Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do Not Review: Upmerge TF-M v2.1.0 and Mbed TLS v3.6.0 #1462

Open
wants to merge 6 commits into
base: main
Choose a base branch
from

Conversation

frkv
Copy link
Contributor

@frkv frkv commented Sep 9, 2024

This adds improved threading support for CryptoCell enabled devices

The change is necessary due to Mbed TLS v3.6.0 adding support for thread safety for the PSA core.

Note: This is not synchronized with the current expected checkout in sdk-nrf

@frkv frkv requested a review from tejlmand as a code owner September 9, 2024 08:21
@frkv frkv added the DNM Do not merge label Sep 9, 2024
@frkv frkv changed the title Upmerge TF-M v2.1.0 and Mbed TLS v3.6.0 [DNM] Upmerge TF-M v2.1.0 and Mbed TLS v3.6.0 Sep 9, 2024
@frkv frkv force-pushed the upmerge-TF-M-2.1-mbedtls-3.6 branch 2 times, most recently from ad5af2e to 985a7a6 Compare September 12, 2024 06:02
@frkv frkv changed the title [DNM] Upmerge TF-M v2.1.0 and Mbed TLS v3.6.0 Do Not Review: Upmerge TF-M v2.1.0 and Mbed TLS v3.6.0 Sep 12, 2024
frkv and others added 6 commits September 26, 2024 11:06
-This adds support for the 3 new mutexes that is required when building
 with Mbed TLS 3.6.0 with PSA crypto:
 - mbedtls_threading_key_slot_mutex
 - mbedtls_threading_psa_globaldata_mutex
 - mbedtls_threading_psa_rngdata_mutex
-Fixed typo

Note: There is a counterpart to this for devices that doesn't enable
CC3XX_BACKEND (Legacy crypto features) present in nrf_security to
allow thread-safe PSA core in all types of build in NCS.

Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This removes setting of MBEDTLS_ECP_MAX_BITS as this would
 result in a build-issue when trying to resolve the largest enabled
 curve size.

 This needs to be followed up with a cleanup of MBEDTLS_ECP_LIGHT
 which is still dependent on BIGNUM and BUILTIN types to be enabled

Signed-off-by: Frank Audun Kvamtrø <[email protected]>
This is now upstreamed to Zephyr, but FW binaries are still hosted here
as Zephyr does not allow blobs.

Signed-off-by: Chaitanya Tata <[email protected]>
Fix the indentation to fix the doc build error.

Signed-off-by: Chaitanya Tata <[email protected]>
Part of the nrf_dm library is placed in the init_array section by the
linker.

Zephyr requires STATIC_INIT_GNU to be enabled for proper initialization
of the init_array section, and therefore the setting must be enabled for
NRF_DM.

Signed-off-by: Torsten Rasmussen <[email protected]>
-Don't reuse RNG mutex for the PSA rng mutex type

Signed-off-by: Frank Audun Kvamtrø <[email protected]>
@frkv frkv force-pushed the upmerge-TF-M-2.1-mbedtls-3.6 branch from 985a7a6 to 7acb5ae Compare September 26, 2024 10:22
@github-actions github-actions bot added the doc-required PR must not be merged without tech writer approval. label Sep 26, 2024
@sachinthegreen sachinthegreen removed their request for review October 21, 2024 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
DNM Do not merge doc-required PR must not be merged without tech writer approval.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants