Add EAP-TLS, EAP-PEAP-MSCHAPv2, EAP-PEAP-GTC, EAP-TTLS-MSCHAPv2,
EAP-PEAP-TLS, EAP-TLS-SHA256 enterprise wpa2 and wpa3 suiteb
support for sap.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
Add an option for platforms or forks to provide their own hostap
compatible crypto implementation. This may include proprietary or
platform specific stuff that may or may not be upstreamed to Zephyr.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
These two new ICs are variants of the nRF54L15 with different memory
sizes:
- nRF54L05: 500KB RRAM, 96KB RAM
- nRF54L10: 1022KB RRAM, 192KB RAM
- nRF54L15: 1524KB RRAM, 256KB RAM
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Use configdefault when enabling LV_COLOR_SWAP_16 within boards and
shield definitions, to avoid OR'ing the dependencies for the Kconfig
symbol. Otherwise, a user manually selecting LV_COLOR_DEPTH will
encounter build errors as LV_COLOR_SWAP_16 may be enabled when
LV_COLOR_DEPTH_16 is not selected
Fixes#81546
Signed-off-by: Daniel DeGrasse <daniel.degrasse@nxp.com>
As long as MBEDTLS_ENTROPY_C is enabled, Mbed TLS needs to
poll some entropy source to gather data that will then be
processed by CTR/HMAC-DRBG modules. This means that in most
of the cases, once MBEDTLS_ENTROPY_C is enabled then also
MBEDTLS_ENTROPY_POLL_ZEPHYR needs to be enabled. This was
done manually until now, as the long list of samples/tests
demonstrate.
This commit solves this dependency by defaulting
MBEDTLS_ENTROPY_POLL_ZEPHYR to on as soon as
MBEDTLS_ENTROPY_C is set. As a consequence, all manual
enablement of MBEDTLS_ENTROPY_POLL_ZEPHYR in samples/tests
are removed.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The main problem of MBEDTLS_PSA_CRYPTO_LEGACY_RNG is that it
brings in some legacy modules (entropy + ctr_drbg/hmac_drbg)
which means extra ROM/RAM footprint.
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG instead simply calls to the
CSPRNG which makes it definitely smaller.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Auto-select MBEDTLS_CIPHER_AES_ENABLED when AES support is requested
through PSA (i.e. CONFIG_PSA_WANT_KEY_TYPE_AES) and the PSA support is
provided through Mbed TLS itself (i.e. CONFIG_MBEDTLS_PSA_CRYPTO_C).
This mimic what happens in Mbed TLS at build time: if AES support
is required through PSA, but there's no one else providing it
(i.e. no TF-M in Zephyr) then provide this support through legacy
AES module.
This is useful in samples/tests so that the user can simply use the
PSA_WANT symbol to ask for AES support in PSA crypto and then tune
the AES features (ex: CONFIG_MBEDTLS_AES_ROM_TABLES) without the need
to also define CONFIG_MBEDTLS_CIPHER_AES_ENABLED.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The LVGL flush thread was hard-coded to be cooperative.
For long-running actions like data transfer to the display,
this is problematic as it might block high-frequency actions like
USB or input events.
Hence, make it configurable to be preemptive, and rename it to match the
similar Kconfig values like CONFIG_SDL_THREAD_PRIORITY.
Signed-off-by: Martin Stumpf <finomnis@gmail.com>
To configure APPROTECT on nRF54L15 different set of MDK symbols
must be used. Additionally, nRF54L15 does not support loading
APPROTECT configuration from the UICR in runtime.
Signed-off-by: Nikodem Kastelik <nikodem.kastelik@nordicsemi.no>
The nrfx_gppi module is an abstraction over nrfx_ppi and nrfx_dppi
drivers. It now has a Kconfig option that is separate from nrfx_dppi and
by default it enables all PPI/DPPI instances, if available.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
The resource reservation definitions were moved to a separate header
file.
The PPIB and DPPI channel and group resources can now be statically
allocated for each individual instance.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
The new nrfx_ppib driver can now be enabled, when the corrensponding
device tree node has the okay status.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
The hal_nordic revision was updated to bring in NRFX v3.8.0.
Aligned the uses of single-instance API to use multi-instance instead.
Signed-off-by: Rafał Kuźnia <rafal.kuznia@nordicsemi.no>
What is changed?
Use CMSIS SystemCoreClock via a dedicated flag instead of using
soc flags.
Why do we need this change?
This change is part of cleaning soc specific code out of arch folder.
Signed-off-by: Sudan Landge <sudan.landge@arm.com>
* Add CONFIG_OPENTHREAD_PLATFORM_MESSAGE_MANAGEMENT to allow enabling
message management by the platform.
* Add implementation of `otPlatMessagePoolInit`, `otPlatMessagePoolNew`
and `otPlatMessagePoolFree`.
Signed-off-by: Adrian Gielniewski <adrian.gielniewski@nordicsemi.no>
The production version of the nRF54H20 SoC is now available, so remove
the initial Engineering B (EngB) preview version.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Make it possible to enable Wake-up End Device feature with
CSL receiver disabled (to receive wake-up frames on MED).
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
Add Kconfig option `OPENTHREAD_WAKEUP_COORDINATOR` to enable
the Wake-up Coordinator role. Implement API to set Coordinated
Sampled Transmitting sample time and period for a driver that supports
`IEE802154_OPENTHREAD_HW_CST` capability.
The feature is be enabled on with ieee802154_nrf5 driver with option
by setting default value of CONFIG_IEEE802154_NRF5_CST_ENDPOINT.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
Co-authored-by: Andrzej Kuroś <andrzej.kuros@nordicsemi.no>
In frames with multiple writes (officially supported through
`CONFIG_LV_Z_VDB_SIZE`) the display needs to be signalled that the
current frame is over and the content should be displayed.
This allows displays to present the UI without tearing artifacts.
Signed-off-by: Martin Stumpf <finomnis@gmail.com>
-Update formatting and contents of index.rst for cy8ckit_062s4
-Update formatting and contents of index.rst for cy8ckit_064s0s2_4343w
-Update formatting and contents of index.rst for cy8cproto_062_4343w
-Update formatting and contents of index.rst for cy8cproto_063_ble
-Update formatting and contents of index.rst for xmc45_relax_kit
-Update formatting and contents of index.rst for xmc47_relax_kit
-Change all instances of "PSoC" to "PSOC" for infineon platforms
Signed-off-by: McAtee Maxwell <maxwell.mcatee@infineon.com>
This reverts commit 5e225e0c8b.
Based on #79931 and TSC discussions, it was decided that TinyCrypt
will be deprecated *AFTER* 4.0.
Signed-off-by: Flavio Ceolin <flavio.ceolin@gmail.com>
Remove mutex locking in favour of the standard IRQ locking mechanism.
The primary problem with the mutex implementation is that mutex locking
is forbidden in ISR's. This means that any logging from an interrupt
context (e.g. LOG_PANIC in an exception handler), will itself trigger
another assertion due its attempt to use a mutex.
Furthermore, mutexes are a relatively heavyweight locking scheme, which
doesn't necessarily make sense in the context of extremely short locking
periods that would be expected from RTT.
This change aligns Zephyr with the default RTT locking scheme, which
uses interrupt masking to perform access control.
Resolves#79403.
Signed-off-by: Jordan Yates <jordan@embeint.com>
What is changed?
- Added a new mps3 board an555 for the soc corstone310.
The qualifier to build/run application with board mps3/an555 is
`mps3/corstone310/an555` for secure and
`mps3/corstone310/an555/ns` for non-secure.
- Added FVP variant to enable FVP testing with corstone310
and it uses the ARM FVP `FVP_Corstone_SSE-310`.
The qualifier to build/run application with FVP is
`mps3/corstone310/an555fvp` for secure and
`mps3/corstone310/an555fvp/ns` for non-secure.
Why do we need this change?
- This enables FVP support and testing for corstone310.
- A separate FVP variant was added for AN555 because, the TFM board
used for non-secure variant differs for FPGA and FVP.
TFM board `arm/mps3/corstone310/an555` should be used when testing
AN555 with FVP and `arm/mps3/corstone310/fvp` should be used when
testing with AN555 FPGA.
Signed-off-by: Sudan Landge <sudan.landge@arm.com>
What is changed?
- Added a new mps3 board an552 for the soc corstone300.
The qualifier to build/run application with board mps3/an552 is
`mps3/corstone300/an552` for secure and
`mps3/corstone300/an552/ns` for non-secure.
- Added FVP variant to enable FVP testing with corstone300
and it uses the ARM FVP `FVP_Corstone_SSE-300_Ethos-U55`.
The qualifier to build/run application with FVP is
`mps3/corstone300/fvp` for secure and
`mps3/corstone300/fvp/ns` for non-secure.
- Note: the qualifier to build/run application with board mps3/an547
is now changed to
`mps3/corstone300/an547` for secure and
`mps3/corstone300/an547/ns` for non-secure.
How is it changed?
- Moved common code from mps3/an547 to corstone300.
- Renamed soc for an547 to corstone300 and added
a new soc corstone300/an552.
Why do we need this change?
- This enables FVP support and testing for corstone300.
- SOC/qualifier for mps3/an547 was renamed to reduce code redundancy
- A separate FVP variant was added for AN552 because, the TFM board
used for non-secure variant differs for FPGA and FVP.
