entropy: Enable the PSA RNG for nRF54H20 #2008
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Vge0rge
force-pushed
the
54h20_psa_rng
branch
from
41b421a to
521042c
Compare
NordicBuilder
requested review from
jaz1-nordic,
kl-cruz,
magp-nordic,
masz-nordic and
nika-nordic
|
I will add the equivalent code for nrf9280 soon, since I saw that this was using the PRNG as well. |
hermabe
requested changes
Sep 24, 2024
Vge0rge
force-pushed
the
54h20_psa_rng
branch
4 times, most recently
from
150d2d7 to
b822ae1
Compare
Vge0rge
force-pushed
the
54h20_psa_rng
branch
3 times, most recently
from
a14ae71 to
11de823
Compare
tomi-font
requested changes
Oct 3, 2024
Vge0rge
force-pushed
the
54h20_psa_rng
branch
from
11de823 to
b6b627f
Compare
Vge0rge
force-pushed
the
54h20_psa_rng
branch
from
b6b627f to
2250853
Compare
tomi-font
approved these changes
Nov 7, 2024
Vge0rge
force-pushed
the
54h20_psa_rng
branch
4 times, most recently
from
57ae764 to
5dcbb55
Compare
Vge0rge
force-pushed
the
54h20_psa_rng
branch
4 times, most recently
from
8622c0c to
f134485
Compare
Vge0rge
force-pushed
the
54h20_psa_rng
branch
2 times, most recently
from
b12c23c to
10e2b51
Compare
Vge0rge
force-pushed
the
54h20_psa_rng
branch
4 times, most recently
from
295edb9 to
b99f2a0
Compare
Vge0rge
force-pushed
the
54h20_psa_rng
branch
from
b99f2a0 to
be27b5a
Compare
…it timeouts Some code that automatically gets embedded on some platforms relies on having `CONFIG_TIMEOUT_64BIT` enabled. Do not force disabling that Kconfig option in the test configuration, as that will make the test fail to compile on those platforms. Signed-off-by: Tomi Fontanilles <[email protected]> (cherry picked from commit 4b9c588)
The ram0x partitions seem to be not compliant with nRF54H20 architecture and it causes that in the application dts overlay file it is difficult to extend cpuapp_ram0x_region without modifying whole layout. It is better to place cpurad_ram0x_region at the beginning at 2f010000 address and then cpuapp_ram0x_region right after that. Thanks to that, if the application needs to have more than 256 kB of RAM, in the application dts overlay file, a user can increase cpuapp_ram0x_region size up to 2f0be000. Signed-off-by: Arkadiusz Balys <[email protected]> (cherry picked from commit a53cb73)
There is a mistake and the cpuapp_ram0x_region "reg" value should start from 0x2f011000. Signed-off-by: Arkadiusz Balys <[email protected]> (cherry picked from commit 1e69738)
Enable the cpusec IPC and the bellboard nodes for the nrf54h20dk cpuapp and cpurad targets to enable communication between domains. Also enables the region cpurad_ram0x_region since it is also required for the communication. Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit fdede6a)
…BYTES The mechanism for communication between domains requires extra threads. So change the default value MAX_THREAD_BYTES to allow usage of more threads. Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit 8a190e8)
Disable the IPC communication between the domains for the arm_thread_swap test since it is not needed and it causes a flash oveflow for the no opmitization test case. Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit 28bd478)
Noup since secdom is not available upstream and it is required for PSA RNG. This enables the PSA RNG as the default Zephyr entropy provider for the nrf54h20dk cpuapp and cpurad targets. Signed-off-by: Georgios Vasilakis <[email protected]>
Noup since secdom is not available upstream and it is required for PSA RNG. This adds the Kconfig requirements for the PSA RNG service. This affects the nrf54h20dk cpuapp and cpurad targets. Signed-off-by: Georgios Vasilakis <[email protected]>
When the PSA crypto secure domain service is enabled. Noup since this service is not available upstream. This is temporary since we expect to add support for data cache later. This affects the nrf54h20dk cpuapp and cpurad targets. Signed-off-by: Georgios Vasilakis <[email protected]>
Disable the mbedtls legacy tests for the nRF54H20. We now enable the PSA entropy driver for the nRF54H20 which is incompatible with the mbedtls legacy APIs. Noup since we only enable the PSA entropy driver in NCS and not upstream. Signed-off-by: Georgios Vasilakis <[email protected]>
CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC is promptless so it cannot be selected. Moreover it's also automatically enabled by CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE in the same overlay file so there would be no need to explicitly enable it. As for the IMPORT, EXPORT, DERIVE they are needed for the TLS connection to work properly. Previously it was working because at least IMPORT and EXPORT are internally enabled by Mbed TLS at build time. So here we are basically doing the same enablements with Kconfigs in clear. Upstream PR #: 82862 Signed-off-by: Valerio Setti <[email protected]>
Vge0rge
force-pushed
the
54h20_psa_rng
branch
from
be27b5a to
23ef15b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Check commits messages