platform: nordic: Configure the TAMPC for nRF54L series #202
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Let this flash_layout unchanged as the increase was just made for debug purpose and then not really justified while it requires to updade board's flash partition and reduce room for application f/w. Signed-off-by: Erwan Gouriou <[email protected]> (cherry picked from commit f09bee9)
In the case of Zephyr's integration of TF-M, the Git tags of the upstream TF-M repo are not fetched. This resulted in this warning firing up at every build for every user while in fact it does not require any action from the user, and is just noise. Thus remove it. Change-Id: I9fc78ff89e978a0622e80d59dadc8dcfeeb7e553 Signed-off-by: Tomi Fontanilles <[email protected]> (cherry picked from commit b6c19b7)
This adds all the files (minus `.git*` and `CMSIS/Documentation/` for saving on size) from the CMSIS v6 repository (https://github.com/ARM-software/CMSIS_6) at the revision `d0c460c169` as defined in `lib/ext/cmsis/CMakeLists.txt`. The patch `lib/ext/cmsis/0001-iar-Add-missing-v8.1m-check` is applied on top. This is because as of v2.1.0 TF-M has updated to CMSIS v6 and switched from hosting the sources to depending on the upstream repository, cloning it at build time. To prevent a download from happening during the build, CMSIS v6 sources are pushed and the CMSIS_PATH CMake variable is used to point to them. Signed-off-by: Tomi Fontanilles <[email protected]> (cherry picked from commit 069455b)
The option MCUBOOT_DIRECT_XIP_REVERT can be an enabled only when XIP upgrade mechanism is enabled in MCUBOOT. The MCUBOOT default configuration in Cmake does't select XIP as the default upgrade option and thus it should not enable XIP_REVERT. This updates the default cmake config to disable XIP_REVERT. It also adds a Kconfig dependency for this option and it adds a cmake configuration check for this as well. Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: I8e4844ab70d927836a890ca8123b734a471f3270 (cherry picked from commit 32ffe3f)
flash_layout.h uses the definition of MCUBOOT_OVERWRITE_ONLY to enforce this strategy, and then expects it to undefine it for MCUBOOT_UPGRADE_STRATEGY contents to have effect. This might work but it is confusing, hence align the two. Signed-off-by: Antonio de Angelis <[email protected]> Change-Id: I75b62b433536a81d973ac45c212201d12dd38e07 (cherry picked from commit c140d6e)
Updates to a newer version of MCUboot and updates the shared data callback function to match the new definition Change-Id: I2a1190dc25ffb7e5c2b7a46e7a7724af91cb65b1 Signed-off-by: Jamie McCrae <[email protected]> (cherry picked from commit eb8ff0d)
crypto_sizes.h is no more aligned to the Mbed TLS version and it misses some #define that make some test to fail at build time in Zephyr. This commit fixes this disparities. Note: this commit can be ignored in future TF-M repo updates assuming that this fix will be already included in the upstream version of TF-M. Signed-off-by: Valerio Setti <[email protected]>
Signed-off-by: Antonio de Angelis <[email protected]> Change-Id: I4fb38988c863750caf40ae63dac02e776c5d7523 (cherry picked from commit 9b82218)
If a profile supports RSA encryption/decryption, increase the default size of the CRYPTO_ENGINE_BUF_SIZE to 0x3000 to avoid PSA_ERROR_INSUFFICIENT_MEMORY when calling into Mbed TLS using RSA-2048 keys. Existing value is calibrated for RSA-1024 which is less relevant nowadays from security perspective. Signed-off-by: Antonio de Angelis <[email protected]> Change-Id: I3dc3e1fd26da9d9e69bce5b0b480228e896aa025 (cherry picked from commit c271e4a)
In the newer version the device is not allocated dynamically, so we can remove the patches too. Cherry picked from 75c0999 Note that the corstone320 changes from the original commit are skipped from the cherry pick since the support for corstone320 is not yet available in Zephyr. Signed-off-by: Dávid Házi <[email protected]> Change-Id: I6bbefa490f85bfa1884587fbcce3c83d11ae15aa Signed-off-by: Sudan Landge <[email protected]>
