singlecore.conf | 1 - .../configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf | 2 -- .../configuration/nrf54h20dk_nrf54h20_cpuapp/prj_release.conf | 2 -- 4 files changed, 6 deletions(-) diff --git a/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf b/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf index a492407fe7d6..dbd4929051a9 100644 --- a/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf +++ b/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf @@ -122,7 +122,6 @@ CONFIG_BT_BUF_ACL_TX_SIZE=251 CONFIG_BT_BUF_ACL_RX_SIZE=502 CONFIG_BT=y -CONFIG_BT_HCI_IPC=y CONFIG_BT_SMP=y CONFIG_BT_SIGNING=y CONFIG_BT_BONDABLE=y diff --git a/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_singlecore.conf b/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_singlecore.conf index cda2ba1c64d6..9fbc656b7b7b 100644 --- a/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_singlecore.conf +++ b/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_singlecore.conf @@ -127,7 +127,6 @@ CONFIG_BT_BUF_ACL_TX_SIZE=251 CONFIG_BT_BUF_ACL_RX_SIZE=502 CONFIG_BT=y -CONFIG_BT_HCI_IPC=y CONFIG_BT_SMP=y CONFIG_BT_SIGNING=y CONFIG_BT_BONDABLE=y diff --git a/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf b/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf index 32f13efa8fc3..f2836953c48d 100644 --- a/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf +++ b/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj.conf @@ -88,8 +88,6 @@ CONFIG_LED=y # PWM not supported on this target, using GPIO instead. CONFIG_LED_GPIO=y -CONFIG_BT_HCI_IPC=y - CONFIG_BT_MAX_PAIRED=2 CONFIG_BT_ID_MAX=3 diff --git a/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_release.conf b/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_release.conf index 5531d5c0ab92..6f83a10f2781 100644 --- a/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_release.conf +++ b/applications/nrf_desktop/configuration/nrf54h20dk_nrf54h20_cpuapp/prj_release.conf @@ -79,8 +79,6 @@ CONFIG_LED=y # PWM not supported on this target, using GPIO instead. CONFIG_LED_GPIO=y -CONFIG_BT_HCI_IPC=y - CONFIG_BT_MAX_PAIRED=2 CONFIG_BT_ID_MAX=3 From 871267c41d304941e228089058215e45f2299bab Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Mon, 23 Sep 2024 12:19:10 +0200 Subject: [PATCH 118/217] treewide: Remove remaining CONFIG_WIFI_NRF700X use The Wi-Fi driver now defines CONFIG_WIFI_NRF70 config. Signed-off-by: Robert Lubos --- applications/matter_bridge/Kconfig.sysbuild | 4 ++-- samples/cellular/nrf_cloud_multi_service/Kconfig.sysbuild | 2 +- .../nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf | 4 ++-- .../overlay-nrf70-driver-verbose-debug.conf | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/applications/matter_bridge/Kconfig.sysbuild b/applications/matter_bridge/Kconfig.sysbuild index 67284a713e16..74e7dc62fddd 100644 --- a/applications/matter_bridge/Kconfig.sysbuild +++ b/applications/matter_bridge/Kconfig.sysbuild @@ -20,7 +20,7 @@ endchoice # Enable IEEE802.15.4 serialization to network core # This config automatically pulls in the `overlay-802154.conf` in the ipc_radio image config NETCORE_IPC_RADIO_IEEE802154 - default y if (SOC_SERIES_NRF53X || SOC_SERIES_NRF54HX) && !WIFI_NRF700X + default y if (SOC_SERIES_NRF53X || SOC_SERIES_NRF54HX) && !WIFI_NRF70 if BOOTLOADER_MCUBOOT @@ -38,7 +38,7 @@ config PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY if SOC_SERIES_NRF53X config MCUBOOT_UPDATEABLE_IMAGES - default 3 if (BOARD_NRF5340DK_NRF5340_CPUAPP && WIFI_NRF700X) #### Support for WiFi patch on external flash memory. + default 3 if (BOARD_NRF5340DK_NRF5340_CPUAPP && WIFI_NRF70) #### Support for WiFi patch on external flash memory. default 2 choice MCUBOOT_MODE diff --git a/samples/cellular/nrf_cloud_multi_service/Kconfig.sysbuild b/samples/cellular/nrf_cloud_multi_service/Kconfig.sysbuild index 29af9c4a9ee2..d907c91b3dd1 100644 --- a/samples/cellular/nrf_cloud_multi_service/Kconfig.sysbuild +++ b/samples/cellular/nrf_cloud_multi_service/Kconfig.sysbuild @@ -4,7 +4,7 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -config WIFI_NRF700X +config WIFI_NRF70 default y if BOARD_THINGY91X_NRF9151_NS source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf index 77d4fe8062bb..757f45591b40 100644 --- a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf +++ b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf @@ -13,8 +13,8 @@ CONFIG_BME680=y # configs for Wi-Fi CONFIG_WIFI=y -CONFIG_WIFI_NRF700X=y -CONFIG_WIFI_NRF700X_SKIP_LOCAL_ADMIN_MAC=y +CONFIG_WIFI_NRF70=y +CONFIG_WIFI_NRF70_SKIP_LOCAL_ADMIN_MAC=y # Align this with CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT=10 diff --git a/snippets/nrf70-driver-verbose-debug/overlay-nrf70-driver-verbose-debug.conf b/snippets/nrf70-driver-verbose-debug/overlay-nrf70-driver-verbose-debug.conf index bf97b383fcd3..7b2948844347 100644 --- a/snippets/nrf70-driver-verbose-debug/overlay-nrf70-driver-verbose-debug.conf +++ b/snippets/nrf70-driver-verbose-debug/overlay-nrf70-driver-verbose-debug.conf @@ -18,6 +18,6 @@ CONFIG_SYS_HEAP_RUNTIME_STATS=y CONFIG_LOG=y CONFIG_LOG_MODE_IMMEDIATE=y CONFIG_PRINTK=y -CONFIG_WIFI_NRF700X_LOG_LEVEL_DBG=y -CONFIG_WIFI_NRF700X_BUS_LOG_LEVEL_DBG=y +CONFIG_WIFI_NRF70_LOG_LEVEL_DBG=y +CONFIG_WIFI_NRF70_BUS_LOG_LEVEL_DBG=y CONFIG_NRF_WIFI_LOG_LEVEL_DBG=y From a5b920460d9444d01d785073bf6470ed9ba2c0a5 Mon Sep 17 00:00:00 2001 From: Lang Xie Date: Mon, 23 Sep 2024 12:26:56 +0200 Subject: [PATCH 119/217] Bluetooth: Controller: Kconfig: select BT_CTLR_CRYPTO_SUPPORT for sdc Config BT_CTLR_CRYPTO now has dependency to BT_CTLR_CRYPTO_SUPPORT. Signed-off-by: Lang Xie --- subsys/bluetooth/controller/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/bluetooth/controller/Kconfig b/subsys/bluetooth/controller/Kconfig index 5d602dd416e0..a998cd4212b1 100644 --- a/subsys/bluetooth/controller/Kconfig +++ b/subsys/bluetooth/controller/Kconfig @@ -12,6 +12,7 @@ config BT_LL_SOFTDEVICE bool "SoftDevice Link Layer" select MPSL select ZERO_LATENCY_IRQS if !SOC_SERIES_BSIM_NRFXX + select BT_CTLR_CRYPTO_SUPPORT select BT_CTLR_ENTROPY_SUPPORT select BT_CTLR_LE_ENC_SUPPORT select BT_CTLR_ECDH_SUPPORT From 768479276c285417460644145f78dff4dd1ddd85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 23 Sep 2024 13:41:20 +0200 Subject: [PATCH 120/217] wifi: shell: Remove usage of Kconfig MBEDTLS_GENERATE_CFG_FILE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This configuration was always set for all usage of nrf_secrity This has now been removed. This removes reference to the Kconfig from a wifi shell scan-only sample Signed-off-by: Frank Audun Kvamtrø --- samples/wifi/shell/overlay-scan-only.conf | 2 -- 1 file changed, 2 deletions(-) diff --git a/samples/wifi/shell/overlay-scan-only.conf b/samples/wifi/shell/overlay-scan-only.conf index 7e7055ef91d6..37ae5f28966f 100644 --- a/samples/wifi/shell/overlay-scan-only.conf +++ b/samples/wifi/shell/overlay-scan-only.conf @@ -4,8 +4,6 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT=n CONFIG_NET_DEFAULT_IF_ETHERNET=y CONFIG_MBEDTLS=n CONFIG_NORDIC_SECURITY_BACKEND=n -# If MbedTLS is enabled, use the standard files -CONFIG_GENERATE_MBEDTLS_CFG_FILE=y # Disable unused networking options CONFIG_NET_SOCKETS=n From 176a4b946c1dd64ac5d87a20d2c6baab9a04f7b5 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Mon, 23 Sep 2024 10:55:18 +0200 Subject: [PATCH 121/217] applications: serial_lte_modem: fix native_tls Kconfig overlay Remove the disabling of 2 Kconfig options that do not exist anymore, and a third one that is not needed. Signed-off-by: Tomi Fontanilles --- applications/serial_lte_modem/overlay-native_tls.conf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/applications/serial_lte_modem/overlay-native_tls.conf b/applications/serial_lte_modem/overlay-native_tls.conf index 89677639e5c4..71f7f5bdb2f3 100644 --- a/applications/serial_lte_modem/overlay-native_tls.conf +++ b/applications/serial_lte_modem/overlay-native_tls.conf @@ -82,10 +82,6 @@ CONFIG_MBEDTLS_CHACHA20_C=n CONFIG_MBEDTLS_POLY1305_C=n CONFIG_MBEDTLS_DHM_C=n CONFIG_MBEDTLS_CMAC_C=n -# Disable cipher modes -CONFIG_MBEDTLS_CIPHER_MODE_CTR=n -CONFIG_MBEDTLS_CIPHER_MODE_CFB=n -CONFIG_MBEDTLS_CIPHER_MODE_OFB=n # Disable key exchange algorithms CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED=n CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED=n From 63a33c40524a002c898dabc0a6c6b31ab794fa36 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Mon, 23 Sep 2024 11:38:58 +0200 Subject: [PATCH 122/217] tests: suit: fix "MBEDTLS_ECDSA_C defined, but not all prerequisites" Add the missing definition of MBEDTLS_ASN1_PARSE_C to the user Mbed TLS configuration file. The whole thing could be made better by switching to using Kconfig symbols for selection of Mbed TLS features, but this would be a separate cleanup task. Signed-off-by: Tomi Fontanilles --- tests/subsys/suit/common/tls_config/user-tls-conf.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/subsys/suit/common/tls_config/user-tls-conf.h b/tests/subsys/suit/common/tls_config/user-tls-conf.h index d26f73451724..5c6ebb483854 100644 --- a/tests/subsys/suit/common/tls_config/user-tls-conf.h +++ b/tests/subsys/suit/common/tls_config/user-tls-conf.h @@ -210,6 +210,8 @@ */ #define MBEDTLS_ECDSA_C +#define MBEDTLS_ASN1_PARSE_C + /* Verify that the assigned volatile key ID will match with the key ID used * inside the authentication wrappers. */ From c408742f9b893565d294d4ce0fd7269825b599e1 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Mon, 23 Sep 2024 15:26:57 +0200 Subject: [PATCH 123/217] Bluetooth: Mesh: align rpl with subnet bridge changes Align rpl with subnet bridge changes. Signed-off-by: alperen sener Signed-off-by: Bjarki Arge Andreasen --- subsys/bluetooth/mesh/rpl.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/subsys/bluetooth/mesh/rpl.c b/subsys/bluetooth/mesh/rpl.c index 5ac006860ad3..d293e7ca724e 100644 --- a/subsys/bluetooth/mesh/rpl.c +++ b/subsys/bluetooth/mesh/rpl.c @@ -43,7 +43,7 @@ void bt_mesh_rpl_update(struct bt_mesh_rpl *rpl, * the RPL is immediately updated (used for unsegmented messages). */ bool bt_mesh_rpl_check(struct bt_mesh_net_rx *rx, - struct bt_mesh_rpl **match) + struct bt_mesh_rpl **match, bool bridge) { int i; @@ -52,8 +52,8 @@ bool bt_mesh_rpl_check(struct bt_mesh_net_rx *rx, return false; } - /* The RPL is used only for the local node */ - if (!rx->local_match) { + /* The RPL is used only for the local node or Subnet Bridge. */ + if (!rx->local_match && !bridge) { return false; } From 58037f92c45361b33e5f6ca8cdcc69851c8f4f61 Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Mon, 23 Sep 2024 16:23:07 +0200 Subject: [PATCH 124/217] unity: Fix cmock headers generation (syscalls) Syscalls headers location is now prefixed with "zephyr", so need to take this into account when generating cmock headers for unity. Signed-off-by: Robert Lubos --- scripts/unity/header_prepare.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/unity/header_prepare.py b/scripts/unity/header_prepare.py index 05ec459df296..0ab37cc8ba65 100644 --- a/scripts/unity/header_prepare.py +++ b/scripts/unity/header_prepare.py @@ -43,7 +43,7 @@ def header_prepare(in_file, out_file, out_wrap_file): content = static_inline_pattern.sub(r"\1;", content) # remove syscall include - syscall_pattern = re.compile(r"#include ", re.M | re.S) + syscall_pattern = re.compile(r"#include ", re.M | re.S) content = syscall_pattern.sub(r"", content) syscall_decl_pattern = re.compile( From 1877e57b493d2bd780a83067aed87e22cbe717da Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Mon, 16 Sep 2024 10:06:50 +0200 Subject: [PATCH 125/217] snippets: add nrf70-wifi snippet This snippet is used for nrf54h20 and nrf54l15 boards which are ressource constrained on the cpuapp core, requiring reallocation of sram, rram, and custom kconfig settings to fit the wifi driver onto the cpuapp core. Signed-off-by: Bjarki Arge Andreasen --- snippets/nrf70-wifi/nrf54h20_cpuapp.conf | 7 +++++ snippets/nrf70-wifi/nrf54h20_cpuapp.overlay | 32 +++++++++++++++++++++ snippets/nrf70-wifi/nrf54l15_cpuapp.conf | 10 +++++++ snippets/nrf70-wifi/nrf54l15_cpuapp.overlay | 21 ++++++++++++++ snippets/nrf70-wifi/snippet.yml | 18 ++++++++++++ 5 files changed, 88 insertions(+) create mode 100644 snippets/nrf70-wifi/nrf54h20_cpuapp.conf create mode 100644 snippets/nrf70-wifi/nrf54h20_cpuapp.overlay create mode 100644 snippets/nrf70-wifi/nrf54l15_cpuapp.conf create mode 100644 snippets/nrf70-wifi/nrf54l15_cpuapp.overlay create mode 100644 snippets/nrf70-wifi/snippet.yml diff --git a/snippets/nrf70-wifi/nrf54h20_cpuapp.conf b/snippets/nrf70-wifi/nrf54h20_cpuapp.conf new file mode 100644 index 000000000000..2e721849d8aa --- /dev/null +++ b/snippets/nrf70-wifi/nrf54h20_cpuapp.conf @@ -0,0 +1,7 @@ +# Copyright (c) 2024 Nordic Semiconductor +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + +CONFIG_TEST_RANDOM_GENERATOR=y +CONFIG_NET_SOCKETPAIR_HEAP=y +CONFIG_HEAP_MEM_POOL_SIZE=139000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y diff --git a/snippets/nrf70-wifi/nrf54h20_cpuapp.overlay b/snippets/nrf70-wifi/nrf54h20_cpuapp.overlay new file mode 100644 index 000000000000..cd45fa4a4f5b --- /dev/null +++ b/snippets/nrf70-wifi/nrf54h20_cpuapp.overlay @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + */ + +/delete-node/ &cpuapp_slot0_partition; +/delete-node/ &cpuppr_code_partition; +/delete-node/ &cpuflpr_code_partition; + +&cpuapp_rx_partitions { + cpuapp_slot0_partition: partition@a6000 { + reg = <0xa6000 DT_SIZE_K(1140)>; + }; + + cpuppr_code_partition: partition@1c3000 { + reg = <0x1c3000 DT_SIZE_K(64)>; + }; + + cpuflpr_code_partition: partition@1d3000 { + reg = <0x1d3000 DT_SIZE_K(48)>; + }; +}; + +/delete-node/ &dfu_partition; +/delete-node/ &storage_partition; + +&cpuapp_rw_partitions { + storage_partition: partition@1df000 { + reg = < 0x1df000 DT_SIZE_K(24) >; + }; +}; diff --git a/snippets/nrf70-wifi/nrf54l15_cpuapp.conf b/snippets/nrf70-wifi/nrf54l15_cpuapp.conf new file mode 100644 index 000000000000..be36b80119b6 --- /dev/null +++ b/snippets/nrf70-wifi/nrf54l15_cpuapp.conf @@ -0,0 +1,10 @@ +# Copyright (c) 2024 Nordic Semiconductor +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + +CONFIG_TEST_RANDOM_GENERATOR=y +CONFIG_NET_SOCKETPAIR_HEAP=y +CONFIG_SHELL_STACK_SIZE=2048 +CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=2048 +CONFIG_ISR_STACK_SIZE=512 +CONFIG_HEAP_MEM_POOL_SIZE=138000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y diff --git a/snippets/nrf70-wifi/nrf54l15_cpuapp.overlay b/snippets/nrf70-wifi/nrf54l15_cpuapp.overlay new file mode 100644 index 000000000000..08ef6cc9696b --- /dev/null +++ b/snippets/nrf70-wifi/nrf54l15_cpuapp.overlay @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + */ + +&rram_controller { + /delete-node/ cpuflpr_sram; + /delete-node/ cpuflpr_rram; +}; + +/* Adjust the cpuapp_sram to include the freed up cpuflpr_sram */ +&cpuapp_sram { + reg = <0x20000000 DT_SIZE_K(256)>; + ranges = <0x0 0x20000000 0x20040000>; +}; + +/* Adjust the cpuapp_rram to include the freed up cpuflpr_rram */ +&cpuapp_rram { + reg = <0x0 DT_SIZE_K(1524)>; +}; diff --git a/snippets/nrf70-wifi/snippet.yml b/snippets/nrf70-wifi/snippet.yml new file mode 100644 index 000000000000..40bd457d9e23 --- /dev/null +++ b/snippets/nrf70-wifi/snippet.yml @@ -0,0 +1,18 @@ +# Copyright (c) 2024 Nordic Semiconductor +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + +name: nrf70-wifi + +boards: + nrf54h20dk/nrf54h20/cpuapp: + append: + EXTRA_CONF_FILE: nrf54h20_cpuapp.conf + EXTRA_DTC_OVERLAY_FILE: nrf54h20_cpuapp.overlay + nrf54l15dk/nrf54l15/cpuapp: + append: + EXTRA_CONF_FILE: nrf54l15_cpuapp.conf + EXTRA_DTC_OVERLAY_FILE: nrf54l15_cpuapp.overlay + nrf54l15pdk/nrf54l15/cpuapp: + append: + EXTRA_CONF_FILE: nrf54l15_cpuapp.conf + EXTRA_DTC_OVERLAY_FILE: nrf54l15_cpuapp.overlay From 37ea811697d6c39f63338f594ac05735880b0ccb Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Mon, 23 Sep 2024 21:20:14 +0200 Subject: [PATCH 126/217] samples: wifi: shell: Update nrf7002eb_interposer tests The nrf7002_interposer board now is a proper shield, along with the proper shield nrf7002eb. Update the tests which use the interposer + nrf7002eb shield, and combine them into a single test suite since the test is identical for any board using this combo. Signed-off-by: Bjarki Arge Andreasen --- samples/matter/template/sample.yaml | 13 +++++++++---- samples/wifi/scan/sample.yaml | 19 +++++++------------ samples/wifi/shell/sample.yaml | 25 ++++++++----------------- samples/wifi/sta/sample.yaml | 19 +++++++------------ 4 files changed, 31 insertions(+), 45 deletions(-) diff --git a/samples/matter/template/sample.yaml b/samples/matter/template/sample.yaml index 584cdd3fd938..42e45d2dc927 100644 --- a/samples/matter/template/sample.yaml +++ b/samples/matter/template/sample.yaml @@ -62,10 +62,15 @@ tests: sample.matter.template.nrf54h20.nrf7002eb: sysbuild: true build_only: true - extra_args: SB_CONFIG_WIFI_NRF70=y template_SHIELD=nrf700x_nrf54h20dk - CONFIG_CHIP_WIFI=y CONFIG_CHIP_BOOTLOADER_NONE=y - CONFIG_CHIP_OTA_REQUESTOR=n SB_CONFIG_MATTER_OTA=n - CONFIG_LTO=y CONFIG_ISR_TABLES_LOCAL_DECLARATION=y + extra_args: + - SB_CONFIG_WIFI_NRF70=y + - template_SHIELD=nrf7002eb_interposer_p1 nrf7002eb + - CONFIG_CHIP_WIFI=y + - CONFIG_CHIP_BOOTLOADER_NONE=y + - CONFIG_CHIP_OTA_REQUESTOR=n + - SB_CONFIG_MATTER_OTA=n + - CONFIG_LTO=y + - CONFIG_ISR_TABLES_LOCAL_DECLARATION=y integration_platforms: - nrf54h20dk/nrf54h20/cpuapp platform_allow: nrf54h20dk/nrf54h20/cpuapp diff --git a/samples/wifi/scan/sample.yaml b/samples/wifi/scan/sample.yaml index c6255b858e8c..269d677d80bb 100644 --- a/samples/wifi/scan/sample.yaml +++ b/samples/wifi/scan/sample.yaml @@ -44,19 +44,14 @@ tests: platform_allow: thingy91x/nrf9151/ns extra_args: SHIELD=nrf7002ek_nrf7000 tags: ci_build sysbuild ci_samples_wifi - sample.scan.nrf7002eb.nrf54l15dk.shell: + sample.nrf7002eb_interposer_p1.nrf7002eb.scan: sysbuild: true build_only: true - extra_args: SHIELD=nrf700x_nrf54l15pdk - integration_platforms: - - nrf54l15dk/nrf54l15/cpuapp - platform_allow: nrf54l15dk/nrf54l15/cpuapp - tags: ci_build sysbuild ci_samples_wifi - sample.scan.nrf54h20dk_nrf7002ek.shell: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf700x_nrf54h20dk - integration_platforms: + extra_args: + - scan_SHIELD=nrf7002eb_interposer_p1 nrf7002eb + - scan_SNIPPET=nrf70-wifi + platform_allow: - nrf54h20dk/nrf54h20/cpuapp - platform_allow: nrf54h20dk/nrf54h20/cpuapp + - nrf54l15pdk/nrf54l15/cpuapp + - nrf54l15dk/nrf54l15/cpuapp tags: ci_build sysbuild ci_samples_wifi diff --git a/samples/wifi/shell/sample.yaml b/samples/wifi/shell/sample.yaml index aed03dbc6b13..b713da2d5c4e 100644 --- a/samples/wifi/shell/sample.yaml +++ b/samples/wifi/shell/sample.yaml @@ -203,11 +203,16 @@ tests: - nrf52840dk/nrf52840 platform_allow: nrf5340dk/nrf5340/cpuapp nrf52840dk/nrf52840 tags: ci_build sysbuild ci_samples_wifi - sample.nrf54h20dk_nrf7002ek.shell: + sample.nrf7002eb_interposer_p1.nrf7002eb.shell: sysbuild: true build_only: true - extra_args: SHIELD=nrf700x_nrf54h20dk - platform_allow: nrf54h20dk/nrf54h20/cpuapp + extra_args: + - shell_SHIELD=nrf7002eb_interposer_p1 nrf7002eb + - shell_SNIPPET=nrf70-wifi + platform_allow: + - nrf54h20dk/nrf54h20/cpuapp + - nrf54l15pdk/nrf54l15/cpuapp + - nrf54l15dk/nrf54l15/cpuapp tags: ci_build sysbuild ci_samples_wifi # Used by QA and also acts as a memory stress test sample.nrf7001.superset: @@ -329,20 +334,6 @@ tests: - nrf7002dk/nrf5340/cpuapp/nrf7001 platform_allow: nrf7002dk/nrf5340/cpuapp/nrf7001 tags: ci_build sysbuild ci_samples_wifi - sample.nrf7002eb.nrf54l15pdk.shell: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf700x_nrf54l15pdk - platform_allow: nrf54l15pdk/nrf54l15/cpuapp - tags: ci_build sysbuild ci_samples_wifi - sample.nrf7002eb.nrf54l15dk.shell: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf700x_nrf54l15dk - integration_platforms: - - nrf54l15dk/nrf54l15/cpuapp - platform_allow: nrf54l15dk/nrf54l15/cpuapp - tags: ci_build sysbuild ci_samples_wifi sample.nrf7002.shell.psa: build_only: true extra_args: CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA=y diff --git a/samples/wifi/sta/sample.yaml b/samples/wifi/sta/sample.yaml index 3fc544b6bda6..494de460dfd3 100644 --- a/samples/wifi/sta/sample.yaml +++ b/samples/wifi/sta/sample.yaml @@ -58,19 +58,14 @@ tests: - thingy53/nrf5340/cpuapp platform_allow: thingy53/nrf5340/cpuapp tags: ci_build sysbuild ci_samples_wifi - sample.sta.nrf7002eb.nrf54l15dk.shell: + sample.nrf7002eb_interposer_p1.nrf7002eb.sta: sysbuild: true build_only: true - extra_args: SHIELD=nrf700x_nrf54l15pdk - integration_platforms: - - nrf54l15dk/nrf54l15/cpuapp - platform_allow: nrf54l15dk/nrf54l15/cpuapp - tags: ci_build sysbuild ci_samples_wifi - sample.sta.nrf54h20dk_nrf7002ek.shell: - sysbuild: true - build_only: true - extra_args: SHIELD=nrf700x_nrf54h20dk - integration_platforms: + extra_args: + - sta_SHIELD=nrf7002eb_interposer_p1 nrf7002eb + - sta_SNIPPET=nrf70-wifi + platform_allow: - nrf54h20dk/nrf54h20/cpuapp - platform_allow: nrf54h20dk/nrf54h20/cpuapp + - nrf54l15pdk/nrf54l15/cpuapp + - nrf54l15dk/nrf54l15/cpuapp tags: ci_build sysbuild ci_samples_wifi From 15aa0e7a9ead6e5748146d981cc7682e67f5eef8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 23 Sep 2024 20:51:57 +0200 Subject: [PATCH 127/217] crypto: Simplify psa_crypto_config/psa_crypto_library_config selection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Make a selection of the interface vs library build by adding the interface-target psa_crypto_config_chosen and reference by INTERFACE linkage which of the two possible candidate targets is used in the current scope -Also simplify handling of MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER by protecting it behind CONFIG_BUILD_WITH_TFM Signed-off-by: Frank Audun Kvamtrø --- .../nrf_security/cmake/generate_configs.cmake | 6 ++---- subsys/nrf_security/src/CMakeLists.txt | 17 +++++++++++++---- .../src/drivers/cracen/CMakeLists.txt | 6 ------ .../src/drivers/nrf_oberon/CMakeLists.txt | 2 +- subsys/nrf_security/src/legacy/CMakeLists.txt | 2 +- subsys/nrf_security/src/zephyr/CMakeLists.txt | 2 +- 6 files changed, 18 insertions(+), 17 deletions(-) diff --git a/subsys/nrf_security/cmake/generate_configs.cmake b/subsys/nrf_security/cmake/generate_configs.cmake index 9bef08da4899..9ed6aed6dc3a 100644 --- a/subsys/nrf_security/cmake/generate_configs.cmake +++ b/subsys/nrf_security/cmake/generate_configs.cmake @@ -101,12 +101,10 @@ macro(generate_mbedcrypto_library_configs) # CONFIG_MBEDTLS_PSA_CRYPTO_C must be set as to true for all library builds set(CONFIG_MBEDTLS_PSA_CRYPTO_C True) - # CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be set to true for the following builds - # -TF-M secure image - # -Secure-only builds which takes in nrf_cc3xx (Requires stable ABI for psa_key_attributes_t) - set(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) + # Handle configurations required by library build inside TF-M (NS world doesn't use psa_crypto_library_config) if(CONFIG_BUILD_WITH_TFM) + set(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER True) # CONFIG_MBEDTLS_PSA_CRYPTO_SPM must be set for the library build in TF-M set(CONFIG_MBEDTLS_PSA_CRYPTO_SPM True) # CONFIG_MBEDTLS_USE_PSA_CRYPTO must be unset for library build in TF-M diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index fd8f46324007..165ced56b559 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -39,6 +39,15 @@ target_include_directories(psa_crypto_config ) endif() +# Add a meta-target of the PSA config interface to avoid using generator expressions +add_library(psa_crypto_config_chosen INTERFACE) + +if(CONFIG_BUILD_WITH_TFM) + target_link_libraries(psa_crypto_config_chosen INTERFACE psa_crypto_config) +else() + target_link_libraries(psa_crypto_config_chosen INTERFACE psa_crypto_library_config) +endif() + # Add include folders for psa_crypto_library_config (library build in S-only and inside TF-M) target_include_directories(psa_crypto_library_config @@ -85,7 +94,7 @@ add_library(${mbedcrypto_target} target_link_libraries(${mbedcrypto_target} INTERFACE - psa_crypto_config + psa_crypto_config_chosen psa_interface ) @@ -132,7 +141,7 @@ add_library(mbedcrypto_base target_link_libraries(mbedcrypto_base PRIVATE - psa_crypto_config + psa_crypto_config_chosen $ nrf_security_utils PUBLIC @@ -230,7 +239,7 @@ if (CONFIG_MBEDTLS_X509_LIBRARY) # Link with target_link_libraries(mbedx509 PRIVATE - psa_crypto_config + psa_crypto_config_chosen ${mbedcrypto_target} mbedcrypto_base ) @@ -272,7 +281,7 @@ if (CONFIG_MBEDTLS_TLS_LIBRARY) target_link_libraries(mbedtls PRIVATE - psa_crypto_config + psa_crypto_config_chosen mbedx509 ${mbedcrypto_target} mbedcrypto_base diff --git a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt index dbb5a89399bd..84411a3c5bb8 100644 --- a/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/cracen/CMakeLists.txt @@ -20,12 +20,6 @@ target_include_directories(psa_crypto_library_config ${cracen_driver_include_dirs} ) -target_include_directories(psa_crypto_config - INTERFACE - ${CMAKE_CURRENT_LIST_DIR}/common/include/ - ${cracen_driver_include_dirs} -) - add_library(cracen_psa_driver STATIC ${cracen_driver_sources} ) diff --git a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt index 3cd93cc2b63a..9a25c7dc3900 100644 --- a/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/nrf_oberon/CMakeLists.txt @@ -79,7 +79,7 @@ target_link_libraries(oberon_psa_core target_link_libraries(mbedcrypto_oberon_mbedtls_imported INTERFACE - psa_crypto_config + psa_crypto_config_chosen ${mbedcrypto_target} ) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index b168121cb04f..b6b599ca7d42 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -127,7 +127,7 @@ if(TARGET nrf_cc3xx_core_imported) # nrf_cc3xx needs functionality from mbedcrypto_base target_link_libraries(nrf_cc3xx_core_imported INTERFACE - psa_crypto_config + psa_crypto_config_chosen ${mbedcrypto_target} ) endif() diff --git a/subsys/nrf_security/src/zephyr/CMakeLists.txt b/subsys/nrf_security/src/zephyr/CMakeLists.txt index b0c285271ea2..146eae3622c5 100644 --- a/subsys/nrf_security/src/zephyr/CMakeLists.txt +++ b/subsys/nrf_security/src/zephyr/CMakeLists.txt @@ -11,7 +11,7 @@ # to ensure that MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is not set. target_link_libraries(zephyr_interface INTERFACE - psa_crypto_config + psa_crypto_config_chosen psa_interface ) From 7dba32af038481ba1d130e091ef82a2c24c3c39b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 08:26:38 +0200 Subject: [PATCH 128/217] crypto: Fix SSF for psa_crypto_config selection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Choosing psa_crypto_config for SSF client builds Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/CMakeLists.txt b/subsys/nrf_security/src/CMakeLists.txt index 165ced56b559..fabf1f3fae65 100644 --- a/subsys/nrf_security/src/CMakeLists.txt +++ b/subsys/nrf_security/src/CMakeLists.txt @@ -42,7 +42,7 @@ endif() # Add a meta-target of the PSA config interface to avoid using generator expressions add_library(psa_crypto_config_chosen INTERFACE) -if(CONFIG_BUILD_WITH_TFM) +if(CONFIG_BUILD_WITH_TFM OR CONFIG_PSA_SSF_CRYPTO_CLIENT) target_link_libraries(psa_crypto_config_chosen INTERFACE psa_crypto_config) else() target_link_libraries(psa_crypto_config_chosen INTERFACE psa_crypto_library_config) From 5ddb9a108797102d4ad35a897a3d162e863b97e9 Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Tue, 24 Sep 2024 09:49:56 +0200 Subject: [PATCH 129/217] doc: nrf: adjust references to hello world sample Sample now uses :zephyr:code-sample: Signed-off-by: Gerard Marull-Paretas --- doc/nrf/app_dev/device_guides/nrf91/nrf91_board_controllers.rst | 2 +- .../releases_and_maturity/releases/release-notes-2.6.99-cs1.rst | 2 +- .../releases_and_maturity/releases/release-notes-2.6.99-cs2.rst | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/nrf/app_dev/device_guides/nrf91/nrf91_board_controllers.rst b/doc/nrf/app_dev/device_guides/nrf91/nrf91_board_controllers.rst index 80e29a32b386..400fa2cce514 100644 --- a/doc/nrf/app_dev/device_guides/nrf91/nrf91_board_controllers.rst +++ b/doc/nrf/app_dev/device_guides/nrf91/nrf91_board_controllers.rst @@ -41,7 +41,7 @@ The nRF52840 SoC on the DK comes preprogrammed with a firmware. If you need to restore the original firmware at some point, download the `nRF9160 DK board controller firmware`_ from the nRF9160 DK downloads page. To program the HEX file, use nrfjprog (which is part of the `nRF Command Line Tools`_). -If you want to route some pins differently from what is done in the preprogrammed firmware, program the :ref:`zephyr:hello_world` sample instead of the preprogrammed firmware. +If you want to route some pins differently from what is done in the preprogrammed firmware, program the :zephyr:code-sample:`hello_world` sample instead of the preprogrammed firmware. Build the sample (located under :file:`ncs/zephyr/samples/hello_world`) for the ``nrf9160dk_nrf52840`` board target. To change the routing options, enable or disable the corresponding devicetree nodes for that board as needed. See :ref:`zephyr:nrf9160dk_board_controller_firmware` for detailed information. diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst index 2774b3d58373..4429db184453 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs1.rst @@ -228,7 +228,7 @@ Zephyr samples * Added support for the :ref:`nRF54L15 PDK ` in the following Zephyr samples: * :zephyr:code-sample:`blinky` - * :ref:`zephyr:hello_world` + * :zephyr:code-sample:`hello_world` * :zephyr:code-sample:`settings` * :zephyr:code-sample:`bluetooth_observer` * :zephyr:code-sample:`nrf_system_off` diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs2.rst b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs2.rst index e7cbc35cea7f..396f0c5fa2ab 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs2.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-2.6.99-cs2.rst @@ -137,7 +137,7 @@ Zephyr samples * Added support for the :ref:`nRF54H20 DK ` in the following Zephyr samples: * :zephyr:code-sample:`pwm-blinky` - * :ref:`zephyr:hello_world` + * :zephyr:code-sample:`hello_world` * :zephyr:code-sample:`fade-led` Documentation From 53d10a34ecefa37cde626f69196f022167ec12fe Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Tue, 24 Sep 2024 13:41:50 +0300 Subject: [PATCH 130/217] nrf_security: remove CFB and OFB Mbed TLS cipher modes Remove the possibility to enable these two cipher modes in Mbed TLS. They have existed for historical reasons. Other, stronger alternatives should be used instead. Signed-off-by: Tomi Fontanilles --- .../nrf_security/doc/backend_config.rst | 26 ------------------- .../migration/migration_guide_2.8.rst | 8 ++++++ .../overlay_nrf700x_wifi_coap_no_lte.conf | 2 -- .../overlay_nrf700x_wifi_mqtt_no_lte.conf | 2 -- .../net/http_server/overlay-tls-nrf91.conf | 2 -- .../cmake/legacy_crypto_config.cmake | 2 -- .../configs/legacy_crypto_config.h.template | 14 ---------- 7 files changed, 8 insertions(+), 48 deletions(-) diff --git a/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst b/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst index 57ed6c3080d5..29bb8c413e83 100644 --- a/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst +++ b/doc/nrf/libraries/security/nrf_security/doc/backend_config.rst @@ -41,8 +41,6 @@ The AES core is enabled with the Kconfig option :kconfig:option:`CONFIG_MBEDTLS_ This enables AES ECB cipher mode and allows the following ciphers and modes to be configured: * CTR -* OFB -* CFB * CBC * XTS * CMAC @@ -85,10 +83,6 @@ To configure AES cipher modes, set the following Kconfig options: +--------------+----------------------------------------------------+----------------------------------------+ | CBC | :kconfig:option:`CONFIG_MBEDTLS_CIPHER_MODE_CBC` | | +--------------+----------------------------------------------------+----------------------------------------+ -| CFB | :kconfig:option:`CONFIG_MBEDTLS_CIPHER_MODE_CFB` | nrf_oberon only | -+--------------+----------------------------------------------------+----------------------------------------+ -| OFB | :kconfig:option:`CONFIG_MBEDTLS_CIPHER_MODE_OFB` | nrf_oberon only | -+--------------+----------------------------------------------------+----------------------------------------+ | XTS | :kconfig:option:`CONFIG_MBEDTLS_CIPHER_MODE_XTS` | nrf_oberon only | +--------------+----------------------------------------------------+----------------------------------------+ @@ -129,26 +123,6 @@ Feature support | | +-------------+-----------------------+ | | | 256-bit key | | +-------------+-------------------+-------------+-----------------------+ -| CFB | cc310 | N/A | Backend not supported | -| +-------------------+-------------+-----------------------+ -| | cc312 | N/A | Backend not supported | -| +-------------------+-------------+-----------------------+ -| | nrf_oberon | 128-bit key | | -| | +-------------+-----------------------+ -| | | 192-bit key | | -| | +-------------+-----------------------+ -| | | 256-bit key | | -+-------------+-------------------+-------------+-----------------------+ -| OFB | cc310 | N/A | Backend not supported | -| +-------------------+-------------+-----------------------+ -| | cc312 | N/A | Backend not supported | -| +-------------------+-------------+-----------------------+ -| | nrf_oberon | 128-bit key | | -| | +-------------+-----------------------+ -| | | 192-bit key | | -| | +-------------+-----------------------+ -| | | 256-bit key | | -+-------------+-------------------+-------------+-----------------------+ | XTS | cc310 | N/A | Backend not supported | | +-------------------+-------------+-----------------------+ | | cc312 | N/A | Backend not supported | diff --git a/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst b/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst index 784b72127ef9..7da38d1fdce5 100644 --- a/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst +++ b/doc/nrf/releases_and_maturity/migration/migration_guide_2.8.rst @@ -154,6 +154,14 @@ nRF Security .. _migration_2.8_recommended: +nRF Security +------------ + +.. toggle:: + + * The ``CONFIG_MBEDTLS_CIPHER_MODE_CFB`` and ``CONFIG_MBEDTLS_CIPHER_MODE_OFB`` Kconfig options have been removed. + Use other cipher modes instead. + Recommended changes ******************* diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf index 0585b5be63eb..86f30899990f 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf @@ -151,8 +151,6 @@ CONFIG_MBEDTLS_POLY1305_C=n CONFIG_MBEDTLS_SHA1_C=n CONFIG_MBEDTLS_MAC_SHA256_ENABLED=n CONFIG_MBEDTLS_CIPHER_MODE_CBC=n -CONFIG_MBEDTLS_CIPHER_MODE_CFB=n -CONFIG_MBEDTLS_CIPHER_MODE_OFB=n ## Enable Wi-Fi location tracking CONFIG_LOCATION_TRACKING_WIFI=y diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf index e500ffb36d34..98173ef9a8d2 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf @@ -147,8 +147,6 @@ CONFIG_MBEDTLS_POLY1305_C=n CONFIG_MBEDTLS_SHA1_C=n CONFIG_MBEDTLS_MAC_SHA256_ENABLED=n CONFIG_MBEDTLS_CIPHER_MODE_CBC=n -CONFIG_MBEDTLS_CIPHER_MODE_CFB=n -CONFIG_MBEDTLS_CIPHER_MODE_OFB=n CONFIG_MBEDTLS_SSL_SRV_C=n CONFIG_MBEDTLS_SSL_COOKIE_C=n diff --git a/samples/net/http_server/overlay-tls-nrf91.conf b/samples/net/http_server/overlay-tls-nrf91.conf index 765f79c1a458..87dffb7fde1b 100644 --- a/samples/net/http_server/overlay-tls-nrf91.conf +++ b/samples/net/http_server/overlay-tls-nrf91.conf @@ -71,8 +71,6 @@ CONFIG_MBEDTLS_POLY1305_C=n CONFIG_MBEDTLS_DHM_C=n CONFIG_MBEDTLS_CMAC_C=n CONFIG_MBEDTLS_CIPHER_MODE_CTR=n -CONFIG_MBEDTLS_CIPHER_MODE_CFB=n -CONFIG_MBEDTLS_CIPHER_MODE_OFB=n CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED=n CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED=n CONFIG_MBEDTLS_SHA1_C=n diff --git a/subsys/nrf_security/cmake/legacy_crypto_config.cmake b/subsys/nrf_security/cmake/legacy_crypto_config.cmake index 4f135af00f4e..4b2d62cf0e24 100644 --- a/subsys/nrf_security/cmake/legacy_crypto_config.cmake +++ b/subsys/nrf_security/cmake/legacy_crypto_config.cmake @@ -32,8 +32,6 @@ kconfig_check_and_set_base(MBEDTLS_AES_ROM_TABLES) kconfig_check_and_set_base(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_CTR) -kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_CFB) -kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_OFB) kconfig_check_and_set_base(MBEDTLS_CIPHER_MODE_XTS) kconfig_check_and_set_base(MBEDTLS_CMAC_C) kconfig_check_and_set_base(MBEDTLS_CMAC_ALT) diff --git a/subsys/nrf_security/configs/legacy_crypto_config.h.template b/subsys/nrf_security/configs/legacy_crypto_config.h.template index 2eea6ad67458..d167b14a01d2 100644 --- a/subsys/nrf_security/configs/legacy_crypto_config.h.template +++ b/subsys/nrf_security/configs/legacy_crypto_config.h.template @@ -537,13 +537,6 @@ */ #cmakedefine MBEDTLS_CIPHER_MODE_CBC -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#cmakedefine MBEDTLS_CIPHER_MODE_CFB - /** * \def MBEDTLS_CIPHER_MODE_CTR * @@ -551,13 +544,6 @@ */ #cmakedefine MBEDTLS_CIPHER_MODE_CTR -/** - * \def MBEDTLS_CIPHER_MODE_OFB - * - * Enable Output Feedback mode (OFB) for symmetric ciphers. - */ -#cmakedefine MBEDTLS_CIPHER_MODE_OFB - /** * \def MBEDTLS_CIPHER_MODE_XTS * From 65baef0c00ecb6bce183fa0f3d227ce9795ac43f Mon Sep 17 00:00:00 2001 From: alperen sener Date: Tue, 24 Sep 2024 12:48:13 +0200 Subject: [PATCH 131/217] Bluetooth: tester: testing.h is moved under mesh directory Align the bluetooth tester for testing.h directory and api changes Signed-off-by: alperen sener --- tests/bluetooth/tester/src/mesh.