TFM board `arm/mps3/corstone300/fvp` should be used when testing
AN552 with FVP and `arm/mps3/corstone300/an552` should be used when
testing with AN552 FPGA.
Signed-off-by: Sudan Landge <sudan.landge@arm.com>
The format specifier for size_t is zu.
Using d only works when int and size_t are the same
underlying type which is not the case for 64bit systems,
which leads to a build warning in this case.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Only initialize the HFXO Manager HAL driver if the HFXO is enabled in
DeviceTree, the device uses SYSRTC for timekeeping, and Power Manager
is enabled. HFXO Manager integrates with the Sleeptimer HAL driver for
SYSRTC to autonomously wake the HFXO prior to Sleeptimer wakeup from
deep sleep. It is not needed on devices that don't have HFXO-SYSRTC
integration, and it is not needed if the application doesn't use deep
sleep.
Add missing call to init_hardware() prior to init().
Signed-off-by: Aksel Skauge Mellbye <aksel.mellbye@silabs.com>
The aes_unwrap() and aes_decrypt() functions were missing
if CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE is enabled.
Add missing C files to fix this.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
Added new ops and events in glue layer to support roaming.
Added new flag WIFI_NM_WPA_SUPPLICANT_ROAMING to control roaming
feature.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
Add OS timer implementation making use of the Sleeptimer HAL.
Sleeptimer integrates tightly with the Silabs Power Manager HAL,
and must be used as the OS timer to achieve optimal power consumption
when using the radio.
Signed-off-by: Aksel Skauge Mellbye <aksel.mellbye@silabs.com>
CMSIS SystemInit is not used in Zephyr. Implement the functionality
that isn't already done by Zephyr startup using soc_prep_hook().
The reason the lack of TrustZone init did not create immediately obvious
issues previously is that SMU faults can only happen if the SMU clock is
enabled.
Signed-off-by: Aksel Skauge Mellbye <aksel.mellbye@silabs.com>
WPA control interface timeout is hardcoded to 10s, add a configuration
option to remove the hardcode, this is needed sometimes as a workaround
e.g., crypto taking too long to complete the request.
Work around for #79834, increase the default from 10 to 15s, in positive
case this will have no impact.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Even if the enum contains the same values, the values might
change if the wpa_supplicant sources change or Zephyr values
change. In order to avoid weird errors later and prevent the
following warning, add a conversion functions for the enums.
modules/hostap/src/supp_api.c:1172:23: warning: implicit conversion
from enumeration type 'enum mfp_options' to different enumeration
type 'enum wifi_mfp_options' [-Wenum-conversion]
status->mfp = ssid->ieee80211w; /* Same mapping */
modules/hostap/src/supp_api.c:1190:30: warning: implicit conversion
from enumeration type 'enum wpas_mode' to different enumeration
type 'enum wifi_iface_mode' [-Wenum-conversion]
status->iface_mode = ssid->mode;
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "enum wpa_msg_type" was not found by default so add needed
include files to get the definitions.
modules/hostap/src/supp_main.h:61:57: warning: ‘enum wpa_msg_type’
declared inside parameter list will not be visible outside of
this definition or declaration
61 | void wpa_supplicant_msg_send(void *ctx, int level,
enum wpa_msg_type type,
const char *txt,
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Both the supplicant_set_btwt() and supplicant_ap_bandwidth() are
not found in Zephyr sources so remove them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE is enabled, there
are lot of missing functions reported during linking.
Add missing C files to the compilation to fix this.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Without this there is an error
modules/lib/hostap/src/crypto/fips_prf_internal.c:47: \
undefined reference to `SHA1Transform'
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The P2P support needs EAPOL support in order to avoid a compilation
error about missing eap field in wpa_ssid struct.
modules/lib/hostap/wpa_supplicant/wpa_supplicant.c:5102:65:
error: ‘struct wpa_ssid’ has no member named ‘eap’
5102 | eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The functions in ip-addr.c are needed in more places than just
for hostapd so add it unconditionally to the build.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Rename the Silabs HCI driver to hci_silabs_efr32.c to better indicate what
hardware it supports. Also rename the associated devicetree binding and
Kconfig options to be consistent with the new driver name.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
Swap from the deprecated device_init_* functions to clock manager
for clock tree configuration. Populate config headers using
device tree representation of clock tree and oscillator config.
Signed-off-by: Aksel Skauge Mellbye <aksel.mellbye@silabs.com>
The DC-DC converter was unconditionally initialized with default
settings on Series 2. Add device tree binding and nodes, and guard
call to init function. Map DT options to config header from HAL.
Signed-off-by: Aksel Skauge Mellbye <aksel.mellbye@silabs.com>
Move the CMakeLists.txt and Kconfig files from the hal_silabs tree under
modules/hal_silabs in the main tree. This also includes all Zephyr shim
code from the hal_silabs tree.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
The Thrift library makes use of POSIX C functions such as ctime_r(), which
are not part of the ISO C standard.
