Lines Matching refs:to
13 it is often challenging to fit bigger projects in the available memory. The PSA
14 specifications require a device to both have a secure boot process in place at
15 device boot-up time, and to have a partition in the SPE which provides
20 mbed-crypto library to implement these requirements. During the build process,
22 bootloader requires less functionality) and then linked to the corresponding
32 which might need to use TF-M Profile Small anyway.
40 dynamic loading functionality. One major challenge to be solved in the Cortex-M
41 space is how to share code between independently linked XIP applications that
42 are tied to a certain memory address range to be executable and have absolute
51 the exclusive user. No attention needs to be paid as to where global data is
52 placed by the linker. The bootloader does not need to retain its state. The low
58 is not allowed to overwrite the shared global variables with arbitrary data. The
59 following design proposal provides a solution to these challenges.
65 of the flash which is lockable, to prevent tampering. In a secure system, the
74 - Complete the bootloader build process to have a final image that contains
78 intended to be shared from the bootloader executable.
80 symbols to the linker, so that it can pick them up, instead of instantiating
111 The execution flow usually returns from a shared function back to the SPE with
114 However, this is not always the case, as it is possible for a shared function to
119 MCUboot's and the SPE's linker files, to ensure the integrity of the variables.
122 (that is intended to remove any possible secrets from the RAM) must not clear
124 into this data section. There are two way to achieve this:
179 In order to share some global function pointers from mbed-crypto that are
180 related to dynamic memory allocation, their scope must be extended from private
181 to global. This is needed because some compiler toolchain only extract the
183 is a requirement to share them among binaries. Therefore, a short patch was
188 The patch need to manually applied in the mbedtls repo, if code sharing is
195 All the currently supported compilers provide a way to achieve the above
202 to not need to list all the shared symbols by name. Only a simple pattern
203 has to be provided, which matches the beginning of the symbol's name.
206 - Provision of the addresses of shared symbols to the linker during the SPE
209 is linked to both firmware components as a static library, the external
211 to prioritize the external symbol, the symbol with the same name in
223 - `target_link_shared_code()`: Link shared code to the SPE and resolve symbol
230 - Extract all symbols from MCUboot: add `-symdefs` to the compiler command line
233 linked to the SPE: `arm-none-eabi-objcopy`
234 - Link shared code to SPE: Add the filtered output of `-symdefs` to the SPE
245 linked to the SPE: `arm-none-eabi-objcopy`
246 - Link shared code to SPE: Add `-Wl -R <SHARED_STRIPPED_CODE.axf>` to the
273 If MCUboot image encryption support is enabled then saving could be up to
287 all global variables must be placed in the shared symbol section, to prevent
288 overwriting and to enable the retention of their values.
290 Some global variables might need to be reinitialised to their original values by
291 runtime firmware, if they have been used by the bootloader, but need to have
292 their original value when runtime firmware starts to use them. If so, the
310 To minimise the risk of incompatibility, use the same compiler flags to build
313 The artifacts of the shared code extraction steps must be preserved so as to
315 released. Those files are necessary to know the address of shared symbols when
319 How to use code sharing?
324 - `TFM_CODE_SHARING`: Set to `ON` to enable code sharing.
335 be built in such a way as to create the necessary artifacts to share some of its
348 The artifacts of the shared code extraction steps must be preserved to be
349 able to link them to any future SPE version.
352 compile time switch must be set to the path of the artifacts mentioned above.