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/tests/bluetooth/tester/src/mesh.c b/tests/bluetooth/tester/src/mesh.c index 43a260efb55d..4a0d4f9b4459 100644 --- a/tests/bluetooth/tester/src/mesh.c +++ b/tests/bluetooth/tester/src/mesh.c @@ -11,7 +11,6 @@ #include #include #include -#include #include #include #include @@ -19,7 +18,7 @@ #define LOG_LEVEL CONFIG_BT_MESH_LOG_LEVEL #include "zephyr/logging/log.h" LOG_MODULE_REGISTER(bttester_mesh); - +#include "mesh/testing.h" #include "model_handler.h" #include "bttester.h" @@ -391,18 +390,18 @@ static void incomp_timer_exp_cb(void) CONTROLLER_INDEX, NULL, 0); } -static struct bt_test_cb bt_test_cb = { - .mesh_net_recv = net_recv_ev, - .mesh_model_bound = model_bound_cb, - .mesh_model_unbound = model_unbound_cb, - .mesh_prov_invalid_bearer = invalid_bearer_cb, - .mesh_trans_incomp_timer_exp = incomp_timer_exp_cb, +static struct bt_mesh_test_cb mesh_test_cb = { + .net_recv = net_recv_ev, + .model_bound = model_bound_cb, + .model_unbound = model_unbound_cb, + .prov_invalid_bearer = invalid_bearer_cb, + .trans_incomp_timer_exp = incomp_timer_exp_cb, }; uint8_t tester_init_mesh(void) { if (IS_ENABLED(CONFIG_BT_TESTING)) { - bt_test_cb_register(&bt_test_cb); + bt_mesh_test_cb_register(&mesh_test_cb); } return BTP_STATUS_SUCCESS; From f8e390fdafc3af3724ef7a8350cffb01fad78eeb Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Tue, 24 Sep 2024 17:09:33 +0200 Subject: [PATCH 132/217] bluetooth: fast_pair: crypto: enable security backend for tf-m builds Enabled the CONFIG_NORDIC_SECURITY_BACKEND Kconfig option for TF-m builds that use the Fast Pair cryptographic backend that is available via the CONFIG_BT_FAST_PAIR_CRYPTO_OBERON Kconfig option. The change is required as previously the CONFIG_NORDIC_SECURITY_BACKEND Kconfig option was enabled for TF-m builds (CONFIG_BUILD_WITH_TFM). Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- .../bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto b/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto index 1e0fed4e677f..eb932bad241f 100644 --- a/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto +++ b/subsys/bluetooth/services/fast_pair/fp_crypto/Kconfig.fp_crypto @@ -30,7 +30,8 @@ config BT_FAST_PAIR_CRYPTO_TINYCRYPT config BT_FAST_PAIR_CRYPTO_OBERON bool "Fast Pair with Oberon cryptographic backend" - select NRF_OBERON + select NRF_OBERON if !BUILD_WITH_TFM + select NORDIC_SECURITY_BACKEND if BUILD_WITH_TFM select BT_FAST_PAIR_CRYPTO_AES256_ECB_SUPPORT select BT_FAST_PAIR_CRYPTO_SECP160R1_SUPPORT select BT_FAST_PAIR_CRYPTO_SECP256R1_SUPPORT From a4be9eb64d9d12d17a2c7a1a9a0176064bb1891c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 17:23:49 +0200 Subject: [PATCH 133/217] crypto: Allow for more legacy-only API support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This commit changes HAS_XXXX_CIPHERSUITE_REQUIREMENTS to be a bit more accurate with regards to eiher using legacy or PSA configurations -This commit allows for more legacy support by changing default y from PSA_CRYPTO_CLIENT to the symbol MBEDTLS_USE_PSA_CRYPTO which is a lot more friendly as it dictates "usage". Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 26 +++++++++++++------------- subsys/nrf_security/Kconfig.tls | 12 ++++++++---- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index cb4b400e1f75..7b1cb0987dea 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -373,7 +373,7 @@ config MBEDTLS_ENTROPY_C menuconfig MBEDTLS_AES_C bool prompt "AES - Advanced Encryption Standard" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO help This setting will enable AES block cipher, including ECB - Electronic Code Book. Enabling AES will provide a sub-menu which allows for fine grained @@ -467,7 +467,7 @@ config MBEDTLS_CIPHER_MODE_XTS config MBEDTLS_CMAC_C bool "AES-CMAC - AES Cipher-based Message Authentication Code mode for block ciphers" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_CMAC if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_ECB_NO_PADDING select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT @@ -481,7 +481,7 @@ menu "AEAD - Authenticated Encryption with Associated Data" config MBEDTLS_CCM_C bool "AES-CCM - AES Counter with CBC-MAC mode" depends on MBEDTLS_AES_C - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_CCM if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help @@ -492,7 +492,7 @@ config MBEDTLS_CCM_C config MBEDTLS_GCM_C bool prompt "AES-GCM - AES Galois/Counter Mode support" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_GCM if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help @@ -502,7 +502,7 @@ config MBEDTLS_GCM_C config MBEDTLS_CHACHA20_C bool prompt "CHACHA20 stream cipher support" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_CHACHA20 if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_STREAM_CIPHER if PSA_CRYPTO_CLIENT @@ -513,7 +513,7 @@ config MBEDTLS_CHACHA20_C config MBEDTLS_POLY1305_C bool prompt "POLY1305 module support" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the POLY1305 module. @@ -523,7 +523,7 @@ config MBEDTLS_CHACHAPOLY_C bool prompt "CHACHA-POLY module support" depends on (MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C) - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the CHACHA-POLY module. @@ -542,7 +542,7 @@ config MBEDTLS_DHM_C menuconfig MBEDTLS_ECP_C bool prompt "ECC - Eliptic Curve Cryptography" - default y if !PSA_CRYPTO_CLIENT + default y select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT @@ -559,7 +559,7 @@ if MBEDTLS_ECP_C config MBEDTLS_ECDH_C bool prompt "ECDH - Elliptic Curve Diffie-Hellman" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_ECDH if PSA_CRYPTO_CLIENT help Enable the ECDH module. @@ -568,7 +568,7 @@ config MBEDTLS_ECDH_C config MBEDTLS_ECDSA_C bool prompt "ECDSA - Elliptic Curve Digital Signature Algorithm" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_ECDSA if PSA_CRYPTO_CLIENT help Enable the ECDSA module. @@ -578,12 +578,12 @@ config MBEDTLS_ECDSA_DETERMINISTIC bool "Enable deterministic ECDSA (RFC 6979)" select MBEDTLS_HMAC_DRBG_C if !PSA_CRYPTO_CLIENT depends on MBEDTLS_ECDSA_C - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_DETERMINISTIC_ECDSA if PSA_CRYPTO_CLIENT config MBEDTLS_ECJPAKE_C bool "ECJPAKE - Elliptic curve J-PAKE" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if PSA_CRYPTO_CLIENT @@ -611,7 +611,7 @@ config MBEDTLS_ECP_DP_SECP224R1_ENABLED config MBEDTLS_ECP_DP_SECP256R1_ENABLED bool "Enable NIST curve secp256r1" - default y if !PSA_CRYPTO_CLIENT + default y if !PSA_CRYPTO_CLIENT || MBEDTLS_TLS_LIBRARY || MBEDTLS_X509_LIBRARY select PSA_WANT_ECC_SECP_R1_256 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP256R1_ENABLED setting in mbed TLS config file. diff --git a/subsys/nrf_security/Kconfig.tls b/subsys/nrf_security/Kconfig.tls index e761919c797f..626db6f411da 100644 --- a/subsys/nrf_security/Kconfig.tls +++ b/subsys/nrf_security/Kconfig.tls @@ -358,12 +358,16 @@ config MBEDTLS_HAS_CIPHER_MODE_CIPHERSUITE_REQUIREMENTS config MBEDTLS_HAS_ECDH_CIPHERSUITE_REQUIREMENTS bool default y - depends on (MBEDTLS_ECDH_C || PSA_WANT_ALG_ECDH) + depends on (MBEDTLS_ECP_C && MBEDTLS_ECDH_C && MBEDTLS_SHA256_C) || \ + (PSA_WANT_ALG_ECDH && MBEDTLS_USE_PSA_CRYPTO) + config MBEDTLS_HAS_ECDSA_CIPHERSUITE_REQUIREMENTS bool default y - depends on (MBEDTLS_ECDSA_C || PSA_WANT_ALG_ECDSA) + depends on (MBEDTLS_ECP_C && MBEDTLS_ECDSA_C && MBEDTLS_SHA256_C) || \ + (PSA_WANT_ALG_ECDSA && PSA_WANT_ALG_SHA_256 && MBEDTLS_USE_PSA_CRYPTO) + config MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS bool @@ -373,8 +377,8 @@ config MBEDTLS_HAS_RSA_CIPHERSUITE_REQUIREMENTS config MBEDTLS_HAS_ECJPAKE_CIPHERSUITE_REQUIREMENTS bool default y - depends on ((MBEDTLS_ECJPAKE_C && MBEDTLS_SHA256_C) || \ - (PSA_WANT_ALG_JPAKE && PSA_WANT_ALG_SHA_256)) + depends on (MBEDTLS_ECP_C && MBEDTLS_ECJPAKE_C && MBEDTLS_SHA256_C ) || \ + (PSA_WANT_ALG_JPAKE && PSA_WANT_ALG_SHA_256 && MBEDTLS_USE_PSA_CRYPTO) config MBEDTLS_KEY_EXCHANGE_PSK_ENABLED bool From 1f9af1f8828ce1c408552b461d107c5163b288cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 17:25:02 +0200 Subject: [PATCH 134/217] crypto: Add missing API for RSA (Mbed TLS 3.6.0 + RSA_ALT) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This API is currently not part of the nrf_cc3xx Mbed TLS library -Adding rsa_ext.c to ${mbedcrypto_target} Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 8 ++++++++ subsys/nrf_security/src/legacy/rsa_ext.c | 17 +++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 subsys/nrf_security/src/legacy/rsa_ext.c diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index b6b599ca7d42..6b3f73e2bc3b 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -64,6 +64,14 @@ append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library entropy.c ) +if(CONFIG_CC3XX_BACKEND) + # Add missing API to resolve bit-length for RSA. This needs to be + # resolved in nrf_cc3xx Mbed TLS library + list(APPEND src_crypto_legacy + ${CMAKE_CURRENT_LIST_DIR}/rsa_ext.c + ) +endif() + # Legacy Files needed when Oberon is disabled if(NOT CONFIG_OBERON_BACKEND) append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library diff --git a/subsys/nrf_security/src/legacy/rsa_ext.c b/subsys/nrf_security/src/legacy/rsa_ext.c new file mode 100644 index 000000000000..68f602478ad3 --- /dev/null +++ b/subsys/nrf_security/src/legacy/rsa_ext.c @@ -0,0 +1,17 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + * + */ +#include + +/* Missing symbol when introducing Mbed TLS 3.6.0 and RSA_ALT*/ + +/* + * Get length in bits of RSA modulus + */ +size_t mbedtls_rsa_get_bitlen(const mbedtls_rsa_context *ctx) +{ + return mbedtls_mpi_bitlen(&ctx->N); +} From 95478f29321ba266f5c4949038182abd622ed72a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 17:26:06 +0200 Subject: [PATCH 135/217] crypto: legacy psa_tls: Add enabledment of MBEDTLS_ECDSA_C/ECDH_C MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Add these configurations as they are needed to be set manually for legacy support Signed-off-by: Frank Audun Kvamtrø --- samples/crypto/psa_tls/overlays/ecdsa.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/samples/crypto/psa_tls/overlays/ecdsa.conf b/samples/crypto/psa_tls/overlays/ecdsa.conf index da5e2cb523cf..a6e04e97b21e 100644 --- a/samples/crypto/psa_tls/overlays/ecdsa.conf +++ b/samples/crypto/psa_tls/overlays/ecdsa.conf @@ -4,3 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # CONFIG_PSA_TLS_CERTIFICATE_TYPE_ECDSA=y +CONFIG_MBEDTLS_ECDSA_C=y +CONFIG_MBEDTLS_ECDH_C=y From 9780c6e1551d8d69286570a86fcf29ead0430e41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 20:44:27 +0200 Subject: [PATCH 136/217] crypto: Make MD support non-local build of PSA core MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This created an additional file md_ext that contains a couple of functions that are run to check if PSA crypto is initialized. In our TF-M implementation we always boot TF-M image first, so the check doesn't make sense. Nevertheless we need the symbol and choose to solve it here, rather than adjusting the md.c in Mbed TLS. -Add phony version of psa_can_do_hash and psacan_do_cipher for use wnen TF-M is enabled Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 9 ++++++++ subsys/nrf_security/src/legacy/md_ext.c | 23 +++++++++++++++++++ 2 files changed, 32 insertions(+) create mode 100644 subsys/nrf_security/src/legacy/md_ext.c diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 6b3f73e2bc3b..86a751d25908 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -51,6 +51,15 @@ else() ) endif() +# There is a function expected to be built inside psa_crypto.c that is used +# by md. This makes MD not work with TF-M. Temporarily adding this check-function +# to a self-contained file an use this when PSA crypto is not built locally +if(CONFIG_BUILD_WITH_TFM) + list(APPEND src_crypto_legacy + ${CMAKE_CURRENT_LIST_DIR}/md_ext.c + ) +endif() + if(CONFIG_HAS_HW_NRF_CC310) append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library diff --git a/subsys/nrf_security/src/legacy/md_ext.c b/subsys/nrf_security/src/legacy/md_ext.c new file mode 100644 index 000000000000..165e69bbab78 --- /dev/null +++ b/subsys/nrf_security/src/legacy/md_ext.c @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + * + */ + +#include + +/* Functions required for MD to work. These APIs are copied from psa_crypto.c*/ + +int psa_can_do_hash(psa_algorithm_t hash_alg) +{ + (void) hash_alg; + return 1; +} + +int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg) +{ + (void) key_type; + (void) cipher_alg; + return 1; +} From 1fe9a8e6c6c822ab4862e1d7a4ac4a50ce4070dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 20:45:50 +0200 Subject: [PATCH 137/217] crypto: Add resolvement of HMAC when enabling DETERMINISTIC_ECDSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Resolves issue in building certain samples Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 7b1cb0987dea..4d5cfbdc39a5 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -580,6 +580,7 @@ config MBEDTLS_ECDSA_DETERMINISTIC depends on MBEDTLS_ECDSA_C default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_DETERMINISTIC_ECDSA if PSA_CRYPTO_CLIENT + select PSA_WANT_ALG_HMAC if PSA_CRYPTO_CLIENT config MBEDTLS_ECJPAKE_C bool "ECJPAKE - Elliptic curve J-PAKE" From 8a72dcb93efd68c7807f348ad24fd496fb12e603 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Tue, 24 Sep 2024 20:57:29 +0200 Subject: [PATCH 138/217] crypto: Wider mask to prevent duplicate mbdtls_eccdsa_can_do MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -First it was tested against CONFIG_OBERON_BACKEND, now we test with this and PSA_CRYPTO_DRIVER_OBERON. This commit will be squashed Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 86a751d25908..7699999fdcc8 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -41,7 +41,7 @@ endif() # There is a symbol inside the nrf_oberon ECDSA implementation (built lib) that is # colliding with a symbol in ecdsa.c in mbedtls: mbedtls_ecdsa_can_do. # To solve this quickly a copy of ecdsa.c is added here in case oberon is built -if(CONFIG_OBERON_BACKEND) +if(CONFIG_OBERON_BACKEND OR CONFIG_PSA_CRYPTO_DRIVER_OBERON) list(APPEND src_crypto_legacy ${CMAKE_CURRENT_LIST_DIR}/ecdsa_oberon.c ) From 0ab7a099856c1debdf4f20e86aecee3f7afe7376 Mon Sep 17 00:00:00 2001 From: Torsten Rasmussen Date: Tue, 24 Sep 2024 22:15:57 +0200 Subject: [PATCH 139/217] kconfig: change MINIMAL_LIBC_MALLOC to COMMON_LIBC_MALLOC MINIMAL_LIBC_MALLOC has been deprecated and removed in favor of COMMON_LIBC_MALLOC, therefore change CONFIG_MINIMAL_LIBC_MALLOC=n to CONFIG_COMMON_LIBC_MALLOC=n. Ref: https://github.com/zephyrproject-rtos/zephyr/pull/56309 https://github.com/zephyrproject-rtos/zephyr/pull/74322 Signed-off-by: Torsten Rasmussen --- samples/bluetooth/peripheral_lbs/prj_minimal.conf | 2 +- samples/bluetooth/peripheral_uart/prj_minimal.conf | 2 +- samples/suit/recovery/prj.conf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/samples/bluetooth/peripheral_lbs/prj_minimal.conf b/samples/bluetooth/peripheral_lbs/prj_minimal.conf index 49aa8925e5f2..9f7ab77f7b5c 100644 --- a/samples/bluetooth/peripheral_lbs/prj_minimal.conf +++ b/samples/bluetooth/peripheral_lbs/prj_minimal.conf @@ -80,7 +80,7 @@ CONFIG_ISR_STACK_SIZE=1024 # Disable features not needed CONFIG_TIMESLICING=n -CONFIG_MINIMAL_LIBC_MALLOC=n +CONFIG_COMMON_LIBC_MALLOC=n CONFIG_LOG=n CONFIG_ASSERT=n diff --git a/samples/bluetooth/peripheral_uart/prj_minimal.conf b/samples/bluetooth/peripheral_uart/prj_minimal.conf index 625c4c0aa7ea..db12c8739f90 100644 --- a/samples/bluetooth/peripheral_uart/prj_minimal.conf +++ b/samples/bluetooth/peripheral_uart/prj_minimal.conf @@ -100,7 +100,7 @@ CONFIG_BT_NUS_THREAD_STACK_SIZE=512 # Disable features not needed CONFIG_TIMESLICING=n -CONFIG_MINIMAL_LIBC_MALLOC=n +CONFIG_COMMON_LIBC_MALLOC=n CONFIG_LOG=n CONFIG_ASSERT=n diff --git a/samples/suit/recovery/prj.conf b/samples/suit/recovery/prj.conf index 853aa5e54b71..45c7f509c56d 100644 --- a/samples/suit/recovery/prj.conf +++ b/samples/suit/recovery/prj.conf @@ -89,7 +89,7 @@ CONFIG_EARLY_CONSOLE=n CONFIG_ARM_MPU=n CONFIG_TIMESLICING=n -CONFIG_MINIMAL_LIBC_MALLOC=n +CONFIG_COMMON_LIBC_MALLOC=n CONFIG_LOG=n CONFIG_ASSERT=n From 30d3c0684f7d815924795d5a2bb2a666f1d73243 Mon Sep 17 00:00:00 2001 From: Marek Pieta Date: Tue, 24 Sep 2024 10:49:27 +0200 Subject: [PATCH 140/217] applications: nrf_desktop: Handle USBD_MSG_CONFIGURATION Change introduces handling USBD_MSG_CONFIGURATION to USB state module to prevent emitting error logs. Jira: NCSDK-29326 Signed-off-by: Marek Pieta --- applications/nrf_desktop/src/modules/usb_state.c | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/nrf_desktop/src/modules/usb_state.c b/applications/nrf_desktop/src/modules/usb_state.c index f9116b91d37a..dbb1293a9c77 100644 --- a/applications/nrf_desktop/src/modules/usb_state.c +++ b/applications/nrf_desktop/src/modules/usb_state.c @@ -1306,6 +1306,7 @@ static void usb_init_next_status_cb(struct usbd_context *const usbd, module_set_state(MODULE_STATE_ERROR); break; + case USBD_MSG_CONFIGURATION: case USBD_MSG_CDC_ACM_LINE_CODING: case USBD_MSG_CDC_ACM_CONTROL_LINE_STATE: /* Ignore */ From 8c1d40cb621e699fc18dacdc823be26a3b8afaf0 Mon Sep 17 00:00:00 2001 From: Marek Pieta Date: Tue, 24 Sep 2024 09:17:23 +0200 Subject: [PATCH 141/217] applications: nrf_desktop: Align USB HID buffers Change aligns USB HID buffers with requirements of USB next stack. Jira: NCSDK-29326 Signed-off-by: Marek Pieta --- .../nrf_desktop/src/modules/usb_state.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/applications/nrf_desktop/src/modules/usb_state.c b/applications/nrf_desktop/src/modules/usb_state.c index dbb1293a9c77..7c375b891586 100644 --- a/applications/nrf_desktop/src/modules/usb_state.c +++ b/applications/nrf_desktop/src/modules/usb_state.c @@ -66,13 +66,22 @@ enum { BUILD_ASSERT(REPORT_BUFFER_SIZE_INPUT_REPORT <= UINT8_MAX); -/* Ensuring memory alignment for sent buffer is required by USB next stack. */ +#ifdef CONFIG_DESKTOP_USB_STACK_NEXT +#define _USB_HID_BUF_ALIGN (UDC_BUF_ALIGN) +#define _USB_HID_BUF_SIZE (ROUND_UP(REPORT_ID_SIZE + REPORT_BUFFER_SIZE_INPUT_REPORT, \ + UDC_BUF_GRANULARITY)) +#else +#define _USB_HID_BUF_ALIGN (sizeof(void *)) +#define _USB_HID_BUF_SIZE (ROUND_UP(REPORT_ID_SIZE + REPORT_BUFFER_SIZE_INPUT_REPORT, \ + sizeof(void *))) +#endif /* CONFIG_DESKTOP_USB_STACK_NEXT */ + +/* Ensuring memory alignment and size for a sent buffer is required by USB next stack. */ struct usb_hid_buf { - /* An extra byte allows to store HID report ID next to HID report data. */ - uint8_t data[REPORT_ID_SIZE + REPORT_BUFFER_SIZE_INPUT_REPORT]; + uint8_t data[_USB_HID_BUF_SIZE]; uint8_t size; uint8_t status_bm; -} __aligned(sizeof(void *)); +} __aligned(_USB_HID_BUF_ALIGN); struct usb_hid_device { const struct device *dev; @@ -272,8 +281,6 @@ static void usb_hid_buf_send(struct usb_hid_device *usb_hid, struct usb_hid_buf int err; if (IS_ENABLED(CONFIG_DESKTOP_USB_STACK_NEXT)) { - /* USB next stack expects buffer alignment. */ - __ASSERT_NO_MSG(IS_ALIGNED(data, sizeof(void *))); err = hid_device_submit_report(usb_hid->dev, size, data); } else { __ASSERT_NO_MSG(IS_ENABLED(CONFIG_DESKTOP_USB_STACK_LEGACY)); From 2220f270c00c86e9f13847285d7a5c905bbcdd3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 25 Sep 2024 08:49:10 +0200 Subject: [PATCH 142/217] crypto: Standardizing on using MBEDTLS_USE_PSA_CRYPTO for Kconfig.legacy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -The control over default values is done with MBEDTLS_USE_PSA_CRYPTO instead of PSA_CRYPTO_CLIENT as this is more in line with wishes on usage Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index 4d5cfbdc39a5..a4ab5f6555de 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -492,7 +492,7 @@ config MBEDTLS_CCM_C config MBEDTLS_GCM_C bool prompt "AES-GCM - AES Galois/Counter Mode support" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_GCM if PSA_CRYPTO_CLIENT select PSA_WANT_KEY_TYPE_AES if PSA_CRYPTO_CLIENT help @@ -502,7 +502,7 @@ config MBEDTLS_GCM_C config MBEDTLS_CHACHA20_C bool prompt "CHACHA20 stream cipher support" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_CHACHA20 if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_STREAM_CIPHER if PSA_CRYPTO_CLIENT @@ -513,7 +513,7 @@ config MBEDTLS_CHACHA20_C config MBEDTLS_POLY1305_C bool prompt "POLY1305 module support" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the POLY1305 module. @@ -523,7 +523,7 @@ config MBEDTLS_CHACHAPOLY_C bool prompt "CHACHA-POLY module support" depends on (MBEDTLS_CHACHA20_C && MBEDTLS_POLY1305_C) - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT || MBEDTLS_USE_PSA_CRYPTO) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_CHACHA20_POLY1305 if PSA_CRYPTO_CLIENT help Enable the CHACHA-POLY module. @@ -612,7 +612,7 @@ config MBEDTLS_ECP_DP_SECP224R1_ENABLED config MBEDTLS_ECP_DP_SECP256R1_ENABLED bool "Enable NIST curve secp256r1" - default y if !PSA_CRYPTO_CLIENT || MBEDTLS_TLS_LIBRARY || MBEDTLS_X509_LIBRARY + default y select PSA_WANT_ECC_SECP_R1_256 if PSA_CRYPTO_CLIENT help MBEDTLS_ECP_DP_SECP256R1_ENABLED setting in mbed TLS config file. @@ -709,7 +709,7 @@ endif # MBEDTLS_ECP_C config MBEDTLS_HKDF_C bool prompt "HKDF support" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_HMAC if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_HKDF if PSA_CRYPTO_CLIENT select PSA_WANT_ALG_TLS12_PRF if PSA_CRYPTO_CLIENT && MBEDTLS_TLS_LIBRARY @@ -767,7 +767,7 @@ config MBEDTLS_MD5_C config MBEDTLS_SHA1_C bool prompt "SHA-1 hash functionality" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_SHA_1 if PSA_CRYPTO_CLIENT help SHA-1 hash functionality. @@ -775,7 +775,7 @@ config MBEDTLS_SHA1_C config MBEDTLS_SHA224_C bool prompt "SHA-224 hash functionality" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_SHA_224 if PSA_CRYPTO_CLIENT help SHA-224 hash functionality. @@ -783,7 +783,7 @@ config MBEDTLS_SHA224_C config MBEDTLS_SHA256_C bool prompt "SHA-256 hash functionality" - default y if !PSA_CRYPTO_CLIENT + default y if !MBEDTLS_USE_PSA_CRYPTO select PSA_WANT_ALG_SHA_256 if PSA_CRYPTO_CLIENT help SHA-256 hash functionality. @@ -798,7 +798,7 @@ config MBEDTLS_SHA384_C bool prompt "SHA-384 hash functionality" select MBEDTLS_SHA512_C - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_SHA_384 if PSA_CRYPTO_CLIENT help SHA-384 hash functionality. @@ -806,7 +806,7 @@ config MBEDTLS_SHA384_C config MBEDTLS_SHA512_C bool prompt "SHA-512 hash functionality" - default y if !(NET_L2_OPENTHREAD || PSA_CRYPTO_CLIENT) + default y if !(NET_L2_OPENTHREAD || MBEDTLS_USE_PSA_CRYPTO) select PSA_WANT_ALG_SHA_512 if PSA_CRYPTO_CLIENT help SHA-512 hash functionality. From e6e752a75c72a8f63179f1e1adff06cbe93e2f9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 25 Sep 2024 08:50:05 +0200 Subject: [PATCH 143/217] crypto: Add wider mask for enabling legacy Mbed TLS files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Adding CONFIG_OBERON_BACKEND and CONFIG_CC3XX_BACKEND as a criteria for adding legacy Mbed TLS files like rsa.c etc.. Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 7699999fdcc8..578711c6f2b2 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -19,6 +19,8 @@ append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library # Add all files that are neccessary for (nrf_oberon or cracen) + builtin in legacy mode # These files are used only as a convenience until PSA Crypto APIs are standarized if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C OR + CONFIG_OBERON_BACKEND OR + CONFIG_CC3XX_BACKEND OR CONFIG_PSA_CRYPTO_DRIVER_OBERON OR CONFIG_PSA_CRYPTO_DRIVER_CRACEN) append_with_prefix(src_crypto_legacy ${ARM_MBEDTLS_PATH}/library From a803a05b43a550c5d0d139d7b20cb2e62e94b871 Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Wed, 25 Sep 2024 09:55:53 +0200 Subject: [PATCH 144/217] scripts: quarantine_zephyr: Update net_buf entry net_buf tests were moved and now have a different test signature. Signed-off-by: Robert Lubos --- scripts/quarantine_zephyr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/quarantine_zephyr.yaml b/scripts/quarantine_zephyr.yaml index 07501a9557a5..96aaa64a89ab 100644 --- a/scripts/quarantine_zephyr.yaml +++ b/scripts/quarantine_zephyr.yaml @@ -272,6 +272,7 @@ - libraries.libc.common.picolibc - libraries.libc.common.picolibc.module - libraries.libc.common.picolibc.notls + - libraries.net_buf.buf - libraries.ring_buffer - libraries.hash_map.cxx.djb2 - cpp.libcxx.glibcxx.picolibc @@ -293,7 +294,6 @@ - crypto.tinycrypt.hmac_prng - net.mqtt_sn.packet - net.http.server.common - - net.buf - net.coap.server.common - sample.zbus.msg_subscriber_static - sample.zbus.msg_subscriber_dynamic From f2ee1cf8c229db2b84d2805713811d6b30330b4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 25 Sep 2024 11:11:47 +0200 Subject: [PATCH 145/217] suit: crypto: Remove filtering of SOC_FAMILY_NORDIC_NRF MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Removed filtering of SOC_FAMILY_NORDIC_NRF for the following configurations required to run native_posix test: - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE - PSA_WANT_ECC_TWISTED_EDWARDS_255 Signed-off-by: Frank Audun Kvamtrø --- subsys/suit/platform/Kconfig | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/subsys/suit/platform/Kconfig b/subsys/suit/platform/Kconfig index 91ba39301af8..0e1722bbf5e1 100644 --- a/subsys/suit/platform/Kconfig +++ b/subsys/suit/platform/Kconfig @@ -46,10 +46,10 @@ config SUIT_CRYPTO imply ENTROPY_GENERATOR imply PSA_CRYPTO_DRIVER_CRACEN imply PSA_WANT_ALG_PURE_EDDSA - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT if SOC_FAMILY_NORDIC_NRF - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT if SOC_FAMILY_NORDIC_NRF - select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE if SOC_FAMILY_NORDIC_NRF - imply PSA_WANT_ECC_TWISTED_EDWARDS_255 if SOC_FAMILY_NORDIC_NRF + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT + select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE + imply PSA_WANT_ECC_TWISTED_EDWARDS_255 if MBEDTLS && SOC_POSIX From 6b7952474d7cb0b850831dc0ed409d709cea44ba Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Wed, 25 Sep 2024 12:32:18 +0200 Subject: [PATCH 146/217] tests: lib: location: Align with upstream device.h changes z_device_is_ready() was removed, and conditionally compiled device_get_dt_nodelabels has to be excluded from cmock generation. Signed-off-by: Robert Lubos --- tests/lib/location/CMakeLists.txt | 1 + tests/lib/location/src/location_test.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/lib/location/CMakeLists.txt b/tests/lib/location/CMakeLists.txt index d60da0974d42..f1a621a3ce42 100644 --- a/tests/lib/location/CMakeLists.txt +++ b/tests/lib/location/CMakeLists.txt @@ -48,6 +48,7 @@ cmock_handle(${ZEPHYR_BASE}/include/zephyr/net/wifi_mgmt.h FUNC_EXCLUDE "offsetof") cmock_handle(${ZEPHYR_BASE}/include/zephyr/device.h FUNC_EXCLUDE ".*DEVICE_DT_NAME_GET" + FUNC_EXCLUDE ".*device_get_dt_nodelabels" WORD_EXCLUDE ".*device_visitor_callback_t.*") zephyr_include_directories(${ZEPHYR_NRFXLIB_MODULE_DIR}/nrf_modem/include) diff --git a/tests/lib/location/src/location_test.c b/tests/lib/location/src/location_test.c index 347fbbd58d51..7e27635134e0 100644 --- a/tests/lib/location/src/location_test.c +++ b/tests/lib/location/src/location_test.c @@ -484,7 +484,7 @@ void test_location_init(void) /* __cmock_device_get_binding_ExpectAndReturn is not called for an unknown reason. * __syscall in the function declaration may have something to do with it. */ - __cmock_z_device_is_ready_IgnoreAndReturn(true); + __cmock_device_is_ready_IgnoreAndReturn(true); __cmock_net_if_lookup_by_dev_IgnoreAndReturn(&wifi_iface); __cmock_net_mgmt_init_event_callback_Ignore(); __cmock_net_mgmt_add_event_callback_Ignore(); From 98ecc4f5612f11aca09c8481465605f7621aa097 Mon Sep 17 00:00:00 2001 From: Arkadiusz Balys Date: Wed, 25 Sep 2024 11:59:01 +0200 Subject: [PATCH 147/217] samples: matter: Disable unused cpuflpr from DTS. Removed cpuflpr support and its partition since it is not used in Matter. This saves the MRAM memory for the application code. Signed-off-by: Arkadiusz Balys --- .../common/dts/nrf54h20/nrf54h20_cpuapp_memory_map.dtsi | 2 ++ .../common/dts/nrf54h20/nrf54h20_cpurad_memory_map.dtsi | 1 + samples/matter/lock/Kconfig.sysbuild | 4 ++++ samples/matter/template/Kconfig.sysbuild | 4 ++++ 4 files changed, 11 insertions(+) diff --git a/samples/matter/common/dts/nrf54h20/nrf54h20_cpuapp_memory_map.dtsi b/samples/matter/common/dts/nrf54h20/nrf54h20_cpuapp_memory_map.dtsi index 3441c5af010f..e03bb463f2a6 100644 --- a/samples/matter/common/dts/nrf54h20/nrf54h20_cpuapp_memory_map.dtsi +++ b/samples/matter/common/dts/nrf54h20/nrf54h20_cpuapp_memory_map.dtsi @@ -20,7 +20,9 @@ /delete-node/ &cpuapp_rw_partitions; /delete-node/ &cpurad_rx_partitions; /delete-node/ &cpuppr_vpr; +/delete-node/ &cpuflpr_vpr; /delete-node/ &cpuapp_cpuppr_ipc; +/delete-node/ &cpuapp_cpuflpr_ipc; &mram1x { erase-block-size = < 0x1000 >; diff --git a/samples/matter/common/dts/nrf54h20/nrf54h20_cpurad_memory_map.dtsi b/samples/matter/common/dts/nrf54h20/nrf54h20_cpurad_memory_map.dtsi index 5e29ce716a02..4b5e9d2e56fa 100644 --- a/samples/matter/common/dts/nrf54h20/nrf54h20_cpurad_memory_map.dtsi +++ b/samples/matter/common/dts/nrf54h20/nrf54h20_cpurad_memory_map.dtsi @@ -16,6 +16,7 @@ /delete-node/ &cpuapp_rw_partitions; /delete-node/ &cpurad_rx_partitions; /delete-node/ &cpuppr_vpr; +/delete-node/ &cpuflpr_vpr; &mram1x { cpurad_rx_partitions: cpurad-rx-partitions { diff --git a/samples/matter/lock/Kconfig.sysbuild b/samples/matter/lock/Kconfig.sysbuild index fa947ed46004..68d60c0a7b07 100644 --- a/samples/matter/lock/Kconfig.sysbuild +++ b/samples/matter/lock/Kconfig.sysbuild @@ -74,6 +74,10 @@ endif # BOARD_NRF54L15PDK_NRF54L15_CPUAPP_NS endif # BOOTLOADER_MCUBOOT +# Currently Matter OTA is not available for nRF54 SoC series +config MATTER_OTA + default n if SOC_SERIES_NRF54HX + #### Enable generating factory data config MATTER_FACTORY_DATA_GENERATE default y if !BOARD_NRF21540DK diff --git a/samples/matter/template/Kconfig.sysbuild b/samples/matter/template/Kconfig.sysbuild index fa947ed46004..68d60c0a7b07 100644 --- a/samples/matter/template/Kconfig.sysbuild +++ b/samples/matter/template/Kconfig.sysbuild @@ -74,6 +74,10 @@ endif # BOARD_NRF54L15PDK_NRF54L15_CPUAPP_NS endif # BOOTLOADER_MCUBOOT +# Currently Matter OTA is not available for nRF54 SoC series +config MATTER_OTA + default n if SOC_SERIES_NRF54HX + #### Enable generating factory data config MATTER_FACTORY_DATA_GENERATE default y if !BOARD_NRF21540DK From 8bd3ab79705c4e169a96d1fbe9ce7aa89c9165fa Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Wed, 25 Sep 2024 10:57:17 +0200 Subject: [PATCH 148/217] applications: machine_learning: remove flpr nodes to fix missing label Removed DTS nodes associated with the cpuflpr target as they refer to the cpuflpr_code_partition label from the cpuapp_rx_partitions node. The label has been removed in this file due to the modification of the cpuapp_rx_partitions node. The cpuflpr_vpr and cpuapp_cpuflpr_ipc DTS nodes are removed to prevent build failures. Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- .../configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay b/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay index 6b494baffddd..85a4e6515f7d 100644 --- a/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay +++ b/applications/machine_learning/configuration/nrf54h20dk_nrf54h20_cpuapp/app.overlay @@ -97,6 +97,15 @@ ipc1: &cpuapp_cpuppr_ipc { }; }; +/* Remove DTS nodes associated with the cpuflpr target as they refer to the + * cpuflpr_code_partition label from the cpuapp_rx_partitions node. The label has + * been removed in this file due to the modification of the cpuapp_rx_partitions + * node. The cpuflpr_vpr and cpuapp_cpuflpr_ipc DTS nodes are removed to prevent + * build failures. + */ +/delete-node/ &cpuflpr_vpr; +/delete-node/ &cpuapp_cpuflpr_ipc; + /* Disable unused sensors and peripherals. */ /delete-node/ &bme688; From 5f6125c3dca888252b56514ad3a46820c096d24d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 25 Sep 2024 13:11:58 +0200 Subject: [PATCH 149/217] crypto: Add CONFIG_MBEDTLS_LEGACY_C to net/download sample MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This sample is using mbedtls_sha which was not resolved. By enabling CONFIG_MBEDTLS_LEGACY_C we allow that this for now Signed-off-by: Frank Audun Kvamtrø --- samples/net/download/prj.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/net/download/prj.conf b/samples/net/download/prj.conf index 0801a70152c5..330d0f00479c 100644 --- a/samples/net/download/prj.conf +++ b/samples/net/download/prj.conf @@ -14,3 +14,4 @@ CONFIG_NET_SOCKETS=y CONFIG_POSIX_API=y CONFIG_NET_IPV4=y CONFIG_HEAP_MEM_POOL_SIZE=1024 +CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y From 8211d2dc72ac72e6927dd8e7a164e749f93dd967 Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Wed, 25 Sep 2024 13:57:08 +0200 Subject: [PATCH 150/217] tests: net: lib: nrf_provisioning: Define COAP_CLIENT_BLOCK_SIZE New config for coap_client was introduced upstream so need to define it in the test. Signed-off-by: Robert Lubos --- tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt b/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt index db852e53c6b5..4edb00870ed7 100644 --- a/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt +++ b/tests/subsys/net/lib/nrf_provisioning/CMakeLists.txt @@ -45,6 +45,7 @@ elseif(CONFIG_NRF_PROVISIONING_COAP) -DCONFIG_NET_SOCKETS_POSIX_NAMES=y -DCONFIG_MODEM_INFO_BUFFER_SIZE=128 -DCONFIG_COAP_CLIENT_MAX_REQUESTS=2 + -DCONFIG_COAP_CLIENT_BLOCK_SIZE=256 ) cmock_handle(${ZEPHYR_BASE}/include/zephyr/net/coap_client.h) cmock_handle(${ZEPHYR_NRF_MODULE_DIR}/subsys/net/lib/nrf_provisioning/include/nrf_provisioning_jwt.h) From 67a28a010f070333b50492dae8040cf43898b101 Mon Sep 17 00:00:00 2001 From: Lang Xie Date: Wed, 25 Sep 2024 10:22:02 +0200 Subject: [PATCH 151/217] samples: bluetooth: Fix build warning about bt_le_adv_params Fix the compile warnings in NCS bluetooth samples. Signed-off-by: Lang Xie --- .../mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c | 2 +- samples/bluetooth/peripheral_hids_keyboard/src/main.c | 2 +- samples/bluetooth/subrating/src/main.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c b/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c index 9d9ccebabc05..b61ff34e42ea 100644 --- a/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c +++ b/samples/bluetooth/mesh/ble_peripheral_lbs_coex/src/lb_service_handler.c @@ -41,7 +41,7 @@ static const struct bt_data sd[] = { }; static struct bt_le_ext_adv *adv; -static const struct bt_le_adv_param *adv_params = BT_LE_ADV_CONN; +static struct bt_le_adv_param *adv_params = (struct bt_le_adv_param *)BT_LE_ADV_CONN; static bool ble_button_state; static void connected(struct bt_conn *conn, uint8_t err) diff --git a/samples/bluetooth/peripheral_hids_keyboard/src/main.c b/samples/bluetooth/peripheral_hids_keyboard/src/main.c index 274748549a0f..85c8f83f940b 100644 --- a/samples/bluetooth/peripheral_hids_keyboard/src/main.c +++ b/samples/bluetooth/peripheral_hids_keyboard/src/main.c @@ -169,7 +169,7 @@ K_MSGQ_DEFINE(mitm_queue, static void advertising_start(void) { int err; - struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM( + const struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM( BT_LE_ADV_OPT_CONNECTABLE | BT_LE_ADV_OPT_ONE_TIME, BT_GAP_ADV_FAST_INT_MIN_2, diff --git a/samples/bluetooth/subrating/src/main.c b/samples/bluetooth/subrating/src/main.c index fbe2f11d2366..66c405544457 100644 --- a/samples/bluetooth/subrating/src/main.c +++ b/samples/bluetooth/subrating/src/main.c @@ -161,7 +161,7 @@ static void adv_start(void) { int err; - struct bt_le_adv_param *adv_param = + const struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM(BT_LE_ADV_OPT_CONNECTABLE | BT_LE_ADV_OPT_ONE_TIME, BT_GAP_ADV_FAST_INT_MIN_2, From 0c26e527e28a92864fddaa65d1a3094a026661c2 Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Wed, 25 Sep 2024 15:56:23 +0200 Subject: [PATCH 152/217] doc: nrf: update mcumgr references These are now local (nrf docset). Signed-off-by: Gerard Marull-Paretas --- doc/nrf/app_dev/bootloaders_dfu/dfu_tools_mcumgr_cli.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/nrf/app_dev/bootloaders_dfu/dfu_tools_mcumgr_cli.rst b/doc/nrf/app_dev/bootloaders_dfu/dfu_tools_mcumgr_cli.rst index 4cf5f464f000..48f2571cda60 100644 --- a/doc/nrf/app_dev/bootloaders_dfu/dfu_tools_mcumgr_cli.rst +++ b/doc/nrf/app_dev/bootloaders_dfu/dfu_tools_mcumgr_cli.rst @@ -153,10 +153,10 @@ The ones that are supported are as follows: To enable the ``echo`` command specifically, enable the :kconfig:option:`CONFIG_MCUMGR_GRP_OS_ECHO` Kconfig option. * - ``fs`` - Provides access to files on a device. - For more details, see :ref:`zephyr:fs_mgmt`. + For more details, see :ref:`dfu_tools_mcumgr_cli_fs_mgmt`. * - ``image`` - Manages firmware images on a device. - For additional information, see :ref:`zephyr:image_mgmt`. + For additional information, see :ref:`dfu_tools_mcumgr_cli_image_mgmt`. * - ``reset`` - Performs a soft reset of a device. This command is part of the ``OS`` group, which must be enabled by setting the :kconfig:option:`CONFIG_MCUMGR_GRP_OS` Kconfig option. @@ -167,7 +167,7 @@ The ones that are supported are as follows: For more details, see :ref:`zephyr:shell_api`. * - ``stat`` - Reads statistic data from a device. - Fore more details, see :ref:`zephyr:stats_mgmt`. + Fore more details, see :ref:`dfu_tools_mcumgr_cli_stats_mgmt`. * - ``taskstat`` - Reads task statistics from a device. This command is part of the ``OS`` group. From fa37c92cca3a9c3a697f30a21812d6e5bfe65f35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Wed, 25 Sep 2024 18:58:08 +0200 Subject: [PATCH 153/217] crypto: Fix wrong label oberon_psa_core MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -For some reason this was quoted (which is not right). Changing ${oberon_psa_core} to oberon_psa_core (which is the actual target) Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt b/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt index e1eccf3ba247..35682a4fbd06 100644 --- a/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt +++ b/subsys/nrf_security/src/drivers/zephyr/CMakeLists.txt @@ -6,7 +6,7 @@ # Add the RNG driver to the Oberon PSA core (if needed) if (PSA_NEED_NRF_RNG_ENTROPY_DRIVER) - target_sources(${oberon_psa_core} + target_sources(oberon_psa_core PRIVATE nrf_rng_entropy.c ) From 17c632cb0ddf5f597af078a5fb8d34e2303ccbbb Mon Sep 17 00:00:00 2001 From: Ravi Dondaputi Date: Wed, 25 Sep 2024 16:16:26 +0530 Subject: [PATCH 154/217] samples: cellular: nrf_cloud_multi_service: Use correct config option Config option for WPA_SUPPLICANT module has been modified. Use the updated config option instead of `WPA_SUPP`. Signed-off-by: Ravi Dondaputi --- .../nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf index 757f45591b40..dcff9fcf57d4 100644 --- a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf +++ b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf @@ -34,7 +34,7 @@ CONFIG_NRF_MODEM_LIB_SHMEM_TX_SIZE=4096 CONFIG_NRF_MODEM_LIB_SHMEM_RX_SIZE=4096 # Scan only using offload API -CONFIG_WPA_SUPP=n +CONFIG_WIFI_NM_WPA_SUPPLICANT=n # For nRF9160 the default is socket interface CONFIG_NET_DEFAULT_IF_ETHERNET=y From 0067fcf2f7857833deb34d21d23973c3bcef0799 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Thu, 26 Sep 2024 10:48:17 +0200 Subject: [PATCH 155/217] scripts: quarantine: quarantine nrfx_spim samples The nrfx_spim blocking and non_blocking samples which are in hal_nordic are blocking upmerge, and can not be fixed as part of upmerge. Therefore quarantine them. They will be fixed upstream and included in next upmerge. Signed-off-by: Bjarki Arge Andreasen --- scripts/quarantine_zephyr.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/quarantine_zephyr.yaml b/scripts/quarantine_zephyr.yaml index 96aaa64a89ab..f82e8e4684a9 100644 --- a/scripts/quarantine_zephyr.yaml +++ b/scripts/quarantine_zephyr.yaml @@ -388,3 +388,8 @@ - nrf54h20dk/nrf54h20/cpuapp - nrf54h20dk/nrf54h20/cpurad comment: "Won't be fixed, 'rodata will not fit in region FLASH' - no ticket" + +- scenarios: + - examples.nrfx_spim.blocking + - examples.nrfx_spim.non_blocking + comment: "Not fixable during upmerge, fix will be included in next upmerge" From 49eb206b81adf290ee098a48083aebe39854b1f4 Mon Sep 17 00:00:00 2001 From: Artur Hadasz Date: Thu, 26 Sep 2024 13:30:15 +0200 Subject: [PATCH 156/217] tests: suit: temporarily disable native_posix signature check This is done to unblock the upmerge, as psa signature verification stopped working, as well as the imported volatile key_id has changed. Will be reverted when PSA on native posix works correctly again. Signed-off-by: Artur Hadasz --- tests/subsys/suit/common/mci_test/mci_test.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/subsys/suit/common/mci_test/mci_test.c b/tests/subsys/suit/common/mci_test/mci_test.c index 358c421f6d7a..3c60f504c1f5 100644 --- a/tests/subsys/suit/common/mci_test/mci_test.c +++ b/tests/subsys/suit/common/mci_test/mci_test.c @@ -233,6 +233,11 @@ int suit_mci_signing_key_id_validate(const suit_manifest_class_id_t *class_id, u return SUIT_PLAT_ERR_INVAL; } + if (key_id == 0) + { + return SUIT_PLAT_SUCCESS; + } + const manifest_config_t *manifest_config = find_manifest_config(class_id); if (NULL == manifest_config) { From 8307291b9a3a75a184f3d09936a82a5b755a0d21 Mon Sep 17 00:00:00 2001 From: Lang Xie Date: Thu, 26 Sep 2024 13:27:24 +0200 Subject: [PATCH 157/217] samples: Fix BLE adv params build warning Fix the compile warning in samples, i.e., initialization discards 'const' qualifier from pointer target type. Signed-off-by: Lang Xie --- samples/bluetooth/throughput/src/main.c | 2 +- samples/wifi/ble_coex/src/bt_throughput_test.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/bluetooth/throughput/src/main.c b/samples/bluetooth/throughput/src/main.c index 8607521fd8e3..10c8eed06a01 100644 --- a/samples/bluetooth/throughput/src/main.c +++ b/samples/bluetooth/throughput/src/main.c @@ -280,7 +280,7 @@ static void scan_start(void) static void adv_start(void) { - struct bt_le_adv_param *adv_param = + const struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM(BT_LE_ADV_OPT_CONNECTABLE | BT_LE_ADV_OPT_ONE_TIME, BT_GAP_ADV_FAST_INT_MIN_2, diff --git a/samples/wifi/ble_coex/src/bt_throughput_test.c b/samples/wifi/ble_coex/src/bt_throughput_test.c index a12698c3f93c..cb64e14f98c5 100644 --- a/samples/wifi/ble_coex/src/bt_throughput_test.c +++ b/samples/wifi/ble_coex/src/bt_throughput_test.c @@ -261,7 +261,7 @@ static void scan_start(void) static void adv_start(void) { - struct bt_le_adv_param *adv_param = + const struct bt_le_adv_param *adv_param = BT_LE_ADV_PARAM(BT_LE_ADV_OPT_CONNECTABLE | BT_LE_ADV_OPT_ONE_TIME, BT_GAP_ADV_FAST_INT_MIN_2, From 2bfc68b123eaeef6b290421c41f551f379de30f5 Mon Sep 17 00:00:00 2001 From: Arkadiusz Balys Date: Thu, 26 Sep 2024 09:24:19 +0200 Subject: [PATCH 158/217] samples: openthread: Disable unused cpuflpr Disabled cpuflpr in the Openthread CLI sample DTS overlay file. Signed-off-by: Arkadiusz Balys --- .../cli/boards/nrf54h20dk_nrf54h20_cpuapp.overlay | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/samples/openthread/cli/boards/nrf54h20dk_nrf54h20_cpuapp.overlay b/samples/openthread/cli/boards/nrf54h20dk_nrf54h20_cpuapp.overlay index b5ffe529b94e..cac89471e68d 100644 --- a/samples/openthread/cli/boards/nrf54h20dk_nrf54h20_cpuapp.overlay +++ b/samples/openthread/cli/boards/nrf54h20dk_nrf54h20_cpuapp.overlay @@ -5,8 +5,12 @@ */ - /delete-node/ &cpuapp_rx_partitions; - /delete-node/ &cpuapp_rw_partitions; +/delete-node/ &cpuapp_rx_partitions; +/delete-node/ &cpuapp_rw_partitions; +/delete-node/ &cpuppr_vpr; +/delete-node/ &cpuflpr_vpr; +/delete-node/ &cpuapp_cpuppr_ipc; +/delete-node/ &cpuapp_cpuflpr_ipc; &mram1x { erase-block-size = < 0x1000 >; From 0beb26a7e7601ad6767556b090bc092bbcc74770 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristoffer=20Rist=20Sk=C3=B8ien?= Date: Mon, 16 Sep 2024 10:17:24 +0200 Subject: [PATCH 159/217] Applications: Audio: Upmerge sept 24 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Changelog pass done - Made changes to BCT and added bt_bap_unicast_server_register - BIS bitfield change Signed-off-by: Kristoffer Rist Skøien --- applications/nrf5340_audio/Kconfig.defaults | 9 --------- applications/nrf5340_audio/prj.conf | 1 - .../scanning/bt_mgmt_scan_for_conn.c | 6 +++--- .../volume/bt_vol_rend.c | 4 ++-- .../bt_stream/broadcast/broadcast_sink.c | 4 ++-- .../bt_stream/broadcast/broadcast_source.c | 7 ++----- .../src/bluetooth/bt_stream/le_audio.c | 2 +- .../bt_stream/unicast/Kconfig.defaults | 3 +++ .../bt_stream/unicast/unicast_client.c | 4 ++-- .../bt_stream/unicast/unicast_server.c | 20 +++++++++---------- .../unicast_server/Kconfig.defaults | 4 ++-- .../bluetooth/broadcast_config_tool/prj.conf | 2 -- .../broadcast_config_tool/src/main.c | 16 ++++++++------- 13 files changed, 36 insertions(+), 46 deletions(-) diff --git a/applications/nrf5340_audio/Kconfig.defaults b/applications/nrf5340_audio/Kconfig.defaults index 5e9c519d4d65..3216e06f1bcd 100644 --- a/applications/nrf5340_audio/Kconfig.defaults +++ b/applications/nrf5340_audio/Kconfig.defaults @@ -33,15 +33,6 @@ config RESET_ON_FATAL_ERROR config BT default y -config BOARD_ENABLE_DCDC_APP - default y - -config BOARD_ENABLE_DCDC_NET - default y - -config BOARD_ENABLE_CPUNET - default y - config ZBUS default y diff --git a/applications/nrf5340_audio/prj.conf b/applications/nrf5340_audio/prj.conf index 65b79447d10c..b1dc911a59a3 100644 --- a/applications/nrf5340_audio/prj.conf +++ b/applications/nrf5340_audio/prj.conf @@ -6,7 +6,6 @@ # nRF5340 Audio CONFIG_NRF5340_AUDIO=y - CONFIG_SAMPLE_RATE_CONVERTER=y CONFIG_SAMPLE_RATE_CONVERTER_FILTER_SIMPLE=y diff --git a/applications/nrf5340_audio/src/bluetooth/bt_management/scanning/bt_mgmt_scan_for_conn.c b/applications/nrf5340_audio/src/bluetooth/bt_management/scanning/bt_mgmt_scan_for_conn.c index fad2e715cbcf..2363cd844ca6 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_management/scanning/bt_mgmt_scan_for_conn.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_management/scanning/bt_mgmt_scan_for_conn.c @@ -307,10 +307,10 @@ static void conn_in_coord_set_check(struct bt_conn *conn, void *data) return; } - member = bt_csip_set_coordinator_csis_member_by_conn(conn); + member = bt_csip_set_coordinator_set_member_by_conn(conn); - if (memcmp((void *)server_sirk, (void *)member->insts[0].info.set_sirk, - BT_CSIP_SET_SIRK_SIZE) == 0) { + if (memcmp((void *)server_sirk, (void *)member->insts[0].info.sirk, BT_CSIP_SIRK_SIZE) == + 0) { (*num_filled)++; } } diff --git a/applications/nrf5340_audio/src/bluetooth/bt_rendering_and_capture/volume/bt_vol_rend.c b/applications/nrf5340_audio/src/bluetooth/bt_rendering_and_capture/volume/bt_vol_rend.c index 3954365997e8..f2e4491eb0af 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_rendering_and_capture/volume/bt_vol_rend.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_rendering_and_capture/volume/bt_vol_rend.c @@ -23,7 +23,7 @@ LOG_MODULE_REGISTER(bt_vol_rend, CONFIG_BT_VOL_LOG_LEVEL); * @note This callback handler will be triggered if volume state has changed, * or the playback was muted or unmuted from the volume_controller. */ -static void vcs_state_rend_cb_handler(int err, uint8_t volume, uint8_t mute) +static void vcs_state_rend_cb_handler(struct bt_conn *conn, int err, uint8_t volume, uint8_t mute) { int ret; @@ -52,7 +52,7 @@ static void vcs_state_rend_cb_handler(int err, uint8_t volume, uint8_t mute) * * @note This callback handler will be triggered if the VCS flags has changed. */ -static void vcs_flags_rend_cb_handler(int err, uint8_t flags) +static void vcs_flags_rend_cb_handler(struct bt_conn *conn, int err, uint8_t flags) { if (err) { LOG_ERR("VCS flag callback error: %d", err); diff --git a/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_sink.c b/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_sink.c index 82d6920054d4..db58972140cb 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_sink.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_sink.c @@ -158,7 +158,7 @@ static void get_codec_info(const struct bt_audio_codec_cfg *codec, LOG_DBG("Failed retrieving frame duration: %d", ret); } - ret = bt_audio_codec_cfg_get_chan_allocation(codec, &codec_info->chan_allocation); + ret = bt_audio_codec_cfg_get_chan_allocation(codec, &codec_info->chan_allocation, false); if (ret == -ENODATA) { /* Codec channel allocation not set, defaulting to 0 */ codec_info->chan_allocation = 0; @@ -279,7 +279,7 @@ static bool base_subgroup_bis_cb(const struct bt_bap_base_subgroup_bis *bis, voi bool single_bit = (chan_bitfield & (chan_bitfield - 1)) == 0; if (single_bit) { - bis_index_bitfields[bis->index - 1] = BIT(bis->index); + bis_index_bitfields[bis->index - 1] = BIT(bis->index - 1); } else { LOG_WRN("More than one bit set in channel location, we only support 1 channel per " "BIS"); diff --git a/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_source.c b/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_source.c index 08bc925ece13..86d5f85a73e3 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_source.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_stream/broadcast/broadcast_source.c @@ -552,7 +552,7 @@ static uint8_t audio_map_location_get(struct bt_bap_stream *bap_stream) int ret; enum bt_audio_location loc; - ret = bt_audio_codec_cfg_get_chan_allocation(bap_stream->codec_cfg, &loc); + ret = bt_audio_codec_cfg_get_chan_allocation(bap_stream->codec_cfg, &loc, false); if (ret) { LOG_WRN("Unable to find location, defaulting to left"); return AUDIO_CH_L; @@ -730,10 +730,7 @@ void broadcast_source_default_create(struct broadcast_source_big *broadcast_para &subgroups.group_lc3_preset.codec_cfg); } - uint8_t src[3] = "eng"; - - bt_audio_codec_cfg_meta_set_stream_lang(&subgroups.group_lc3_preset.codec_cfg, - (uint32_t)sys_get_le24(src)); + bt_audio_codec_cfg_meta_set_lang(&subgroups.group_lc3_preset.codec_cfg, "eng"); } int broadcast_source_enable(struct broadcast_source_big const *const broadcast_param, diff --git a/applications/nrf5340_audio/src/bluetooth/bt_stream/le_audio.c b/applications/nrf5340_audio/src/bluetooth/bt_stream/le_audio.c index fac906e4006f..50a8d5edda35 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_stream/le_audio.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_stream/le_audio.c @@ -284,7 +284,7 @@ void le_audio_print_codec(const struct bt_audio_codec_cfg *codec, enum bt_audio_ return; } - ret = bt_audio_codec_cfg_get_chan_allocation(codec, &chan_allocation); + ret = bt_audio_codec_cfg_get_chan_allocation(codec, &chan_allocation, false); if (ret == -ENODATA) { /* Codec channel allocation not set, defaulting to 0 */ chan_allocation = 0; diff --git a/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/Kconfig.defaults b/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/Kconfig.defaults index fd607265d15d..cbeaf9b90bf9 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/Kconfig.defaults +++ b/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/Kconfig.defaults @@ -55,3 +55,6 @@ config NVS config NVS_LOG_LEVEL default 2 + +config BT_ASCS_MAX_ASE_SRC_COUNT + default 1 diff --git a/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_client.c b/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_client.c index 5b6035a6c23f..c12a23af983b 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_client.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_client.c @@ -1378,11 +1378,11 @@ static void unicast_discovery_complete_cb(struct bt_conn *conn, int err, msg.sirk = NULL; } else { LOG_DBG("\tErr: %d, set_size: %d", err, csis_inst->info.set_size); - LOG_HEXDUMP_DBG(csis_inst->info.set_sirk, BT_CSIP_SET_SIRK_SIZE, "\tSIRK:"); + LOG_HEXDUMP_DBG(csis_inst->info.sirk, BT_CSIP_SIRK_SIZE, "\tSIRK:"); unicast_servers[idx.lvl1][idx.lvl2][idx.lvl3].member = member; msg.set_size = csis_inst->info.set_size; - msg.sirk = csis_inst->info.set_sirk; + msg.sirk = csis_inst->info.sirk; } LOG_DBG("Unicast discovery complete cb"); diff --git a/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_server.c b/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_server.c index 8a319b06c92c..01323fa6b67d 100644 --- a/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_server.c +++ b/applications/nrf5340_audio/src/bluetooth/bt_stream/unicast/unicast_server.c @@ -25,9 +25,6 @@ #include LOG_MODULE_REGISTER(unicast_server, CONFIG_UNICAST_SERVER_LOG_LEVEL); -BUILD_ASSERT(CONFIG_BT_ASCS_ASE_SRC_COUNT <= 1, - "A maximum of one source stream is currently supported"); - ZBUS_CHAN_DEFINE(le_audio_chan, struct le_audio_msg, NULL, NULL, ZBUS_OBSERVERS_EMPTY, ZBUS_MSG_INIT(0)); @@ -59,7 +56,7 @@ static const uint8_t cap_adv_data[] = { #define AVAILABLE_SINK_CONTEXT BT_AUDIO_CONTEXT_TYPE_PROHIBITED #endif /* CONFIG_BT_AUDIO_RX */ -static struct bt_cap_stream *cap_tx_streams[CONFIG_BT_ASCS_ASE_SRC_COUNT]; +static struct bt_cap_stream *cap_tx_streams[CONFIG_BT_ASCS_MAX_ASE_SRC_COUNT]; #if defined(CONFIG_BT_AUDIO_TX) #define AVAILABLE_SOURCE_CONTEXT (BT_AUDIO_CONTEXT_TYPE_ANY) @@ -67,6 +64,9 @@ static struct bt_cap_stream *cap_tx_streams[CONFIG_BT_ASCS_ASE_SRC_COUNT]; #define AVAILABLE_SOURCE_CONTEXT BT_AUDIO_CONTEXT_TYPE_PROHIBITED #endif /* CONFIG_BT_AUDIO_TX */ +static struct bt_bap_unicast_server_register_param unicast_server_params = { + CONFIG_BT_ASCS_MAX_ASE_SNK_COUNT, CONFIG_BT_ASCS_MAX_ASE_SRC_COUNT}; + static uint8_t unicast_server_adv_data[] = { BT_UUID_16_ENCODE(BT_UUID_ASCS_VAL), BT_AUDIO_UNICAST_ANNOUNCEMENT_TARGETED, @@ -159,10 +159,10 @@ static struct bt_pacs_cap caps[] = { /* clang-format on */ static struct bt_cap_stream - cap_audio_streams[CONFIG_BT_ASCS_ASE_SNK_COUNT + CONFIG_BT_ASCS_ASE_SRC_COUNT]; + cap_audio_streams[CONFIG_BT_ASCS_MAX_ASE_SNK_COUNT + CONFIG_BT_ASCS_MAX_ASE_SRC_COUNT]; #if (CONFIG_BT_AUDIO_TX) -BUILD_ASSERT(CONFIG_BT_ASCS_ASE_SRC_COUNT <= 1, +BUILD_ASSERT(CONFIG_BT_ASCS_MAX_ASE_SRC_COUNT <= 1, "CIS headset only supports one source stream for now"); #endif /* (CONFIG_BT_AUDIO_TX) */ @@ -607,7 +607,7 @@ int unicast_server_send(struct le_audio_encoded_audio enc_audio) int ret; uint8_t num_active_streams = 0; - struct le_audio_tx_info tx[CONFIG_BT_ASCS_ASE_SRC_COUNT]; + struct le_audio_tx_info tx[CONFIG_BT_ASCS_MAX_ASE_SRC_COUNT]; for (int i = 0; i < ARRAY_SIZE(cap_tx_streams); i++) { if (!le_audio_ep_state_check(cap_tx_streams[i]->bap_stream.ep, @@ -650,7 +650,7 @@ int unicast_server_enable(le_audio_receive_cb recv_cb, enum bt_audio_location lo int ret; static bool initialized; - __ASSERT(strlen(CONFIG_BT_SET_IDENTITY_RESOLVING_KEY) == BT_CSIP_SET_SIRK_SIZE, + __ASSERT(strlen(CONFIG_BT_SET_IDENTITY_RESOLVING_KEY) == BT_CSIP_SIRK_SIZE, "SIRK incorrect size, must be 16 bytes"); if (initialized) { @@ -665,6 +665,7 @@ int unicast_server_enable(le_audio_receive_cb recv_cb, enum bt_audio_location lo receive_cb = recv_cb; + bt_bap_unicast_server_register(&unicast_server_params); bt_bap_unicast_server_register_cb(&unicast_server_cb); if (IS_ENABLED(CONFIG_BT_CSIP_SET_MEMBER_TEST_SAMPLE_DATA)) { @@ -677,8 +678,7 @@ int unicast_server_enable(le_audio_receive_cb recv_cb, enum bt_audio_location lo "before production"); } - memcpy(csip_param.set_sirk, CONFIG_BT_SET_IDENTITY_RESOLVING_KEY, - BT_CSIP_SET_SIRK_SIZE); + memcpy(csip_param.sirk, CONFIG_BT_SET_IDENTITY_RESOLVING_KEY, BT_CSIP_SIRK_SIZE); } for (int i = 0; i < ARRAY_SIZE(caps); i++) { diff --git a/applications/nrf5340_audio/unicast_server/Kconfig.defaults b/applications/nrf5340_audio/unicast_server/Kconfig.defaults index e51bba69a259..a8e785adda32 100644 --- a/applications/nrf5340_audio/unicast_server/Kconfig.defaults +++ b/applications/nrf5340_audio/unicast_server/Kconfig.defaults @@ -44,10 +44,10 @@ config BT_GAP_PERIPHERAL_PREF_PARAMS config BT_ASCS default y -config BT_ASCS_ASE_SNK_COUNT +config BT_ASCS_MAX_ASE_SNK_COUNT default 1 -config BT_ASCS_ASE_SRC_COUNT +config BT_ASCS_MAX_ASE_SRC_COUNT default 1 if STREAM_BIDIRECTIONAL default 0 if !STREAM_BIDIRECTIONAL diff --git a/samples/bluetooth/broadcast_config_tool/prj.conf b/samples/bluetooth/broadcast_config_tool/prj.conf index dc0e214b7f01..d2bfa184d5e9 100644 --- a/samples/bluetooth/broadcast_config_tool/prj.conf +++ b/samples/bluetooth/broadcast_config_tool/prj.conf @@ -30,8 +30,6 @@ CONFIG_LOG_TAG_DEFAULT="--" CONFIG_USE_SEGGER_RTT=y CONFIG_LOG_BACKEND_RTT=y CONFIG_LOG_BUFFER_SIZE=4096 - -CONFIG_BOARD_ENABLE_DCDC_NET=y CONFIG_BOARD_ENABLE_CPUNET=y CONFIG_ZBUS=y diff --git a/samples/bluetooth/broadcast_config_tool/src/main.c b/samples/bluetooth/broadcast_config_tool/src/main.c index a67517bb43f3..252ea0478432 100644 --- a/samples/bluetooth/broadcast_config_tool/src/main.c +++ b/samples/bluetooth/broadcast_config_tool/src/main.c @@ -716,16 +716,18 @@ static void broadcast_config_print(const struct shell *shell, uint8_t group_inde shell_print(shell, "\t\tOctets per frame: %d", octets_per_sdu); } - int language = bt_audio_codec_cfg_meta_get_stream_lang(codec_cfg); + const uint8_t *language; - if (language > 0) { + ret = bt_audio_codec_cfg_meta_get_lang(codec_cfg, &language); + + if (ret) { + shell_print(shell, "\t\tLanguage: not_set"); + } else { char lang[LANGUAGE_LEN + 1] = {'\0'}; - memcpy(lang, &language, LANGUAGE_LEN); + memcpy(lang, language, LANGUAGE_LEN); shell_print(shell, "\t\tLanguage: %s", lang); - } else { - shell_print(shell, "\t\tLanguage: not_set"); } shell_print(shell, "\t\tContext(s):"); @@ -1196,9 +1198,9 @@ static int cmd_lang_set(const struct shell *shell, size_t argc, char **argv) return ret; } - bt_audio_codec_cfg_meta_set_stream_lang( + bt_audio_codec_cfg_meta_set_lang( &broadcast_param[big_index].subgroups[sub_index].group_lc3_preset.codec_cfg, - sys_get_le24(language)); + language); return 0; } From c64706b1920044cc4847e3b6172de9e53392e0e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 26 Sep 2024 14:07:00 +0200 Subject: [PATCH 160/217] crypto: Fix aliasing issues of mbedtl_mutex_xxxx APIs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Adding threading support for PSA core -Needs to be pointer to function not functions Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/threading/threading_alt.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/subsys/nrf_security/src/threading/threading_alt.c b/subsys/nrf_security/src/threading/threading_alt.c index 49c93c94c991..01ac5a029827 100644 --- a/subsys/nrf_security/src/threading/threading_alt.c +++ b/subsys/nrf_security/src/threading/threading_alt.c @@ -22,22 +22,27 @@ NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); -void mbedtls_mutex_init(mbedtls_threading_mutex_t *mutex) +static void mbedtls_mutex_init_fn(mbedtls_threading_mutex_t *mutex) { nrf_security_mutex_init(mutex); } -void mbedtls_mutex_free(mbedtls_threading_mutex_t *mutex) +static void mbedtls_mutex_free_fn(mbedtls_threading_mutex_t *mutex) { nrf_security_mutex_free(mutex); } -int mbedtls_mutex_lock(mbedtls_threading_mutex_t *mutex) +static int mbedtls_mutex_lock_fn(mbedtls_threading_mutex_t *mutex) { return nrf_security_mutex_lock(mutex); } -int mbedtls_mutex_unlock(mbedtls_threading_mutex_t *mutex) +static int mbedtls_mutex_unlock_fn(mbedtls_threading_mutex_t *mutex) { return nrf_security_mutex_unlock(mutex); } + +void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_init_fn; +void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_free_fn; +int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_lock_fn; +int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_unlock_fn; From aa583c986ec624e77fcfb387eb701c98c5930465 Mon Sep 17 00:00:00 2001 From: Ravi Dondaputi Date: Wed, 25 Sep 2024 19:20:04 +0530 Subject: [PATCH 161/217] samples: wifi: shell: Reduce static RAM usage Static RAM usage is exceeding the `RAM` region at build time. Decrease the number of RX buffers to fix this. Signed-off-by: Ravi Dondaputi --- samples/wifi/shell/overlay-zperf.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/wifi/shell/overlay-zperf.conf b/samples/wifi/shell/overlay-zperf.conf index fc06590d4525..4c3971d6417e 100644 --- a/samples/wifi/shell/overlay-zperf.conf +++ b/samples/wifi/shell/overlay-zperf.conf @@ -8,9 +8,9 @@ CONFIG_SHELL_STACK_SIZE=4650 CONFIG_NET_MGMT_EVENT_STACK_SIZE=4600 # Optimized networking settings for performance -CONFIG_NET_PKT_RX_COUNT=30 +CONFIG_NET_PKT_RX_COUNT=28 CONFIG_NET_PKT_TX_COUNT=29 -CONFIG_NET_BUF_RX_COUNT=30 +CONFIG_NET_BUF_RX_COUNT=28 CONFIG_NET_BUF_TX_COUNT=58 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_NET_BUF_DATA_SIZE=1100 From 196debac0a8c9441f93301377495882eee3112c9 Mon Sep 17 00:00:00 2001 From: Ravi Dondaputi Date: Thu, 26 Sep 2024 13:38:39 +0530 Subject: [PATCH 162/217] modules: wifi: provisioning: softap: Enable WIFI_NRF70 Add sysbuild conf to override the default setting for `WIFI_NRF70`. Signed-off-by: Ravi Dondaputi --- samples/wifi/provisioning/softap/sysbuild.conf | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 samples/wifi/provisioning/softap/sysbuild.conf diff --git a/samples/wifi/provisioning/softap/sysbuild.conf b/samples/wifi/provisioning/softap/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/wifi/provisioning/softap/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y From 609272acb40e940190b441235b3f9aec65910e39 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Thu, 26 Sep 2024 18:52:26 +0200 Subject: [PATCH 163/217] nrf_security: Use the renamed header file The common header file is now renamed with the module prefix. Signed-off-by: Chaitanya Tata --- .../include/psa/crypto_driver_contexts_composites.h | 2 +- .../include/psa/crypto_driver_contexts_primitives.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h b/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h index 458ebb9296b3..33cac2e37cc4 100644 --- a/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h +++ b/subsys/nrf_security/include/psa/crypto_driver_contexts_composites.h @@ -25,7 +25,7 @@ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H #define PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H -#include "common.h" +#include "oberon_psa_common.h" #include "psa/crypto_driver_common.h" diff --git a/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h b/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h index 61a4926f24d3..30aee4940cce 100644 --- a/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h +++ b/subsys/nrf_security/include/psa/crypto_driver_contexts_primitives.h @@ -24,7 +24,7 @@ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H #define PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H -#include "common.h" +#include "oberon_psa_common.h" #include "psa/crypto_driver_common.h" From 93172b1ad895939b08f02e38f3d2c37f21c94a71 Mon Sep 17 00:00:00 2001 From: Jamie McCrae Date: Thu, 26 Sep 2024 10:32:47 +0100 Subject: [PATCH 164/217] dfu: dfu_target: Add support for flatten Adds support for devices that support flatten and not (or as well) as erase Signed-off-by: Jamie McCrae Signed-off-by: Andrzej Puzdrowski --- subsys/dfu/dfu_target/CMakeLists.txt | 1 + subsys/dfu/dfu_target/Kconfig | 2 +- .../dfu_target/include/dfu_stream_flatten.h | 22 +++++++++ .../dfu/dfu_target/src/dfu_stream_flatten.c | 47 +++++++++++++++++++ .../dfu/dfu_target/src/dfu_target_mcuboot.c | 7 +-- subsys/dfu/dfu_target/src/dfu_target_stream.c | 8 ++-- 6 files changed, 79 insertions(+), 8 deletions(-) create mode 100644 subsys/dfu/dfu_target/include/dfu_stream_flatten.h create mode 100644 subsys/dfu/dfu_target/src/dfu_stream_flatten.c diff --git a/subsys/dfu/dfu_target/CMakeLists.txt b/subsys/dfu/dfu_target/CMakeLists.txt index cfc658829eb0..0233ba927a64 100644 --- a/subsys/dfu/dfu_target/CMakeLists.txt +++ b/subsys/dfu/dfu_target/CMakeLists.txt @@ -26,6 +26,7 @@ zephyr_library_sources_ifdef(CONFIG_DFU_TARGET_MCUBOOT zephyr_library_sources_ifdef(CONFIG_DFU_TARGET_SMP src/dfu_target_smp.c ) +zephyr_library_sources(src/dfu_stream_flatten.c) if (CONFIG_DFU_TARGET_SUIT) zephyr_library_sources(src/dfu_target_suit.c) if (CONFIG_SSF_SUIT_SERVICE_ENABLED) diff --git a/subsys/dfu/dfu_target/Kconfig b/subsys/dfu/dfu_target/Kconfig index a8945876540d..aee333b77060 100644 --- a/subsys/dfu/dfu_target/Kconfig +++ b/subsys/dfu/dfu_target/Kconfig @@ -41,8 +41,8 @@ endif config DFU_TARGET_STREAM bool "Generic DFU stream target" - depends on STREAM_FLASH_ERASE depends on STREAM_FLASH + select STREAM_FLASH_ERASE if FLASH_HAS_EXPLICIT_ERASE config DFU_TARGET_MCUBOOT_SAVE_PROGRESS bool "Store write progress to flash (MCUboot) [DEPRECATED]" diff --git a/subsys/dfu/dfu_target/include/dfu_stream_flatten.h b/subsys/dfu/dfu_target/include/dfu_stream_flatten.h new file mode 100644 index 000000000000..773f3738dd68 --- /dev/null +++ b/subsys/dfu/dfu_target/include/dfu_stream_flatten.h @@ -0,0 +1,22 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + */ + +#include +#include + +/** + * @brief Flatten/erase the flash/non-flash storage device page to which a given offset belongs. + * + * This function uses the flatten function on supported non-flash memory devices or erase function + * on flash devices to erase/flatten a flash/non-flash page to which an offset belongs. + * + * @param ctx context + * @param off offset from the base address of the non-flash storage device + * + * @return 0 on success + * @return Negative errno code on error + */ +int stream_flash_flatten_page(struct stream_flash_ctx *ctx, off_t off); diff --git a/subsys/dfu/dfu_target/src/dfu_stream_flatten.c b/subsys/dfu/dfu_target/src/dfu_stream_flatten.c new file mode 100644 index 000000000000..63281e4a81ed --- /dev/null +++ b/subsys/dfu/dfu_target/src/dfu_stream_flatten.c @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + */ + +#include +#include + +LOG_MODULE_REGISTER(dfu_stream_flatten, CONFIG_DFU_TARGET_LOG_LEVEL); + +int stream_flash_flatten_page(struct stream_flash_ctx *ctx, off_t off) +{ + int rc; + struct flash_pages_info page; + + rc = flash_get_page_info_by_offs(ctx->fdev, off, &page); + + if (rc != 0) { + LOG_ERR("Error %d while getting page info", rc); + return rc; + } + +#if defined(CONFIG_STREAM_FLASH_ERASE) + if (ctx->last_erased_page_start_offset == page.start_offset) { + return 0; + } +#else + if (ctx->bytes_written + ctx->offset > page.start_offset) { + return 0; + } +#endif + + LOG_DBG("Flattening page at offset 0x%08lx", (long)page.start_offset); + + rc = flash_flatten(ctx->fdev, page.start_offset, page.size); + + if (rc != 0) { + LOG_ERR("Error %d while flattening page", rc); +#if defined(CONFIG_STREAM_FLASH_ERASE) + } else { + ctx->last_erased_page_start_offset = page.start_offset; +#endif + } + + return rc; +} diff --git a/subsys/dfu/dfu_target/src/dfu_target_mcuboot.c b/subsys/dfu/dfu_target/src/dfu_target_mcuboot.c index 34da33fb1a2c..ad7e30237665 100644 --- a/subsys/dfu/dfu_target/src/dfu_target_mcuboot.c +++ b/subsys/dfu/dfu_target/src/dfu_target_mcuboot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019 Nordic Semiconductor ASA + * Copyright (c) 2019-2024 Nordic Semiconductor ASA * * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ @@ -23,6 +23,7 @@ #include #include #include +#include LOG_MODULE_REGISTER(dfu_target_mcuboot, CONFIG_DFU_TARGET_LOG_LEVEL); @@ -186,9 +187,9 @@ int dfu_target_mcuboot_done(bool successful) if (successful) { stream_buf_bytes = 0; - - err = stream_flash_erase_page(dfu_target_stream_get_stream(), + err = stream_flash_flatten_page(dfu_target_stream_get_stream(), secondary_last_address[curr_sec_img]); + if (err != 0) { LOG_ERR("Unable to delete last page: %d", err); return err; diff --git a/subsys/dfu/dfu_target/src/dfu_target_stream.c b/subsys/dfu/dfu_target/src/dfu_target_stream.c index ed905e8286db..2fb40eb5bd9b 100644 --- a/subsys/dfu/dfu_target/src/dfu_target_stream.c +++ b/subsys/dfu/dfu_target/src/dfu_target_stream.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020 Nordic Semiconductor ASA + * Copyright (c) 2020-2024 Nordic Semiconductor ASA * * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause */ @@ -9,6 +9,7 @@ #include #include #include +#include #ifdef CONFIG_DFU_TARGET_STREAM_SAVE_PROGRESS #define MODULE "dfu" @@ -219,7 +220,7 @@ int dfu_target_stream_done(bool successful) int dfu_target_stream_reset(void) { - int err; + int err = 0; stream.buf_bytes = 0; stream.bytes_written = 0; @@ -240,8 +241,7 @@ int dfu_target_stream_reset(void) /* Erase just the first page. Stream write will take care of erasing remaining pages * on a next buffered_write round */ - err = stream_flash_erase_page(&stream, stream.offset); - + err = stream_flash_flatten_page(&stream, stream.offset); current_id = NULL; return err; From ce6387da9fb8333cff9c8baeefc14bcad3cbf4c0 Mon Sep 17 00:00:00 2001 From: Marek Pieta Date: Fri, 27 Sep 2024 10:07:40 +0200 Subject: [PATCH 165/217] Revert "applications: nrf_desktop: Disable USB remote wakeup on nRF54H20" This reverts commit bd0c4b243aa1902bb7cd43f1a84c78b069b8756e. Signed-off-by: Marek Pieta --- applications/nrf_desktop/src/modules/Kconfig.usb_state | 5 ----- .../releases/release-notes-changelog.rst | 2 -- 2 files changed, 7 deletions(-) diff --git a/applications/nrf_desktop/src/modules/Kconfig.usb_state b/applications/nrf_desktop/src/modules/Kconfig.usb_state index 286e17e71c24..dee657d9df98 100644 --- a/applications/nrf_desktop/src/modules/Kconfig.usb_state +++ b/applications/nrf_desktop/src/modules/Kconfig.usb_state @@ -16,15 +16,10 @@ config DESKTOP_USB_REMOTE_WAKEUP bool "Enable USB remote wakeup" default y depends on DESKTOP_USB_PM_ENABLE - depends on !UDC_DWC2 help Enable USB remote wakeup functionality. The USB wakeup request is triggered on wake_up_event. - The DWC2 USB device controller driver used by the nRF54H20 SoC does - not support the remote wakeup capability. Because of that, the feature - is disabled in the configuration. - config DESKTOP_USB_SUBSCRIBER_REPORT_PRIORITY int "USB HID reports subscriber priority" default 255 diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst index a616a6b44eac..96aed7dde81d 100644 --- a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst +++ b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst @@ -269,8 +269,6 @@ nRF Desktop For details, see :ref:`nrf_desktop_usb_state_sof_synchronization`. * Local HID report buffering in :ref:`nrf_desktop_usb_state`. This ensures that the memory buffer passed to the USB next stack is valid until a HID report is sent and allows to enqueue up to two HID input reports for a USB HID instance (used only when :ref:`CONFIG_DESKTOP_USB_HID_REPORT_SENT_ON_SOF ` Kconfig option is enabled). - * Kconfig dependency that prevents enabling USB remote wakeup (:ref:`CONFIG_DESKTOP_USB_REMOTE_WAKEUP `) for the nRF54H20 SoC. - The DWC2 USB device controller driver used by the nRF54H20 SoC does not support the remote wakeup capability. * Bootup logs with the manifest semantic version information to :ref:`nrf_desktop_dfu_mcumgr` when the module is used for SUIT DFU and the SDFW supports semantic versioning (requires v0.6.2 and higher). * Manifest semantic version information to the firmware information response in :ref:`nrf_desktop_dfu` when the module is used for SUIT DFU and the SDFW supports semantic versioning (requires v0.6.2 and higher). * A missing DTS node compatible with ``zephyr,hid-device`` to the nRF52840 DK in the MCUboot QSPI configuration. From 4883042c839d483da9b168cf686478d0ab6a6080 Mon Sep 17 00:00:00 2001 From: Chaitanya Tata Date: Fri, 27 Sep 2024 10:43:35 +0200 Subject: [PATCH 166/217] samples: net: Add sysbuild Wi-Fi config When sysbuild Wi-Fi needs to be enabled explicitly to avoid build issues. Signed-off-by: Chaitanya Tata --- samples/net/aws_iot/sysbuild.conf | 7 +++++++ samples/net/azure_iot_hub/sysbuild.conf | 7 +++++++ samples/net/coap_client/sysbuild.conf | 7 +++++++ samples/net/download/sysbuild.conf | 7 +++++++ samples/net/http_server/sysbuild.conf | 7 +++++++ samples/net/https_client/sysbuild.conf | 7 +++++++ samples/net/mqtt/sysbuild.conf | 7 +++++++ samples/net/udp/sysbuild.conf | 7 +++++++ 8 files changed, 56 insertions(+) create mode 100644 samples/net/aws_iot/sysbuild.conf create mode 100644 samples/net/azure_iot_hub/sysbuild.conf create mode 100644 samples/net/coap_client/sysbuild.conf create mode 100644 samples/net/download/sysbuild.conf create mode 100644 samples/net/http_server/sysbuild.conf create mode 100644 samples/net/https_client/sysbuild.conf create mode 100644 samples/net/mqtt/sysbuild.conf create mode 100644 samples/net/udp/sysbuild.conf diff --git a/samples/net/aws_iot/sysbuild.conf b/samples/net/aws_iot/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/aws_iot/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/azure_iot_hub/sysbuild.conf b/samples/net/azure_iot_hub/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/azure_iot_hub/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/coap_client/sysbuild.conf b/samples/net/coap_client/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/coap_client/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/download/sysbuild.conf b/samples/net/download/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/download/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/http_server/sysbuild.conf b/samples/net/http_server/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/http_server/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/https_client/sysbuild.conf b/samples/net/https_client/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/https_client/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/mqtt/sysbuild.conf b/samples/net/mqtt/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/mqtt/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/udp/sysbuild.conf b/samples/net/udp/sysbuild.conf new file mode 100644 index 000000000000..d9e7bee8f47b --- /dev/null +++ b/samples/net/udp/sysbuild.conf @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +SB_CONFIG_WIFI_NRF70=y From 206189587a826d8b079aedf49e6b0489f3a17d07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Thu, 26 Sep 2024 17:08:31 +0200 Subject: [PATCH 167/217] crypto: Defer mutex operation in pre-kernel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixup! crypto: Adding threading support for PSA core Signed-off-by: Frank Audun Kvamtrø --- .../src/drivers/cracen/cracenpsa/src/cracen.c | 8 ++-- .../drivers/cracen/cracenpsa/src/ctr_drbg.c | 8 ++-- .../cracen/cracenpsa/src/key_management.c | 8 ++-- .../src/drivers/cracen/cracenpsa/src/kmu.c | 4 +- .../drivers/cracen/cracenpsa/src/prng_pool.c | 6 +-- .../baremetal_ba414e_with_ik/pk_baremetal.c | 4 +- .../src/platform/baremetal/cmdma_hw.c | 4 +- .../src/threading/include/threading_alt.h | 4 +- .../src/threading/threading.cmake | 7 ++++ .../src/threading/threading_alt.c | 40 +++++++++++++++---- .../src/utils/nrf_security_mutexes.c | 32 ++++++++++----- .../src/utils/nrf_security_mutexes.h | 35 +++++++++++----- .../src/utils/nrf_security_utils.cmake | 7 +++- 13 files changed, 112 insertions(+), 55 deletions(-) diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen.c index e64c96d2026f..159cfbabc13c 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cracen.c @@ -51,7 +51,7 @@ static void cracen_load_microcode(void) void cracen_acquire(void) { - nrf_security_mutex_lock(cracen_mutex); + nrf_security_mutex_lock(&cracen_mutex); if (users++ == 0) { nrf_cracen_module_enable(NRF_CRACEN, CRACEN_ENABLE_CRYPTOMASTER_Msk | @@ -61,12 +61,12 @@ void cracen_acquire(void) LOG_DBG_MSG("Powered on CRACEN."); } - nrf_security_mutex_unlock(cracen_mutex); + nrf_security_mutex_unlock(&cracen_mutex); } void cracen_release(void) { - nrf_security_mutex_lock(cracen_mutex); + nrf_security_mutex_lock(&cracen_mutex); if (--users == 0) { /* Disable IRQs in the ARM NVIC as the first operation to be @@ -102,7 +102,7 @@ void cracen_release(void) LOG_DBG_MSG("Powered off CRACEN."); } - nrf_security_mutex_unlock(cracen_mutex); + nrf_security_mutex_unlock(&cracen_mutex); } #define CRACEN_NOT_INITIALIZED 0x207467 diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ctr_drbg.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ctr_drbg.c index d654eb7624ca..7f751fb51a18 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ctr_drbg.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ctr_drbg.c @@ -129,7 +129,7 @@ psa_status_t cracen_init_random(cracen_prng_context_t *context) return PSA_SUCCESS; } - nrf_security_mutex_lock(cracen_prng_context_mutex); + nrf_security_mutex_lock(&cracen_prng_context_mutex); safe_memset(&prng, sizeof(prng), 0, sizeof(prng)); /* Get the entropy used to seed the DRBG */ @@ -153,7 +153,7 @@ psa_status_t cracen_init_random(cracen_prng_context_t *context) prng.initialized = CRACEN_PRNG_INITIALIZED; exit: - nrf_security_mutex_unlock(cracen_prng_context_mutex); + nrf_security_mutex_unlock(&cracen_prng_context_mutex); return silex_statuscodes_to_psa(sx_err); } @@ -173,7 +173,7 @@ psa_status_t cracen_get_random(cracen_prng_context_t *context, uint8_t *output, return PSA_ERROR_INVALID_ARGUMENT; } - nrf_security_mutex_lock(cracen_prng_context_mutex); + nrf_security_mutex_lock(&cracen_prng_context_mutex); if (prng.reseed_counter == 0) { status = cracen_init_random(context); @@ -238,7 +238,7 @@ psa_status_t cracen_get_random(cracen_prng_context_t *context, uint8_t *output, prng.reseed_counter += 1; exit: - nrf_security_mutex_unlock(cracen_prng_context_mutex); + nrf_security_mutex_unlock(&cracen_prng_context_mutex); return status; } diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c index 7b0caba37460..3a79ed795e65 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c @@ -1343,7 +1343,7 @@ psa_status_t cracen_export_key(const psa_key_attributes_t *attributes, const uin * use case. Here the decision was to avoid defining another mutex to handle the * push buffer for the rest of the use cases. */ - nrf_security_mutex_lock(cracen_mutex_symmetric); + nrf_security_mutex_lock(&cracen_mutex_symmetric); status = cracen_kmu_prepare_key(key_buffer); if (status == SX_OK) { memcpy(data, kmu_push_area, key_out_size); @@ -1351,7 +1351,7 @@ psa_status_t cracen_export_key(const psa_key_attributes_t *attributes, const uin } (void)cracen_kmu_clean_key(key_buffer); - nrf_security_mutex_unlock(cracen_mutex_symmetric); + nrf_security_mutex_unlock(&cracen_mutex_symmetric); return silex_statuscodes_to_psa(status); } @@ -1387,7 +1387,7 @@ psa_status_t cracen_copy_key(psa_key_attributes_t *attributes, const uint8_t *so psa_status_t psa_status; size_t key_size = PSA_BITS_TO_BYTES(psa_get_key_bits(attributes)); - nrf_security_mutex_lock(cracen_mutex_symmetric); + nrf_security_mutex_lock(&cracen_mutex_symmetric); status = cracen_kmu_prepare_key(source_key); if (status == SX_OK) { @@ -1399,7 +1399,7 @@ psa_status_t cracen_copy_key(psa_key_attributes_t *attributes, const uint8_t *so } (void)cracen_kmu_clean_key(source_key); - nrf_security_mutex_unlock(cracen_mutex_symmetric); + nrf_security_mutex_unlock(&cracen_mutex_symmetric); if (status != SX_OK) { return silex_statuscodes_to_psa(status); diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c index 263e2c3d793e..c5c68b746139 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c @@ -829,13 +829,13 @@ static psa_status_t push_kmu_key_to_ram(uint8_t *key_buffer, size_t key_buffer_s * Here the decision was to avoid defining another mutex to handle the push buffer for the * rest of the use cases. */ - nrf_security_mutex_lock(cracen_mutex_symmetric); + nrf_security_mutex_lock(&cracen_mutex_symmetric); status = silex_statuscodes_to_psa(cracen_kmu_prepare_key(key_buffer)); if (status == PSA_SUCCESS) { memcpy(key_buffer, kmu_push_area, key_buffer_size); safe_memzero(kmu_push_area, sizeof(kmu_push_area)); } - nrf_security_mutex_unlock(cracen_mutex_symmetric); + nrf_security_mutex_unlock(&cracen_mutex_symmetric); return status; } diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/prng_pool.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/prng_pool.c index 4d8706155163..e1d974e7387a 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/prng_pool.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/prng_pool.c @@ -24,13 +24,13 @@ static uint32_t prng_pool[PRNG_POOL_SIZE]; static uint32_t prng_pool_remaining; -NRF_SECURITY_MUTEX_DEFINE(cracen_prng_pool_mutex) +NRF_SECURITY_MUTEX_DEFINE(cracen_prng_pool_mutex); int cracen_prng_value_from_pool(uint32_t *prng_value) { int status = SX_OK; - nrf_security_mutex_lock(cracen_prng_pool_mutex); + nrf_security_mutex_lock(&cracen_prng_pool_mutex); if (prng_pool_remaining == 0) { psa_status_t psa_status = @@ -47,6 +47,6 @@ int cracen_prng_value_from_pool(uint32_t *prng_value) prng_pool_remaining--; exit: - nrf_security_mutex_unlock(cracen_prng_pool_mutex); + nrf_security_mutex_unlock(&cracen_prng_pool_mutex); return status; } diff --git a/subsys/nrf_security/src/drivers/cracen/silexpk/target/baremetal_ba414e_with_ik/pk_baremetal.c b/subsys/nrf_security/src/drivers/cracen/silexpk/target/baremetal_ba414e_with_ik/pk_baremetal.c index ecd936cafdae..ff80d2a13443 100644 --- a/subsys/nrf_security/src/drivers/cracen/silexpk/target/baremetal_ba414e_with_ik/pk_baremetal.c +++ b/subsys/nrf_security/src/drivers/cracen/silexpk/target/baremetal_ba414e_with_ik/pk_baremetal.c @@ -183,7 +183,7 @@ struct sx_pk_acq_req sx_pk_acquire_req(const struct sx_pk_cmd_def *cmd) { struct sx_pk_acq_req req = {NULL, SX_OK}; - nrf_security_mutex_lock(cracen_mutex_asymmetric); + nrf_security_mutex_lock(&cracen_mutex_asymmetric); req.req = &silex_pk_engine.instance; req.req->cmd = cmd; req.req->cnx = &silex_pk_engine; @@ -220,7 +220,7 @@ void sx_pk_release_req(sx_pk_req *req) cracen_release(); req->cmd = NULL; req->userctxt = NULL; - nrf_security_mutex_unlock(cracen_mutex_asymmetric); + nrf_security_mutex_unlock(&cracen_mutex_asymmetric); } struct sx_regs *sx_pk_get_regs(void) diff --git a/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/src/platform/baremetal/cmdma_hw.c b/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/src/platform/baremetal/cmdma_hw.c index c4047a54becc..4bc13e75b5e6 100644 --- a/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/src/platform/baremetal/cmdma_hw.c +++ b/subsys/nrf_security/src/drivers/cracen/sxsymcrypt/src/platform/baremetal/cmdma_hw.c @@ -29,7 +29,7 @@ NRF_SECURITY_MUTEX_DEFINE(cracen_mutex_symmetric); void sx_hw_reserve(struct sx_dmactl *dma) { cracen_acquire(); - nrf_security_mutex_lock(cracen_mutex_symmetric); + nrf_security_mutex_lock(&cracen_mutex_symmetric); if (dma) { dma->hw_acquired = true; @@ -48,7 +48,7 @@ void sx_cmdma_release_hw(struct sx_dmactl *dma) { if (dma == NULL || dma->hw_acquired) { cracen_release(); - nrf_security_mutex_unlock(cracen_mutex_symmetric); + nrf_security_mutex_unlock(&cracen_mutex_symmetric); if (dma) { dma->hw_acquired = false; } diff --git a/subsys/nrf_security/src/threading/include/threading_alt.h b/subsys/nrf_security/src/threading/include/threading_alt.h index 365b8d69915e..006db566af48 100644 --- a/subsys/nrf_security/src/threading/include/threading_alt.h +++ b/subsys/nrf_security/src/threading/include/threading_alt.h @@ -7,9 +7,7 @@ #ifndef MBEDTLS_THREADING_ALT_H #define MBEDTLS_THREADING_ALT_H -#include #include "mbedtls/build_info.h" - -typedef struct k_mutex mbedtls_threading_mutex_t; +#include "nrf_security_mutexes.h" #endif /* MBEDTLS_THREADING_ALT_H */ diff --git a/subsys/nrf_security/src/threading/threading.cmake b/subsys/nrf_security/src/threading/threading.cmake index efe163c8896b..9bad488ad062 100644 --- a/subsys/nrf_security/src/threading/threading.cmake +++ b/subsys/nrf_security/src/threading/threading.cmake @@ -13,12 +13,19 @@ if(CONFIG_MBEDTLS_THREADING_C AND NOT (CONFIG_PSA_CRYPTO_DRIVER_CC3XX OR CONFIG_ threading_alt.c ) + # Add include of threading_alt.h in interface build + target_include_directories(psa_crypto_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/include + ) + # Add include of threading_alt.h in library build target_include_directories(psa_crypto_library_config INTERFACE ${CMAKE_CURRENT_LIST_DIR}/include ) + # Add include of threading_alt.h in interface build target_include_directories(psa_crypto_config INTERFACE diff --git a/subsys/nrf_security/src/threading/threading_alt.c b/subsys/nrf_security/src/threading/threading_alt.c index 01ac5a029827..681baa6182cd 100644 --- a/subsys/nrf_security/src/threading/threading_alt.c +++ b/subsys/nrf_security/src/threading/threading_alt.c @@ -9,6 +9,8 @@ #include #include #include +#include +#include #include "nrf_security_mutexes.h" @@ -22,27 +24,49 @@ NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_key_slot_mutex); NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_psa_globaldata_mutex); NRF_SECURITY_MUTEX_DEFINE(mbedtls_threading_psa_rngdata_mutex); -static void mbedtls_mutex_init_fn(mbedtls_threading_mutex_t *mutex) +static void mbedtls_mutex_init_fn(mbedtls_threading_mutex_t * mutex) { - nrf_security_mutex_init(mutex); + if(!k_is_pre_kernel() && !k_is_in_isr()) { + nrf_security_mutex_init(mutex); + } } -static void mbedtls_mutex_free_fn(mbedtls_threading_mutex_t *mutex) +static void mbedtls_mutex_free_fn(mbedtls_threading_mutex_t * mutex) { - nrf_security_mutex_free(mutex); + if(!k_is_pre_kernel() && !k_is_in_isr()) { + nrf_security_mutex_free(mutex); + } } -static int mbedtls_mutex_lock_fn(mbedtls_threading_mutex_t *mutex) +static int mbedtls_mutex_lock_fn(mbedtls_threading_mutex_t * mutex) { - return nrf_security_mutex_lock(mutex); + if(!k_is_pre_kernel() && !k_is_in_isr()) { + return nrf_security_mutex_lock(mutex); + } else { + return 0; + } } -static int mbedtls_mutex_unlock_fn(mbedtls_threading_mutex_t *mutex) +static int mbedtls_mutex_unlock_fn(mbedtls_threading_mutex_t * mutex) { - return nrf_security_mutex_unlock(mutex); + if(!k_is_pre_kernel() && !k_is_in_isr()) { + return nrf_security_mutex_unlock(mutex); + } else { + return 0; + } } void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_init_fn; void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_free_fn; int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_lock_fn; int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex) = mbedtls_mutex_unlock_fn; + +static int post_kernel_init(void) +{ + mbedtls_mutex_init(&mbedtls_threading_key_slot_mutex); + mbedtls_mutex_init(&mbedtls_threading_psa_globaldata_mutex); + mbedtls_mutex_init(&mbedtls_threading_psa_rngdata_mutex); + return 0; +} + +SYS_INIT(post_kernel_init, POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEFAULT); diff --git a/subsys/nrf_security/src/utils/nrf_security_mutexes.c b/subsys/nrf_security/src/utils/nrf_security_mutexes.c index eb3159b0f33b..ceeb9b14d454 100644 --- a/subsys/nrf_security/src/utils/nrf_security_mutexes.c +++ b/subsys/nrf_security/src/utils/nrf_security_mutexes.c @@ -17,45 +17,55 @@ #if defined(CONFIG_MULTITHREADING) && !defined(__NRF_TFM__) -void nrf_security_mutex_init(nrf_security_mutex_t mutex) +void nrf_security_mutex_init(mbedtls_threading_mutex_t * mutex) { - (void)k_mutex_init(mutex); + if((mutex->flags & NRF_SECURITY_MUTEX_FLAGS_INITIALIZED) != 0) { + k_mutex_init(&mutex->mutex); + } } -void nrf_security_mutex_free(nrf_security_mutex_t mutex) +void nrf_security_mutex_free(mbedtls_threading_mutex_t * mutex) { (void)mutex; } -int nrf_security_mutex_lock(nrf_security_mutex_t mutex) +int nrf_security_mutex_lock(mbedtls_threading_mutex_t * mutex) { - return k_mutex_lock(mutex, K_FOREVER); + if((mutex->flags & NRF_SECURITY_MUTEX_FLAGS_INITIALIZED) != 0) { + return k_mutex_lock(&mutex->mutex, K_FOREVER); + } else { + return -EINVAL; + } } -int nrf_security_mutex_unlock(nrf_security_mutex_t mutex) +int nrf_security_mutex_unlock(mbedtls_threading_mutex_t * mutex) { - return k_mutex_unlock(mutex); + if((mutex->flags & NRF_SECURITY_MUTEX_FLAGS_INITIALIZED) != 0) { + return k_mutex_unlock(&mutex->mutex); + } else { + return -EINVAL; + } } #else -void nrf_security_mutex_init(nrf_security_mutex_t mutex) +void nrf_security_mutex_init(mbedtls_threading_mutex_t * mutex) { (void)mutex; } -void nrf_security_mutex_free(nrf_security_mutex_t mutex) +void nrf_security_mutex_free(mbedtls_threading_mutex_t * mutex) { (void)mutex; } -int nrf_security_mutex_lock(nrf_security_mutex_t mutex) +int nrf_security_mutex_lock(mbedtls_threading_mutex_t * mutex) { (void)mutex; return 0; } -int nrf_security_mutex_unlock(nrf_security_mutex_t mutex) +int nrf_security_mutex_unlock(mbedtls_threading_mutex_t * mutex) { (void)mutex; return 0; diff --git a/subsys/nrf_security/src/utils/nrf_security_mutexes.h b/subsys/nrf_security/src/utils/nrf_security_mutexes.h index ee53ae5c9842..581226064100 100644 --- a/subsys/nrf_security/src/utils/nrf_security_mutexes.h +++ b/subsys/nrf_security/src/utils/nrf_security_mutexes.h @@ -12,19 +12,30 @@ * One is backed by Zephyr events APIs (k_mutex_*), and other assumes * there are no threads thus it always returns success without doing anything. */ +#ifndef NRF_SECURITY_MUTEXES_H +#define NRF_SECURITY_MUTEXES_H #include #if defined(CONFIG_MULTITHREADING) && !defined(__NRF_TFM__) -typedef struct k_mutex *nrf_security_mutex_t; -#define NRF_SECURITY_MUTEX_DEFINE(mutex_name) \ - K_MUTEX_DEFINE(k_##mutex_name); \ - nrf_security_mutex_t mutex_name = &k_##mutex_name; +#include + +typedef enum { + NRF_SECURITY_MUTEX_FLAGS_NONE = 0, + NRF_SECURITY_MUTEX_FLAGS_INITIALIZED = 1 << 0, +} NRF_SECURITY_MUTEX_FLAGS; + +typedef struct { + uint32_t flags; + struct k_mutex mutex; +} mbedtls_threading_mutex_t; + +#define NRF_SECURITY_MUTEX_DEFINE(mutex_name) mbedtls_threading_mutex_t mutex_name = {0} #else -/* The uint8_t here is just a placeholder, this mutex type is not used */ -typedef uint8_t nrf_security_mutex_t; -#define NRF_SECURITY_MUTEX_DEFINE(mutex_name) nrf_security_mutex_t mutex_name; +/* The uint32_t here is just a placeholder, this mutex type is not used */ +typedef uint32_t mbedtls_threading_mutex_t; +#define NRF_SECURITY_MUTEX_DEFINE(mutex_name) mbedtls_threading_mutex_t mutex_name; #endif @@ -33,14 +44,14 @@ typedef uint8_t nrf_security_mutex_t; * * @param[in] mutex The mutex to initialized. */ -void nrf_security_mutex_init(nrf_security_mutex_t mutex); +void nrf_security_mutex_init(mbedtls_threading_mutex_t * mutex); /** * @brief Free a mutex. * * @param[in] mutex The mutex to free. */ -void nrf_security_mutex_free(nrf_security_mutex_t mutex); +void nrf_security_mutex_free(mbedtls_threading_mutex_t * mutex); /** * @brief Lock a mutex. @@ -50,7 +61,7 @@ void nrf_security_mutex_free(nrf_security_mutex_t mutex); * @return Returns 0 if the mutex was successfully locked; otherwise, it returns * an error code from the k_mutex_lock() function. */ -int nrf_security_mutex_lock(nrf_security_mutex_t mutex); +int nrf_security_mutex_lock(mbedtls_threading_mutex_t * mutex); /** * @brief Unlock a mutex. @@ -60,4 +71,6 @@ int nrf_security_mutex_lock(nrf_security_mutex_t mutex); * @return Returns 0 if the mutex was successfully unlocked; otherwise, it returns * an error code from the k_mutex_unlock() function. */ -int nrf_security_mutex_unlock(nrf_security_mutex_t mutex); +int nrf_security_mutex_unlock(mbedtls_threading_mutex_t * mutex); + +#endif /* NRF_SECURITY_MUTEXES_H */ diff --git a/subsys/nrf_security/src/utils/nrf_security_utils.cmake b/subsys/nrf_security/src/utils/nrf_security_utils.cmake index a2c1a2db4708..8f1ff4f5b7c9 100644 --- a/subsys/nrf_security/src/utils/nrf_security_utils.cmake +++ b/subsys/nrf_security/src/utils/nrf_security_utils.cmake @@ -9,7 +9,12 @@ add_library(nrf_security_utils STATIC ${CMAKE_CURRENT_LIST_DIR}/nrf_security_events.c ) -target_include_directories(nrf_security_utils +target_include_directories(psa_crypto_config + INTERFACE + ${CMAKE_CURRENT_LIST_DIR} +) + +target_include_directories(psa_crypto_library_config INTERFACE ${CMAKE_CURRENT_LIST_DIR} ) From f7e7cb64b0f42c9f547909a866aeecb17e5c4c35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 27 Sep 2024 00:42:08 +0200 Subject: [PATCH 168/217] tfm: Propagate PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Fixes issues booting TF-M Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/tfm_boards/external_core.cmake | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake index 38e8d4bf80d2..20a7b269a448 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -91,6 +91,12 @@ if(TARGET psa_crypto_library_config) ${OBERON_PSA_CORE_PATH}/include ${NRF_DIR}/include/tfm ) + + target_compile_definitions(psa_crypto_library_config + INTERFACE + MBEDTLS_PSA_CRYPTO_DRIVERS + $<$:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY> + ) endif() if(TARGET tfm_psa_rot_partition_crypto) From ef1ebe08c23efcdc10b31392868623ac5f895895 Mon Sep 17 00:00:00 2001 From: Thomas Stilwell Date: Fri, 27 Sep 2024 13:28:59 +0200 Subject: [PATCH 169/217] quarantine: native_sim, samples, drivers, tests which use sdl2 This will be re-enabled when sdl2 is added to toolchain. Signed-off-by: Thomas Stilwell --- scripts/quarantine_zephyr.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/scripts/quarantine_zephyr.yaml b/scripts/quarantine_zephyr.yaml index f82e8e4684a9..4d65eeead625 100644 --- a/scripts/quarantine_zephyr.yaml +++ b/scripts/quarantine_zephyr.yaml @@ -46,6 +46,14 @@ comment: "https://nordicsemi.atlassian.net/browse/NCSDK-24923" - scenarios: + - display.cfb.basic.mono01 + - display.cfb.basic.mono01.lsbfirst + - display.cfb.basic.mono01.lsbfirst.msbfirst_font + - display.cfb.basic.mono01.msbfirst_font + - display.cfb.basic.mono10 + - display.cfb.basic.mono10.lsbfirst + - display.cfb.basic.mono10.lsbfirst.msbfirst_font + - display.cfb.basic.mono10.msbfirst_font - drivers.display.default - drivers.display.read_write.sdl.argb8888 - drivers.display.read_write.sdl.bgr565 @@ -55,6 +63,7 @@ - drivers.display.read_write.sdl.mono10.lsbfirst - drivers.display.read_write.sdl.rgb565 - drivers.display.read_write.sdl.rgb888 + - sample.boards.nrf.nrf_led_matrix - sample.display.builtin - sample.display.lvgl.gui - sample.modules.lvgl.accelerometer_chart @@ -62,8 +71,11 @@ - sample.modules.lvgl.demo_benchmark - sample.modules.lvgl.demo_stress - sample.modules.lvgl.demo_widgets + - sample.smf.smf_calculator platforms: - native_posix + - native_sim + - native_sim/native/64 comment: "https://nordicsemi.atlassian.net/browse/NCSDK-24924" - scenarios: From 974d8f2de30dded5dc31e6a96cced25bf1a71305 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 27 Sep 2024 13:37:56 +0200 Subject: [PATCH 170/217] crypto: Rename to nrf_security_mutex_t to mbedtls_threading_mutex_t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Fixes issues on nRF54L15 devices (uses CRACEN) Signed-off-by: Frank Audun Kvamtrø --- .../src/drivers/cracen/cracenpsa/src/key_management.c | 2 +- subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c index 3a79ed795e65..5d058ba4d89c 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c @@ -31,7 +31,7 @@ extern const uint8_t cracen_N3072[384]; -extern nrf_security_mutex_t cracen_mutex_symmetric; +extern mbedtls_threading_mutex_t cracen_mutex_symmetric; #define DEFAULT_KEY_SIZE(bits) (bits), PSA_BITS_TO_BYTES(bits), (1 + 2 * PSA_BITS_TO_BYTES(bits)) static struct { diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c index c5c68b746139..20b40a978878 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c @@ -27,7 +27,7 @@ */ #define PROVISIONING_SLOT 250 -extern nrf_security_mutex_t cracen_mutex_symmetric; +extern mbedtls_threading_mutex_t cracen_mutex_symmetric; /* The section .nrf_kmu_reserved_push_area is placed at the top RAM address * by the linker scripts. We do that for both the secure and non-secure builds. From 02788355d0945e43a192100e0b7671f048bc3ce9 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Fri, 27 Sep 2024 14:00:15 +0200 Subject: [PATCH 171/217] quarantine_zephyr: sample.filesystem.fat_fs.nrf54l15pdk added Added this sample scenario to quarantine. Signed-off-by: Andrzej Puzdrowski Signed-off-by: Bjarki Arge Andreasen --- scripts/quarantine_zephyr.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/quarantine_zephyr.yaml b/scripts/quarantine_zephyr.yaml index 4d65eeead625..e0d60702cbba 100644 --- a/scripts/quarantine_zephyr.yaml +++ b/scripts/quarantine_zephyr.yaml @@ -405,3 +405,10 @@ - examples.nrfx_spim.blocking - examples.nrfx_spim.non_blocking comment: "Not fixable during upmerge, fix will be included in next upmerge" + +- scenarios: + - sample.filesystem.fat_fs.nrf54l15pdk: + platforms: + - nrf54l15dk/nrf54l15/cpuapp + - nrf54l15pdk/nrf54l15/cpuapp + comment: "partition manager configuration need to be fixed/provided" From 237a775bef236ba081b67f8c7cb3a765a2711d2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simen=20S=2E=20R=C3=B8stad?= Date: Fri, 27 Sep 2024 13:21:17 +0200 Subject: [PATCH 172/217] tests: subsys: wifi_credentials_backend_psa: Fix build error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix build error by including missing file mbedtls_config.h. Signed-off-by: Simen S. Røstad --- tests/subsys/net/lib/wifi_credentials_backend_psa/CMakeLists.txt | 1 + .../lib/wifi_credentials_backend_psa/include/mbedtls_config.h | 0 2 files changed, 1 insertion(+) create mode 100644 tests/subsys/net/lib/wifi_credentials_backend_psa/include/mbedtls_config.h diff --git a/tests/subsys/net/lib/wifi_credentials_backend_psa/CMakeLists.txt b/tests/subsys/net/lib/wifi_credentials_backend_psa/CMakeLists.txt index d86f91270225..1958e2642a1d 100644 --- a/tests/subsys/net/lib/wifi_credentials_backend_psa/CMakeLists.txt +++ b/tests/subsys/net/lib/wifi_credentials_backend_psa/CMakeLists.txt @@ -35,4 +35,5 @@ target_compile_options(app set_property( SOURCE ${ZEPHYR_NRF_MODULE_DIR}/subsys/net/lib/wifi_credentials/wifi_credentials_backend_psa.c PROPERTY COMPILE_FLAGS "-include ${CMAKE_CURRENT_SOURCE_DIR}/src/normalized_crypto.h" + PROPERTY COMPILE_FLAGS "-include ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls_config.h" ) diff --git a/tests/subsys/net/lib/wifi_credentials_backend_psa/include/mbedtls_config.h b/tests/subsys/net/lib/wifi_credentials_backend_psa/include/mbedtls_config.h new file mode 100644 index 000000000000..e69de29bb2d1 From b7288ba6840934557070dc46361256da3dd8abf8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simen=20S=2E=20R=C3=B8stad?