This commit adds a Thrift module-wide `_POSIX_C_SOURCE` feature test macro
definition in order to ensure that the required POSIX C functions are
available when compiling the Thrift library.
Note that this was not caught earlier because Newlib and older versions of
Picolibc did not properly fence off some POSIX functions behind the feature
test macros.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This new version introduces a new sub-command `uicr-compile`, which will
generate `uicr.hex` based on a new binary format required by an upcoming
release of Secure Domain Firmware (SDFW) closer to production.
Since this is a breaking change, and SDFW is not finalized yet, we need
to support two nrf-regtool versions for a short time, and use different
CLI invocations based on which version is installed. Hence, the minimum
required version is unchanged.
Additionally, retire CONFIG_NRF_REGTOOL_EXTRA_GENERATE_ARGS. There will
be no use for it moving forward.
Signed-off-by: Grzegorz Swiderski <grzegorz.swiderski@nordicsemi.no>
For transmit_message if the transmission is timed and underlying
driver supports `IEEE802154_HW_SELECTIVE_TXCHANNEL` then use
the selective txchannel feature for transmission.
This does not change the current `channel` at the moment of call,
the driver will transmit the message on the channel selected through
`net_pkt_set_ieee802154_txchannel` then (after receiving an ACK
if requested) it will return to the original channel.
When Kconfig option IEEE802154_SELECTIVE_TXCHANNEL is turned on,
the timed transmissions scheduled some time ahead on different
channel will not abort ongoing reception until the exact moment
of transmission comes.
Signed-off-by: Andrzej Kuroś <andrzej.kuros@nordicsemi.no>
- boards: renesas: Add support for agt.
- drivers: counter: Add support for counter driver use agt
- dts: arm: Add support for agt.
- dts: bindings: Add support for agt counter driver.
- soc: renesas: Add support for agt counter driver.
- samples: drivers: counter: alarm: Add support for RA8
This is initial support with only basic functionality for counter
operation on Zephyr using AGT hardware, current support for
count source is limited to LOCO and PCLKB, other count source
like underflow signal external pin or AGTIO from another AGT
channel will be added in later support
Signed-off-by: Ha Nguyen <ha.nguyen.fz@bp.renesas.com>
Signed-off-by: Thao Luong <thao.luong.uw@renesas.com>
Signed-off-by: Duy Phuong Hoang. Nguyen <duy.nguyen.xa@renesas.com>
Signed-off-by: Khoa Nguyen <khoa.nguyen.xh@renesas.com>
This commit increases the range of value for the
OPENTHREAD_CLI_MAX_LINE_LENGTH option to the maximum allowed.
The previous range may have been insufficient for Openthread vendor CLI
commands.
Signed-off-by: Lukasz Maciejonczyk <lukasz.maciejonczyk@nordicsemi.no>
The production version of the nRF54L15 SoC is now available, so remove
the initial Engineering A (EngA) preview version.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This config will be used to indicate if a platform
has the support for monolithic BT feature.
Signed-off-by: Yassine El Aissaoui <yassine.elaissaoui@nxp.com>
Driver now uses multi-instance PDM nrfx API and
defines PDM device based on available instances.
It also introduces calculating PDM frequency using
prescaler, present on nRF54L15 FP1.
Updated nrfx API version changed to 3.7 to use the
new PDM API.
Signed-off-by: Michał Stasiak <michal.stasiak@nordicsemi.no>
New PDM, some present on nRF54L15 FP1, instances have
been added. Modified condfiguration file for nRF5340,
which now requires PDM0 instance.
Signed-off-by: Michał Stasiak <michal.stasiak@nordicsemi.no>
Added dedicated nrfx configuration files for
nRF54L15 FP1, which differ from ENGA variant with
inclusion of PDM.
Signed-off-by: Michał Stasiak <michal.stasiak@nordicsemi.no>
In "connect" all networks are removed and new network is always added,
but in disconnect the network isn't deleted, so, the memory is
unnecessarily held till next connect. This is not exactly a leak, but if
someone profiles using "kernel heap" then this can be construed as a
leak.
Fix this by removing network during the disconnection (for now "all") so
that the memory can be used by someone else.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add EAP-TLS, EAP-PEAP-MSCHAPv2, EAP-PEAP-GTC, EAP-TTLS-MSCHAPv2,
EAP-PEAP-TLS, EAP-TLS-SHA256 enterprise wpa2 and wpa3 suiteb
support for station.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
Since we now have PSA Crypto APIs/Mbed TLS alternatives for crypto
operations in all Zephyr's codebase we can start the deprecation
of the TinyCrypt libary (as planned from #43712).