Some platforms come with multiple NPU configuration. Modified the ETHOSU_ARCH cmake variable to CACHED to make the configuration possible from commandline. Added missing check_config.cmake files. Cherry picked from 5a92b9a Note that the corstone320 changes from the original commit are skipped from the cherry pick since the support for corstone320 is not yet available in Zephyr. Signed-off-by: Dávid Házi <[email protected]> Change-Id: Ia47ac4bc6ca8ea5b23c01c1addd3ecac44926ac6 Signed-off-by: Sudan Landge <[email protected]>
refer to https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/33420 Signed-off-by: F. Ramu <[email protected]> (cherry picked from commit 7cd6c20ced101cbdf319e3a598f079b3f42140f2)
Respect the default value of `CMAKE_INSTALL_MESSAGE` set in `tfm_build_log_config.cmake` by removing the unconditional overrides in other files. This suppresses the dozens of `Installing: ...` messages output when `CONFIG_TFM_BUILD_LOG_QUIET=y`. Change-Id: Ic0be233a93062cced942908ff1c8f680dd5da893 Signed-off-by: Jordan Yates <[email protected]> (cherry picked from commit 7141436)
Added missing flash_area_get_sector function, which is required by mcuboot. Signed-off-by: Dávid Házi <[email protected]> Change-Id: I6e7e4dfc68a5c7fd35c3286085c92189e956b1e0 (cherry picked from commit e5b6cd3) Signed-off-by: Dominik Ermel <[email protected]>
Add a few missing NULL pointers assert() in: - flash_device_base - flash_area_erased_val - flash_area_get_sector Signed-off-by: Nicola Mazzucato <[email protected]> Change-Id: I88cfa9e56cb0cbe20bc38612a77cfd1f8b432108 (cherry picked from commit 7d780ec) Signed-off-by: Dominik Ermel <[email protected]>
Add CPE and PURL references to module.yml file for use by Zephyr's SPDX generation tool. Signed-off-by: Matt Rodgers <[email protected]>
Refactor spu_peripheral_config to use base addresses instead of IDs as future platforms will need the base address to identify which spu instance to use. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: Ife60d1e76adffeb62f5ad32e0a85da8cfa467203 (cherry picked from commit b60bdb6)
Add driver function. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: Ib1e442a54d599c4e42e74903d49920f24e9d8ec9 (cherry picked from commit 5d8b824)
Port spu_peripheral_config to also support the new API. Signed-off-by: Sebastian Bøe <[email protected]> Change-Id: I1763874ce74ad39cbf0ef256ef8edc669038d226 (cherry picked from commit 3f49abf)
Fixes a missing ifdef in the spu.c which broke building TF-M. Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: Ie6129882127d5119f491c8f6be2bd0d4486d668f (cherry picked from commit e8d8675)
Dont configure the volatile memory controller as a non-secure peripheral Change-Id: I2489defaf6deb89beba7447ba079ea3e5afebca5 Signed-off-by: Markus Rekdal <[email protected]> (cherry picked from commit c670a6a)
NRF_APPROTECT and NRF_SECURE_APPROTECT to take precedence over other mechanisms when configuring debugging for TF-M. For nRF53 and nRF91x1 the actual locking of firmware is done elsewhere. This further locks the UICR. nRF9160 supports only hardware APPROTECT. This will lock the APPROTECT / SECUREAPPROTECT in the next boot, when the above settings are configured. Change-Id: I5e304be0f8a34c0016488d9ec09929bbcb38481f Signed-off-by: Markus Lassila <[email protected]> (cherry picked from commit 734a51d)
This should not have a functional change in TF-M but it is done to be aligned with the Zephyr pinctrl header in Zephyr v3.7-branch. - Remove redundant bits - Align function and pin fields position/mask. Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: Id5e3fd3231992778cee2d05bc171989395aef432 (cherry picked from commit d6a6c10)
PCD memory area used with nRF53 to be locked with TF-M, instead of bootloader. Change-Id: Ie9058cac2236ed1c4e179c740a4b903b5e676c23 Signed-off-by: Markus Lassila <[email protected]> (cherry picked from commit 5d2562c)
Fix warning induced by missing include. Change-Id: I27a429dfbc8f1c2c926da2089bffd7e81363276a Signed-off-by: Markus Lassila <[email protected]> (cherry picked from commit 21ff86a)
This reverts commit fb7725f.