= Date: Fri, 27 Sep 2024 14:12:15 +0200 Subject: [PATCH 173/217] samples: net: Enable WIFI_NRF70 only for Wi-Fi builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Enable WIFI_NRF70 only for Wi-Fi builds Signed-off-by: Simen S. Røstad --- samples/net/aws_iot/Kconfig.sysbuild | 3 +++ samples/net/aws_iot/sysbuild.conf | 7 ------- samples/net/azure_iot_hub/Kconfig.sysbuild | 3 +++ samples/net/azure_iot_hub/sysbuild.conf | 7 ------- samples/net/coap_client/Kconfig.sysbuild | 10 ++++++++++ samples/net/coap_client/sysbuild.conf | 7 ------- samples/net/download/Kconfig.sysbuild | 10 ++++++++++ samples/net/download/sysbuild.conf | 7 ------- samples/net/http_server/Kconfig.sysbuild | 10 ++++++++++ samples/net/http_server/sysbuild.conf | 7 ------- samples/net/https_client/Kconfig.sysbuild | 10 ++++++++++ samples/net/https_client/sysbuild.conf | 7 ------- samples/net/mqtt/Kconfig.sysbuild | 10 ++++++++++ samples/net/mqtt/sysbuild.conf | 7 ------- samples/net/udp/Kconfig.sysbuild | 10 ++++++++++ samples/net/udp/sysbuild.conf | 7 ------- 16 files changed, 66 insertions(+), 56 deletions(-) delete mode 100644 samples/net/aws_iot/sysbuild.conf delete mode 100644 samples/net/azure_iot_hub/sysbuild.conf create mode 100644 samples/net/coap_client/Kconfig.sysbuild delete mode 100644 samples/net/coap_client/sysbuild.conf create mode 100644 samples/net/download/Kconfig.sysbuild delete mode 100644 samples/net/download/sysbuild.conf create mode 100644 samples/net/http_server/Kconfig.sysbuild delete mode 100644 samples/net/http_server/sysbuild.conf create mode 100644 samples/net/https_client/Kconfig.sysbuild delete mode 100644 samples/net/https_client/sysbuild.conf create mode 100644 samples/net/mqtt/Kconfig.sysbuild delete mode 100644 samples/net/mqtt/sysbuild.conf create mode 100644 samples/net/udp/Kconfig.sysbuild delete mode 100644 samples/net/udp/sysbuild.conf diff --git a/samples/net/aws_iot/Kconfig.sysbuild b/samples/net/aws_iot/Kconfig.sysbuild index 0dd915f9333b..b6dfe4405220 100644 --- a/samples/net/aws_iot/Kconfig.sysbuild +++ b/samples/net/aws_iot/Kconfig.sysbuild @@ -11,4 +11,7 @@ endchoice config PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/aws_iot/sysbuild.conf b/samples/net/aws_iot/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/aws_iot/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/azure_iot_hub/Kconfig.sysbuild b/samples/net/azure_iot_hub/Kconfig.sysbuild index 0dd915f9333b..b6dfe4405220 100644 --- a/samples/net/azure_iot_hub/Kconfig.sysbuild +++ b/samples/net/azure_iot_hub/Kconfig.sysbuild @@ -11,4 +11,7 @@ endchoice config PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/azure_iot_hub/sysbuild.conf b/samples/net/azure_iot_hub/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/azure_iot_hub/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/coap_client/Kconfig.sysbuild b/samples/net/coap_client/Kconfig.sysbuild new file mode 100644 index 000000000000..8def8b2271bf --- /dev/null +++ b/samples/net/coap_client/Kconfig.sysbuild @@ -0,0 +1,10 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + +source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/coap_client/sysbuild.conf b/samples/net/coap_client/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/coap_client/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/download/Kconfig.sysbuild b/samples/net/download/Kconfig.sysbuild new file mode 100644 index 000000000000..8def8b2271bf --- /dev/null +++ b/samples/net/download/Kconfig.sysbuild @@ -0,0 +1,10 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + +source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/download/sysbuild.conf b/samples/net/download/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/download/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/http_server/Kconfig.sysbuild b/samples/net/http_server/Kconfig.sysbuild new file mode 100644 index 000000000000..8def8b2271bf --- /dev/null +++ b/samples/net/http_server/Kconfig.sysbuild @@ -0,0 +1,10 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + +source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/http_server/sysbuild.conf b/samples/net/http_server/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/http_server/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/https_client/Kconfig.sysbuild b/samples/net/https_client/Kconfig.sysbuild new file mode 100644 index 000000000000..8def8b2271bf --- /dev/null +++ b/samples/net/https_client/Kconfig.sysbuild @@ -0,0 +1,10 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + +source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/https_client/sysbuild.conf b/samples/net/https_client/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/https_client/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/mqtt/Kconfig.sysbuild b/samples/net/mqtt/Kconfig.sysbuild new file mode 100644 index 000000000000..8def8b2271bf --- /dev/null +++ b/samples/net/mqtt/Kconfig.sysbuild @@ -0,0 +1,10 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + +source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/mqtt/sysbuild.conf b/samples/net/mqtt/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/mqtt/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y diff --git a/samples/net/udp/Kconfig.sysbuild b/samples/net/udp/Kconfig.sysbuild new file mode 100644 index 000000000000..8def8b2271bf --- /dev/null +++ b/samples/net/udp/Kconfig.sysbuild @@ -0,0 +1,10 @@ +# +# Copyright (c) 2024 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +config WIFI_NRF70 + default y if BOARD_NRF7002DK_NRF5340_CPUAPP_NS + +source "${ZEPHYR_BASE}/share/sysbuild/Kconfig" diff --git a/samples/net/udp/sysbuild.conf b/samples/net/udp/sysbuild.conf deleted file mode 100644 index d9e7bee8f47b..000000000000 --- a/samples/net/udp/sysbuild.conf +++ /dev/null @@ -1,7 +0,0 @@ -# -# Copyright (c) 2024 Nordic Semiconductor ASA -# -# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -# - -SB_CONFIG_WIFI_NRF70=y From f0f8bd622c3c1f2d253ac69a267e7cbccbbd9f24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 27 Sep 2024 14:23:17 +0200 Subject: [PATCH 174/217] crypto: mutex: set intialized flag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Setting the flag was missing Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/utils/nrf_security_mutexes.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/subsys/nrf_security/src/utils/nrf_security_mutexes.c b/subsys/nrf_security/src/utils/nrf_security_mutexes.c index ceeb9b14d454..20c4a2a8ef98 100644 --- a/subsys/nrf_security/src/utils/nrf_security_mutexes.c +++ b/subsys/nrf_security/src/utils/nrf_security_mutexes.c @@ -22,6 +22,8 @@ void nrf_security_mutex_init(mbedtls_threading_mutex_t * mutex) if((mutex->flags & NRF_SECURITY_MUTEX_FLAGS_INITIALIZED) != 0) { k_mutex_init(&mutex->mutex); } + + mutex->flags |= NRF_SECURITY_MUTEX_FLAGS_INITIALIZED; } void nrf_security_mutex_free(mbedtls_threading_mutex_t * mutex) From b7d73d469b93c25ed6603add9ae6195e5c8340b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Fri, 27 Sep 2024 15:18:26 +0200 Subject: [PATCH 175/217] tf-m: Add PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -Added regression trying to fix tfm_hello_Word. This commmit fixes it Signed-off-by: Frank Audun Kvamtrø --- modules/trusted-firmware-m/tfm_boards/external_core.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake index 20a7b269a448..6ab54af794e4 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -95,7 +95,7 @@ if(TARGET psa_crypto_library_config) target_compile_definitions(psa_crypto_library_config INTERFACE MBEDTLS_PSA_CRYPTO_DRIVERS - $<$:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY> + $<$:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER> ) endif() From 1e199d707587776b4474f8cd06c2f73bdb33dd9a Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Fri, 27 Sep 2024 16:50:09 +0200 Subject: [PATCH 176/217] tests: benchmarks: peripheral_load: update flash_thread log name The flash_thread is using a colliding name when registering with the log module LOG_MODULE_REGISTER(flash, LOG_LEVEL_INF). Update name to flash_thd to avoid naming collision. Signed-off-by: Bjarki Arge Andreasen --- tests/benchmarks/peripheral_load/src/flash_thread.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/benchmarks/peripheral_load/src/flash_thread.c b/tests/benchmarks/peripheral_load/src/flash_thread.c index 2add58919295..f0e0ae028f3a 100644 --- a/tests/benchmarks/peripheral_load/src/flash_thread.c +++ b/tests/benchmarks/peripheral_load/src/flash_thread.c @@ -5,7 +5,7 @@ */ #include -LOG_MODULE_REGISTER(flash, LOG_LEVEL_INF); +LOG_MODULE_REGISTER(flash_thd, LOG_LEVEL_INF); #include #include From d6b43fa083e765d95eef10dca6071ac178a5c041 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Fri, 27 Sep 2024 21:01:03 +0200 Subject: [PATCH 177/217] boards: thingy91x: update to upstream nrf7002 dts model Update the nrf7002 in the thingy91x board to match upstream dts model. Additionally add COEX model of nrf700x for use with for example cpunet. Signed-off-by: Bjarki Arge Andreasen --- .../thingy91x/Kconfig.defconfig.nrf9151 | 4 -- .../thingy91x/dts/thingy91x_no_buses.dtsi | 2 +- .../thingy91x/dts/thingy91x_nrf53_wifi.dtsi | 2 +- .../nordic/thingy91x/dts/thingy91x_wifi.dtsi | 2 +- boards/nordic/thingy91x/thingy91x_common.dtsi | 43 +++++++++---------- .../thingy91x_nrf5340_cpuapp_common.dts | 10 ++--- .../thingy91x/thingy91x_nrf5340_cpunet.dts | 4 +- .../thingy91x/thingy91x_nrf9151_common.dts | 2 +- dts/bindings/wifi/nordic,nrf7000-coex.yaml | 9 ++++ dts/bindings/wifi/nordic,nrf7001-coex.yaml | 9 ++++ dts/bindings/wifi/nordic,nrf7002-coex.yaml | 9 ++++ 11 files changed, 58 insertions(+), 38 deletions(-) create mode 100644 dts/bindings/wifi/nordic,nrf7000-coex.yaml create mode 100644 dts/bindings/wifi/nordic,nrf7001-coex.yaml create mode 100644 dts/bindings/wifi/nordic,nrf7002-coex.yaml diff --git a/boards/nordic/thingy91x/Kconfig.defconfig.nrf9151 b/boards/nordic/thingy91x/Kconfig.defconfig.nrf9151 index b842bd1cdd20..25bf7159ba14 100644 --- a/boards/nordic/thingy91x/Kconfig.defconfig.nrf9151 +++ b/boards/nordic/thingy91x/Kconfig.defconfig.nrf9151 @@ -5,10 +5,6 @@ if BOARD_THINGY91X_NRF9151 || BOARD_THINGY91X_NRF9151_NS -DT_COMPAT_NORDIC_NRF700X_SPI := nordic,nrf700x-spi -config NRF7002_ON_SPI - def_bool $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF700X_SPI)) - # By default, if we build for a Non-Secure version of the board, # enable building with TF-M as the Secure Execution Environment. config BUILD_WITH_TFM diff --git a/boards/nordic/thingy91x/dts/thingy91x_no_buses.dtsi b/boards/nordic/thingy91x/dts/thingy91x_no_buses.dtsi index 7bc5e5826f1c..5f1439e65ebe 100644 --- a/boards/nordic/thingy91x/dts/thingy91x_no_buses.dtsi +++ b/boards/nordic/thingy91x/dts/thingy91x_no_buses.dtsi @@ -20,7 +20,7 @@ }; /* disable nrf70 */ -&nrf700x { +&nrf70 { status = "disabled"; }; diff --git a/boards/nordic/thingy91x/dts/thingy91x_nrf53_wifi.dtsi b/boards/nordic/thingy91x/dts/thingy91x_nrf53_wifi.dtsi index 59ad2d988844..d64ebe59c36e 100644 --- a/boards/nordic/thingy91x/dts/thingy91x_nrf53_wifi.dtsi +++ b/boards/nordic/thingy91x/dts/thingy91x_nrf53_wifi.dtsi @@ -39,7 +39,7 @@ }; /* enable nRF70 */ -&nrf700x { +&nrf70 { status = "okay"; }; diff --git a/boards/nordic/thingy91x/dts/thingy91x_wifi.dtsi b/boards/nordic/thingy91x/dts/thingy91x_wifi.dtsi index 7bec7a9740f9..802fd6952e1e 100644 --- a/boards/nordic/thingy91x/dts/thingy91x_wifi.dtsi +++ b/boards/nordic/thingy91x/dts/thingy91x_wifi.dtsi @@ -24,6 +24,6 @@ }; /* enable nRF70 */ -&nrf700x { +&nrf70 { status = "okay"; }; diff --git a/boards/nordic/thingy91x/thingy91x_common.dtsi b/boards/nordic/thingy91x/thingy91x_common.dtsi index 8a93b8d35435..37ac05289e1d 100644 --- a/boards/nordic/thingy91x/thingy91x_common.dtsi +++ b/boards/nordic/thingy91x/thingy91x_common.dtsi @@ -161,11 +161,29 @@ jedec-id = [c8 60 19]; }; - nrf700x: nrf7000@1 { - compatible = "nordic,nrf700x-spi"; + nrf70: wifi@1 { + compatible = "nordic,nrf7002-spi"; status = "disabled"; reg = <1>; spi-max-frequency = ; + + iovdd-ctrl-gpios = <&gpio0 4 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; + bucken-gpios = <&gpio0 7 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; + host-irq-gpios = <&gpio0 5 GPIO_ACTIVE_HIGH>; + + nordic_wlan0: wlan0 { + compatible = "nordic,wlan"; + }; + + wifi-max-tx-pwr-2g-dsss = <21>; + wifi-max-tx-pwr-2g-mcs0 = <16>; + wifi-max-tx-pwr-2g-mcs7 = <16>; + wifi-max-tx-pwr-5g-low-mcs0 = <9>; + wifi-max-tx-pwr-5g-low-mcs7 = <9>; + wifi-max-tx-pwr-5g-mid-mcs0 = <11>; + wifi-max-tx-pwr-5g-mid-mcs7 = <11>; + wifi-max-tx-pwr-5g-high-mcs0 = <13>; + wifi-max-tx-pwr-5g-high-mcs7 = <13>; }; accelerometer_hp: bmi270@2 { @@ -174,25 +192,4 @@ reg = <2>; spi-max-frequency = ; }; - -}; - -/ { - nrf70_tx_power_ceiling: nrf70_tx_power_ceiling_node { - status = "okay"; - compatible = "nordic,nrf700x-tx-power-ceiling"; - max-pwr-2g-dsss = <0x54>; - max-pwr-2g-mcs0 = <0x40>; - max-pwr-2g-mcs7 = <0x40>; - max-pwr-5g-low-mcs0 = <0x24>; - max-pwr-5g-low-mcs7 = <0x24>; - max-pwr-5g-mid-mcs0 = <0x2C>; - max-pwr-5g-mid-mcs7 = <0x2C>; - max-pwr-5g-high-mcs0 = <0x34>; - max-pwr-5g-high-mcs7 = <0x34>; - }; - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; }; diff --git a/boards/nordic/thingy91x/thingy91x_nrf5340_cpuapp_common.dts b/boards/nordic/thingy91x/thingy91x_nrf5340_cpuapp_common.dts index 747ee0988664..7358bb1948d4 100644 --- a/boards/nordic/thingy91x/thingy91x_nrf5340_cpuapp_common.dts +++ b/boards/nordic/thingy91x/thingy91x_nrf5340_cpuapp_common.dts @@ -51,10 +51,10 @@ compatible = "nordic,nrf-gpio-forwarder"; status = "okay"; uart { - gpios = <&gpio0 22 0>, // nrf700x-coex req-gpios - <&gpio0 23 0>, // nrf700x-coex status0-gpios - <&gpio0 20 0>, // nrf700x-coex grant-gpios - <&gpio0 6 0>; // nrf700x-coex swctrl1-gpios + gpios = <&gpio0 22 0>, /* nrf7002-coex req-gpios */ + <&gpio0 23 0>, /* nrf7002-coex status0-gpios */ + <&gpio0 20 0>, /* nrf7002-coex grant-gpios */ + <&gpio0 6 0>; /* nrf7002-coex swctrl1-gpios */ }; }; @@ -99,7 +99,7 @@ int1-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; //INT4 }; -&nrf700x { +&nrf70 { iovdd-ctrl-gpios = <&gpio0 4 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; bucken-gpios = <&gpio0 7 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; host-irq-gpios = <&gpio0 5 GPIO_ACTIVE_HIGH>; diff --git a/boards/nordic/thingy91x/thingy91x_nrf5340_cpunet.dts b/boards/nordic/thingy91x/thingy91x_nrf5340_cpunet.dts index c9e4a80b9afe..e61f83382c80 100644 --- a/boards/nordic/thingy91x/thingy91x_nrf5340_cpunet.dts +++ b/boards/nordic/thingy91x/thingy91x_nrf5340_cpunet.dts @@ -24,9 +24,9 @@ zephyr,ieee802154 = &ieee802154; }; - nrf_radio_coex: nrf7001-coex { + nrf_radio_coex: wifi-coex { status = "okay"; - compatible = "nordic,nrf700x-coex"; + compatible = "nordic,nrf7002-coex"; req-gpios = <&gpio0 22 GPIO_ACTIVE_HIGH>; status0-gpios = <&gpio0 23 GPIO_ACTIVE_HIGH>; grant-gpios = <&gpio0 20 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; diff --git a/boards/nordic/thingy91x/thingy91x_nrf9151_common.dts b/boards/nordic/thingy91x/thingy91x_nrf9151_common.dts index 4205e5ceefb7..8ee1f1d7cf6b 100644 --- a/boards/nordic/thingy91x/thingy91x_nrf9151_common.dts +++ b/boards/nordic/thingy91x/thingy91x_nrf9151_common.dts @@ -117,7 +117,7 @@ status = "okay"; }; -&nrf700x { +&nrf70 { iovdd-ctrl-gpios = <&gpio0 27 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; bucken-gpios = <&gpio0 28 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; host-irq-gpios = <&gpio0 16 GPIO_ACTIVE_HIGH>; diff --git a/dts/bindings/wifi/nordic,nrf7000-coex.yaml b/dts/bindings/wifi/nordic,nrf7000-coex.yaml new file mode 100644 index 000000000000..94dcc2181d33 --- /dev/null +++ b/dts/bindings/wifi/nordic,nrf7000-coex.yaml @@ -0,0 +1,9 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +description: This is a representation of the nRF7000 Wi-Fi chip with COEX interface. + +compatible: nordic,nrf7000-coex + +include: + - "nordic,nrf70-coex.yaml" diff --git a/dts/bindings/wifi/nordic,nrf7001-coex.yaml b/dts/bindings/wifi/nordic,nrf7001-coex.yaml new file mode 100644 index 000000000000..d58afe7d44cb --- /dev/null +++ b/dts/bindings/wifi/nordic,nrf7001-coex.yaml @@ -0,0 +1,9 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +description: This is a representation of the nRF7001 Wi-Fi chip with COEX interface. + +compatible: nordic,nrf7001-coex + +include: + - "nordic,nrf70-coex.yaml" diff --git a/dts/bindings/wifi/nordic,nrf7002-coex.yaml b/dts/bindings/wifi/nordic,nrf7002-coex.yaml new file mode 100644 index 000000000000..1df61d0bf987 --- /dev/null +++ b/dts/bindings/wifi/nordic,nrf7002-coex.yaml @@ -0,0 +1,9 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +description: This is a representation of the nRF7002 Wi-Fi chip with COEX interface. + +compatible: nordic,nrf7002-coex + +include: + - "nordic,nrf70-coex.yaml" From b01323dffdf02bc603309d2b7eeeab11503a4fb0 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sat, 28 Sep 2024 18:34:34 +0200 Subject: [PATCH 178/217] samples: cellular: nrf_cloud_multi_service: adapt thingy91x wifi Ignore the min heap requirements for Wi-Fi and update the nrf9151/ns overlay to properly reference the wifi wlan0 node. Signed-off-by: Pete Skeggs Signed-off-by: Bjarki Arge Andreasen --- .../nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf | 1 + .../boards/thingy91x_nrf9151_ns.overlay | 5 ----- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf index dcff9fcf57d4..514c6cf04d22 100644 --- a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf +++ b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.conf @@ -66,6 +66,7 @@ CONFIG_NET_TC_TX_COUNT=1 CONFIG_NET_MAX_CONTEXTS=5 CONFIG_HEAP_MEM_POOL_SIZE=34000 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_MAIN_STACK_SIZE=2048 CONFIG_NET_MGMT_EVENT_STACK_SIZE=2048 diff --git a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.overlay b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.overlay index 9a58d144af7a..4e6d3fd9f267 100644 --- a/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.overlay +++ b/samples/cellular/nrf_cloud_multi_service/boards/thingy91x_nrf9151_ns.overlay @@ -12,11 +12,6 @@ ext-flash = &flash_ext; }; - nordic_wlan0: nordic_wlan0 { - compatible = "nordic,wlan0"; - status = "okay"; - }; - chosen { zephyr,wifi = &nordic_wlan0; }; From edaaa18c38124cbc87532f77a067b9c3d681664b Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sat, 28 Sep 2024 21:37:26 +0200 Subject: [PATCH 179/217] samples: net: http_server: ignore min heap warning Signal that we knowingly are setting the heap size smaller than sum of min heaps. Signed-off-by: Bjarki Arge Andreasen --- samples/net/http_server/overlay-tls-nrf7002dk.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/net/http_server/overlay-tls-nrf7002dk.conf b/samples/net/http_server/overlay-tls-nrf7002dk.conf index c4cb9f39004a..7273d6823ecf 100644 --- a/samples/net/http_server/overlay-tls-nrf7002dk.conf +++ b/samples/net/http_server/overlay-tls-nrf7002dk.conf @@ -11,6 +11,7 @@ CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=3 # nRF Security legacy MBed TLS CONFIG_NORDIC_SECURITY_BACKEND=y CONFIG_MBEDTLS_HEAP_SIZE=81920 +CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y CONFIG_MBEDTLS_RSA_C=y # TLS credentials From 5685d06292659661ac3b0145e25fb5980f4fa4fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Sun, 29 Sep 2024 21:06:20 +0200 Subject: [PATCH 180/217] crypto: Widen filter to enable md_ext.c for nRF54H20 devices MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This enabled md_ext.c for nRF54H20 (CPUAPP/CPURAD) to ensuce psa_can_do_hash and psa_can_do_cipher is available Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/src/legacy/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/nrf_security/src/legacy/CMakeLists.txt b/subsys/nrf_security/src/legacy/CMakeLists.txt index 578711c6f2b2..5379817fa856 100644 --- a/subsys/nrf_security/src/legacy/CMakeLists.txt +++ b/subsys/nrf_security/src/legacy/CMakeLists.txt @@ -56,7 +56,7 @@ endif() # There is a function expected to be built inside psa_crypto.c that is used # by md. This makes MD not work with TF-M. Temporarily adding this check-function # to a self-contained file an use this when PSA crypto is not built locally -if(CONFIG_BUILD_WITH_TFM) +if(CONFIG_BUILD_WITH_TFM OR CONFIG_SOC_NRF54H20_CPURAD OR CONFIG_SOC_NRF54H20_CPUAPP) list(APPEND src_crypto_legacy ${CMAKE_CURRENT_LIST_DIR}/md_ext.c ) From 458c3f271e4037d98b05c44e190d07c762065c24 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sun, 29 Sep 2024 21:20:10 +0200 Subject: [PATCH 181/217] scripts: quarantine: quarantine net.lib.wifi_credentials_backend_psa Quarantine net.lib.wifi_credentials_backend_psa temporarily to be fixed after upmerge. Signed-off-by: Bjarki Arge Andreasen --- scripts/quarantine.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index d5ee01f6c6e6..187748d5535f 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -32,3 +32,7 @@ - nrf5340dk/nrf5340/cpuapp/ns - nrf9151dk/nrf9151/ns comment: "Unknown failures using NS (TF-M), unable to replicate locally, temporarily excluded" + +- scenarios: + - net.lib.wifi_credentials_backend_psa + comment: "Fix not known at time of upmerge, temporarily excluded to be fixed after upmerge" From 50102aeae19f9b85f891f51fda79db4b629851b8 Mon Sep 17 00:00:00 2001 From: Ravi Dondaputi Date: Fri, 27 Sep 2024 19:11:14 +0530 Subject: [PATCH 182/217] samples: wifi: throughput: Reduce static RAM usage Static RAM usage is exceeding the `RAM` region at build time. Decrease the number of RX buffers to fix this. Signed-off-by: Ravi Dondaputi --- samples/wifi/throughput/overlay-high-performance.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/wifi/throughput/overlay-high-performance.conf b/samples/wifi/throughput/overlay-high-performance.conf index 918fae392509..104a61c0f609 100644 --- a/samples/wifi/throughput/overlay-high-performance.conf +++ b/samples/wifi/throughput/overlay-high-performance.conf @@ -1,9 +1,9 @@ CONFIG_NRF70_AP_MODE=n CONFIG_NRF70_P2P_MODE=n CONFIG_NET_PKT_TX_COUNT=30 -CONFIG_NET_PKT_RX_COUNT=30 +CONFIG_NET_PKT_RX_COUNT=27 CONFIG_NET_BUF_TX_COUNT=60 -CONFIG_NET_BUF_RX_COUNT=30 +CONFIG_NET_BUF_RX_COUNT=27 CONFIG_NET_BUF_DATA_SIZE=1100 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_SPEED_OPTIMIZATIONS=y From 3c19d554401fdc2f8108248601efd0a39445d32d Mon Sep 17 00:00:00 2001 From: Maciej Perkowski Date: Fri, 27 Sep 2024 15:19:02 +0200 Subject: [PATCH 183/217] quarantine: Update quarantine New failures from upmerge Signed-off-by: Maciej Perkowski --- scripts/quarantine_zephyr.yaml | 53 +++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 23 deletions(-) diff --git a/scripts/quarantine_zephyr.yaml b/scripts/quarantine_zephyr.yaml index e0d60702cbba..56ed6a658b98 100644 --- a/scripts/quarantine_zephyr.yaml +++ b/scripts/quarantine_zephyr.yaml @@ -6,22 +6,6 @@ - scenarios: - libraries.hash_map.newlib.cxx_unordered_map.djb2 - platforms: - - nrf52dk/nrf52832 - - nrf9160dk/nrf9160/ns - - mps2_an521 - - nrf5340dk/nrf5340/cpuapp/ns - - nrf52840dk/nrf52840 - - nrf9160dk/nrf9160 - - nrf5340dk/nrf5340/cpuapp - - nrf5340dk/nrf5340/cpunet - - nrf54h20dk/nrf54h20/cpuapp - - nrf54l15dk/nrf54l15/cpuflpr - - nrf54l15dk/nrf54l15/cpuapp - - nrf54l15pdk/nrf54l15/cpuapp - - nrf54l15pdk/nrf54l15/cpuflpr - - nrf54h20dk/nrf54h20/cpuppr - - nrf54h20dk/nrf54h20/cpurad comment: "https://nordicsemi.atlassian.net/browse/NCSDK-21219" - scenarios: @@ -175,6 +159,27 @@ - nrf54l15dk/nrf54l15/cpuapp comment: "Test not aligned for nrf54l15 but selected due to jedec,spi-nor" +- scenarios: + - llext.simple.* + platforms: + - nrf54h20dk/nrf54h20/cpurad + - nrf52dk/nrf52832 + - nrf5340dk/nrf5340/cpunet + - nrf54h20dk/nrf54h20/cpuppr + - nrf54l15pdk/nrf54l15/cpuflpr + - qemu_cortex_m3 + comment: "overflow, to report/fix in the upstream @permac and put ticket # here" + +- scenarios: + - sample.net.mqtt.nrf70.tls + comment: "To report @chaitanya and put ticket # here" + +- scenarios: + - storage.flash_map + platforms: + - nrf9160dk/nrf9160/ns + comment: "https://nordicsemi.atlassian.net/browse/NCSDK-29462" + # --------------------------------- Won't fix section ----------------------------------- - scenarios: @@ -212,9 +217,6 @@ - scenarios: - libraries.uoscore - platforms: - - nrf54l15dk/nrf54l15/cpuapp - - nrf54l15pdk/nrf54l15/cpuapp comment: "Won't be fixes - We don't support uoscore since it doesn't use NRF security" - scenarios: @@ -270,6 +272,7 @@ - message_bus.zbus.general_unittests_without_priority_boost - message_bus.zbus.general_unittests - logging.thread + - logging.immediate.* - libraries.heap - libraries.libc.c11_threads.minimal - libraries.libc.c11_threads.picolibc.notls @@ -284,6 +287,7 @@ - libraries.libc.common.picolibc - libraries.libc.common.picolibc.module - libraries.libc.common.picolibc.notls + - libraries.encoding.json - libraries.net_buf.buf - libraries.ring_buffer - libraries.hash_map.cxx.djb2 @@ -307,8 +311,7 @@ - net.mqtt_sn.packet - net.http.server.common - net.coap.server.common - - sample.zbus.msg_subscriber_static - - sample.zbus.msg_subscriber_dynamic + - sample.zbus.msg_subscriber.* - sample.sensor.shell.pytest - sample.sensor.shell - benchmark.kernel.core @@ -333,6 +336,7 @@ - kernel.common - net.http.server.crime - drivers.gpio.build + - sample.perf platforms: - nrf54h20dk/nrf54h20/cpuppr comment: "region RAM/FLASH overflowed" @@ -378,12 +382,15 @@ - sample.net.sockets.dumb_http_server - sample.net.sockets.http_get - sample.net.sockets.socketpair + - sample.posix.eventfd - sample.posix.gettimeofday - sample.sensor.shell - sample.sensor.shell.pytest - sample.shell.shell_module + - sample.shell.shell_module.getopt + - sample.shell.shell_module.login platforms: - - nrf54l15dk/nrf54l15/cpuapp + - nrf54l15dk/nrf54l15/cpuflpr - nrf54l15pdk/nrf54l15/cpuflpr comment: "region RAM/FLASH overflowed" @@ -407,7 +414,7 @@ comment: "Not fixable during upmerge, fix will be included in next upmerge" - scenarios: - - sample.filesystem.fat_fs.nrf54l15pdk: + - sample.filesystem.fat_fs.nrf54l15pdk platforms: - nrf54l15dk/nrf54l15/cpuapp - nrf54l15pdk/nrf54l15/cpuapp From a046018652206954aab76346532992f70b484f98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Frank=20Audun=20Kvamtr=C3=B8?= Date: Mon, 30 Sep 2024 15:01:47 +0200 Subject: [PATCH 184/217] crypto: Allow for MBEDTLS_FORCE_LEGACY_MD/_CIPHER MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -This adds Kconfis that can be used to signal that legacy MD/CIPHER functionality must be used even though MBEDTLS_PSA_CRYPTO_CLIENT is set. This is done to allow TF-M miminmal configuration to work (as it doesn't enable anything other than RNG). The real solution is to port to use PSA crypto APIs, so these configurations can be removed Signed-off-by: Frank Audun Kvamtrø --- subsys/nrf_security/Kconfig.legacy | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/subsys/nrf_security/Kconfig.legacy b/subsys/nrf_security/Kconfig.legacy index a4ab5f6555de..fdfa8f8cd0df 100644 --- a/subsys/nrf_security/Kconfig.legacy +++ b/subsys/nrf_security/Kconfig.legacy @@ -819,6 +819,20 @@ config MBEDTLS_512_SMALLER endmenu # SHA - Secure Hash Algorithm +config MBEDTLS_FORCE_LEGACY_MD + bool + prompt "Force using legacy crypto for MD" + default y if BUILD_WITH_TFM && TFM_PROFILE_TYPE_MINIMAL + help + Should only be used when TF-M MINIMAL profile is used + +config MBEDTLS_FORCE_LEGACY_CIPHER + bool + prompt "Force using legacy crypto for cipher" + default y if BUILD_WITH_TFM && TFM_PROFILE_TYPE_MINIMAL + help + Should only be used when TF-M MINIMAL profile is used + endif #MBEDTLS_LEGACY_CRYPTO_C config MBEDTLS_CIPHER_C @@ -870,4 +884,5 @@ config MBEDTLS_PEM_WRITE_C prompt "Support writing PEM files" depends on MBEDTLS_BASE64_C + endmenu # Legacy mbed TLS crypto APIs From 59f5b1fd1adb14f551ffcda44e068b0ea41378c3 Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Fri, 27 Sep 2024 16:38:54 +0200 Subject: [PATCH 185/217] bluetooth: rpc: include Kconfig for logging from Zephyr Bluetooth stack The Bluetooth RPC Kconfig now includes the Kconfig file used to declare all logging configurations in the Zephyr Bluetooth stack. Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- subsys/bluetooth/rpc/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/subsys/bluetooth/rpc/Kconfig b/subsys/bluetooth/rpc/Kconfig index 71f3fdcdeb69..dd1e54434f60 100644 --- a/subsys/bluetooth/rpc/Kconfig +++ b/subsys/bluetooth/rpc/Kconfig @@ -179,6 +179,7 @@ config BT_DATA_LEN_UPDATE endif # BT_CONN source "$(ZEPHYR_BASE)/subsys/bluetooth/Kconfig.adv" +source "$(ZEPHYR_BASE)/subsys/bluetooth/Kconfig.logging" source "$(ZEPHYR_BASE)/subsys/bluetooth/services/Kconfig" source "$(ZEPHYR_BASE)/subsys/bluetooth/common/Kconfig" source "$(ZEPHYR_BASE)/subsys/bluetooth/host/Kconfig" From f136b54d5e881fbb9ae756b4fb8da452b65bf0bf Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Mon, 30 Sep 2024 13:05:11 +0200 Subject: [PATCH 186/217] bluetooth: rpc: add nrf53 cpunet enable code Added the code for enabling nRF53 network core in the Bluetooth RPC configuration. The change is required as the newly introduced Kconfig - CONFIG_SOC_NRF53_CPUNET_ENABLE - for enabling the network core at the SoC level cannot be enabled in projects that use the CONFIG_BT Kconfig. Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- subsys/bluetooth/rpc/CMakeLists.txt | 1 + subsys/bluetooth/rpc/soc/CMakeLists.txt | 7 ++++ .../bluetooth/rpc/soc/nrf53_cpunet_enable.c | 37 +++++++++++++++++++ 3 files changed, 45 insertions(+) create mode 100644 subsys/bluetooth/rpc/soc/CMakeLists.txt create mode 100644 subsys/bluetooth/rpc/soc/nrf53_cpunet_enable.c diff --git a/subsys/bluetooth/rpc/CMakeLists.txt b/subsys/bluetooth/rpc/CMakeLists.txt index aee92ed15045..ff96f04709a7 100644 --- a/subsys/bluetooth/rpc/CMakeLists.txt +++ b/subsys/bluetooth/rpc/CMakeLists.txt @@ -11,3 +11,4 @@ target_include_directories(subsys_bluetooth_rpc INTERFACE ${CMAKE_CURRENT_SOURCE add_subdirectory(common) add_subdirectory_ifdef(CONFIG_BT_RPC_CLIENT client) add_subdirectory_ifdef(CONFIG_BT_RPC_HOST host) +add_subdirectory(soc) diff --git a/subsys/bluetooth/rpc/soc/CMakeLists.txt b/subsys/bluetooth/rpc/soc/CMakeLists.txt new file mode 100644 index 000000000000..4a476de3cb1e --- /dev/null +++ b/subsys/bluetooth/rpc/soc/CMakeLists.txt @@ -0,0 +1,7 @@ +# +# Copyright (c) 2024 Nordic Semiconductor +# +# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause +# + +zephyr_library_sources_ifdef(CONFIG_SOC_NRF5340_CPUAPP nrf53_cpunet_enable.c) diff --git a/subsys/bluetooth/rpc/soc/nrf53_cpunet_enable.c b/subsys/bluetooth/rpc/soc/nrf53_cpunet_enable.c new file mode 100644 index 000000000000..bd59e1a2f434 --- /dev/null +++ b/subsys/bluetooth/rpc/soc/nrf53_cpunet_enable.c @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include + +#include +#include + +#include + +static int nrf53_cpunet_init(void) +{ +#if !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) + /* Retain nRF5340 Network MCU in Secure domain (bus + * accesses by Network MCU will have Secure attribute set). + */ + nrf_spu_extdomain_set((NRF_SPU_Type *)DT_REG_ADDR(DT_NODELABEL(spu)), 0, true, false); +#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) */ + +#if !defined(CONFIG_TRUSTED_EXECUTION_SECURE) + /* + * Building Zephyr with CONFIG_TRUSTED_EXECUTION_SECURE=y implies + * building also a Non-Secure image. The Non-Secure image will, in + * this case do the remainder of actions to properly configure and + * boot the Network MCU. + */ + + nrf53_cpunet_enable(true); +#endif /* !CONFIG_TRUSTED_EXECUTION_SECURE */ + + return 0; +} + +SYS_INIT(nrf53_cpunet_init, POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE); From 8d28b0fd4356e4ccdba3f401834b107fddca411f Mon Sep 17 00:00:00 2001 From: Jan Tore Guggedal Date: Mon, 30 Sep 2024 09:15:23 +0200 Subject: [PATCH 187/217] applications: asset_tracker_v2: Reduce flash usage in LwM2M build Reduce the flash usage by setting log mode to minimal so that the applications fits in its flash partition. Signed-off-by: Jan Tore Guggedal --- applications/asset_tracker_v2/sample.