This commit is only the inital step: updates documentation and
add the DEPRECATED Kconfig option to the TINYCRYPT one.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Fix DPP build error when HOSTAPD enabled and DPP disabled.
Guard hapd_dpp_dispatch in both CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP
and CONFIG_WIFI_NM_HOSTAPD_AP.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
Implement callback for incoming CAN messages for any of the
configured filters for CANopenNode.
This can be used to wake the loop calling CO_process when a
new message was received which needs processing.
Signed-off-by: Christian Gabriel <ch_gabriel@web.de>
When try to start SAP on channel 12 with region code US, the channel
check will fail and calls supplicant_send_wifi_mgmt_ap_status() with
iface->owner is NULL, which causes DUT hang. Set iface->owner when
enable the SAP can fix this issue.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Don't attempt to take a mutex if operating from inside an ISR. The only
expected use-case where this should occur is when attempting to reboot
via `tfm_platform_system_reset` from an exception handler.
Fixes#79687.
Signed-off-by: Jordan Yates <jordan@embeint.com>
Enterprise security doesn't have either SAE or PSK, so, using a blanker
else throws a false warning. Fix the checks to proper handler enterprise
mode.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
EAP-FAST has extra requirements (TLS 1.3, session tickets etc) and is
seldom used, so, remove it from Enterprise list and add a separate
Kconfig option.
This solves the build error when Enterprise mode is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
This commit introduces a new option, OPENTHREAD_CLI_VENDOR_EXTENSION,
in the Zephyr OpenThread module to map the upstream option
OT_CLI_VENDOR_EXTENSION.
OPENTHREAD_CLI_VENDOR_EXTENSION option specifies the path to a CMake
file that defines and links the CLI vendor extension. By setting this
option, it enables the addition of vendor-specific commands to
the OpenThread CLI interface.
Signed-off-by: Lukasz Maciejonczyk <lukasz.maciejonczyk@nordicsemi.no>
Enabling all EAP types for enterprise mode increases
memory usage in both ROM and RAM. Provide config options for each
type to let solutions choose the methods based on their
requirements.
Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
Adds supporting code that allows the RAM load mode of MCUboot to
be used and for applications to build successfully with it.
Sysbuild can be used to build images for this mode
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
The mcux_acmp will get support by the comparator subsystem. To avoid
namespace clashes, namespace the driver, kconfigs and use the
MCUX_ACMP config solely to select the MCUX SDK driver.
Signed-off-by: Bjarki Arge Andreasen <bjarki.andreasen@nordicsemi.no>
The format of wpa_passphrase and sae_password is wrong when start the
SAP, which leads the invaild MIC check error when other STA try to
connect in security mode. Change the wrong format can fix this issue.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Now that hostap is used k_heap, it needs to reserve the kernel heap not
libc heap.
Fixes#79477.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
This was we can modify it in a single place that works both for native
and OS specific code.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Service for powering peripherals that use GPIO pins
in the global power domains:
- Active Fast
- Active Slow
- Main Slow
Signed-off-by: Rafal Dyla <rafal.dyla@nordicsemi.no>
Add crypto module test kconfig option
CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_TEST,
which is default n and hidden.
It is only available by developer for crypto module test.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
The previous NET_EVENT_SUPPLICANT_CMD_INT_EVENT is from
"enum net_event_supplicant_cmd" but the supplicant_send_wifi_mgmt_event()
has the event parameter as an "enum net_event_wifi_cmd" and those event
number spaces are different.
This meant that the wrong event value NET_EVENT_SUPPLICANT_CMD_INT_EVENT
maps to NET_EVENT_WIFI_CMD_TWT (from "enum net_event_wifi_cmd") which
fortunately did not cause issue in this case because the
supplicant_send_wifi_mgmt_event() has no handling for this TWT event value.
It is important we fix this as this can cause great confusion in the
future.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Uses imgtool directly to sign images instead of calling west sign,
this also removes the MCUBOOT_CMAKE_WEST_SIGN_PARAMS Kconfig option
as this has no effect
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Adds a Kconfig which can be selected when building for firmware
updater mode to select if this is the application or the firmware
updater image that is being built
Signed-off-by: Jamie McCrae <jamie.mccrae@nordicsemi.no>
Save information regarding SVD file in use in vendor-specific section
of the build info file.
Information is stored under Nordic section.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
When building with `MBEDTLS_PSA_CRYPTO_C` enabled, compile in the
PAKE (Password-authenticated key exchange) implementation.
Signed-off-by: Jordan Yates <jordan@embeint.com>
The new GRTC reading manner of the SYSCOUNTER uses hardware mechanism which
allows to keep it alive when any of CPUs is not sleeping. Otherwise
the SYSCOUNTER goes into sleep mode. Thus there is no
longer need to maintain the `CONFIG_NRF_GRTC_SLEEP_ALLOWED` symbol, however
if the user wants to have the SYSCOUNTER enabled all the time the
`CONFIG_NRF_GRTC_ALWAYS_ON` can be used instead.
