README.rst
1.. _tfm_ipc:
2
3TF-M IPC
4########
5
6Overview
7********
8
9This is a simple TF-M integration example that can be used with an ARMv8-M
10supported board.
11
12It uses **IPC Mode** for communication, where TF-M API calls are made to the
13secure image via an IPC mechanism, as opposed to **Library Mode**, where the
14IPC mechanism is bypassed in favor of direct calls.
15
16Zephyr uses Trusted Firmware (TF-M) Platform Security Architecture (PSA) APIs
17to run this sample in a secure configuration, with Zephyr itself running in a
18non-secure configuration.
19
20The sample prints test info to the console either as a single-thread or
21multi-thread application.
22
23The sample reboots after 5 seconds to demonstrate rebooting with TF-M.
24The sys_reboot call is routed to TF-M, since the nonsecure app is not allowed
25to perform the reboot directly.
26
27Building and Running
28********************
29
30This project outputs test status and info to the console. It can be built and
31executed on MPS2+ AN521 and ST Nucleo L552ZE Q.
32
33On MPS2+ AN521:
34===============
35
36#. Build Zephyr with a non-secure configuration (``-DBOARD=mps2_an521_ns``).
37
38 .. code-block:: bash
39
40 cd $ZEPHYR_ROOT/samples/tfm_integration/tfm_ipc/
41 mkdir build
42 cd build
43 cmake -DBOARD=mps2_an521_ns ..
44 make
45
46You can also use west as follows:
47
48 .. code-block:: bash
49
50 $ west build -p -b mps2_an521_ns zephyr/samples/tfm_integration/tfm_ipc
51
52
53#. Copy application binary files (mcuboot.bin and tfm_sign.bin) to ``<MPS2 device name>/SOFTWARE/``.
54#. Open ``<MPS2 device name>/MB/HBI0263C/AN521/images.txt``. Edit the ``AN521/images.txt`` file as follows:
55
56 .. code-block:: bash
57
58 TITLE: Versatile Express Images Configuration File
59
60 [IMAGES]
61 TOTALIMAGES: 2 ;Number of Images (Max: 32)
62
63 IMAGE0ADDRESS: 0x10000000
64 IMAGE0FILE: \SOFTWARE\mcuboot.bin ; BL2 bootloader
65
66 IMAGE1ADDRESS: 0x10080000
67 IMAGE1FILE: \SOFTWARE\tfm_sign.bin ; TF-M with application binary blob
68
69#. Reset MPS2+ board.
70
71If you get the following error when running cmake:
72
73 .. code-block:: bash
74
75 CMake Error at cmake/Common/FindGNUARM.cmake:121 (message):
76 arm-none-eabi-gcc can not be found. Either put arm-none-eabi-gcc on the
77 PATH or set GNUARM_PATH properly.
78
79You may need to edit the ``CMakeLists.txt`` file in the ``tfm_ipc`` project
80folder to update the ``-DGNUARM_PATH=/opt/toolchain/arm-none-eabi`` path.
81
82On QEMU:
83========
84
85The MPS2+ AN521 target (``mps2_an521_ns``), which is based on a
86dual core ARM Cortex-M33 setup, also allows you to run TF-M tests using QEMU if
87you don't have access to a supported ARMv8-M development board.
88
89As part of the normal build process above, a binary is also produced that can
90be run via ``qemu-system-arm``. The binary can be executed as follows:
91
92 .. code-block:: bash
93
94 qemu-system-arm -M mps2-an521 -device loader,file=tfm_merged.hex -serial stdio
95
96You can also run the binary as part of the ``west`` build process by appending
97the ``-t run`` flag to the end of your build command, or in the case of
98ninja or make, adding the ``run`` commands:
99
100 .. code-block:: bash
101
102 $ west build -b mps2_an521_ns zephyr/samples/tfm_integration/tfm_ipc -t run
103
104Or, post build:
105
106 .. code-block:: bash
107
108 $ ninja run
109
110On ST Nucleo L552ZE Q or STM32L562E-DK Discovery:
111=================================================
112
113This sample was tested on Ubuntu 18.04 with Zephyr SDK 0.11.3.
114
115Build Zephyr with a non-secure configuration:
116
117 Example, for building non-secure configuration for Nucleo L552ZE Q
118
119 .. code-block:: bash
120
121 $ west build -b nucleo_l552ze_q_ns samples/tfm_integration/tfm_ipc/
122
123 Example, for building non-secure configuration for STM32L562E-DK Discovery
124
125 .. code-block:: bash
126
127 $ west build -b stm32l562e_dk_ns samples/tfm_integration/tfm_ipc/
128
129The script to initialize the device is avalaible in the ``build/tfm`` folder:
130
131 - ``regression.sh``: Sets platform option bytes config and erase platform.