This is a big change with two goals: 1) Add initial support for building nRF54L15 with upstream TF-M 2) Align the Nordic platform code between the upstream TF-M and Nordics TF-M fork This change does NOT add support for nRF54L15 in upstream TF-M yet, it only adds building support at the moment. More effort is needed to allow running upstream TF-M in this platform. Most of the configuration files for nRF54L15 are plain copies from the nRF5340 with light modifications to allow building. This change brings an updated version of the nrfx library as well, since it is needed to provide definitions for the nRF54L15. Change-Id: I7543296f2ba839c5dd886fbc1231a5fedc23fd8f Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit fe48e05)
This doesn't change anything functionaly, it just fixes minor things in comments and CMake descriptions. Change-Id: I7877166fda0a59758f3f9a3785563d22e6ae43c5 Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit ff7b423)
If NRF_SECURE_UART_INSTANCE is not defined (which it is only in NCS), bring back the default behavior of assigning Driver_USART1 to TFM_DRIVER_STDIO. This fixes the issue of undefined references to Driver_USART0 in non-NCS environments that was introduced by commit 2ed1f3f/ Signed-off-by: Tomi Fontanilles <[email protected]> Change-Id: I0b51a957ffc41c593b4cecd21a72b801ef90f656 (cherry picked from commit 66dc44b)
Using a commit hash and shallow mode causes issues when fetching the HAL. This replaces the commit hash with a git tag which should work. The git tag points to a later version of the nordic_hal compared to the commit hash but this should not cause any issues since the changelog doesn't report any breaking changes for this vesion. Change-Id: I1c9d1ba6fd9f3e9f3da4708e6a1324defb8d7815 Signed-off-by: Georgios Vasilakis <[email protected]> (cherry picked from commit aded8c2)
On certain nRF plaforms, like nRF9160, reading UICR registers might need special handling, which is already implemented in nrfx_nvmc_uicr_word_read() so use that, instead on memcpy(). For more information, see nRF9160 Errata 7. Change-Id: Iea9d0bf4184decd5650b4d4b620fbef0c64a55f6 Signed-off-by: Seppo Takalo <[email protected]> (cherry picked from commit ca03e40)
The anomaly only appears on nRF91 platforms and some platforms do not have NVMC so the header cannot be included. Change-Id: I02c73c9a752599ca9be9320dc19f390aea0f767a Signed-off-by: Seppo Takalo <[email protected]> (cherry picked from commit 539dd89)
Add missing capacity in tfm_ps_get_info calls. Change-Id: I37432d204ee87971915471dce9b3a2ebcce057e2 Signed-off-by: Markus Lassila <[email protected]> (cherry picked from commit fafe163)
Some devices do not have RTC peripheral. Change-Id: I53ac17da50e30edbfa76379725036fe16be1f12d Signed-off-by: Nikodem Kastelik <[email protected]> (cherry picked from commit a4e1013)
Updated nrfjprog commands and mentions of nRF Command Line Tools to nRF Util. NCSDK-30140. Change-Id: Ie76a97c232867bafe0f0675481aa4f9c15a113a8 Signed-off-by: Grzegorz Ferenc <[email protected]> (cherry picked from commit 58331dd)
Fix a path issue with the non secure application config.cmake file. The config.cmake for nRF54L10 and nRF54L15 is the same. To avoid duplicating the file the config.cmake is placed in a common nrf54l folder and it is included by each platforms config.cmake files. This doesn't work for the non secure application because the path does not exist. To fix that install to the non secure application the common file directly. Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: I36d6bed5d1f2a71ed12f9004485accfcbca1b0d6 (cherry picked from commit 51352be0fde5b1d318bbe26ab03c08227542f399)
…urity In nRF54L series the GPIOTE peripheral has user selectable security configuration. In addition to this the GPIOTE channels and interrupts can have separate security configuration. This change adds the option to make the GPIOTE20 and GPIOTE30 secure peripherals and to set a mask which defines which channels and interrupts should be configured as secure. Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: Ia4422506b0c9af70da252262bcdc205ac8829511 (cherry picked from commit 4331b1ad1243caac9c3f4d7ce5a2af7f7cbc4ed1)
This is a noup because the upstream commit 77aabb76e4bb1cfa13d1caf913e8335a489d3540 (from the main branch) does not apply cleanly and would require bringing in too many changes. Fix the use of the aad_size struct parameter in Nordic's ITS encryption HAL. In addition, fix the remaining use of add/add_size as parameter names in the ITS partition code. Signed-off-by: Tomi Fontanilles <[email protected]>