The nrfx_grtc driver no longer provides the `wakeup-read-sleep` reading
manner.
Also setting the GRTC clock source is performed by the nrfx_grtc driver so
it has been removed from the `sys_clock_driver_init()` function.
Signed-off-by: Adam Kondraciuk <adam.kondraciuk@nordicsemi.no>
Using a separate workqueue causes issues without any special locking to
synchronize with networking threads e.g., interface being removed while
the workqueue is trying to synchronize with WPA supplicant.
It's easier to use the net_mgmt thread which is in better sync with
networking.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
In case of error conditions post successfully sending the message, the
event is already freed but we attempt to free it again.
Rejig the labels to easily reflect thier purpose.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
When an event is sent the receiver gets is asynchronously and hence is
responsible for free the event, the sender should only free in case of
error conditions i.e., unable to send.
Else, this causes a tough to debug double-free.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
In case WPA supplicant disabled DPP, we need to compile out the
corresponding DPP code in Wi-Fi shell too.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
With the secure storage subsystem now providing an implementation of
the PSA ITS API, let Mbed TLS use it when it's enabled.
This allows the use of persistent keys in the PSA Crypto API.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add `OPENTHREAD_STORE_FRAME_COUNTER_AHEAD` Kconfig option
and set it to 100000, as after calculations it appears to
be a more suitable value.
Signed-off-by: Maciej Baczmanski <maciej.baczmanski@nordicsemi.no>
Enable Cortex R8 support, similar to Cortex-R5.
Signed-off-by: Krzysztof Sychla <ksychla@antmicro.com>
Signed-off-by: Marek Slowinski <mslowinski@antmicro.com>
Signed-off-by: Piotr Zierhoffer <pzierhoffer@antmicro.com>
Signed-off-by: Mateusz Hołenko <mholenko@antmicro.com>
The LVGL input callback does not use an instance specific name, so we
can only ever have one instance of this type. This issue was evident by
a build error, e.g., when using "zephyr,lvgl-keypad-input" nodes twice:
error: redefinition of '_input_callback__lvgl_keypad_process_event'
Signed-off-by: Gero Schwäricke <gero.schwaericke@posteo.de>
The security check case statements were in frequency band
setting checks. This is totally wrong and will cause compiler
warnings. Moving the checks to correct function.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In order to be able to ifdef based on `CONFIG_RUST`, the config must be
defined in the main repo (because the rust module is optional). Add
this as a placeholder. If the module is not availabe, the symbol will
be present, and always disabled. The module will provide a full
definition for the Kconfig.
Signed-off-by: David Brown <david.brown@linaro.org>
By default, TFM enables hardware rollback protection, which requires a
security counter to be embedded in the image trailer. The default
behaviour of constructing this counter from the image version breaks the
TFM `boot_nv_security_counter_update` implementation once the version
number is greater than `0.0.1024`. As such, explicitly specify the
desired security counter value. As per the MCUboot docs, this does not
need to be incremented on every firmware update.
Signed-off-by: Jordan Yates <jordan@embeint.com>
For add_interface(), only add STA interface when hostapd enabled,
and the Soft-AP interface will be added in zephyr_hostapd_init().
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
DVFS medlow oppoint should use trim entry index 2,
this needs to be updated in hal/hal_nordic.
Currently this is not possible because of time
constraints that is why this temporary patch
is applied. This is the only point where
new_f_trim_entry is used.
Signed-off-by: Lukasz Stepnicki <lukasz.stepnicki@nordicsemi.no>
This defines raspberrypi,pico-xosc along with a configurable startup
delay multiplier. On some boards, the XOSC takes longer to stabilize.
Signed-off-by: Xudong Zheng <7pkvm5aw@slicealias.com>
When we have coexistence of hostapd and wpa_supplicant,
wpa_msg has different implementation.
So to let them work together, we need to have common implementation
for wpa_msg and dispatch msgs for hostapd and wpa_supplicant.
So add register zephyr_hostap_ctrl_iface_msg_cb,
and judge if ctx is hostapd by the first integer where ctx points to.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
Hostapd has TODO in hostapd_dpp_handle_config_obj,
to save DPP connector using wpa_msg.
AP DPP needs to use dpp_connector, dpp_netaccesskey and dpp_csign
in DPP Peer Discovery handshake in hostapd_dpp_rx_peer_disc_req.
So add AP DPP wpa_msg event handler to store these info.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
Add hostapd mgmt ops, some use same api as wpa_supplicant,
and DPP use different ops.
supplicant_dpp_dispatch use wpa_cli and hapd_dpp_dispatch use hostapd_cli.