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/asset_tracker_v2/sample.yaml b/applications/asset_tracker_v2/sample.yaml index cd5132b22229..8063cb16654f 100644 --- a/applications/asset_tracker_v2/sample.yaml +++ b/applications/asset_tracker_v2/sample.yaml @@ -301,6 +301,7 @@ tests: - thingy91/nrf9160/ns extra_configs: - CONFIG_MEMFAULT_NCS_PROJECT_KEY="PROJECTKEY" + - CONFIG_LOG_MODE_MINIMAL=y extra_args: EXTRA_CONF_FILE="overlay-lwm2m.conf;overlay-memfault.conf" tags: ci_build sysbuild ci_applications_asset_tracker_v2 applications.asset_tracker_v2.memfault-low-power: From 648311ab4c191effed12c8ea530dae7f31438c3a Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Tue, 1 Oct 2024 10:22:51 +0200 Subject: [PATCH 188/217] drivers: serial: nrf_sw_lpuart: select RING_BUFFER Select RING_BUFFER dependency in Kconfig if NRF_SW_LPUART is enabled. Signed-off-by: Bjarki Arge Andreasen --- drivers/serial/Kconfig.nrf_sw_lpuart | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/serial/Kconfig.nrf_sw_lpuart b/drivers/serial/Kconfig.nrf_sw_lpuart index 3a9d935c4981..4a67af318fee 100644 --- a/drivers/serial/Kconfig.nrf_sw_lpuart +++ b/drivers/serial/Kconfig.nrf_sw_lpuart @@ -7,6 +7,7 @@ config NRF_SW_LPUART bool "Low Power UART using REQ/RDY lines" select GPIO select UART_ASYNC_API + select RING_BUFFER help Low power UART implements UART API and extends standard UART communication with 2 pins protocol for receiver wake up and flow control. From f2456da657118f02209797cd17f340a79b619640 Mon Sep 17 00:00:00 2001 From: Arkadiusz Balys Date: Tue, 1 Oct 2024 14:25:00 +0200 Subject: [PATCH 189/217] samples: matter: Provide workaround for Matter Wi-Fi builds The WIFI_NRF70 config is not set automatically, so we need to set it manually for sysbuild in case of selecting a proper network core functionality. Signed-off-by: Arkadiusz Balys --- applications/matter_bridge/Kconfig.sysbuild | 3 +++ samples/matter/light_bulb/Kconfig.sysbuild | 3 +++ samples/matter/light_switch/Kconfig.sysbuild | 3 +++ samples/matter/lock/Kconfig.sysbuild | 3 +++ samples/matter/template/Kconfig.sysbuild | 3 +++ samples/matter/thermostat/Kconfig.sysbuild | 3 +++ samples/matter/window_covering/Kconfig.sysbuild | 3 +++ 7 files changed, 21 insertions(+) diff --git a/applications/matter_bridge/Kconfig.sysbuild b/applications/matter_bridge/Kconfig.sysbuild index 74e7dc62fddd..e7c6509b3815 100644 --- a/applications/matter_bridge/Kconfig.sysbuild +++ b/applications/matter_bridge/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core config NRF_DEFAULT_IPC_RADIO default y diff --git a/samples/matter/light_bulb/Kconfig.sysbuild b/samples/matter/light_bulb/Kconfig.sysbuild index f31a4153c194..651b54d02742 100644 --- a/samples/matter/light_bulb/Kconfig.sysbuild +++ b/samples/matter/light_bulb/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core selection config NRF_DEFAULT_IPC_RADIO default y diff --git a/samples/matter/light_switch/Kconfig.sysbuild b/samples/matter/light_switch/Kconfig.sysbuild index f31a4153c194..651b54d02742 100644 --- a/samples/matter/light_switch/Kconfig.sysbuild +++ b/samples/matter/light_switch/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core selection config NRF_DEFAULT_IPC_RADIO default y diff --git a/samples/matter/lock/Kconfig.sysbuild b/samples/matter/lock/Kconfig.sysbuild index 68d60c0a7b07..bab19dc2278a 100644 --- a/samples/matter/lock/Kconfig.sysbuild +++ b/samples/matter/lock/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core selection config NRF_DEFAULT_IPC_RADIO default y diff --git a/samples/matter/template/Kconfig.sysbuild b/samples/matter/template/Kconfig.sysbuild index 68d60c0a7b07..bab19dc2278a 100644 --- a/samples/matter/template/Kconfig.sysbuild +++ b/samples/matter/template/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core selection config NRF_DEFAULT_IPC_RADIO default y diff --git a/samples/matter/thermostat/Kconfig.sysbuild b/samples/matter/thermostat/Kconfig.sysbuild index d250f1fc943f..a9f26c598458 100644 --- a/samples/matter/thermostat/Kconfig.sysbuild +++ b/samples/matter/thermostat/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core selection config NRF_DEFAULT_IPC_RADIO default y diff --git a/samples/matter/window_covering/Kconfig.sysbuild b/samples/matter/window_covering/Kconfig.sysbuild index f31a4153c194..651b54d02742 100644 --- a/samples/matter/window_covering/Kconfig.sysbuild +++ b/samples/matter/window_covering/Kconfig.sysbuild @@ -4,6 +4,9 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # +config WIFI_NRF70 + default y if BOARD_NRF7002DK + #### Radio core selection config NRF_DEFAULT_IPC_RADIO default y From fa45d5e660297061dcbb12dfe65ec3a9973ef41e Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Sat, 28 Sep 2024 18:06:49 +0200 Subject: [PATCH 190/217] bluetooth: rpc: Align with the new Zephyr Bluetooth GATT API - The write struct member has been removed in bt_gatt_subscribe_params. Replace it by another struct member 'subscribe'. - Updates the Bluetooth RPC implementation to align with the new Zephyr Bluetooth GATT subscribe API. Ref: NCSDK-29384 Signed-off-by: Lang Xie Signed-off-by: Marcin Jelinski Signed-off-by: Bjarki Arge Andreasen --- .../bluetooth/rpc/client/bt_rpc_gatt_client.c | 39 ++++++++------- subsys/bluetooth/rpc/common/bt_rpc_common.h | 2 +- subsys/bluetooth/rpc/host/bt_rpc_gatt_host.c | 48 ++++++++++++------- 3 files changed, 53 insertions(+), 36 deletions(-) diff --git a/subsys/bluetooth/rpc/client/bt_rpc_gatt_client.c b/subsys/bluetooth/rpc/client/bt_rpc_gatt_client.c index 47e287d83510..af47caa32d0d 100644 --- a/subsys/bluetooth/rpc/client/bt_rpc_gatt_client.c +++ b/subsys/bluetooth/rpc/client/bt_rpc_gatt_client.c @@ -1430,7 +1430,7 @@ int bt_gatt_write_without_response_cb(struct bt_conn *conn, uint16_t handle, static const size_t bt_gatt_subscribe_params_buf_size = /* Placeholder for the notify callback. */ 1 + - 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, write) + + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, subscribe) + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, value_handle) + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, ccc_handle) + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, value) + @@ -1444,7 +1444,7 @@ static void bt_gatt_subscribe_params_enc(struct nrf_rpc_cbor_ctx *encoder, const struct bt_gatt_subscribe_params *data) { nrf_rpc_encode_bool(encoder, data->notify != NULL); - nrf_rpc_encode_callback(encoder, data->write); + nrf_rpc_encode_callback(encoder, data->subscribe); nrf_rpc_encode_uint(encoder, data->value_handle); nrf_rpc_encode_uint(encoder, data->ccc_handle); nrf_rpc_encode_uint(encoder, data->value); @@ -1587,16 +1587,16 @@ static void bt_gatt_subscribe_params_notify_rpc_handler(const struct nrf_rpc_gro NRF_RPC_CBOR_CMD_DECODER(bt_rpc_grp, bt_gatt_subscribe_params_notify, BT_GATT_SUBSCRIBE_PARAMS_NOTIFY_RPC_CMD, bt_gatt_subscribe_params_notify_rpc_handler, NULL); -static void bt_gatt_subscribe_params_write_rpc_handler(const struct nrf_rpc_group *group, - struct nrf_rpc_cbor_ctx *ctx, - void *handler_data) +static void bt_gatt_subscribe_params_subscribe_rpc_handler(const struct nrf_rpc_group *group, + struct nrf_rpc_cbor_ctx *ctx, + void *handler_data) { struct bt_conn *conn; uint8_t err; - struct bt_gatt_write_params params; - struct bt_gatt_write_params *params_ptr; + struct bt_gatt_subscribe_params params; + struct bt_gatt_subscribe_params *params_ptr; struct nrf_rpc_scratchpad scratchpad; - bt_gatt_write_func_t func; + bt_gatt_subscribe_func_t func; NRF_RPC_SCRATCHPAD_DECLARE(&scratchpad, ctx); @@ -1605,15 +1605,16 @@ static void bt_gatt_subscribe_params_write_rpc_handler(const struct nrf_rpc_grou if (nrf_rpc_decode_is_null(ctx)) { params_ptr = NULL; } else { - size_t len; - - params.handle = nrf_rpc_decode_uint(ctx); - params.offset = nrf_rpc_decode_uint(ctx); - params.data = nrf_rpc_decode_buffer_into_scratchpad(&scratchpad, &len); - params.length = len; + params.value_handle = nrf_rpc_decode_uint(ctx); + params.ccc_handle = nrf_rpc_decode_uint(ctx); + params.value = nrf_rpc_decode_uint(ctx); +#if defined(CONFIG_BT_SMP) + params.min_security = nrf_rpc_decode_uint(ctx); +#endif /* defined(CONFIG_BT_SMP) */ + atomic_set(params.flags, (atomic_val_t)nrf_rpc_decode_uint(ctx)); params_ptr = ¶ms; } - func = (bt_gatt_write_func_t)nrf_rpc_decode_callback_call(ctx); + func = (bt_gatt_subscribe_func_t)nrf_rpc_decode_callback_call(ctx); if (!nrf_rpc_decoding_done_and_check(group, ctx)) { goto decoding_error; @@ -1626,10 +1627,12 @@ static void bt_gatt_subscribe_params_write_rpc_handler(const struct nrf_rpc_grou return; decoding_error: - report_decoding_error(BT_GATT_SUBSCRIBE_PARAMS_WRITE_RPC_CMD, handler_data); + report_decoding_error(BT_GATT_SUBSCRIBE_PARAMS_SUBSCRIBE_RPC_CMD, handler_data); } -NRF_RPC_CBOR_CMD_DECODER(bt_rpc_grp, bt_gatt_subscribe_params_write, - BT_GATT_SUBSCRIBE_PARAMS_WRITE_RPC_CMD, bt_gatt_subscribe_params_write_rpc_handler, NULL); + +NRF_RPC_CBOR_CMD_DECODER(bt_rpc_grp, bt_gatt_subscribe_params_subscribe, + BT_GATT_SUBSCRIBE_PARAMS_SUBSCRIBE_RPC_CMD, + bt_gatt_subscribe_params_subscribe_rpc_handler, NULL); #endif /* CONFIG_BT_GATT_CLIENT */ diff --git a/subsys/bluetooth/rpc/common/bt_rpc_common.h b/subsys/bluetooth/rpc/common/bt_rpc_common.h index 0427bcc39729..1420740b7b09 100644 --- a/subsys/bluetooth/rpc/common/bt_rpc_common.h +++ b/subsys/bluetooth/rpc/common/bt_rpc_common.h @@ -200,7 +200,7 @@ enum bt_rpc_cmd_from_host_to_cli { BT_GATT_READ_CALLBACK_RPC_CMD, BT_GATT_WRITE_CALLBACK_RPC_CMD, BT_GATT_SUBSCRIBE_PARAMS_NOTIFY_RPC_CMD, - BT_GATT_SUBSCRIBE_PARAMS_WRITE_RPC_CMD, + BT_GATT_SUBSCRIBE_PARAMS_SUBSCRIBE_RPC_CMD, }; /** @brief Host events IDs used in bluetooth API serialization. diff --git a/subsys/bluetooth/rpc/host/bt_rpc_gatt_host.c b/subsys/bluetooth/rpc/host/bt_rpc_gatt_host.c index 74540459b72f..fb81eb4f9c55 100644 --- a/subsys/bluetooth/rpc/host/bt_rpc_gatt_host.c +++ b/subsys/bluetooth/rpc/host/bt_rpc_gatt_host.c @@ -1474,49 +1474,63 @@ static uint8_t bt_gatt_subscribe_params_notify(struct bt_conn *conn, return result; } -static void bt_gatt_subscribe_params_write(struct bt_conn *conn, uint8_t err, - struct bt_gatt_write_params *params, +static const size_t bt_gatt_subscribe_params_buf_size = + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, value_handle) + + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, ccc_handle) + + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, value) + +#if defined(CONFIG_BT_SMP) + 1 + BT_RPC_SIZE_OF_FIELD(struct bt_gatt_subscribe_params, min_security) + +#endif + /* Placeholder for the flags field */ + 2; + +static void bt_gatt_subscribe_params_subscribe(struct bt_conn *conn, uint8_t err, + struct bt_gatt_subscribe_params *params, uint32_t callback_slot) { struct nrf_rpc_cbor_ctx ctx; - size_t params_size; - size_t scratchpad_size = 0; - size_t buffer_size_max = 26; + size_t buffer_size_max = 20; if (params != NULL) { - params_size = sizeof(uint8_t) * params->length; - buffer_size_max += params_size; - scratchpad_size += NRF_RPC_SCRATCHPAD_ALIGN(params_size); + buffer_size_max += bt_gatt_subscribe_params_buf_size; + } else { + buffer_size_max += 1; } NRF_RPC_CBOR_ALLOC(&bt_rpc_grp, ctx, buffer_size_max); - nrf_rpc_encode_uint(&ctx, scratchpad_size); bt_rpc_encode_bt_conn(&ctx, conn); nrf_rpc_encode_uint(&ctx, err); + nrf_rpc_encode_uint(&ctx, (uintptr_t)params); if (params != NULL) { - nrf_rpc_encode_uint(&ctx, params->handle); - nrf_rpc_encode_uint(&ctx, params->offset); - nrf_rpc_encode_buffer(&ctx, params->data, params->length); + nrf_rpc_encode_uint(&ctx, params->value_handle); + nrf_rpc_encode_uint(&ctx, params->ccc_handle); + nrf_rpc_encode_uint(&ctx, params->value); + #if defined(CONFIG_BT_SMP) + nrf_rpc_encode_uint(&ctx, params->min_security); + #endif /* defined(CONFIG_BT_SMP) */ + nrf_rpc_encode_uint(&ctx, (uint16_t)atomic_get(params->flags)); } else { nrf_rpc_encode_null(&ctx); } nrf_rpc_encode_uint(&ctx, callback_slot); - nrf_rpc_cbor_cmd_no_err(&bt_rpc_grp, BT_GATT_SUBSCRIBE_PARAMS_WRITE_RPC_CMD, &ctx, + nrf_rpc_cbor_cmd_no_err(&bt_rpc_grp, BT_GATT_SUBSCRIBE_PARAMS_SUBSCRIBE_RPC_CMD, &ctx, nrf_rpc_rsp_decode_void, NULL); } -NRF_RPC_CBKPROXY_HANDLER(bt_gatt_subscribe_params_write_encoder, bt_gatt_subscribe_params_write, - (struct bt_conn *conn, uint8_t err, struct bt_gatt_write_params *params), +NRF_RPC_CBKPROXY_HANDLER(bt_gatt_subscribe_params_subscribe_encoder, + bt_gatt_subscribe_params_subscribe, + (struct bt_conn *conn, uint8_t err, + struct bt_gatt_subscribe_params *params), (conn, err, params)); static void bt_gatt_subscribe_params_dec(struct nrf_rpc_cbor_ctx *ctx, struct bt_gatt_subscribe_params *data) { data->notify = nrf_rpc_decode_bool(ctx) ? bt_gatt_subscribe_params_notify : NULL; - data->write = (bt_gatt_write_func_t)nrf_rpc_decode_callbackd( - ctx, bt_gatt_subscribe_params_write_encoder); + data->subscribe = (bt_gatt_subscribe_func_t)nrf_rpc_decode_callbackd( + ctx, bt_gatt_subscribe_params_subscribe_encoder); data->value_handle = nrf_rpc_decode_uint(ctx); data->ccc_handle = nrf_rpc_decode_uint(ctx); data->value = nrf_rpc_decode_uint(ctx); From 2f932dff46b8a02e3a43b35f2496453e8798e554 Mon Sep 17 00:00:00 2001 From: Kamil Piszczek Date: Tue, 1 Oct 2024 16:26:57 +0200 Subject: [PATCH 191/217] treewide: nrf53: replace deprecated CONFIG_BOARD_ENABLE_CPUNET Kconfig Replaced the deprecated CONFIG_BOARD_ENABLE_CPUNET Kconfig option with the CONFIG_SOC_NRF53_CPUNET_ENABLE Kconfig option that configures the application core to boot up the network core. This change is applied accross all projects in the sdk-nrf repository. Ref: NCSDK-29186 Signed-off-by: Kamil Piszczek --- boards/nordic/thingy91x/CMakeLists.txt | 4 -- boards/nordic/thingy91x/Kconfig | 18 +----- .../nordic/thingy91x/nrf5340_cpunet_reset.c | 59 ------------------- .../device_guides/nrf53/features_nrf53.rst | 4 +- samples/Kconfig | 6 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../bluetooth/broadcast_config_tool/prj.conf | 2 +- .../direct_test_mode/remote_hci/prj.conf | 2 +- .../sysbuild/remote_shell/prj.conf | 2 +- .../sysbuild/remote_shell/prj_usb.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../nrf5340dk_nrf5340_cpuapp_icmsg.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../nrf5340dk_nrf5340_cpuapp_icmsg.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp_ns.conf | 2 +- samples/nrf5340/empty_app_core/prj.conf | 2 +- samples/nrf5340/empty_net_core/README.rst | 2 +- samples/nrf5340/remote_shell/prj.conf | 2 +- samples/nrf5340/remote_shell/prj_uart.conf | 2 +- samples/nrf_rpc/entropy_nrf53/prj.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../radio_test/sysbuild/remote_shell/prj.conf | 2 +- .../sysbuild/remote_shell/prj_usb.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- samples/wifi/shell/sample.yaml | 8 +-- tests/CMakeLists.txt | 2 +- tests/benchmarks/multicore/idle/Kconfig | 2 +- tests/drivers/flash/flash_rpc/prj.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../boards/thingy53_nrf5340_cpuapp.conf | 2 +- .../boards/nrf5340dk_nrf5340_cpuapp.conf | 2 +- .../nrf5340dk_nrf5340_cpuapp_icmsg.conf | 2 +- tests/subsys/pcd/prj.conf | 2 +- 34 files changed, 38 insertions(+), 117 deletions(-) delete mode 100644 boards/nordic/thingy91x/nrf5340_cpunet_reset.c diff --git a/boards/nordic/thingy91x/CMakeLists.txt b/boards/nordic/thingy91x/CMakeLists.txt index 6d35060c6039..a593611aaed5 100644 --- a/boards/nordic/thingy91x/CMakeLists.txt +++ b/boards/nordic/thingy91x/CMakeLists.txt @@ -25,9 +25,5 @@ if (CONFIG_SENSOR AND CONFIG_REGULATOR AND CONFIG_I2C AND NOT CONFIG_BMM350) endif() if(CONFIG_BOARD_THINGY91X_NRF5340_CPUAPP OR CONFIG_BOARD_THINGY91X_NRF5340_CPUAPP_NS) - if(CONFIG_BOARD_ENABLE_CPUNET) - zephyr_library() - zephyr_library_sources(nrf5340_cpunet_reset.c) - endif() set(PM_STATIC_YML_FILE ${CMAKE_CURRENT_LIST_DIR}/thingy91x_nrf5340_pm_static.yml CACHE INTERNAL "") endif() diff --git a/boards/nordic/thingy91x/Kconfig b/boards/nordic/thingy91x/Kconfig index e9804d350b96..7fcd1cdc89dd 100644 --- a/boards/nordic/thingy91x/Kconfig +++ b/boards/nordic/thingy91x/Kconfig @@ -18,26 +18,10 @@ config BOARD_ENABLE_DCDC_NET select SOC_DCDC_NRF53X_NET default y -config BOARD_ENABLE_CPUNET - bool "Enable nRF53 Network MCU" - select SOC_NRF_GPIO_FORWARDER_FOR_NRF5340 if \ - $(dt_compat_enabled,$(DT_COMPAT_NORDIC_NRF_GPIO_FORWARDER)) - help - This option enables releasing the Network 'force off' signal, which - as a consequence will power up the Network MCU during system boot. - Additionally, the option allocates GPIO pins that will be used by UARTE - of the Network MCU. - Note: GPIO pin allocation can only be configured by the secure Application - MCU firmware, so when this option is used with the non-secure version of - the board, the application needs to take into consideration, that the - secure firmware image must already have configured GPIO allocation for the - Network MCU. - default y - config DOMAIN_CPUNET_BOARD string default "thingy91x/nrf5340/cpunet" - depends on BOARD_ENABLE_CPUNET + depends on SOC_NRF53_CPUNET_ENABLE help The board which will be used for CPUNET domain when creating a multi image application where one or more images should be located on diff --git a/boards/nordic/thingy91x/nrf5340_cpunet_reset.c b/boards/nordic/thingy91x/nrf5340_cpunet_reset.c deleted file mode 100644 index a79579f16e67..000000000000 --- a/boards/nordic/thingy91x/nrf5340_cpunet_reset.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2024 Nordic Semiconductor - * - * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause - */ - -#include -#include -#include - -#include -#include - -LOG_MODULE_REGISTER(thingy91x_nrf5340_cpuapp, CONFIG_LOG_DEFAULT_LEVEL); - -#if defined(CONFIG_BT_CTLR_DEBUG_PINS_CPUAPP) -#include <../subsys/bluetooth/controller/ll_sw/nordic/hal/nrf5/debug.h> -#endif - -static void remoteproc_mgr_config(void) -{ -#if defined(CONFIG_BT_CTLR_DEBUG_PINS_CPUAPP) && \ - (!defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) || defined(CONFIG_BUILD_WITH_TFM)) - /* Route Bluetooth Controller Debug Pins */ - DEBUG_SETUP(); -#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) || defined(CONFIG_BUILD_WITH_TFM) */ - -#if !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) - /* Retain nRF5340 Network MCU in Secure domain (bus - * accesses by Network MCU will have Secure attribute set). - */ - NRF_SPU->EXTDOMAIN[0].PERM = BIT(4); -#endif /* !defined(CONFIG_TRUSTED_EXECUTION_NONSECURE) */ -} - -static int remoteproc_mgr_boot(void) -{ - - /* Secure domain may configure permissions for the Network MCU. */ - remoteproc_mgr_config(); - -#if !defined(CONFIG_TRUSTED_EXECUTION_SECURE) - /* - * Building Zephyr with CONFIG_TRUSTED_EXECUTION_SECURE=y implies - * building also a Non-Secure image. The Non-Secure image will, in - * this case do the remainder of actions to properly configure and - * boot the Network MCU. - */ - - /* Release the Network MCU, 'Release force off signal' */ - nrf_reset_network_force_off(NRF_RESET, false); - - LOG_DBG("Network MCU released."); -#endif /* !CONFIG_TRUSTED_EXECUTION_SECURE */ - - return 0; -} - -SYS_INIT(remoteproc_mgr_boot, POST_KERNEL, CONFIG_KERNEL_INIT_PRIORITY_DEVICE); diff --git a/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst b/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst index 9f55887bda62..c8c7eea7f1a4 100644 --- a/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst +++ b/doc/nrf/app_dev/device_guides/nrf53/features_nrf53.rst @@ -257,7 +257,7 @@ Direct use of the radio peripheral Samples that directly use the radio peripheral can run on the network core of the nRF5340. They do not require any functionality from the application core. -However, on nRF5340, the application core is responsible for starting the network core and connecting its GPIO pins (see :kconfig:option:`CONFIG_BOARD_ENABLE_CPUNET` and the code in :file:`zephyr/boards/nordic/nrf5340dk/nrf5340_cpunet_reset.c`). +However, on nRF5340, the application core is responsible for starting the network core and connecting its GPIO pins (see :kconfig:option:`CONFIG_SOC_NRF53_CPUNET_ENABLE` and the code in :file:`zephyr/boards/nordic/nrf5340dk/nrf5340_cpunet_reset.c`). Therefore, you must always program the application core, even if the firmware is supposed to run only on the network core. You can use the :ref:`nrf5340_empty_app_core` sample for this purpose. @@ -287,4 +287,4 @@ Samples that do not need radio communication can run on the application core of They do not require any firmware on the network core. Therefore, the network core can remain empty. -If you want to enable the network core anyway, set the :kconfig:option:`CONFIG_BOARD_ENABLE_CPUNET` option in the image for the application core. +If you want to enable the network core anyway, set the :kconfig:option:`CONFIG_SOC_NRF53_CPUNET_ENABLE` option in the image for the application core. diff --git a/samples/Kconfig b/samples/Kconfig index 4b9b6eb6c6b5..4aa127326411 100644 --- a/samples/Kconfig +++ b/samples/Kconfig @@ -22,7 +22,7 @@ if SOC_SERIES_NRF53X config NRF70_RADIO_TEST_COMBO bool "Enable radio test combo build for nRF5340" depends on SOC_NRF5340_CPUAPP - select BOARD_ENABLE_CPUNET + select SOC_NRF53_CPUNET_ENABLE config NCS_SAMPLE_EMPTY_APP_CORE_CHILD_IMAGE bool "Add empty_app_core as a child image" @@ -113,7 +113,7 @@ endif # NCS_INCLUDE_RPMSG_CHILD_IMAGE config NCS_SAMPLE_EMPTY_NET_CORE_CHILD_IMAGE bool - depends on SOC_NRF5340_CPUAPP && BOARD_ENABLE_CPUNET + depends on SOC_NRF5340_CPUAPP && SOC_NRF53_CPUNET_ENABLE depends on NRF53_UPGRADE_NETWORK_CORE && !NCS_INCLUDE_RPMSG_CHILD_IMAGE default y help @@ -121,7 +121,7 @@ config NCS_SAMPLE_EMPTY_NET_CORE_CHILD_IMAGE config NCS_SAMPLE_PROVISIONING_NET_CORE_CHILD_IMAGE bool "Add provisioning_image_netcore sample as a child image" - depends on SOC_NRF5340_CPUAPP && BOARD_ENABLE_CPUNET + depends on SOC_NRF5340_CPUAPP && SOC_NRF53_CPUNET_ENABLE depends on !NCS_INCLUDE_RPMSG_CHILD_IMAGE help nRF5340 network core provisioning image as a child image. diff --git a/samples/benchmarks/coremark/boards/nrf5340dk_nrf5340_cpuapp.conf b/samples/benchmarks/coremark/boards/nrf5340dk_nrf5340_cpuapp.conf index 4e6c4aef68f7..af4820e985af 100644 --- a/samples/benchmarks/coremark/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/samples/benchmarks/coremark/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -3,4 +3,4 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/bluetooth/broadcast_config_tool/prj.conf b/samples/bluetooth/broadcast_config_tool/prj.conf index d2bfa184d5e9..cac9c4490691 100644 --- a/samples/bluetooth/broadcast_config_tool/prj.conf +++ b/samples/bluetooth/broadcast_config_tool/prj.conf @@ -30,7 +30,7 @@ CONFIG_LOG_TAG_DEFAULT="--" CONFIG_USE_SEGGER_RTT=y CONFIG_LOG_BACKEND_RTT=y CONFIG_LOG_BUFFER_SIZE=4096 -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_ZBUS=y CONFIG_ZBUS_RUNTIME_OBSERVERS=y diff --git a/samples/bluetooth/direct_test_mode/remote_hci/prj.conf b/samples/bluetooth/direct_test_mode/remote_hci/prj.conf index 68f4ffb3e173..ab49c5a0eb84 100644 --- a/samples/bluetooth/direct_test_mode/remote_hci/prj.conf +++ b/samples/bluetooth/direct_test_mode/remote_hci/prj.conf @@ -23,4 +23,4 @@ CONFIG_IDLE_STACK_SIZE=2048 CONFIG_NET_BUF=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj.conf b/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj.conf index a8d0e7ef3e0d..016bdd4d3aa8 100644 --- a/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj.conf +++ b/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj.conf @@ -27,4 +27,4 @@ CONFIG_LOG_BACKEND_UART=n CONFIG_REMOTE_SHELL_TX_RING_BUFFER_SIZE=1024 -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj_usb.conf b/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj_usb.conf index 325304d77f36..e4df2db7d0a1 100644 --- a/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj_usb.conf +++ b/samples/bluetooth/direct_test_mode/sysbuild/remote_shell/prj_usb.conf @@ -31,4 +31,4 @@ CONFIG_LOG_BACKEND_UART=n CONFIG_USB_DRIVER_LOG_LEVEL_ERR=y CONFIG_USB_DEVICE_LOG_LEVEL_ERR=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/caf_sensor_manager/boards/nrf5340dk_nrf5340_cpuapp.conf b/samples/caf_sensor_manager/boards/nrf5340dk_nrf5340_cpuapp.conf index 3cc46222bd4e..88439e1ed348 100644 --- a/samples/caf_sensor_manager/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/samples/caf_sensor_manager/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -15,4 +15,4 @@ CONFIG_OPENAMP_SLAVE=n CONFIG_CAF_SENSOR_DATA_AGGREGATOR_EVENTS=y CONFIG_PARTITION_MANAGER_ENABLED=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf b/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf index 8902d89143b3..f18502a9e44d 100644 --- a/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_OPENAMP_SLAVE=n diff --git a/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf b/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf index d787f0b3716b..e270fc978ab4 100644 --- a/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf +++ b/samples/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp.conf b/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp.conf index 261e0fb602ff..92d3547aacf9 100644 --- a/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -4,6 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_OPENAMP=y CONFIG_OPENAMP_SLAVE=n diff --git a/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf b/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf index 80c9a77e797f..93a5ed63b59a 100644 --- a/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf +++ b/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_APP_IPC_SERVICE_SEND_INTERVAL=60 diff --git a/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_ns.conf b/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_ns.conf index 261e0fb602ff..92d3547aacf9 100644 --- a/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_ns.conf +++ b/samples/ipc/ipc_service/boards/nrf5340dk_nrf5340_cpuapp_ns.conf @@ -4,6 +4,6 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_OPENAMP=y CONFIG_OPENAMP_SLAVE=n diff --git a/samples/nrf5340/empty_app_core/prj.conf b/samples/nrf5340/empty_app_core/prj.conf index b034e477cb9a..2faadf51c4c2 100644 --- a/samples/nrf5340/empty_app_core/prj.conf +++ b/samples/nrf5340/empty_app_core/prj.conf @@ -26,4 +26,4 @@ CONFIG_UART_CONSOLE=n CONFIG_STDOUT_CONSOLE=n CONFIG_PRINTK=n CONFIG_EARLY_CONSOLE=n -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/nrf5340/empty_net_core/README.rst b/samples/nrf5340/empty_net_core/README.rst index 76008788fe30..d16618875ca9 100644 --- a/samples/nrf5340/empty_net_core/README.rst +++ b/samples/nrf5340/empty_net_core/README.rst @@ -10,7 +10,7 @@ nRF5340: Empty firmware for network core The sample demonstrates how to generate an empty network core firmware. When building an MCUboot child image with the nRF5340 :ref:`ug_nrf5340_multi_image_dfu` feature, the empty network core sample is built together with the application to prevent build failures related to missing Partition Manager definitions in the :ref:`ug_multi_image`. The sample is used only by the applications that do not use the network core. -In the mentioned case, the empty network core sample is automatically added to build by the :kconfig:option:`CONFIG_NCS_SAMPLE_EMPTY_NET_CORE_CHILD_IMAGE` option which depends on the :kconfig:option:`CONFIG_BOARD_ENABLE_CPUNET` option. +In the mentioned case, the empty network core sample is automatically added to build by the :kconfig:option:`CONFIG_NCS_SAMPLE_EMPTY_NET_CORE_CHILD_IMAGE` option which depends on the :kconfig:option:`CONFIG_SOC_NRF53_CPUNET_ENABLE` option. Requirements ************ diff --git a/samples/nrf5340/remote_shell/prj.conf b/samples/nrf5340/remote_shell/prj.conf index ad6eeaf51025..d9cc289a4a67 100644 --- a/samples/nrf5340/remote_shell/prj.conf +++ b/samples/nrf5340/remote_shell/prj.conf @@ -27,4 +27,4 @@ CONFIG_MBOX=y CONFIG_HEAP_MEM_POOL_SIZE=4096 -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/nrf5340/remote_shell/prj_uart.conf b/samples/nrf5340/remote_shell/prj_uart.conf index f6173715e663..0b2e39d17778 100644 --- a/samples/nrf5340/remote_shell/prj_uart.conf +++ b/samples/nrf5340/remote_shell/prj_uart.conf @@ -28,4 +28,4 @@ CONFIG_LOG_BACKEND_UART=n CONFIG_REMOTE_SHELL_TX_RING_BUFFER_SIZE=1024 -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/nrf_rpc/entropy_nrf53/prj.conf b/samples/nrf_rpc/entropy_nrf53/prj.conf index 4675357fbafd..59959bb36402 100644 --- a/samples/nrf_rpc/entropy_nrf53/prj.conf +++ b/samples/nrf_rpc/entropy_nrf53/prj.conf @@ -1,7 +1,7 @@ CONFIG_HEAP_MEM_POOL_SIZE=4096 CONFIG_THREAD_CUSTOM_DATA=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_NRF_RPC=y CONFIG_NRF_RPC_CBOR=y diff --git a/samples/peripheral/802154_phy_test/sysbuild/remote_shell/boards/nrf5340dk_nrf5340_cpuapp.conf b/samples/peripheral/802154_phy_test/sysbuild/remote_shell/boards/nrf5340dk_nrf5340_cpuapp.conf index aa291ff16e58..1ee1cd1b541d 100644 --- a/samples/peripheral/802154_phy_test/sysbuild/remote_shell/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/samples/peripheral/802154_phy_test/sysbuild/remote_shell/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_NRFX_UARTE0=y diff --git a/samples/peripheral/radio_test/sysbuild/remote_shell/prj.conf b/samples/peripheral/radio_test/sysbuild/remote_shell/prj.conf index 7125036d7ddf..c38198e2d2fe 100644 --- a/samples/peripheral/radio_test/sysbuild/remote_shell/prj.conf +++ b/samples/peripheral/radio_test/sysbuild/remote_shell/prj.conf @@ -27,4 +27,4 @@ CONFIG_LOG_BACKEND_UART=n CONFIG_REMOTE_SHELL_TX_RING_BUFFER_SIZE=1024 -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/peripheral/radio_test/sysbuild/remote_shell/prj_usb.conf b/samples/peripheral/radio_test/sysbuild/remote_shell/prj_usb.conf index 325304d77f36..e4df2db7d0a1 100644 --- a/samples/peripheral/radio_test/sysbuild/remote_shell/prj_usb.conf +++ b/samples/peripheral/radio_test/sysbuild/remote_shell/prj_usb.conf @@ -31,4 +31,4 @@ CONFIG_LOG_BACKEND_UART=n CONFIG_USB_DRIVER_LOG_LEVEL_ERR=y CONFIG_USB_DEVICE_LOG_LEVEL_ERR=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/samples/tfm/provisioning_image/boards/nrf5340dk_nrf5340_cpuapp.conf b/samples/tfm/provisioning_image/boards/nrf5340dk_nrf5340_cpuapp.conf index cc7c744f506f..52f921c7662b 100644 --- a/samples/tfm/provisioning_image/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/samples/tfm/provisioning_image/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -6,6 +6,6 @@ # Enable the network core -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y # Inlcude the provisioning image sample for the network core CONFIG_NCS_SAMPLE_PROVISIONING_NET_CORE_CHILD_IMAGE=y diff --git a/samples/wifi/shell/sample.yaml b/samples/wifi/shell/sample.yaml index b713da2d5c4e..24486e33b19d 100644 --- a/samples/wifi/shell/sample.yaml +++ b/samples/wifi/shell/sample.yaml @@ -56,7 +56,7 @@ tests: sample.nrf7002_eks_cpunet.shell: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek CONFIG_BOARD_ENABLE_CPUNET=y + extra_args: SHIELD=nrf7002ek CONFIG_SOC_NRF53_CPUNET_ENABLE=y integration_platforms: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp @@ -66,7 +66,7 @@ tests: build_only: true extra_args: - SHIELD=nrf7002ek_nrf7000 - - CONFIG_BOARD_ENABLE_CPUNET=y + - CONFIG_SOC_NRF53_CPUNET_ENABLE=y - CONFIG_WIFI_NM_WPA_SUPPLICANT=n integration_platforms: - nrf5340dk/nrf5340/cpuapp @@ -75,7 +75,7 @@ tests: sample.nrf7001_eks_cpunet.shell: sysbuild: true build_only: true - extra_args: SHIELD=nrf7002ek_nrf7001 CONFIG_BOARD_ENABLE_CPUNET=y + extra_args: SHIELD=nrf7002ek_nrf7001 CONFIG_SOC_NRF53_CPUNET_ENABLE=y integration_platforms: - nrf5340dk/nrf5340/cpuapp platform_allow: nrf5340dk/nrf5340/cpuapp @@ -173,7 +173,7 @@ tests: sample.nrf7002_eb.thingy53.shell: sysbuild: true build_only: true - extra_args: shell_SHIELD=nrf7002eb CONFIG_BOARD_ENABLE_CPUNET=y + extra_args: shell_SHIELD=nrf7002eb CONFIG_SOC_NRF53_CPUNET_ENABLE=y integration_platforms: - thingy53/nrf5340/cpuapp platform_allow: thingy53/nrf5340/cpuapp diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 894695f616ce..d47a1813a440 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -6,7 +6,7 @@ if (CONFIG_ZTEST AND (CONFIG_BOARD_NRF5340DK_NRF5340_CPUAPP OR CONFIG_BOARD_THINGY53_NRF5340_CPUAPP) AND - CONFIG_BOARD_ENABLE_CPUNET AND CONFIG_ZTEST_MULTICORE_DEFAULT_SETTINGS) + CONFIG_SOC_NRF53_CPUNET_ENABLE AND CONFIG_ZTEST_MULTICORE_DEFAULT_SETTINGS) # Add overlay for enabling B0N add_overlay_config( hello_world diff --git a/tests/benchmarks/multicore/idle/Kconfig b/tests/benchmarks/multicore/idle/Kconfig index 2a204b8201fb..7b6b4ecb6874 100644 --- a/tests/benchmarks/multicore/idle/Kconfig +++ b/tests/benchmarks/multicore/idle/Kconfig @@ -6,7 +6,7 @@ source "Kconfig.zephyr" -config BOARD_ENABLE_CPUNET +config SOC_NRF53_CPUNET_ENABLE bool depends on BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF5340DK_NRF5340_CPUAPP_NS default y diff --git a/tests/drivers/flash/flash_rpc/prj.conf b/tests/drivers/flash/flash_rpc/prj.conf index 50d859538bb7..31b8a27cd98c 100644 --- a/tests/drivers/flash/flash_rpc/prj.conf +++ b/tests/drivers/flash/flash_rpc/prj.conf @@ -5,7 +5,7 @@ CONFIG_MAIN_STACK_SIZE=2048 CONFIG_ZTEST_MULTICORE_DEFAULT_SETTINGS=n CONFIG_FLASH_RPC=y CONFIG_FLASH_RPC_SYS_INIT=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_APP_REMOTE_BOARD="nrf5340dk_nrf5340_cpunet" CONFIG_NRF_RPC_LOG_LEVEL_DBG=n CONFIG_NRF_RPC_TR_LOG_LEVEL_DBG=n diff --git a/tests/modules/mcuboot/external_flash/boards/nrf5340dk_nrf5340_cpuapp.conf b/tests/modules/mcuboot/external_flash/boards/nrf5340dk_nrf5340_cpuapp.conf index 00de1ad05992..26a60806a8f2 100644 --- a/tests/modules/mcuboot/external_flash/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/tests/modules/mcuboot/external_flash/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/tests/modules/mcuboot/external_flash/boards/thingy53_nrf5340_cpuapp.conf b/tests/modules/mcuboot/external_flash/boards/thingy53_nrf5340_cpuapp.conf index 00de1ad05992..26a60806a8f2 100644 --- a/tests/modules/mcuboot/external_flash/boards/thingy53_nrf5340_cpuapp.conf +++ b/tests/modules/mcuboot/external_flash/boards/thingy53_nrf5340_cpuapp.conf @@ -4,4 +4,4 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y diff --git a/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf b/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf index 0a426acd43e4..cb961653dda2 100644 --- a/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_APP_REMOTE_BOARD="nrf5340dk/nrf5340/cpunet" diff --git a/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf b/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf index 0a426acd43e4..cb961653dda2 100644 --- a/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf +++ b/tests/subsys/event_manager_proxy/boards/nrf5340dk_nrf5340_cpuapp_icmsg.conf @@ -4,5 +4,5 @@ # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_APP_REMOTE_BOARD="nrf5340dk/nrf5340/cpunet" diff --git a/tests/subsys/pcd/prj.conf b/tests/subsys/pcd/prj.conf index 0425f7aec1d1..de0764806548 100644 --- a/tests/subsys/pcd/prj.conf +++ b/tests/subsys/pcd/prj.conf @@ -7,7 +7,7 @@ CONFIG_ZTEST=y CONFIG_FLASH=y CONFIG_DEBUG_OPTIMIZATIONS=y CONFIG_PCD_APP=y -CONFIG_BOARD_ENABLE_CPUNET=y +CONFIG_SOC_NRF53_CPUNET_ENABLE=y CONFIG_ZTEST_STACK_SIZE=2048 CONFIG_PARTITION_MANAGER_ENABLED=y CONFIG_FW_INFO=y From b6f10378786a88e4acca1df7345c00544393aa2b Mon Sep 17 00:00:00 2001 From: Markus Lassila Date: Wed, 2 Oct 2024 09:15:38 +0300 Subject: [PATCH 192/217] nrf: Replace deprecated numeric POSIX configs Numeric POSIX configs were deprecated in a way that the old configurations are no longer taken into account. Replace following options in nrf: - CONFIG_POSIX_MAX_FDS -> CONFIG_ZVFS_OPEN_MAX and CONFIG_POSIX_OPEN_MAX (read-only). - CONFIG_EVENTFD_MAX -> CONFIG_ZVFS_EVENTFD_MAX - CONFIG_MAX_PTHREAD_COUNT -> CONFIG_POSIX_THREAD_THREADS_MAX Signed-off-by: Markus Lassila --- applications/serial_lte_modem/overlay-native_tls.conf | 4 ++-- applications/serial_lte_modem/prj.conf | 2 +- applications/serial_lte_modem/src/slm_at_socket.c | 2 +- samples/cellular/modem_shell/prj.conf | 2 +- samples/cellular/modem_shell/src/sock/sock.c | 4 ++-- .../overlay_nrf700x_wifi_coap_no_lte.conf | 2 +- .../overlay_nrf700x_wifi_mqtt_no_lte.conf | 2 +- samples/crypto/psa_tls/prj.conf | 2 +- samples/matter/light_bulb/overlay-aws-iot-integration.conf | 4 ++-- samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- .../azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- .../net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf | 2 +- samples/net/http_server/boards/nrf9151dk_nrf9151_ns.conf | 2 +- samples/net/http_server/boards/nrf9160dk_nrf9160_ns.conf | 2 +- samples/net/http_server/boards/nrf9161dk_nrf9161_ns.conf | 2 +- samples/net/http_server/overlay-tls-nrf91.conf | 2 +- samples/wifi/ble_coex/prj.conf | 2 +- samples/wifi/monitor/overlay-netusb.conf | 6 +++--- samples/wifi/promiscuous/overlay-netusb.conf | 6 +++--- samples/wifi/provisioning/softap/prj.conf | 2 +- samples/wifi/shell/overlay-netusb.conf | 6 +++--- samples/wifi/shell/overlay-sap.conf | 2 +- samples/wifi/shell/overlay-zperf.conf | 2 +- samples/wifi/thread_coex/prj.conf | 2 +- samples/wifi/throughput/overlay-high-performance.conf | 2 +- samples/wifi/throughput/overlay-iot-devices.conf | 2 +- samples/wifi/throughput/overlay-memory-optimized.conf | 2 +- samples/wifi/throughput/overlay-rx-prio.conf | 2 +- samples/wifi/throughput/overlay-tx-prio.conf | 2 +- samples/wifi/twt/prj.conf | 2 +- samples/wifi/wfa_qt_app/prj.conf | 2 +- tests/lib/nrf_modem_lib/nrf9x_sockets/prj.conf | 2 +- 32 files changed, 41 insertions(+), 41 deletions(-) diff --git a/applications/serial_lte_modem/overlay-native_tls.conf b/applications/serial_lte_modem/overlay-native_tls.conf index 71f7f5bdb2f3..2b00c7d02509 100644 --- a/applications/serial_lte_modem/overlay-native_tls.conf +++ b/applications/serial_lte_modem/overlay-native_tls.conf @@ -19,9 +19,9 @@ CONFIG_MBEDTLS_CIPHER=y # Reserve enough settings space for the certificates CONFIG_PM_PARTITION_SIZE_SETTINGS_STORAGE=0x4000 # Set maximum TLS contexts. -# Increase also CONFIG_POSIX_MAX_FDS, if you need more TLS contexts. +# Increase also CONFIG_ZVFS_OPEN_MAX, if you need more TLS contexts. CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 -CONFIG_POSIX_MAX_FDS=10 +CONFIG_ZVFS_OPEN_MAX=10 # Set packet sizes for incoming and outcoming packets. # If handshake packet (likely CA chain) or TLS record size exceeds these # values, increase the corresponding value and the CONFIG_MBEDTLS_HEAP_SIZE. diff --git a/applications/serial_lte_modem/prj.conf b/applications/serial_lte_modem/prj.conf index bec190a9703a..8130326d3728 100644 --- a/applications/serial_lte_modem/prj.conf +++ b/applications/serial_lte_modem/prj.conf @@ -33,7 +33,7 @@ CONFIG_NET_IPV6=y CONFIG_NRF_MODEM_LIB=y CONFIG_AT_CMD_CUSTOM=y # Align the max FD entry to NRF_MODEM_MAX_SOCKET_COUNT(8) -CONFIG_POSIX_MAX_FDS=8 +CONFIG_ZVFS_OPEN_MAX=8 # Handle modem fault CONFIG_NRF_MODEM_LIB_ON_FAULT_APPLICATION_SPECIFIC=y diff --git a/applications/serial_lte_modem/src/slm_at_socket.c b/applications/serial_lte_modem/src/slm_at_socket.c index 2d1be0c7cdaf..a00c80b03131 100644 --- a/applications/serial_lte_modem/src/slm_at_socket.c +++ b/applications/serial_lte_modem/src/slm_at_socket.c @@ -21,7 +21,7 @@ LOG_MODULE_REGISTER(slm_sock, CONFIG_SLM_LOG_LEVEL); -#define SLM_MAX_SOCKET_COUNT CONFIG_POSIX_MAX_FDS +#define SLM_MAX_SOCKET_COUNT CONFIG_POSIX_OPEN_MAX /* * Known limitation in this version diff --git a/samples/cellular/modem_shell/prj.conf b/samples/cellular/modem_shell/prj.conf index 282b7ff49d1e..c3ae023889bf 100644 --- a/samples/cellular/modem_shell/prj.conf +++ b/samples/cellular/modem_shell/prj.conf @@ -78,7 +78,7 @@ CONFIG_NET_IPV6=y CONFIG_POSIX_API=y CONFIG_PTHREAD_IPC=n # There are issues with posix api if this is set -CONFIG_POSIX_MAX_FDS=10 +CONFIG_ZVFS_OPEN_MAX=10 # Need to be the same as MAX_FDS CONFIG_NET_SOCKETS_POLL_MAX=10 diff --git a/samples/cellular/modem_shell/src/sock/sock.c b/samples/cellular/modem_shell/src/sock/sock.c index d53fdb76a781..b9edeb3d074d 100644 --- a/samples/cellular/modem_shell/src/sock/sock.c +++ b/samples/cellular/modem_shell/src/sock/sock.c @@ -32,7 +32,7 @@ extern struct k_poll_signal mosh_signal; extern struct k_work_q mosh_common_work_q; /* Maximum number of sockets takes into account AT command socket */ -#define MAX_SOCKETS (CONFIG_POSIX_MAX_FDS - 1) +#define MAX_SOCKETS (CONFIG_POSIX_OPEN_MAX - 1) #define SOCK_SEND_BUFFER_SIZE_UDP 1200 /* This should be multiple of TCP window size (708) to make it more efficient */ #define SOCK_SEND_BUFFER_SIZE_TCP 3540 @@ -588,7 +588,7 @@ int sock_open_and_connect( "system exceeded (%d). Notice that all file descriptors in the " "system are taken into account and not just sockets created " "through this application.", - CONFIG_POSIX_MAX_FDS); + CONFIG_ZVFS_OPEN_MAX); } else { mosh_error("Socket create failed, errno %d", errno); } diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf index 86f30899990f..aebbff0a463b 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_coap_no_lte.conf @@ -173,7 +173,7 @@ CONFIG_CONNECTION_THREAD_STACK_SIZE=4500 CONFIG_DATE_TIME_THREAD_STACK_SIZE=2048 CONFIG_NET_TX_STACK_SIZE=2048 CONFIG_NET_RX_STACK_SIZE=2048 -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 CONFIG_NET_SOCKETS_POLL_MAX=8 # nRF Cloud: CoAP diff --git a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf index 98173ef9a8d2..cbbf45937c88 100644 --- a/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf +++ b/samples/cellular/nrf_cloud_multi_service/overlay_nrf700x_wifi_mqtt_no_lte.conf @@ -171,5 +171,5 @@ CONFIG_CONNECTION_THREAD_STACK_SIZE=4500 CONFIG_DATE_TIME_THREAD_STACK_SIZE=2048 CONFIG_NET_TX_STACK_SIZE=2048 CONFIG_NET_RX_STACK_SIZE=2048 -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 CONFIG_NET_SOCKETS_POLL_MAX=8 diff --git a/samples/crypto/psa_tls/prj.conf b/samples/crypto/psa_tls/prj.conf index 17ae060b6eba..0148284de74b 100644 --- a/samples/crypto/psa_tls/prj.conf +++ b/samples/crypto/psa_tls/prj.conf @@ -31,7 +31,7 @@ CONFIG_NET_CONNECTION_MANAGER=n CONFIG_NET_CONTEXT_NET_PKT_POOL=y # TLS networking -CONFIG_POSIX_MAX_FDS=8 +CONFIG_ZVFS_OPEN_MAX=8 CONFIG_NET_SOCKETS_SOCKOPT_TLS=y CONFIG_NET_SOCKETS_ENABLE_DTLS=n CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=6 diff --git a/samples/matter/light_bulb/overlay-aws-iot-integration.conf b/samples/matter/light_bulb/overlay-aws-iot-integration.conf index 25aae892a5de..10576dc8f880 100644 --- a/samples/matter/light_bulb/overlay-aws-iot-integration.conf +++ b/samples/matter/light_bulb/overlay-aws-iot-integration.conf @@ -43,10 +43,10 @@ CONFIG_NET_IPV4=y CONFIG_NET_TCP=y CONFIG_NET_SOCKETS_SOCKOPT_TLS=y CONFIG_NET_MAX_CONN=8 -CONFIG_POSIX_MAX_FDS=25 +CONFIG_ZVFS_OPEN_MAX=25 # DNS -CONFIG_EVENTFD_MAX=2 +CONFIG_ZVFS_EVENTFD_MAX=2 CONFIG_DNS_RESOLVER=y # Adjust NET configurations to reduce the likelyhood of congestion in the TCP stack when there are diff --git a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 377d5f7e84fb..efa830f60a6c 100644 --- a/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/aws_iot/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -15,7 +15,7 @@ CONFIG_HEAP_MEM_POOL_SIZE=81920 CONFIG_LOG_MODE_IMMEDIATE=y CONFIG_HW_STACK_PROTECTION=y CONFIG_HW_ID_LIBRARY_SOURCE_NET_MAC=y -CONFIG_POSIX_MAX_FDS=25 +CONFIG_ZVFS_OPEN_MAX=25 # Optimize Wi-Fi stack to save some memory CONFIG_NRF70_RX_NUM_BUFS=16 diff --git a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index 681ec49f7226..82396c1d11ba 100644 --- a/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/azure_iot_hub/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -9,7 +9,7 @@ CONFIG_POSIX_CLOCK=y CONFIG_HW_ID_LIBRARY=y CONFIG_HW_ID_LIBRARY_SOURCE_NET_MAC=y CONFIG_DK_LIBRARY=y -CONFIG_POSIX_MAX_FDS=25 +CONFIG_ZVFS_OPEN_MAX=25 # Heap and stacks CONFIG_MAIN_STACK_SIZE=4096 diff --git a/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf b/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf index ca0672866271..6188099bacde 100644 --- a/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf +++ b/samples/net/http_server/boards/nrf7002dk_nrf5340_cpuapp_ns.conf @@ -38,7 +38,7 @@ CONFIG_L2_WIFI_CONNECTIVITY_AUTO_CONNECT=n CONFIG_L2_WIFI_CONNECTIVITY_AUTO_DOWN=n # mbedTLS and sockets -CONFIG_POSIX_MAX_FDS=25 +CONFIG_ZVFS_OPEN_MAX=25 CONFIG_MBEDTLS_HEAP_SIZE=16384 # DHCPv4 diff --git a/samples/net/http_server/boards/nrf9151dk_nrf9151_ns.conf b/samples/net/http_server/boards/nrf9151dk_nrf9151_ns.conf index 0f3e9f12a537..1deb46350dc9 100644 --- a/samples/net/http_server/boards/nrf9151dk_nrf9151_ns.conf +++ b/samples/net/http_server/boards/nrf9151dk_nrf9151_ns.conf @@ -17,7 +17,7 @@ CONFIG_NET_IPV6_NBR_CACHE=n CONFIG_NET_IPV6_MLD=n # Zephyr sockets -CONFIG_POSIX_MAX_FDS=10 +CONFIG_ZVFS_OPEN_MAX=10 # Zephyr NET Connection Manager and Connectivity layer. CONFIG_NET_CONNECTION_MANAGER_MONITOR_STACK_SIZE=1024 diff --git a/samples/net/http_server/boards/nrf9160dk_nrf9160_ns.conf b/samples/net/http_server/boards/nrf9160dk_nrf9160_ns.conf index 2fedaccbec96..d320f7961271 100644 --- a/samples/net/http_server/boards/nrf9160dk_nrf9160_ns.conf +++ b/samples/net/http_server/boards/nrf9160dk_nrf9160_ns.conf @@ -17,7 +17,7 @@ CONFIG_NET_IPV6_NBR_CACHE=n CONFIG_NET_IPV6_MLD=n # Zephyr sockets -CONFIG_POSIX_MAX_FDS=10 +CONFIG_ZVFS_OPEN_MAX=10 # Zephyr NET Connection Manager and Connectivity layer. CONFIG_NET_CONNECTION_MANAGER_MONITOR_STACK_SIZE=1024 diff --git a/samples/net/http_server/boards/nrf9161dk_nrf9161_ns.conf b/samples/net/http_server/boards/nrf9161dk_nrf9161_ns.conf index 8aee68c30768..0e38c33b0dca 100644 --- a/samples/net/http_server/boards/nrf9161dk_nrf9161_ns.conf +++ b/samples/net/http_server/boards/nrf9161dk_nrf9161_ns.conf @@ -17,7 +17,7 @@ CONFIG_NET_IPV6_NBR_CACHE=n CONFIG_NET_IPV6_MLD=n # Zephyr sockets -CONFIG_POSIX_MAX_FDS=10 +CONFIG_ZVFS_OPEN_MAX=10 # Zephyr NET Connection Manager and Connectivity layer. CONFIG_NET_CONNECTION_MANAGER_MONITOR_STACK_SIZE=1024 diff --git a/samples/net/http_server/overlay-tls-nrf91.conf b/samples/net/http_server/overlay-tls-nrf91.conf index 87dffb7fde1b..c064a46bd476 100644 --- a/samples/net/http_server/overlay-tls-nrf91.conf +++ b/samples/net/http_server/overlay-tls-nrf91.conf @@ -10,7 +10,7 @@ CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=3 # nRF Security legacy MBed TLS CONFIG_NORDIC_SECURITY_BACKEND=y -CONFIG_POSIX_MAX_FDS=10 +CONFIG_ZVFS_OPEN_MAX=10 CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=36864 CONFIG_MBEDTLS_RSA_C=y diff --git a/samples/wifi/ble_coex/prj.conf b/samples/wifi/ble_coex/prj.conf index eb0e2967898a..f4f714b4e2e5 100644 --- a/samples/wifi/ble_coex/prj.conf +++ b/samples/wifi/ble_coex/prj.conf @@ -56,7 +56,7 @@ CONFIG_POSIX_CLOCK=y # Benchmarking CONFIG_NET_ZPERF=y -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 # Optimized networking settings for performance CONFIG_NET_TC_TX_COUNT=1 diff --git a/samples/wifi/monitor/overlay-netusb.conf b/samples/wifi/monitor/overlay-netusb.conf index 945ee38d027f..d4bed2c98ee5 100644 --- a/samples/wifi/monitor/overlay-netusb.conf +++ b/samples/wifi/monitor/overlay-netusb.conf @@ -16,9 +16,9 @@ CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_COUNT=10 # For netusb WFA_THREADS_NUM -CONFIG_MAX_PTHREAD_COUNT=5 +CONFIG_POSIX_THREAD_THREADS_MAX=5 # Every pthread_create needs a mutex, and WFA DUT needs an extra mutex/thread -# CONFIG_MAX_PTHREAD_COUNT * 2 +# CONFIG_POSIX_THREAD_THREADS_MAX * 2 CONFIG_MAX_PTHREAD_MUTEX_COUNT=10 -# Same as above: CONFIG_MAX_PTHREAD_COUNT * 2 +# Same as above: CONFIG_POSIX_THREAD_THREADS_MAX * 2 CONFIG_MAX_PTHREAD_COND_COUNT=10 diff --git a/samples/wifi/promiscuous/overlay-netusb.conf b/samples/wifi/promiscuous/overlay-netusb.conf index 945ee38d027f..d4bed2c98ee5 100644 --- a/samples/wifi/promiscuous/overlay-netusb.conf +++ b/samples/wifi/promiscuous/overlay-netusb.conf @@ -16,9 +16,9 @@ CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_COUNT=10 # For netusb WFA_THREADS_NUM -CONFIG_MAX_PTHREAD_COUNT=5 +CONFIG_POSIX_THREAD_THREADS_MAX=5 # Every pthread_create needs a mutex, and WFA DUT needs an extra mutex/thread -# CONFIG_MAX_PTHREAD_COUNT * 2 +# CONFIG_POSIX_THREAD_THREADS_MAX * 2 CONFIG_MAX_PTHREAD_MUTEX_COUNT=10 -# Same as above: CONFIG_MAX_PTHREAD_COUNT * 2 +# Same as above: CONFIG_POSIX_THREAD_THREADS_MAX * 2 CONFIG_MAX_PTHREAD_COND_COUNT=10 diff --git a/samples/wifi/provisioning/softap/prj.conf b/samples/wifi/provisioning/softap/prj.conf index 9c79237a3ab5..9537929df22a 100644 --- a/samples/wifi/provisioning/softap/prj.conf +++ b/samples/wifi/provisioning/softap/prj.conf @@ -58,7 +58,7 @@ CONFIG_NET_TCP=y CONFIG_NET_UDP=y CONFIG_NET_SOCKETS=y CONFIG_NET_MAX_CONN=6 -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=2 CONFIG_NET_SOCKETS_SOCKOPT_TLS=y diff --git a/samples/wifi/shell/overlay-netusb.conf b/samples/wifi/shell/overlay-netusb.conf index 945ee38d027f..d4bed2c98ee5 100644 --- a/samples/wifi/shell/overlay-netusb.conf +++ b/samples/wifi/shell/overlay-netusb.conf @@ -16,9 +16,9 @@ CONFIG_NET_IPV4_FRAGMENT=y CONFIG_NET_IPV4_FRAGMENT_MAX_COUNT=10 # For netusb WFA_THREADS_NUM -CONFIG_MAX_PTHREAD_COUNT=5 +CONFIG_POSIX_THREAD_THREADS_MAX=5 # Every pthread_create needs a mutex, and WFA DUT needs an extra mutex/thread -# CONFIG_MAX_PTHREAD_COUNT * 2 +# CONFIG_POSIX_THREAD_THREADS_MAX * 2 CONFIG_MAX_PTHREAD_MUTEX_COUNT=10 -# Same as above: CONFIG_MAX_PTHREAD_COUNT * 2 +# Same as above: CONFIG_POSIX_THREAD_THREADS_MAX * 2 CONFIG_MAX_PTHREAD_COND_COUNT=10 diff --git a/samples/wifi/shell/overlay-sap.conf b/samples/wifi/shell/overlay-sap.conf index 9315603d65ba..22f85ec4283d 100644 --- a/samples/wifi/shell/overlay-sap.conf +++ b/samples/wifi/shell/overlay-sap.conf @@ -2,7 +2,7 @@ CONFIG_NRF70_AP_MODE=y CONFIG_WIFI_NM_WPA_SUPPLICANT_AP=y CONFIG_NET_ZPERF=y -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 # Optimized networking settings for performance CONFIG_NET_PKT_RX_COUNT=10 CONFIG_NET_PKT_TX_COUNT=10 diff --git a/samples/wifi/shell/overlay-zperf.conf b/samples/wifi/shell/overlay-zperf.conf index 4c3971d6417e..476ac022a3bb 100644 --- a/samples/wifi/shell/overlay-zperf.conf +++ b/samples/wifi/shell/overlay-zperf.conf @@ -1,5 +1,5 @@ CONFIG_NET_ZPERF=y -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 # Zperf TCP=6, UDP=2, Others=1 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack diff --git a/samples/wifi/thread_coex/prj.conf b/samples/wifi/thread_coex/prj.conf index 386f6413b289..c709a8649756 100644 --- a/samples/wifi/thread_coex/prj.conf +++ b/samples/wifi/thread_coex/prj.conf @@ -52,7 +52,7 @@ CONFIG_POSIX_CLOCK=y # Benchmarking CONFIG_NET_ZPERF=y -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 # Optimized networking settings for performance CONFIG_NET_TC_TX_COUNT=1 diff --git a/samples/wifi/throughput/overlay-high-performance.conf b/samples/wifi/throughput/overlay-high-performance.conf index 104a61c0f609..9072588b0398 100644 --- a/samples/wifi/throughput/overlay-high-performance.conf +++ b/samples/wifi/throughput/overlay-high-performance.conf @@ -11,7 +11,7 @@ CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_NRF70_UTIL=n CONFIG_NRF70_MAX_TX_AGGREGATION=9 CONFIG_NRF70_MAX_TX_TOKENS=12 -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack CONFIG_MAIN_STACK_SIZE=4600 diff --git a/samples/wifi/throughput/overlay-iot-devices.conf b/samples/wifi/throughput/overlay-iot-devices.conf index 1c6ab2231723..715c7db962d1 100644 --- a/samples/wifi/throughput/overlay-iot-devices.conf +++ b/samples/wifi/throughput/overlay-iot-devices.conf @@ -12,7 +12,7 @@ CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_NRF70_UTIL=n CONFIG_NRF70_MAX_TX_AGGREGATION=1 CONFIG_NRF70_MAX_TX_TOKENS=5 -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack CONFIG_MAIN_STACK_SIZE=4600 diff --git a/samples/wifi/throughput/overlay-memory-optimized.conf b/samples/wifi/throughput/overlay-memory-optimized.conf index e5fa6ca28bf9..0bdb00f6dc48 100644 --- a/samples/wifi/throughput/overlay-memory-optimized.conf +++ b/samples/wifi/throughput/overlay-memory-optimized.conf @@ -12,7 +12,7 @@ CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_NRF70_UTIL=n CONFIG_NRF70_MAX_TX_AGGREGATION=1 CONFIG_NRF70_MAX_TX_TOKENS=5 -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack CONFIG_MAIN_STACK_SIZE=4600 diff --git a/samples/wifi/throughput/overlay-rx-prio.conf b/samples/wifi/throughput/overlay-rx-prio.conf index 5184ba081339..c613b0105a8f 100644 --- a/samples/wifi/throughput/overlay-rx-prio.conf +++ b/samples/wifi/throughput/overlay-rx-prio.conf @@ -12,7 +12,7 @@ CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_NRF70_UTIL=n CONFIG_NRF70_MAX_TX_AGGREGATION=2 CONFIG_NRF70_MAX_TX_TOKENS=5 -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack CONFIG_MAIN_STACK_SIZE=4600 diff --git a/samples/wifi/throughput/overlay-tx-prio.conf b/samples/wifi/throughput/overlay-tx-prio.conf index 2c97254bc5ce..75493026b6a2 100644 --- a/samples/wifi/throughput/overlay-tx-prio.conf +++ b/samples/wifi/throughput/overlay-tx-prio.conf @@ -12,7 +12,7 @@ CONFIG_NRF70_QSPI_LOW_POWER=n CONFIG_NRF70_UTIL=n CONFIG_NRF70_MAX_TX_AGGREGATION=9 CONFIG_NRF70_MAX_TX_TOKENS=12 -CONFIG_POSIX_MAX_FDS=20 +CONFIG_ZVFS_OPEN_MAX=20 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack CONFIG_MAIN_STACK_SIZE=4600 diff --git a/samples/wifi/twt/prj.conf b/samples/wifi/twt/prj.conf index 0909fc41e7ec..650c9ff5adc8 100644 --- a/samples/wifi/twt/prj.conf +++ b/samples/wifi/twt/prj.conf @@ -93,4 +93,4 @@ CONFIG_TRAFFIC_GEN=y # IPv4 address of the host running the traffic generator server CONFIG_TRAFFIC_GEN_REMOTE_IPV4_ADDR="192.168.0.1" # Needed because traffic gen uses more sockets, so, keeping an upper limit -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 diff --git a/samples/wifi/wfa_qt_app/prj.conf b/samples/wifi/wfa_qt_app/prj.conf index a73b99c25bb8..10ce00d753ff 100644 --- a/samples/wifi/wfa_qt_app/prj.conf +++ b/samples/wifi/wfa_qt_app/prj.conf @@ -9,7 +9,7 @@ CONFIG_WFA_QT_CONTROL_APP=y # Ideally this has to be done in the QT module, but we already override this in the # hostap module (7), so, hostap will override QT module's settings, so, we have to # override hostap's settings here. -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 # WPA supplicant CONFIG_WIFI_NM_WPA_SUPPLICANT=y diff --git a/tests/lib/nrf_modem_lib/nrf9x_sockets/prj.conf b/tests/lib/nrf_modem_lib/nrf9x_sockets/prj.conf index 45f2e81aa3af..e306b548b360 100644 --- a/tests/lib/nrf_modem_lib/nrf9x_sockets/prj.conf +++ b/tests/lib/nrf_modem_lib/nrf9x_sockets/prj.conf @@ -16,4 +16,4 @@ CONFIG_NET_NATIVE=n CONFIG_NET_TEST=y CONFIG_NET_SOCKETS_OFFLOAD=y CONFIG_NET_L2_DUMMY=n -CONFIG_POSIX_MAX_FDS=16 +CONFIG_ZVFS_OPEN_MAX=16 From 2d462d52d214cdebe61795e1a36634b57eead361 Mon Sep 17 00:00:00 2001 From: Kamil Kasperczyk Date: Wed, 2 Oct 2024 12:28:10 +0200 Subject: [PATCH 193/217] applications: Fixed bt providers in Matter bridge application The BT API changed and write member of bt_gatt_subscribe_params struct was removed. This was not used in bridge anyway, so it was only required to remove nullptr assignment. Signed-off-by: Kamil Kasperczyk --- .../src/ble_providers/ble_environmental_data_provider.cpp | 2 -- .../matter_bridge/src/ble_providers/ble_lbs_data_provider.cpp | 1 - 2 files changed, 3 deletions(-) diff --git a/applications/matter_bridge/src/ble_providers/ble_environmental_data_provider.cpp b/applications/matter_bridge/src/ble_providers/ble_environmental_data_provider.cpp index 74811632b6af..de33218f1c89 100644 --- a/applications/matter_bridge/src/ble_providers/ble_environmental_data_provider.cpp +++ b/applications/matter_bridge/src/ble_providers/ble_environmental_data_provider.cpp @@ -170,7 +170,6 @@ void BleEnvironmentalDataProvider::Subscribe() mGattTemperatureSubscribeParams.value = BT_GATT_CCC_NOTIFY; mGattTemperatureSubscribeParams.notify = BleEnvironmentalDataProvider::GattTemperatureNotifyCallback; mGattTemperatureSubscribeParams.subscribe = nullptr; - mGattTemperatureSubscribeParams.write = nullptr; /* Configure subscription for the humidity characteristic */ mGattHumiditySubscribeParams.ccc_handle = mCccHumidityHandle; @@ -178,7 +177,6 @@ void BleEnvironmentalDataProvider::Subscribe() mGattHumiditySubscribeParams.value = BT_GATT_CCC_NOTIFY; mGattHumiditySubscribeParams.notify = BleEnvironmentalDataProvider::GattHumidityNotifyCallback; mGattHumiditySubscribeParams.subscribe = nullptr; - mGattHumiditySubscribeParams.write = nullptr; if (CheckSubscriptionParameters(&mGattTemperatureSubscribeParams)) { int err = bt_gatt_subscribe(mDevice.mConn, &mGattTemperatureSubscribeParams); diff --git a/applications/matter_bridge/src/ble_providers/ble_lbs_data_provider.cpp b/applications/matter_bridge/src/ble_providers/ble_lbs_data_provider.cpp index 49405e7df876..7a47af520547 100644 --- a/applications/matter_bridge/src/ble_providers/ble_lbs_data_provider.cpp +++ b/applications/matter_bridge/src/ble_providers/ble_lbs_data_provider.cpp @@ -197,7 +197,6 @@ void BleLBSDataProvider::Subscribe() mGattSubscribeParams.value = BT_GATT_CCC_NOTIFY; mGattSubscribeParams.notify = BleLBSDataProvider::GattNotifyCallback; mGattSubscribeParams.subscribe = nullptr; - mGattSubscribeParams.write = nullptr; if (CheckSubscriptionParameters(&mGattSubscribeParams)) { int err = bt_gatt_subscribe(mDevice.mConn, &mGattSubscribeParams); From cd25037e168178b7884b5c6d271c1c427067fa8a Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Wed, 2 Oct 2024 12:46:04 +0200 Subject: [PATCH 194/217] modules: tfm: Fix configuration for builtin keys The builtin keys are used in different ways for the nRF54L15 and the nRF9160 and nRF5340 devices. The L15 devices don't use the default TFM builtin key loader but they implement their own function to load the builtin keys. The configuration MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is necessary for all the platforms though sinc the PSA core will not include basic builtin key functionality without it. Signed-off-by: Georgios Vasilakis --- modules/trusted-firmware-m/tfm_boards/external_core.cmake | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake index 6ab54af794e4..eadd46718bf5 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -95,7 +95,8 @@ if(TARGET psa_crypto_library_config) target_compile_definitions(psa_crypto_library_config INTERFACE MBEDTLS_PSA_CRYPTO_DRIVERS - $<$:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER> + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + $<$:PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER> ) endif() From 55b38855343178156c08920fb90ea3e6b8db5c98 Mon Sep 17 00:00:00 2001 From: Tommi Rantanen Date: Wed, 2 Oct 2024 15:11:17 +0300 Subject: [PATCH 195/217] samples: cellular: modem_shell: Add legacy mbed TLS for full mfw fota Adding legacy mbed TLS crypto APIs that are still used in full modem FOTA. Signed-off-by: Tommi Rantanen --- samples/cellular/modem_shell/overlay-modem_fota_full.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/cellular/modem_shell/overlay-modem_fota_full.conf b/samples/cellular/modem_shell/overlay-modem_fota_full.conf index 247b09dd85cf..59b537a33ce8 100644 --- a/samples/cellular/modem_shell/overlay-modem_fota_full.conf +++ b/samples/cellular/modem_shell/overlay-modem_fota_full.conf @@ -16,3 +16,4 @@ CONFIG_STREAM_FLASH_ERASE=y CONFIG_STREAM_FLASH=y CONFIG_FMFU_FDEV=y CONFIG_DOWNLOAD_CLIENT_STACK_SIZE=2560 +CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y From 8b7e901572826738064e62417df30e20011fffe8 Mon Sep 17 00:00:00 2001 From: Kamil Kasperczyk Date: Wed, 2 Oct 2024 12:50:58 +0200 Subject: [PATCH 196/217] applications: Fixed missing return in method returning non-void In the Matter bridge application there is missing return statement in UpdateState method that should return CHIP_ERROR. Signed-off-by: Kamil Kasperczyk --- .../simulated_onoff_light_switch_data_provider.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/matter_bridge/src/simulated_providers/simulated_onoff_light_switch_data_provider.cpp b/applications/matter_bridge/src/simulated_providers/simulated_onoff_light_switch_data_provider.cpp index cc7ffd6daf07..1fc53e0a442d 100644 --- a/applications/matter_bridge/src/simulated_providers/simulated_onoff_light_switch_data_provider.cpp +++ b/applications/matter_bridge/src/simulated_providers/simulated_onoff_light_switch_data_provider.cpp @@ -85,4 +85,5 @@ CHIP_ERROR SimulatedOnOffLightSwitchDataProvider::UpdateState(chip::ClusterId cl default: return CHIP_ERROR_UNSUPPORTED_CHIP_FEATURE; } + return CHIP_NO_ERROR; } From 602f468897e903958b54f3a33dbef32f5711940d Mon Sep 17 00:00:00 2001 From: Kamil Kasperczyk Date: Wed, 2 Oct 2024 13:33:52 +0200 Subject: [PATCH 197/217] applications: Increased BT_BUF_ACL_RX_COUNT for Matter bridge The new static assert that checks if CONFIG_BT_BUF_ACL_RX_COUNT > CONFIG_BT_MAX_CONN was added in BT subsys. Because of that it is required to increase ACL rx count for various .conf files that modify BT_MAX_CONN. Signed-off-by: Kamil Kasperczyk --- .../matter_bridge/boards/nrf5340dk_nrf5340_cpuapp.conf | 3 +++ applications/matter_bridge/overlay-bt_max_connections_app.conf | 3 +++ .../sysbuild/ipc_radio/boards/nrf5340dk_nrf5340_cpunet.conf | 3 +++ .../sysbuild/ipc_radio/overlay-bt_max_connections_net.conf | 3 +++ applications/matter_bridge/sysbuild/ipc_radio/prj.conf | 3 +++ 5 files changed, 15 insertions(+) diff --git a/applications/matter_bridge/boards/nrf5340dk_nrf5340_cpuapp.conf b/applications/matter_bridge/boards/nrf5340dk_nrf5340_cpuapp.conf index 3cd450ba2ff8..48808c740b35 100644 --- a/applications/matter_bridge/boards/nrf5340dk_nrf5340_cpuapp.conf +++ b/applications/matter_bridge/boards/nrf5340dk_nrf5340_cpuapp.conf @@ -7,6 +7,9 @@ # Set 10 BLE connections, as it is an upper limit supported caused by RAM usage due to using Thread and BLE at same time. CONFIG_BT_MAX_CONN=10 +# Set ACL RX count to CONFIG_BT_MAX_CONN + 1, as it is expected that CONFIG_BT_BUF_ACL_RX_COUNT > CONFIG_BT_MAX_CONN. +CONFIG_BT_BUF_ACL_RX_COUNT=11 + # Set buffer sizes in a consistent way with the ones used by the network core. #id if oncomment it there is an error that rx buffer is out of range (minimal value is 69) CONFIG_BT_BUF_ACL_RX_SIZE=69 diff --git a/applications/matter_bridge/overlay-bt_max_connections_app.conf b/applications/matter_bridge/overlay-bt_max_connections_app.conf index 83de533d7cd6..a7a28b3b0514 100644 --- a/applications/matter_bridge/overlay-bt_max_connections_app.conf +++ b/applications/matter_bridge/overlay-bt_max_connections_app.conf @@ -7,6 +7,9 @@ # Set 20 BLE connections, as it is an upper limit supported by the Soft Device Controller. CONFIG_BT_MAX_CONN=20 +# Set ACL RX count to CONFIG_BT_MAX_CONN + 1, as it is expected that CONFIG_BT_BUF_ACL_RX_COUNT > CONFIG_BT_MAX_CONN. +CONFIG_BT_BUF_ACL_RX_COUNT=21 + # Set buffer sizes in a consistent way with the ones used by the network core. CONFIG_BT_BUF_ACL_RX_SIZE=84 CONFIG_BT_BUF_ACL_TX_SIZE=84 diff --git a/applications/matter_bridge/sysbuild/ipc_radio/boards/nrf5340dk_nrf5340_cpunet.conf b/applications/matter_bridge/sysbuild/ipc_radio/boards/nrf5340dk_nrf5340_cpunet.conf index 4b4bc4779acc..f374982e3a69 100644 --- a/applications/matter_bridge/sysbuild/ipc_radio/boards/nrf5340dk_nrf5340_cpunet.conf +++ b/applications/matter_bridge/sysbuild/ipc_radio/boards/nrf5340dk_nrf5340_cpunet.conf @@ -7,6 +7,9 @@ # Set 10 BLE connections, as it is an upper limit supported caused by RAM usage due to using Thread and BLE at same time. CONFIG_BT_MAX_CONN=10 +# Set ACL RX count to CONFIG_BT_MAX_CONN + 1, as it is expected that CONFIG_BT_BUF_ACL_RX_COUNT > CONFIG_BT_MAX_CONN. +CONFIG_BT_BUF_ACL_RX_COUNT=11 + # Decrease stack and buffer sizes to free some RAM and support 10 BLE connections CONFIG_MAIN_STACK_SIZE=512 CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=512 diff --git a/applications/matter_bridge/sysbuild/ipc_radio/overlay-bt_max_connections_net.conf b/applications/matter_bridge/sysbuild/ipc_radio/overlay-bt_max_connections_net.conf index 37aecb94e2cc..52966d80e502 100644 --- a/applications/matter_bridge/sysbuild/ipc_radio/overlay-bt_max_connections_net.conf +++ b/applications/matter_bridge/sysbuild/ipc_radio/overlay-bt_max_connections_net.conf @@ -7,6 +7,9 @@ # Set 20 BLE connections, as it is an upper limit supported by the Soft Device Controller CONFIG_BT_MAX_CONN=20 +# Set ACL RX count to CONFIG_BT_MAX_CONN + 1, as it is expected that CONFIG_BT_BUF_ACL_RX_COUNT > CONFIG_BT_MAX_CONN. +CONFIG_BT_BUF_ACL_RX_COUNT=21 + # Decrease stack and buffer sizes to free some RAM and support 20 BLE connections CONFIG_MAIN_STACK_SIZE=512 CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=512 diff --git a/applications/matter_bridge/sysbuild/ipc_radio/prj.conf b/applications/matter_bridge/sysbuild/ipc_radio/prj.conf index ed990f3822e2..24fa3a767efe 100644 --- a/applications/matter_bridge/sysbuild/ipc_radio/prj.conf +++ b/applications/matter_bridge/sysbuild/ipc_radio/prj.conf @@ -27,6 +27,9 @@ CONFIG_BT_BUF_ACL_TX_SIZE=251 CONFIG_BT_CTLR_DATA_LENGTH_MAX=251 CONFIG_BT_CTLR_PHY_2M=n +# Set ACL RX count to CONFIG_BT_MAX_CONN + 1, as it is expected that CONFIG_BT_BUF_ACL_RX_COUNT > CONFIG_BT_MAX_CONN. +CONFIG_BT_BUF_ACL_RX_COUNT=11 + # Debug and assert configuration CONFIG_ASSERT=y CONFIG_DEBUG_INFO=y From 561414067a685b048f2ba7c275afd543008acb66 Mon Sep 17 00:00:00 2001 From: Seppo Takalo Date: Wed, 2 Oct 2024 14:26:41 +0300 Subject: [PATCH 198/217] net: lib: lwm2m_client_utils: Add storage for location resources Our location libraries so often use optional resources from LwM2M Location Object that it makes sense to add storage for those every time the object is build in. Signed-off-by: Seppo Takalo --- .../net/lib/lwm2m_client_utils/CMakeLists.txt | 1 + .../lwm2m_obj_location_optional.c | 49 +++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 subsys/net/lib/lwm2m_client_utils/lwm2m_obj_location_optional.c diff --git a/subsys/net/lib/lwm2m_client_utils/CMakeLists.txt b/subsys/net/lib/lwm2m_client_utils/CMakeLists.txt index f938f4859559..7f24fdd81b7a 100644 --- a/subsys/net/lib/lwm2m_client_utils/CMakeLists.txt +++ b/subsys/net/lib/lwm2m_client_utils/CMakeLists.txt @@ -30,6 +30,7 @@ zephyr_library_sources_ifdef(CONFIG_LWM2M_CLIENT_UTILS_ADV_FIRMWARE_UPDATE_OBJ_S zephyr_library_sources_ifdef(CONFIG_LWM2M_CLIENT_UTILS_WIFI_AP_SCANNER location/location_wifi_ap_scanner.c) zephyr_library_sources_ifdef(CONFIG_LWM2M_CLIENT_UTILS_VISIBLE_WIFI_AP_OBJ_SUPPORT lwm2m/visible_wifi_ap.c) zephyr_library_sources_ifdef(CONFIG_LWM2M_CLIENT_UTILS_LTE_CONNEVAL lwm2m/lwm2m_conneval.c) +zephyr_library_sources_ifdef(CONFIG_LWM2M_LOCATION_OBJ_SUPPORT lwm2m_obj_location_optional.c) zephyr_include_directories(lwm2m/include) # For strnlen() diff --git a/subsys/net/lib/lwm2m_client_utils/lwm2m_obj_location_optional.c b/subsys/net/lib/lwm2m_client_utils/lwm2m_obj_location_optional.c new file mode 100644 index 000000000000..9274d7585426 --- /dev/null +++ b/subsys/net/lib/lwm2m_client_utils/lwm2m_obj_location_optional.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause + */ + +#include +#include "lwm2m_engine.h" + +/* + * Our location libraries make use of optional resources on LwM2M Location object + * so provide a buffer for them. + */ + +#define LOCATION_ALTITUDE_ID 2 +#define LOCATION_RADIUS_ID 3 +#define LOCATION_VELOCITY_ID 4 + +static double altitude; +static double radius; +static double velocity; + +static int lwm2m_init_optional_location_res(void) +{ + struct lwm2m_obj_path path; + int ret; + + path = LWM2M_OBJ(LWM2M_OBJECT_LOCATION_ID, 0, LOCATION_ALTITUDE_ID); + ret = lwm2m_set_res_buf(&path, &altitude, sizeof(altitude), sizeof(altitude), 0); + if (ret < 0) { + return ret; + } + + path = LWM2M_OBJ(LWM2M_OBJECT_LOCATION_ID, 0, LOCATION_RADIUS_ID); + ret = lwm2m_set_res_buf(&path, &radius, sizeof(radius), sizeof(radius), 0); + if (ret < 0) { + return ret; + } + + path = LWM2M_OBJ(LWM2M_OBJECT_LOCATION_ID, 0, LOCATION_VELOCITY_ID); + ret = lwm2m_set_res_buf(&path, &velocity, sizeof(velocity), sizeof(velocity), 0); + if (ret < 0) { + return ret; + } + + return 0; +} + +LWM2M_APP_INIT(lwm2m_init_optional_location_res); From af80d36de13ecb07de442fd77341e306e26d29a9 Mon Sep 17 00:00:00 2001 From: Arkadiusz Balys Date: Wed, 2 Oct 2024 14:23:18 +0200 Subject: [PATCH 199/217] applications: Fix Matter Bridge nRF54H20 build. - Added to quarantine nRF54H20 WiFi build since nRF7002EB is not available yet. - Added PSA_SSF_CLIENT to the nRF54H20 Matter Bridge. Signed-off-by: Arkadiusz Balys --- .../matter_bridge/boards/nrf54h20dk_nrf54h20_cpuapp.conf | 8 +++----- applications/matter_bridge/sample.yaml | 8 ++++---- scripts/quarantine.yaml | 2 ++ 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/applications/matter_bridge/boards/nrf54h20dk_nrf54h20_cpuapp.conf b/applications/matter_bridge/boards/nrf54h20dk_nrf54h20_cpuapp.conf index 1da7b18a6fd4..fec3fbd785d6 100644 --- a/applications/matter_bridge/boards/nrf54h20dk_nrf54h20_cpuapp.conf +++ b/applications/matter_bridge/boards/nrf54h20dk_nrf54h20_cpuapp.conf @@ -5,15 +5,13 @@ # # TODO: Workaround to be removed once DFU and external flash will be supported on nRF54H20. -CONFIG_CHIP_OTA_REQUESTOR=n CONFIG_CHIP_QSPI_NOR=n CONFIG_MPU_STACK_GUARD=n -# TODO: Enable PSA crypto once it is available -CONFIG_CHIP_CRYPTO_PSA=n -CONFIG_MBEDTLS_CIPHER_PADDING_PKCS7=y -CONFIG_MBEDTLS_CIPHER_MODE_CBC=y +# Enable PSA crypto from SSF client +CONFIG_PSA_SSF_CRYPTO_CLIENT=y +CONFIG_SSF_PSA_CRYPTO_SERVICE_ENABLED=y # TODO: Enable factory data once it is available CONFIG_CHIP_FACTORY_DATA=n diff --git a/applications/matter_bridge/sample.yaml b/applications/matter_bridge/sample.yaml index d122ca59c7d6..c2087b5c0fcb 100644 --- a/applications/matter_bridge/sample.yaml +++ b/applications/matter_bridge/sample.yaml @@ -78,8 +78,8 @@ tests: applications.matter_bridge.lto.br_ble.nrf54h20.wifi: sysbuild: true build_only: true - extra_args: SB_CONFIG_WIFI_NRF700X=y CONFIG_CHIP_WIFI=y - matter_bridge_SHIELD=nrf700x_nrf54h20dk CONFIG_BRIDGED_DEVICE_BT=y + extra_args: SB_CONFIG_WIFI_NRF70=y CONFIG_CHIP_WIFI=y + matter_bridge_SHIELD=nrf7002eb_interposer_p1 CONFIG_BRIDGED_DEVICE_BT=y integration_platforms: - nrf54h20dk/nrf54h20/cpuapp platform_allow: nrf54h20dk/nrf54h20/cpuapp @@ -87,8 +87,8 @@ tests: applications.matter_bridge.release.br_ble.nrf54h20.wifi: sysbuild: true build_only: true - extra_args: FILE_SUFFIX=release SB_CONFIG_WIFI_NRF700X=y CONFIG_CHIP_WIFI=y - matter_bridge_SHIELD=nrf700x_nrf54h20dk CONFIG_BRIDGED_DEVICE_BT=y + extra_args: FILE_SUFFIX=release SB_CONFIG_WIFI_NRF70=y CONFIG_CHIP_WIFI=y + matter_bridge_SHIELD=nrf7002eb_interposer_p1 CONFIG_BRIDGED_DEVICE_BT=y integration_platforms: - nrf54h20dk/nrf54h20/cpuapp platform_allow: nrf54h20dk/nrf54h20/cpuapp diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index 187748d5535f..fc27a81dbbbb 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -15,6 +15,8 @@ - ".*nrf7002_eb.*" - ".thingy91x_nrf700.*" - ".thingy91x_wifi.