TF-M checks if p256-m is available during build time using MBEDCRYPTO_PATH which is set to the TF-M repo to use custom Mbed TLS cmake configurations, but this means the script can not be found. But as Mbed TLS software crypto is not used anyway we can hardcode p256-m to be disabled. Ref: NCSDK-28740 Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> Signed-off-by: Frank Audun Kvamtrø <[email protected]>
…nifest This commit is [nrf noup] because I would like to user-test this for a few months in case of unintended side-effects before upstreaming. In the TF-M build scripts we run the manifest tool twice, first from CMake and then from ninja. It is bad practice to configure CMake projects like this. Instead, if configuration from CMake is necessary, one should configure from CMake only, and then re-run CMake when necessary, not just the command. This organization has been causing problems for our users as they have been required to rebuild TF-M twice. This is due to this scenario playing out: CMake generates config_impl.cmake by invoking the manifest tool at Configure time. CMake generates build.ninja. Ninja generates config_impl.cmake by invoking the manifest tool at build time. When the user then invokes ninja a second time config_impl.cmake will be newer than build.ninja. But CMake is supposed to be includ'ing config_impl.cmake, so build.ninja is now considered out-of-date wrt. config_impl.cmake. ninja therefore invokes CMake again, and then ninja afterwards. Ref: NCSDK-28740 Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Frank Audun Kvamtrø <[email protected]>
This is noup commit as upstream TF-M relies on the mbed TLS PSA Core hat does not support the PAKE API's according to 1.2 at the moment. Once this exists then this can be up streamed, or removed if TF-M adds it themself. Added PAKE API support accoding the PSA crypto spec 1.2 Ref: NCSDK-22416 Ref: NCSDK-28740 Signed-off-by: Markus Swarowsky <[email protected]> Signed-off-by: Frank Audun Kvamtrø <[email protected]>
Allows custom key-loader to be used for the PSA core and allows configuring CMAC KDF usage for PS. noup-reason: PSA_ALG_SP800_108_COUNTER_CMAC is not available in upstream. After testing and verifying the solution (determining if we need further changes) we should try to upstream this. Ref: NCSDK-28740 Signed-off-by: Vidar Lillebø <[email protected]> Signed-off-by: Frank Audun Kvamtrø <[email protected]>
This commit is a noup because we want an NCS specific error message. Detect wrong headers being included. See comment for details. Ref: NCSDK-28740 Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This commit adds support for externally built PSA core in TF-M by checking for the CMake variable (cached) PSA_CRYPTO_EXTERNAL_CORE. By setting this define, then a platform-target file called external_core.cmake as well as external_core_install.cmake is called to allow for the following: - Early include of necessary replacement include folders - Support for using generated configuration files for TF-M build -This commit also tries to make psa_crypto_config and psa_crypto_library_config linked in first to ensure that certain folders are included as early as possible in the build Signed-off-by: Frank Audun Kvamtrø <[email protected]> Signed-off-by: Georgios Vasilakis <[email protected]>
-The macro ARRAY_LENGTH is defined without checking if there is already a definition. This commit can be reverted once the proposed fix is handled upstream -This fixes ARRAY_LENGTH in s_io_sorage_tests.c Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This adds MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS and PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY to tfm_psa_rot_partition_crypto Signed-off-by: Frank Audun Kvamtrø <[email protected]>
…r sharing -Will be squashed in a different commit which was the version that worked before Signed-off-by: Frank Audun Kvamtrø <[email protected]>
Signed-off-by: Georgios Vasilakis <[email protected]>
…nce. Add an option to send the log output from the secure firmware on a UART instance that would be shared with the non-secure application. This option is added where the number of UART instances is limited and the application only cares about the receiving the TF-M log on fatal errors. To allow this option to be enabled the log is disabled in the boot process before the non-secure application is started. It is enabled again when an unrecoverable exception has occurred in the secure firmware. Here is an abandoned upstream PR (with some of the fixes): https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/25905 Note: This has removed any information about cherry-picked items as this is not valid since it is combining efforts form multiple commits Ref: NCSDK-18595 Ref: NCSDK-28740 Signed-off-by: Joakim Andersson <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]> Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Frank Audun Kvamtrø <[email protected]>