And use common DPP param parse.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
There are HCI drivers which reference the module-specific Kconfig symbols
which are auto-generated when the modules are present. Provide default
definitions for these symbols in case the modules are missing, so that
compliance checking doesn't stumble over seemingly non-existent Kconfig
options.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
This commit introduces the option to place the mbed TLS heap in a custom
memory section. The heap might be quite large depending on concurrent
TLS connections, thus it might be needed to place this manually
Signed-off-by: Emil Lindqvist <emil@lindq.gr>
According to Mbed TLS changelog this feature was set default ON
since 3.1.0 release, so the build symbol is no more available.
This commit removes it from Zephyr.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The RADIO and RADIO_TIMER HAL modules will be required to
implement BLE support for STM32WB0 series.
Signed-off-by: Mathieu Choplain <mathieu.choplain@st.com>
Mbed TLS automatically sets PSA_WANT_KEY_TYPE_[RSA/ECC]_KEY_PAIR_BASIC
whenever "_IMPORT || _EXPORT || _GENERATE || _DERIVE" operations
are set. Therefore we just set the proper actions where required.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Add null termination of ssid and psk. If user pass ssid,
psk without null terminator it will add by default.
Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
For some systems, the display peripheral or GPU requires that buffers be
aligned on a boundary for optimal performance. We already align display
buffers using CONFIG_LV_ATTRIBUTE_MEM_ALIGN_SIZE, but some applications
will rely on the definition of LV_ATTRIBUTE_MEM_ALIGN. Provide this
definition so those buffers will be aligned as well.
Signed-off-by: Daniel DeGrasse <daniel.degrasse@nxp.com>
Add condition for KConfig Renesas FSP hal module
Move the DUAL_BANK_MODE from SOC to flash driver KCONFIG
Signed-off-by: Duy Nguyen <duy.nguyen.xa@renesas.com>
Taking a cue from `nrfx/templates`, introduce this file so that it can
be overridden out-of-tree to add external nRF product definitions.
Signed-off-by: Grzegorz Swiderski <grzegorz.swiderski@nordicsemi.no>
Add new binding and a node to nrf54h20. Update Kconfig and nrfx_config
to include nrfx_tbm driver when node with that compatible is enabled.
Signed-off-by: Krzysztof Chruściński <krzysztof.chruscinski@nordicsemi.no>
The default Max A-MPDU length is 8191 shown in the VHT Cap Info from
SAP's beacon/Assoc response, and this length is read from
hapd->iface->conf->vht_capab. It will lead to the AMPDU only contains
5 packets and the throughput is only 60Mbps for 1x1 HE case in 5GHz.
Change the default vht_capab to VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
(1048575), and the throughput can be increased to 83Mbps.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Require the presence of the nrf-regtool package as well as its exact
version, failing the build whenever the required version is not found in
the system.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Adds support for settings/getting RTC time and using alarm/update feature.
The alarm option needs all fields to be set due to a hardware limitation.
RTC shares the same interrupt with the watchdog. Thus shared
interrupts must be enabled when WDT and RTC both need to trigger the ISR.
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
When build with the psa_crypto_driver, it will try to include common.h
of mbedtls, but actually include the common.h from hostap, and causes
build error of undefined symbol. Use zephyr_interface_library_named
to define hostap, and other modules needs to link the library of hostap
when wants to use the header file in /utils path, such as the common.h.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA should not be by default
selected when WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT is selcted. Enable
PSA APIs if desired separately.
Signed-off-by: Vivekananda Uppunda <vivekananda.uppunda@nordicsemi.no>
Set WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT as the default crypto
configuration. The crypto ALT implementation contains the necessary
crypto operations and also allows the user to choose PSA or non PSA
crypto operation.
Signed-off-by: Vivekananda Uppunda <vivekananda.uppunda@nordicsemi.no>
This option switches support for multiple volumes on the physical drive. By
default (0), each logical drive number is bound to the same physical drive
number and only a first FAT volume found on the physical drive will be
mounted.
When this function is enabled (1), each logical drive number can be bound
to arbitrary physical drive and partition listed in the VolToPart[].
The VolToPart[] is expected to be provided by Zephyr application.
For example, 2 FAT partition on SD disk ("SD" index 3) in terms of Zephyr:
{3, 1} - mount point "/0:"
{3, 2} - mount point "/1:"
The mount points have to be numbered in this case.
Code example of mounting a second FATFS partition places on SD-card:
static FATFS fat_fs;
static struct fs_mount_t mp = {
.type = FS_FATFS,
.fs_data = &fat_fs,
.mnt_point = "/1:
};
/*
* 2 FAT partition on SD disk
* PARTITION.pd - Physical drive number. "SD" has index 3 in terms of
* Zephyr (see FF_VOLUME_STRS)
* PARTITION.pt - Partition (0:Auto detect, 1-4:Forced partition). So 1 for
* the first FATFS partition and 2 - for second.