*" + - applications.matter_bridge.lto.br_ble.nrf54h20.wifi + - applications.matter_bridge.release.br_ble.nrf54h20.wifi comment: "nRF7002EB, Thingy91x are not support in the upstream nRF70 driver yet" - scenarios: From 6c1fbbd66f346766453776991446d9b63f84a2a4 Mon Sep 17 00:00:00 2001 From: Marek Pieta Date: Wed, 2 Oct 2024 13:45:00 +0200 Subject: [PATCH 200/217] applications: nrf_desktop: Optimize SW Split LL for size Change switches to using size optimizations for SW Split Bluetooth Link Layer to reduce memory consumption. Jira: NCSDK-29186 Signed-off-by: Marek Pieta --- .../configuration/nrf52810dmouse_nrf52810/prj.conf | 4 ++++ .../configuration/nrf52810dmouse_nrf52810/prj_release.conf | 4 ++++ .../configuration/nrf52820dongle_nrf52820/prj.conf | 4 ++++ .../configuration/nrf52820dongle_nrf52820/prj_release.conf | 4 ++++ .../nrf_desktop/configuration/nrf52833dk_nrf52820/prj.conf | 4 ++++ .../configuration/nrf52833dk_nrf52820/prj_release.conf | 4 ++++ 6 files changed, 24 insertions(+) diff --git a/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj.conf b/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj.conf index be3779c334c9..a2e871fc73ef 100644 --- a/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj.conf +++ b/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj.conf @@ -99,6 +99,10 @@ CONFIG_BT_MAX_PAIRED=2 CONFIG_BT_ID_MAX=3 CONFIG_BT_LL_SW_SPLIT=y +# Optimize Bluetooth controller for size to reduce memory consumption +CONFIG_BT_CTLR_ADVANCED_FEATURES=y +CONFIG_BT_CTLR_OPTIMIZE_FOR_SIZE=y + CONFIG_BT_ATT_TX_COUNT=4 CONFIG_BT_CONN_TX_MAX=4 # Reduce memory footprint diff --git a/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj_release.conf b/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj_release.conf index d48da021b8f4..7867d7136bd8 100644 --- a/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj_release.conf +++ b/applications/nrf_desktop/configuration/nrf52810dmouse_nrf52810/prj_release.conf @@ -94,6 +94,10 @@ CONFIG_BT_MAX_PAIRED=2 CONFIG_BT_ID_MAX=3 CONFIG_BT_LL_SW_SPLIT=y +# Optimize Bluetooth controller for size to reduce memory consumption +CONFIG_BT_CTLR_ADVANCED_FEATURES=y +CONFIG_BT_CTLR_OPTIMIZE_FOR_SIZE=y + CONFIG_BT_ATT_TX_COUNT=4 CONFIG_BT_CONN_TX_MAX=4 # Reduce memory footprint diff --git a/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj.conf b/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj.conf index 87db689a5e74..6bc5bdd9e790 100644 --- a/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj.conf +++ b/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj.conf @@ -71,6 +71,10 @@ CONFIG_USB_NRFX_EVT_QUEUE_SIZE=16 CONFIG_BT_PRIVACY=y CONFIG_BT_LL_SW_SPLIT=y +# Optimize Bluetooth controller for size to reduce memory consumption +CONFIG_BT_CTLR_ADVANCED_FEATURES=y +CONFIG_BT_CTLR_OPTIMIZE_FOR_SIZE=y + CONFIG_BT_BUF_ACL_TX_SIZE=35 CONFIG_BT_CTLR_DATA_LENGTH_MAX=35 CONFIG_BT_ATT_TX_COUNT=6 diff --git a/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj_release.conf b/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj_release.conf index 26ad19c50833..9c81a44e1337 100644 --- a/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj_release.conf +++ b/applications/nrf_desktop/configuration/nrf52820dongle_nrf52820/prj_release.conf @@ -70,6 +70,10 @@ CONFIG_USB_NRFX_EVT_QUEUE_SIZE=30 CONFIG_BT_PRIVACY=y CONFIG_BT_LL_SW_SPLIT=y +# Optimize Bluetooth controller for size to reduce memory consumption +CONFIG_BT_CTLR_ADVANCED_FEATURES=y +CONFIG_BT_CTLR_OPTIMIZE_FOR_SIZE=y + CONFIG_BT_BUF_ACL_TX_SIZE=35 CONFIG_BT_CTLR_DATA_LENGTH_MAX=35 CONFIG_BT_ATT_TX_COUNT=6 diff --git a/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj.conf b/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj.conf index d07af21c74cc..222b1b6c06f8 100644 --- a/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj.conf +++ b/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj.conf @@ -72,6 +72,10 @@ CONFIG_USB_NRFX_EVT_QUEUE_SIZE=16 CONFIG_BT_PRIVACY=y CONFIG_BT_LL_SW_SPLIT=y +# Optimize Bluetooth controller for size to reduce memory consumption +CONFIG_BT_CTLR_ADVANCED_FEATURES=y +CONFIG_BT_CTLR_OPTIMIZE_FOR_SIZE=y + CONFIG_BT_BUF_ACL_TX_SIZE=35 CONFIG_BT_CTLR_DATA_LENGTH_MAX=35 CONFIG_BT_ATT_TX_COUNT=6 diff --git a/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj_release.conf b/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj_release.conf index e2953b484c9f..b29f205b4ec8 100644 --- a/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj_release.conf +++ b/applications/nrf_desktop/configuration/nrf52833dk_nrf52820/prj_release.conf @@ -71,6 +71,10 @@ CONFIG_USB_NRFX_EVT_QUEUE_SIZE=30 CONFIG_BT_PRIVACY=y CONFIG_BT_LL_SW_SPLIT=y +# Optimize Bluetooth controller for size to reduce memory consumption +CONFIG_BT_CTLR_ADVANCED_FEATURES=y +CONFIG_BT_CTLR_OPTIMIZE_FOR_SIZE=y + CONFIG_BT_BUF_ACL_TX_SIZE=35 CONFIG_BT_CTLR_DATA_LENGTH_MAX=35 CONFIG_BT_ATT_TX_COUNT=6 From 2ace65ef3bc7ad48d8ba841ce6aad28c4473c782 Mon Sep 17 00:00:00 2001 From: Arkadiusz Balys Date: Wed, 2 Oct 2024 14:49:21 +0200 Subject: [PATCH 201/217] samples: openthread: Set the ZVFS_OPEN_MAX to the proper value. We need to set CONFIG_ZVFS_OPEN_MAX to 9 to support NET_SOCKETS_POLL_MAX=9 Signed-off-by: Arkadiusz Balys --- samples/openthread/cli/snippets/ci/ci.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/openthread/cli/snippets/ci/ci.conf b/samples/openthread/cli/snippets/ci/ci.conf index 92c685ed9727..1fceb301e63d 100644 --- a/samples/openthread/cli/snippets/ci/ci.conf +++ b/samples/openthread/cli/snippets/ci/ci.conf @@ -22,4 +22,5 @@ CONFIG_NET_SHELL=y CONFIG_NET_ZPERF=y CONFIG_NET_CONTEXT_RCVTIMEO=y CONFIG_NET_SOCKETS=y +CONFIG_ZVFS_OPEN_MAX=9 CONFIG_NET_SOCKETS_POLL_MAX=9 From 8e746e261e29e6d74e17c8f713be02019351b01d Mon Sep 17 00:00:00 2001 From: Robert Lubos Date: Wed, 2 Oct 2024 15:14:04 +0200 Subject: [PATCH 202/217] samples: Align with changed AF_PACKET proto format Zephyr AF_PACKET sockets now expect the protocol to be provided in network byte order (see upstream commit 99693bee5f2762f84b78ed90740753cdec40f394), so apply this change globally. Signed-off-by: Robert Lubos --- applications/serial_lte_modem/src/slm_ppp.c | 3 ++- samples/cellular/modem_shell/src/ppp/ppp_ctrl.c | 3 ++- samples/wifi/monitor/src/main.c | 2 +- samples/wifi/promiscuous/src/main.c | 2 +- samples/wifi/raw_tx_packet/src/main.c | 2 +- samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c | 2 +- 6 files changed, 8 insertions(+), 6 deletions(-) diff --git a/applications/serial_lte_modem/src/slm_ppp.c b/applications/serial_lte_modem/src/slm_ppp.c index 970d1e4ec170..c0c670198f44 100644 --- a/applications/serial_lte_modem/src/slm_ppp.c +++ b/applications/serial_lte_modem/src/slm_ppp.c @@ -99,7 +99,8 @@ static bool open_ppp_sockets(void) { int ret; - ppp_fds[ZEPHYR_FD_IDX] = socket(AF_PACKET, SOCK_RAW | SOCK_NATIVE, IPPROTO_RAW); + ppp_fds[ZEPHYR_FD_IDX] = socket(AF_PACKET, SOCK_RAW | SOCK_NATIVE, + htons(IPPROTO_RAW)); if (ppp_fds[ZEPHYR_FD_IDX] < 0) { LOG_ERR("Zephyr socket creation failed (%d).", errno); return false; diff --git a/samples/cellular/modem_shell/src/ppp/ppp_ctrl.c b/samples/cellular/modem_shell/src/ppp/ppp_ctrl.c index 306d67b531a4..a5b663e08fdb 100644 --- a/samples/cellular/modem_shell/src/ppp/ppp_ctrl.c +++ b/samples/cellular/modem_shell/src/ppp/ppp_ctrl.c @@ -378,7 +378,8 @@ static int ppp_ctrl_zephyr_sckt_create(void) } /* Create raw Zephyr socket for passing data to/from ppp link: */ - ppp_data_socket_fd = socket(AF_PACKET, SOCK_RAW | SOCK_NATIVE, IPPROTO_RAW); + ppp_data_socket_fd = socket(AF_PACKET, SOCK_RAW | SOCK_NATIVE, + htons(IPPROTO_RAW)); if (ppp_data_socket_fd < 0) { mosh_error("PPP Zephyr data socket creation failed: (%d)\n", -errno); goto return_error; diff --git a/samples/wifi/monitor/src/main.c b/samples/wifi/monitor/src/main.c index ffb95606a011..b24696b4c065 100644 --- a/samples/wifi/monitor/src/main.c +++ b/samples/wifi/monitor/src/main.c @@ -397,7 +397,7 @@ static int setup_raw_socket(int *sock) struct sockaddr_ll dst = { 0 }; int ret; - *sock = socket(AF_PACKET, SOCK_RAW, ETH_P_ALL); + *sock = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); if (*sock < 0) { LOG_ERR("Failed to create RAW socket : %d", errno); diff --git a/samples/wifi/promiscuous/src/main.c b/samples/wifi/promiscuous/src/main.c index 6b42246e342a..b1a0fbd1472c 100644 --- a/samples/wifi/promiscuous/src/main.c +++ b/samples/wifi/promiscuous/src/main.c @@ -295,7 +295,7 @@ static int setup_raw_socket(int *sock) struct sockaddr_ll dst = { 0 }; int ret; - *sock = socket(AF_PACKET, SOCK_RAW, ETH_P_ALL); + *sock = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); if (*sock < 0) { LOG_ERR("Failed to create RAW socket : %d", errno); diff --git a/samples/wifi/raw_tx_packet/src/main.c b/samples/wifi/raw_tx_packet/src/main.c index ef6b48389b12..7080aae639d1 100644 --- a/samples/wifi/raw_tx_packet/src/main.c +++ b/samples/wifi/raw_tx_packet/src/main.c @@ -168,7 +168,7 @@ static int setup_raw_pkt_socket(int *sockfd, struct sockaddr_ll *sa) struct net_if *iface = NULL; int ret; - *sockfd = socket(AF_PACKET, SOCK_RAW, IPPROTO_RAW); + *sockfd = socket(AF_PACKET, SOCK_RAW, htons(IPPROTO_RAW)); if (*sockfd < 0) { LOG_ERR("Unable to create a socket %d", errno); return -1; diff --git a/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c b/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c index 129e9b0a0ac8..2815078b6010 100644 --- a/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c +++ b/samples/wifi/shell/src/wifi_raw_tx_pkt_shell.c @@ -151,7 +151,7 @@ static int setup_raw_pkt_socket(int *sockfd, struct sockaddr_ll *sa) struct net_if *iface; int ret; - *sockfd = socket(AF_PACKET, SOCK_RAW, IPPROTO_RAW); + *sockfd = socket(AF_PACKET, SOCK_RAW, htons(IPPROTO_RAW)); if (*sockfd < 0) { LOG_ERR("Unable to create a socket %d", errno); return -1; From bb559de75453a164dd5cd860090772ecaca39776 Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Wed, 2 Oct 2024 15:03:49 +0200 Subject: [PATCH 203/217] nrf_security: Enable builtin keys for nRF54L Enable MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for the nRF54L15 since it is always required in order to use the HUKs. This is relevant to the non-TFM target of L15. Signed-off-by: Georgios Vasilakis --- subsys/nrf_security/CMakeLists.txt | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/subsys/nrf_security/CMakeLists.txt b/subsys/nrf_security/CMakeLists.txt index 07aaa82639a5..3574fe3d3da2 100644 --- a/subsys/nrf_security/CMakeLists.txt +++ b/subsys/nrf_security/CMakeLists.txt @@ -117,6 +117,15 @@ target_compile_definitions(psa_crypto_library_config # The name and intent of this comes from TF-M distribution add_library(psa_interface INTERFACE) +# In nRF54L this configuration is required for the HUK keys to work +if(CONFIG_SOC_SERIES_NRF54LX AND (CONFIG_HW_UNIQUE_KEY OR CONFIG_IDENTITY_KEY)) +# Add config files required for PSA crypto interface +target_compile_definitions(psa_interface + INTERFACE + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS +) +endif() + # Add the includes from nrf_security, Oberon PSA core, and Arm Mbed TLS # to the psa_interface library target_include_directories(psa_interface From 2b813d9a8759daf5b29a1350e7b65ba88bb3c817 Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Wed, 2 Oct 2024 15:35:00 +0200 Subject: [PATCH 204/217] nrf_security: Cracen PSA, allow no alg import key Allow to import a ECC public key even when the algorithm is not set. This is allowed in the other drivers and we observed that some TLS tests don't set the algorithm. Signed-off-by: Georgios Vasilakis --- .../src/drivers/cracen/cracenpsa/src/key_management.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c index 5d058ba4d89c..2ed3c7c5607a 100644 --- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c +++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c @@ -290,13 +290,11 @@ static psa_status_t check_wstr_pub_key_data(psa_algorithm_t key_alg, psa_ecc_fam return PSA_ERROR_INVALID_ARGUMENT; } - if (PSA_ALG_IS_ECDSA(key_alg)) { - return PSA_SUCCESS; - } else if (PSA_ALG_IS_ECDH(key_alg)) { + if (PSA_ALG_IS_ECDH(key_alg)) { return check_wstr_publ_key_for_ecdh(curve, key_bits, data, data_length); } - return PSA_ERROR_NOT_SUPPORTED; + return PSA_SUCCESS; } static psa_status_t import_ecc_public_key(const psa_key_attributes_t *attributes, From b90338b8d8c988fd83ae841fc6563e7cb8da570f Mon Sep 17 00:00:00 2001 From: Arkadiusz Balys Date: Wed, 2 Oct 2024 13:37:37 +0200 Subject: [PATCH 205/217] scripts: quarantine: quarantine Matter samples Quarantined Matter samples due to RAM/FLASH overflow. Signed-off-by: Arkadiusz Balys --- scripts/quarantine.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index fc27a81dbbbb..592cf2d4a52c 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -38,3 +38,20 @@ - scenarios: - net.lib.wifi_credentials_backend_psa comment: "Fix not known at time of upmerge, temporarily excluded to be fixed after upmerge" + +- scenarios: + - sample.matter.lock.smp_dfu + - sample.matter.light_bulb.aws + platforms: + - nrf7002dk/nrf5340/cpuapp + comment: "Flash or RAM overflow, temporarily excluded" + +- scenarios: + - sample.matter.lock.thread_wifi_switched.lto.smp_dfu + platforms: + - nrf5340dk/nrf5340/cpuapp + comment: "Flash or RAM overflow, temporarily excluded" + +- scenarios: + - applications.matter_bridge.lto.nrf5340.wifi + comment: "nRF7002EK is not support in the upstream nRF70 driver yet" From 948ebee59e951334ffbaec1057a7ce65ed131e25 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Thu, 3 Oct 2024 10:05:59 +0200 Subject: [PATCH 206/217] tests: benchmarks: current_consumption: system_off: update path Update path to target sources from boards/nrf -> boards/nordic Signed-off-by: Bjarki Arge Andreasen --- tests/benchmarks/current_consumption/system_off/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/benchmarks/current_consumption/system_off/CMakeLists.txt b/tests/benchmarks/current_consumption/system_off/CMakeLists.txt index 37ac7f2f9fe8..6a90b1a932d0 100644 --- a/tests/benchmarks/current_consumption/system_off/CMakeLists.txt +++ b/tests/benchmarks/current_consumption/system_off/CMakeLists.txt @@ -8,4 +8,4 @@ cmake_minimum_required(VERSION 3.20.0) find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) project(system_off) -target_sources(app PRIVATE $ENV{ZEPHYR_BASE}/samples/boards/nrf/system_off/src/main.c) +target_sources(app PRIVATE $ENV{ZEPHYR_BASE}/samples/boards/nordic/system_off/src/main.c) From 6250b0dfd9294adee93020c6af6f9d6ef01b060a Mon Sep 17 00:00:00 2001 From: Markus Lassila Date: Thu, 3 Oct 2024 09:37:54 +0300 Subject: [PATCH 207/217] applications: serial_lte_modem: Legacy crypto for full mfw fota Enable legacy Mbed TLS crypto for full modem FOTA. Signed-off-by: Markus Lassila --- applications/serial_lte_modem/overlay-full_fota.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/serial_lte_modem/overlay-full_fota.conf b/applications/serial_lte_modem/overlay-full_fota.conf index 4888eb850a52..9e7ebc5e06f4 100644 --- a/applications/serial_lte_modem/overlay-full_fota.conf +++ b/applications/serial_lte_modem/overlay-full_fota.conf @@ -14,6 +14,7 @@ CONFIG_SPI_NOR=y CONFIG_DFU_TARGET_STREAM=y CONFIG_DFU_TARGET_FULL_MODEM=y CONFIG_FMFU_FDEV_SKIP_PREVALIDATION=n +CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y CONFIG_MBEDTLS_SHA256_C=y CONFIG_FMFU_FDEV=y CONFIG_ZCBOR=y From 39db169b3cae747b6fd20b2c0cdaf1620392f933 Mon Sep 17 00:00:00 2001 From: Ravi Dondaputi Date: Thu, 3 Oct 2024 14:00:25 +0530 Subject: [PATCH 208/217] samples: wifi: shell: Reduce static RAM usage Static RAM usage is exceeding the `RAM` region at build time. Decrease the number of TX buffers to fix this. Signed-off-by: Ravi Dondaputi --- samples/wifi/shell/overlay-zperf.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/samples/wifi/shell/overlay-zperf.conf b/samples/wifi/shell/overlay-zperf.conf index 476ac022a3bb..5e1cccfb9a13 100644 --- a/samples/wifi/shell/overlay-zperf.conf +++ b/samples/wifi/shell/overlay-zperf.conf @@ -3,15 +3,15 @@ CONFIG_ZVFS_OPEN_MAX=20 # Zperf TCP=6, UDP=2, Others=1 CONFIG_NET_SOCKETS_POLL_MAX=20 # Sockets: select + poll take up more stack -CONFIG_MAIN_STACK_SIZE=4600 -CONFIG_SHELL_STACK_SIZE=4650 +CONFIG_MAIN_STACK_SIZE=5200 +CONFIG_SHELL_STACK_SIZE=5200 CONFIG_NET_MGMT_EVENT_STACK_SIZE=4600 # Optimized networking settings for performance CONFIG_NET_PKT_RX_COUNT=28 -CONFIG_NET_PKT_TX_COUNT=29 +CONFIG_NET_PKT_TX_COUNT=27 CONFIG_NET_BUF_RX_COUNT=28 -CONFIG_NET_BUF_TX_COUNT=58 +CONFIG_NET_BUF_TX_COUNT=54 CONFIG_HEAP_MEM_POOL_SIZE=230000 CONFIG_NET_BUF_DATA_SIZE=1100 CONFIG_NRF70_QSPI_LOW_POWER=n From 93cca3be8637d10ef1932a11d0a504885a03576a Mon Sep 17 00:00:00 2001 From: Maciej Perkowski Date: Thu, 3 Oct 2024 10:27:03 +0200 Subject: [PATCH 209/217] quarantine: update for zigbee weather station build failures quarantine updated Signed-off-by: Maciej Perkowski --- scripts/quarantine.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/quarantine.yaml b/scripts/quarantine.yaml index 592cf2d4a52c..a929e70a2789 100644 --- a/scripts/quarantine.yaml +++ b/scripts/quarantine.yaml @@ -55,3 +55,10 @@ - scenarios: - applications.matter_bridge.lto.nrf5340.wifi comment: "nRF7002EK is not support in the upstream nRF70 driver yet" + +- scenarios: + - applications.zigbee_weather_station + - applications.zigbee_weather_station.debug + platforms: + - thingy53/nrf5340/cpuapp + comment: "https://nordicsemi.atlassian.net/browse/NCSDK-29488" From 0ae9b38ec95addde54767494bbdc27fbbcab4a57 Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Thu, 3 Oct 2024 10:41:47 +0200 Subject: [PATCH 210/217] doc: tfm: update to 2.1.0 When building for 2.1.0, there seems to be a missing reference from TF-M-Extras. Add a filter for it. Signed-off-by: Gerard Marull-Paretas --- doc/CMakeLists.txt | 2 +- doc/tfm/known-warnings.txt | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt index b5a1b51740b6..fb5723c7ba8d 100644 --- a/doc/CMakeLists.txt +++ b/doc/CMakeLists.txt @@ -322,7 +322,7 @@ add_doxygen_docset(nrfx ${ZEPHYR_HAL_NORDIC_MODULE_DIR} "" STANDALONE) #------------------------------------------------------------------------------- # docset: tfm -add_docset(tfm "2.0.0") +add_docset(tfm "2.1.0") #------------------------------------------------------------------------------- # docset: matter diff --git a/doc/tfm/known-warnings.txt b/doc/tfm/known-warnings.txt index 8a12149b6e62..b97f950ff3af 100644 --- a/doc/tfm/known-warnings.txt +++ b/doc/tfm/known-warnings.txt @@ -1,3 +1,4 @@ # Add here warnings caused by upstream docs, and that cannot be fixed due to # our build process tweaks .*document isn't included in any toctree.* +unknown document: 'TF-M-Extras:partitions/adac/index' From 25d120671fabe8466a33e835e80b37f7c3077893 Mon Sep 17 00:00:00 2001 From: Gerard Marull-Paretas Date: Thu, 3 Oct 2024 11:03:46 +0200 Subject: [PATCH 211/217] doc: nrfxlib: enable zephyr domain So that Zephyr samples can be referenced. Signed-off-by: Gerard Marull-Paretas --- doc/nrfxlib/conf.py | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/nrfxlib/conf.py b/doc/nrfxlib/conf.py index f0d821753e73..ee158d2492e1 100644 --- a/doc/nrfxlib/conf.py +++ b/doc/nrfxlib/conf.py @@ -36,6 +36,7 @@ "sphinxcontrib.mscgen", "inventory_builder", "warnings_filter", + "zephyr.domain", "zephyr.kconfig", "zephyr.external_content", "zephyr.doxyrunner", From ab31e6f767aaf001b94442cfc6ed0d2b9f6e0f79 Mon Sep 17 00:00:00 2001 From: Andrzej Puzdrowski Date: Thu, 3 Oct 2024 16:45:03 +0200 Subject: [PATCH 212/217] mcuboot/Kconfig: disable IMG_GRP_HASH & MG_GPR_SLOT_INFO Disabled additional serial recovery commands which allow to decrease the default MCUboot's footprint size: CONFIG_BOOT_SERIAL_IMG_GRP_HASH=n CONFIG_BOOT_SERIAL_IMG_GRP_SLOT_INFO=n Signed-off-by: Andrzej Puzdrowski --- modules/mcuboot/boot/zephyr/Kconfig | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/modules/mcuboot/boot/zephyr/Kconfig b/modules/mcuboot/boot/zephyr/Kconfig index ad79622f0223..054680802f62 100644 --- a/modules/mcuboot/boot/zephyr/Kconfig +++ b/modules/mcuboot/boot/zephyr/Kconfig @@ -172,3 +172,13 @@ config MCUBOOT_CLEANUP_UNUSABLE_SECONDARY supported primary images. This behaviour is desired when configuration allows to use one secondary slot for collecting image for multiple primary slots. + +# disabled for reduce footprint +config BOOT_SERIAL_IMG_GRP_HASH + bool + default n + +# disabled for reduce footprint +config BOOT_SERIAL_IMG_GPR_SLOT_INFO + bool + default n From 680b058fc04de91def9bea0eb5826f34b71a1bc0 Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Thu, 3 Oct 2024 16:59:32 +0200 Subject: [PATCH 213/217] nrf_security: Rename nrf_security generated path With a more relevant name Signed-off-by: Georgios Vasilakis --- subsys/nrf_security/configs/config_extra.cmake.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/subsys/nrf_security/configs/config_extra.cmake.in b/subsys/nrf_security/configs/config_extra.cmake.in index e52319bc5e0b..375e7858918e 100644 --- a/subsys/nrf_security/configs/config_extra.cmake.in +++ b/subsys/nrf_security/configs/config_extra.cmake.in @@ -24,8 +24,8 @@ set(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE ${CONFIG_MBEDTLS_PSA_CRYPTO_USER_CONFIG_ # This file is populated with the generated include-folders for PSA interface (for main app, ns-services) as # well as the include-folder for library build of the crypto toolbo with or without TF-M -set(PSA_CRYPTO_CONFIG_INTERFACE_PATH ${CMAKE_BINARY_DIR}/generated/interface_seeme CACHE STRING "Path used for generated PSA crypto configuratiosn for the interface") -set(PSA_CRYPTO_CONFIG_LIBRARY_PATH ${CMAKE_BINARY_DIR}/generated/library_seeme CACHE STRING "Path used for generated PSA crypto for library builds") +set(PSA_CRYPTO_CONFIG_INTERFACE_PATH ${CMAKE_BINARY_DIR}/generated/interface_nrf_security_psa CACHE STRING "Path used for generated PSA crypto configuratiosn for the interface") +set(PSA_CRYPTO_CONFIG_LIBRARY_PATH ${CMAKE_BINARY_DIR}/generated/library_nrf_security_psa CACHE STRING "Path used for generated PSA crypto for library builds") # Defines used by including external_core.cmake multiple times (to clean up for CMake trace) # This definitely needs to be reworked in upstream TF-M From 33dd9479c3f331e11dc13a6864678ffe639665bb Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Fri, 4 Oct 2024 11:02:28 +0200 Subject: [PATCH 214/217] workflows: compliance: disable ClangFormat Disable ClangFormat compliance check Signed-off-by: Bjarki Arge Andreasen --- .github/workflows/compliance.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index 29bd87a60a9c..071e5abcb321 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -70,7 +70,7 @@ jobs: git log --pretty=oneline | head -n 10 # For now we run KconfigBasic, but we should transition to Kconfig $ZEPHYR_BASE/scripts/ci/check_compliance.py --annotate -e Kconfig \ - -e KconfigBasicNoModules -c origin/${BASE_REF}.. + -e KconfigBasicNoModules -e ClangFormat -c origin/${BASE_REF}.. - name: upload-results uses: actions/upload-artifact@v3 From ce3505422d8abdafcfaa257503bce50127c8c17d Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Fri, 4 Oct 2024 11:52:42 +0200 Subject: [PATCH 215/217] nrf_security: Add missing PSA_WANT algorithms These will be moved later to the Zephyr file: modules/mbedtls/Kconfig.psa.nordic Placing them here now to minimize the changes in the upmerge Zephyr PR. Signed-off-by: Georgios Vasilakis --- subsys/nrf_security/src/drivers/Kconfig | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/subsys/nrf_security/src/drivers/Kconfig b/subsys/nrf_security/src/drivers/Kconfig index 5581badb09ae..f13b735ab156 100644 --- a/subsys/nrf_security/src/drivers/Kconfig +++ b/subsys/nrf_security/src/drivers/Kconfig @@ -59,6 +59,18 @@ config PSA_USE_HMAC_DRBG_DRIVER endmenu +config PSA_WANT_ALG_CFB + bool "PSA stream cipher using CFB block cipher mode support" + +config PSA_WANT_ALG_OFB + bool "PSA stream cipher using OFB block cipher mode support" + +config PSA_WANT_ALG_CHACHA20 + bool "PSA stream cipher using CHACHA20 support" + +config PSA_WANT_ALG_SHAKE256_512 + bool "PSA SHAKE256 512 bits support" + menu "CryptoCell PSA Driver Configuration" if PSA_CRYPTO_DRIVER_CC3XX From b0efdaa295c95e93b754cdd8a141c42fa43b4ca2 Mon Sep 17 00:00:00 2001 From: Bjarki Arge Andreasen Date: Fri, 4 Oct 2024 12:32:39 +0200 Subject: [PATCH 216/217] kconfig: openthread: Disable OpenThread Libraries Disable OT libraries due to crypto config misalignment. Signed-off-by: Maciej Baczmanski Signed-off-by: Bjarki Arge Andreasen --- subsys/net/openthread/Kconfig.defconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/subsys/net/openthread/Kconfig.defconfig b/subsys/net/openthread/Kconfig.defconfig index 9a5ec34e2003..3978fa38f5d1 100644 --- a/subsys/net/openthread/Kconfig.defconfig +++ b/subsys/net/openthread/Kconfig.defconfig @@ -19,7 +19,7 @@ config OPENTHREAD_LIBRARY_AVAILABLE # Switch: # - To `y` when libraries for the current OpenThread revision are provided # - To `n` on the next OpenThread upmerge - default y + default n depends on OPENTHREAD_THREAD_VERSION_1_3 depends on (OPENTHREAD_NORDIC_LIBRARY_MASTER && SOC_NRF52840) || \ OPENTHREAD_NORDIC_LIBRARY_FTD || OPENTHREAD_NORDIC_LIBRARY_MTD From 5bba21ee8fbea666158af41e56ee6604dad61c9b Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Fri, 4 Oct 2024 13:58:23 +0200 Subject: [PATCH 217/217] nrf_security: Minor compliance fixes No funtional change here, just fixes spacing issues causing compliance failures in nrf_security and TFM. Signed-off-by: Georgios Vasilakis --- include/tfm/platform_otp_ids.h | 2 +- .../tfm_boards/external_core.cmake | 4 +- .../tfm_boards/external_core_install.cmake | 2 +- subsys/nrf_security/cmake/extensions.cmake | 6 +-- .../nrf_security/cmake/generate_configs.cmake | 6 +-- subsys/nrf_security/cmake/nrf_config.cmake | 2 +- .../configs/config_extra.cmake.in | 2 +- .../configs/nrf-config.h.template | 2 +- subsys/nrf_security/include/crypto_compat.h | 38 +++++++++---------- 9 files changed, 31 insertions(+), 33 deletions(-) diff --git a/include/tfm/platform_otp_ids.h b/include/tfm/platform_otp_ids.h index 71332c445df8..5361a9b12245 100644 --- a/include/tfm/platform_otp_ids.h +++ b/include/tfm/platform_otp_ids.h @@ -14,7 +14,7 @@ extern "C" { #endif enum tfm_otp_element_id_t { - PLAT_OTP_ID_LCS = UINT32_MAX -1, + PLAT_OTP_ID_LCS = UINT32_MAX - 1, PLAT_OTP_ID_MAX = UINT32_MAX, }; diff --git a/modules/trusted-firmware-m/tfm_boards/external_core.cmake b/modules/trusted-firmware-m/tfm_boards/external_core.cmake index eadd46718bf5..a88ffd672cf7 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core.cmake @@ -13,8 +13,6 @@ if(NOT PSA_CRYPTO_EXTERNAL_CORE) return() endif() -# Note that - # Adjusting includes from spe-CMakeLists.txt which has the following heading: # # This CMake script is prepard by TF-M for building the non-secure side @@ -47,7 +45,7 @@ if(TARGET psa_interface) # Mbed TLS (mbedcrypto) PSA headers ${ARM_MBEDTLS_PATH}/library ${ARM_MBEDTLS_PATH}/include - ${ARM_MBEDTLS_PATH}/include/library + ${ARM_MBEDTLS_PATH}/include/library ) endif() diff --git a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake index 8a0981edf650..88a0aadd4074 100644 --- a/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake +++ b/modules/trusted-firmware-m/tfm_boards/external_core_install.cmake @@ -30,7 +30,7 @@ install( FILES ${OBERON_PSA_CORE_PATH}/include/mbedtls/build_info.h ${OBERON_PSA_CORE_PATH}/include/mbedtls/config_psa.h - DESTINATION + DESTINATION ${INSTALL_INTERFACE_INC_DIR}/mbedtls ) diff --git a/subsys/nrf_security/cmake/extensions.cmake b/subsys/nrf_security/cmake/extensions.cmake index 877fcabf3dbe..ce49edf83119 100644 --- a/subsys/nrf_security/cmake/extensions.cmake +++ b/subsys/nrf_security/cmake/extensions.cmake @@ -167,16 +167,16 @@ endmacro() # macro(nrf_security_add_zephyr_options_library lib_name) if(TARGET zephyr_interface) - # Add an an filtered version of zephyr_interface (PSA crypto interface filtered out) + # Add an filtered version of zephyr_interface (PSA crypto interface filtered out) target_compile_options(${lib_name} PRIVATE $) target_compile_definitions(${lib_name} PRIVATE $) # Ensure that the PSA crypto interface include folder isn't added in library builds (filtered out) - target_include_directories(${lib_name} + target_include_directories(${lib_name} PRIVATE $,EXCLUDE,${PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX}> ) # Ensure that the PSA crypto interface include folder isn't added in library builds (filtered out) - target_include_directories(${lib_name} + target_include_directories(${lib_name} PRIVATE $,EXCLUDE,${PSA_CRYPTO_CONFIG_INTERFACE_PATH_REGEX}> ) diff --git a/subsys/nrf_security/cmake/generate_configs.cmake b/subsys/nrf_security/cmake/generate_configs.cmake index 9ed6aed6dc3a..48b8b06ff1a1 100644 --- a/subsys/nrf_security/cmake/generate_configs.cmake +++ b/subsys/nrf_security/cmake/generate_configs.cmake @@ -44,7 +44,7 @@ macro(generate_mbedcrypto_interface_configs) # Empty out previous versions of interface config-files file(REMOVE_RECURSE ${generated_include_path}) - # Generate MBEDCRYPTO_CONFIG_FILE + # Generate MBEDCRYPTO_CONFIG_FILE if(CONFIG_MBEDTLS_LEGACY_CRYPTO_C) include(${NRF_SECURITY_ROOT}/cmake/legacy_crypto_config.cmake) else() @@ -56,7 +56,7 @@ macro(generate_mbedcrypto_interface_configs) # Note: Interface doesn't need PSA_CRYPTO_USER_CONFIG_FILE - # Restore the backup configurations + # Restore the backup configurations kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) @@ -129,7 +129,7 @@ macro(generate_mbedcrypto_library_configs) # Generate the PSA_CRYPTO_USER_CONFIG_FILE (PSA_NEED configurations) include(${NRF_SECURITY_ROOT}/cmake/psa_crypto_config.cmake) - # Restore the backup configurations + # Restore the backup configurations kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_C) kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) kconfig_restore_backup_config(CONFIG_MBEDTLS_PSA_CRYPTO_SPM) diff --git a/subsys/nrf_security/cmake/nrf_config.cmake b/subsys/nrf_security/cmake/nrf_config.cmake index 78e7da10bccf..ff4b0f8673b2 100644 --- a/subsys/nrf_security/cmake/nrf_config.cmake +++ b/subsys/nrf_security/cmake/nrf_config.cmake @@ -3,7 +3,7 @@ # # SPDX-License-Identifier: LicenseRef-Nordic-5-Clause # -# Convert all platform and TLS/DTLS and X.509 Kconfig variables for Mbed TLS +# Convert all platform and TLS/DTLS and X.509 Kconfig variables for Mbed TLS # (strip CONFIG_) # TF-M diff --git a/subsys/nrf_security/configs/config_extra.cmake.in b/subsys/nrf_security/configs/config_extra.cmake.in index 375e7858918e..b003f1ed6bcc 100644 --- a/subsys/nrf_security/configs/config_extra.cmake.in +++ b/subsys/nrf_security/configs/config_extra.cmake.in @@ -9,7 +9,7 @@ set(PSA_CRYPTO_EXTERNAL_CORE ON CACHE BOOL "Enable building PSA core externally") # This file is populated with paths needed building nrf_security with and without TF-M -# It is added to circumvent issues with install-targets inside TF-M and to unify the +# It is added to circumvent issues with install-targets inside TF-M and to unify the # CMake code with Zephyr builds set(NRFXLIB_DIR ${ZEPHYR_NRFXLIB_MODULE_DIR} CACHE STRING "nrfxlib folder") set(NRF_SECURITY_ROOT ${NRF_DIR}/subsys/nrf_security CACHE STRING "nrf_security root folder") diff --git a/subsys/nrf_security/configs/nrf-config.h.template b/subsys/nrf_security/configs/nrf-config.h.template index 47f6caac3164..86879b823497 100644 --- a/subsys/nrf_security/configs/nrf-config.h.template +++ b/subsys/nrf_security/configs/nrf-config.h.template @@ -5,7 +5,7 @@ * */ /* The include guards used here ensures that a different Mbed TLS config is not - * added to the build and used by accident. Hence, this guard is not + * added to the build and used by accident. Hence, this guard is not * equivalent to naming of this file. */ #ifndef MBEDTLS_CONFIG_FILE_H diff --git a/subsys/nrf_security/include/crypto_compat.h b/subsys/nrf_security/include/crypto_compat.h index 3bca941f0927..10f6077edf70 100644 --- a/subsys/nrf_security/include/crypto_compat.h +++ b/subsys/nrf_security/include/crypto_compat.h @@ -40,7 +40,7 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t; */ static inline int psa_key_handle_is_null(psa_key_handle_t handle) { - return mbedtls_svc_key_id_is_null(handle); + return mbedtls_svc_key_id_is_null(handle); } /** Open a handle to an existing persistent key. @@ -104,7 +104,7 @@ static inline int psa_key_handle_is_null(psa_key_handle_t handle) * results in this error code. */ psa_status_t psa_open_key(mbedtls_svc_key_id_t key, - psa_key_handle_t *handle); + psa_key_handle_t *handle); /** Close a key handle. * @@ -160,7 +160,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * a future version of the library. */ #define PSA_DH_FAMILY_CUSTOM \ - ((psa_dh_family_t) MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0x7e)) + ((psa_dh_family_t) MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0x7e)) /** * \brief Set domain parameters for a key. @@ -179,15 +179,15 @@ psa_status_t psa_close_key(psa_key_handle_t handle); * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription */ static inline psa_status_t MBEDTLS_DEPRECATED psa_set_key_domain_parameters( - psa_key_attributes_t *attributes, - psa_key_type_t type, const uint8_t *data, size_t data_length) + psa_key_attributes_t *attributes, + psa_key_type_t type, const uint8_t *data, size_t data_length) { - (void) data; - if (data_length != 0) { - return PSA_ERROR_NOT_SUPPORTED; - } - psa_set_key_type(attributes, type); - return PSA_SUCCESS; + (void) data; + if (data_length != 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + psa_set_key_type(attributes, type); + return PSA_SUCCESS; } /** @@ -205,21 +205,21 @@ static inline psa_status_t MBEDTLS_DEPRECATED psa_set_key_domain_parameters( * \retval #PSA_SUCCESS \emptydescription */ static inline psa_status_t MBEDTLS_DEPRECATED psa_get_key_domain_parameters( - const psa_key_attributes_t *attributes, - uint8_t *data, size_t data_size, size_t *data_length) + const psa_key_attributes_t *attributes, + uint8_t *data, size_t data_size, size_t *data_length) { - (void) attributes; - (void) data; - (void) data_size; - *data_length = 0; - return PSA_SUCCESS; + (void) attributes; + (void) data; + (void) data_size; + *data_length = 0; + return PSA_SUCCESS; } /** Safe output buffer size for psa_get_key_domain_parameters(). * */ #define PSA_KEY_DOMAIN_PARAMETERS_SIZE(key_type, key_bits) \ - MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1u) + MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1u) #endif /* MBEDTLS_DEPRECATED_REMOVED */ /**@}*/