Adjust CRYPTO_HW_ACCELERATOR build scripts to also support nrf_security. Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit c136210) (cherry picked from commit 3834117) Signed-off-by: Joakim Andersson <[email protected]> (cherry picked from commit 2bdad64) Signed-off-by: Markus Swarowsky <[email protected]> Change-Id: Ied8e378ef55fe398ea4e45f65b3c270e9e9cd030 Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit 5903966) Signed-off-by: Markus Swarowsky <[email protected]> (cherry picked from commit a3a03e5) Signed-off-by: Frank Audun Kvamtrø <[email protected]> (cherry picked from commit 3f08f25) Signed-off-by: Tomi Fontanilles <[email protected]>
There are multiple headers which exist in the Oberon PSA core and
in TF-M. At the same time some of these headers include other headers
with quotes "" which means that the folder include order doesn't have
any effect.
Instead of relying to the include order of the folders remove the
duplicate files from TF-M since these are not/should not be used.
I removed them with a bash command, just in case is needed:
for i in $(PATH_TO_OBERON/include/psa -name "*.h" -printf "%f\n");
do
rm TFM_PATH/interface/include/psa/$i;
done
This commit removes headers which are updated by the commit:
[nrf noup] crypto: Add PAKE support
The commits cannot be combined because the have different scope
but in the next upmerge this commit can be applied before the
PAKE support and this will reduce the scope of the PAKE noup.
Ref: NCSDK-33148
Signed-off-by: Georgios Vasilakis <[email protected]>
The Oberon PSA core provides these two functions: psa_key_derivation_verify_key psa_key_derivation_verify_bytes TF-M is not aware of the Oberon PSA core and it seems that the core that they use doesn't provide these functions at all. So instead of the usual logic of prefixing the PSA core functions with the mbedcrypto__ prefix it skipped these. We cannot skip the prefixing because the Oberon PSA core implements these and thus we will get multiple definitions errors. Ref: NCSDK-33148 Signed-off-by: Georgios Vasilakis <[email protected]>
The TF-M build system retrieves the latest tag to figure out the TF-M version. It ends up being wrong because for example as of TF-M 2.1.2 in the commit history the latest tag is TF-Mv2.1.0. We don't have tags from upstream, but for some reason still have some of them, which makes it confusing. Completely stop relying on the tags and only use TFM_VERSION_MANUAL as the version. This fixes the TF-M version printed on boot. Signed-off-by: Tomi Fontanilles <[email protected]>
This is a partial cherry pick of the commit with the following details in upstream TF-M: Platform: Improve tfm_plat_provisioning_is_required signature Change-Id: I5a35dd477d3f017401d147cf99d07f1537373ac9 The commit brings many changes but here I only picked the changes that affect the target_cfg.c file of the Nordic platforms. This is done as preparation work so that I can sync the target_cfg.c file in the upstream repo and here and thus I can cleanly cherry pick subsequent commits from the upstream repo cleanly. The current noup commit will be dropped in the next upmerge so this is a short-lived noup. Signed-off-by: Georgios Vasilakis <[email protected]>
…t platforms This splits the target_cfg.c file for the different platfoms. It splits the file into two files one for the nRF54L and one for the nRF91/nRF53 series. There is no need for the peripherals to be in the same file as the configuration code. There is already a header which provides extern definitions for all the peripherals a device supports which can be used for for source files needing to configure peripherals. So this peripheral definitions are placed in a separate file. Most of the code is taken unchanged from the target_cfg.c file and the uneeded ifdefs got removed. The init_debug function got rewritten without changing the logic of it. Signed-off-by: Georgios Vasilakis <[email protected]> Change-Id: I19071727061b8952e3abbae20dd182c822234427 (cherry picked from commit 37e8dc47d4eb4aa0c0b905f80be5272aafbd9fa2)
Configure the TAMPC peripheral in the nRF54L series to fire an interrupt and result to a TF-M core panic when a Cracen or a slow/fast domain tampering is detected. Signed-off-by: Georgios Vasilakis <[email protected]>
tomi-font
reviewed
Aug 14, 2025
Comment on lines
+16
to
+23
| */ | ||
|
|
||
|
|
||
|
|
||
| #ifndef __TAMPC_H__ | ||
| #define __TAMPC_H__ | ||
|
|
||
|
|
Comment on lines
+24
to
+29
| #include "target_cfg.h" | ||
| #include <nrfx.h> | ||
| #include <hal/nrf_tampc.h> | ||
| #include <stddef.h> | ||
| #include <stdint.h> | ||
| #include <stdbool.h> |
There was a problem hiding this comment.