132
133Run them in the following order to flash the board:
134
135 .. code-block:: bash
136
137 $ ./build/tfm/regression.sh
138 $ west flash --hex-file build/tfm_merged.hex
139
140 .. note::
141 Note that ``arm-none-eabi-gcc`` should be available in the PATH variable and that ``STM32_Programmer_CLI`` is required to run ``regression.sh`` (see https://www.st.com/en/development-tools/stm32cubeprog.html). If you are still having trouble running these scripts, check the Programming and Debugging section of the :ref:`nucleo_l552ze_q_board` or :ref:`stm32l562e_dk_board` documentation.
142
143On LPCxpresso55S69:
144===================
145
146Build Zephyr with a non-secure configuration:
147
148 .. code-block:: bash
149
150 $ west build -p -b lpcxpresso55s69_ns samples/tfm_integration/tfm_ipc/ --
151
152Make sure your board is set up with :ref:`lpclink2-jlink-onboard-debug-probe`,
153since this isn't the debug interface boards ship with from the factory;
154
155Next we need to manually flash the resulting image (``tfm_merged.bin``) with a
156J-Link as follows:
157
158 .. code-block:: console
159
160 JLinkExe -device lpc55s69 -if swd -speed 2000 -autoconnect 1
161 J-Link>r
162 J-Link>erase
163 J-Link>loadfile build/tfm_merged.bin
164
165Resetting the board and erasing it will unlock the board, this is useful in case
166it's in an unknown state and can't be flashed.
167
168We need to reset the board manually after flashing the image to run this code.
169
170On nRF5340 and nRF9160:
171=======================
172
173Build Zephyr with a non-secure configuration
174(``-DBOARD=nrf5340dk_nrf5340_cpuapp_ns`` or ``-DBOARD=nrf9160dk_nrf9160_ns``).
175
176 Example, for nRF9160, using ``cmake`` and ``ninja``
177
178 .. code-block:: bash
179
180 cd <ZEPHYR_ROOT>/samples/tfm_integration/tfm_ipc/
181 rm -rf build
182 mkdir build && cd build
183 cmake -GNinja -DBOARD=nrf9160dk_nrf9160_ns ..
184
185If building with BL2 (MCUboot bootloader) enabled, manually flash
186the MCUboot bootloader image binary (``bl2.hex``).
187
188 Example, using ``nrfjprog`` on nRF9160:
189
190 .. code-block:: bash
191
192 nrfjprg -f NRF91 --program tfm/bin/bl2.hex --sectorerase
193
194Finally, flash the concatenated TF-M + Zephyr binary.
195
196 Example, for nRF9160, using ``cmake`` and ``ninja``
197
198 .. code-block:: bash
199
200 ninja flash
201
202On BL5340:
203==========
204
205Build Zephyr with a non-secure configuration
206(``-DBOARD=bl5340_dvk_cpuapp_ns``).
207
208 Example using ``cmake`` and ``ninja``
209
210 .. code-block:: bash
211
212 cd <ZEPHYR_ROOT>/samples/tfm_integration/tfm_ipc/
213 rm -rf build
214 mkdir build && cd build
215 cmake -GNinja -DBOARD=bl5340_dvk_cpuapp_ns ..
216
217Flash the concatenated TF-M + Zephyr binary.
218
219 Example using ``west``
220
221 .. code-block:: bash
222
223 west flash --hex-file tfm_merged.hex
224
225Sample Output
226=============
227
228.. code-block:: console
229
230 [INF] Starting bootloader
231 [INF] Swap type: none
232 [INF] Bootloader chainload address offset: 0x80000
233 [INF] Jumping to the first image slot
234 [Sec Thread] Secure image initializing!
235 TFM level is: 1 [Sec Thread] Jumping to non-secure code...
236 **** Booting Zephyr OS build zephyr-v1.14.0-2904-g89616477b115 ****
237 The version of the PSA Framework API is 256.
238 The minor version is 1.
239 Connect success!
240 TFM service support minor version is 1.
241 psa_call is successful!
242 outvec1 is: It is just for IPC call test.
243 outvec2 is: It is just for IPC call test.
244 Connect success!
245 Call IPC_INIT_BASIC_TEST service Pass Connect success!
246 Call PSA RoT access APP RoT memory test service Pass
247 TF-M IPC on (.*)
248
249
250.. _TF-M build instruction:
251 https://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/tfm_build_instruction.rst
252
253.. _TF-M secure boot:
254 https://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/tfm_secure_boot.rst
255