All those includes should rather be in tampc.c.
| /** | ||
| * \brief Enable TAMPC interrupts | ||
| * | ||
| * Enable interrupts in the INTENSET register of TAMPC. |
There was a problem hiding this comment.
No need for this level of detail? It's not even in the implementation of the function (which just calls into nrfx).
| * so that they cannot be altered until reset. | ||
| * | ||
| */ | ||
| void tampc_configuration(void); |
There was a problem hiding this comment.
I find this name weird, should be a verb (configure), not a noun (configuration). Though I see that other existing code is that way.
Comment on lines
+42
to
+43
| * attacks and disables the default reset behavior in order to hanlde the event in the | ||
| * interrupt handler. It also locks the configuration of the CTRL registers |
There was a problem hiding this comment.
and disables the default reset behavior in order to hanlde the event in the interrupt handler
No, it doesn't do that?
| set(NRF_NS_SECONDARY ${BL2} CACHE BOOL "Enable non-secure secondary partition") | ||
| set(NRF_APPROTECT OFF CACHE BOOL "Enable approtect") | ||
| set(NRF_SECURE_APPROTECT OFF CACHE BOOL "Enable secure approtect") | ||
| set(NRF_TAMPC_ENABLE ON CACHE BOOL "Enable the tamper controller (TAMPC)") |
There was a problem hiding this comment.
How do we make this work with the various platforms? This cannot be unconditionally enabled, some platforms just don't have TAMPC.
|
|
||
| static void tampc_clear_statuses(void) | ||
| { | ||
| /* The datasheet states that they detectors must be reset before the status is cleared. */ |
There was a problem hiding this comment.
Suggested change
| /* The datasheet states that they detectors must be reset before the status is cleared. */ | |
| /* The datasheet states that these detectors must be reset before the status is cleared. */ |
| nrf_tampc_event_clear(NRF_TAMPC, NRF_TAMPC_EVENT_WRITE_ERROR); | ||
| } | ||
|
|
||
| static void tampc_clear_statuses(void) |
There was a problem hiding this comment.
There could be a bunch of other protectors, why just those 3?
| * and not reset the device immediately the INTRESETEN is set to 0 here. | ||
| */ | ||
| nrf_tampc_protector_ctrl_value_set(NRF_TAMPC, NRF_TAMPC_PROTECT_RESETEN_INT, false); | ||
| nrf_tampc_protector_ctrl_lock_set(NRF_TAMPC, NRF_TAMPC_PROTECT_RESETEN_INT, false); |
There was a problem hiding this comment.
You probably meant to set the lock to true.
Comment on lines
+63
to
+64
| nrf_tampc_protector_ctrl_value_set(NRF_TAMPC, NRF_TAMPC_PROTECT_CRACEN, true); | ||
| nrf_tampc_protector_ctrl_lock_set(NRF_TAMPC, NRF_TAMPC_PROTECT_CRACEN, true); |
There was a problem hiding this comment.
idea: We could just have an array of the protectors we enable and iterate over them instead of repeating the same operations over and over.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Configure the TAMPC peripheral in the nRF54L series to fire an interrupt and result to a TF-M core panic when a Cracen or a slow/fast domain tampering is detected.