*/
PARTITION VolToPart[FF_VOLUMES] = {
[0] = {3, 1}, /* "0:" ==> 1st partition on the pd#0 */
[1] = {3, 2}, /* "1:" ==> 2nd partition on the pd#0 */
[2] = {0, -1}, /* "2:" ==> 3rd partition on the pd#0 */
[3] = {0, -1},
[4] = {0, -1},
[5] = {0, -1},
[6] = {0, -1},
[7] = {0, -1},
};
fs_mount(&mp);
Signed-off-by: Grygorii Strashko <grygorii_strashko@epam.com>
The Kconfig option enables support for 64-bit LBA, which also allows
to enable GUID Partition Table (GPT) support.
Signed-off-by: Grygorii Strashko <grygorii_strashko@epam.com>
Issue:
Kconfig WIFI_AIROC should not depend on infineon SOC family selection
for the connection. See issue#77012 for details.
Fix:
- update modules/hal_infineon/Kconfig to be able enable
USE_INFINEON_ABSTRACTION_RTOS for non Infineon SOC family.
Signed-off-by: Nazar Palamar <nazar.palamar@infineon.com>
Link mode shows unknown when legacy (A or bg only) device connects to
APUT. Set the link mode to WIFI_2 when the host freq over 4000 and set
link mode to WIFI_3 when the host freq over 2000.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
Added new flag CONFIG_WIFI_NM_HOSTAPD_AP for hostapd support. Once this
flag is enabled, softAP will be setup by hostapd. Both wpa_supplicant
and hostapd uses same task and eloop.
Included necessary hostapd files when compiling wifi samples if
CONFIG_WIFI_NM_HOSTAPD_AP is enabled. Added hostapd support for all
softAP command of L2 wifi shell commands.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
This is the bare minimum and includes the SoC, pinctrl, flash and
devicetree.
I had to include the flash driver that early because I couldn't make
Zephyr compile without flash driver nodes in the device tree.
Signed-off-by: Michael Zimmermann <michael.zimmermann@grandcentrix.net>
This commit just moves some code around. For sake of cleanliness
a new file is added to hold the entropy parsing functions
for Mbed TLS.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is meant to be used only for tests on platforms where CSPRNG
sources are not available. It should not be used in production.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Improve the description of both MBEDTLS_PSA_CRYPTO_LEGACY_RNG and
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG kconfig symbols.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
- Slightly improve the name of this kconfig adding the suffix
_POLL in order to highlight that this adds a callback
function used to poll data.
- Description was also updated to point out that this symbols
might not only use the (secure) entropy driver, but also
generic number generators, some of which are not really
secure.
- The symbol was move from Kconfig to Kconfig.tls-generic because
this is where MBEDTLS_ENTROPY_C is located and since
MBEDTLS_ENTROPY_HARDWARE_ALT depends on the former (it only
makes sense if the entropy module is also enabled), we add
also the "depends on".
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
ENABLED suffix does not really makes much sense for a kconfig
so it should be removed. Also other MBEDTLS symbols were recently
updated accordingly.
Moreover having it named exactly the same way as in Mbed TLS
symplifies the understanding of what this kconfig is doing.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Enable the `MBEDTLS_PEM_WRITE_C` mbedtls configuration option when
`CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT` is selected.
Signed-off-by: Simone Orru <simone.orru@secomind.com>
Initial commit for entropy support on RA8
- drivers: entropy: implementation for TRNG driver of RA8x1
- dts: arm: add device node for trng of RA8x1
- boards: arm: enable support zephyr_entropy for ek_ra8m1 and
update board documentation
Signed-off-by: The Nguyen <the.nguyen.yf@renesas.com>
Signed-off-by: Duy Phuong Hoang. Nguyen <duy.nguyen.xa@renesas.com>
The nRF9280 is a SiP (System-in-Package) consisting of the nRF9230 SoC
and additional components such as PMIC and others. Additionally,
the nRF9230 contains several CPUs, similarly to the nRF54h20 SoC.
Update nrfx glue, and add necessary Kconfig and initialization code
to allow building for nRF9280 targets: CPU, Radio and PPR cores.
The nRF9280 is used for all user build targets and Kconfigs,
whereas the nRF9230 is used as the build target for the MDK.
Signed-off-by: Emanuele Di Santo <emdi@nordicsemi.no>
Co-authored-by: Andreas Moltumyr <andreas.moltumyr@nordicsemi.no>
MCUX ehci controller driver support cache maintenance if
USB_DEVICE_CONFIG_BUFFER_PROPERTY_CACHEABLE is enabled.
Enable USB_DEVICE_CONFIG_BUFFER_PROPERTY_CACHEABLE if
CONFIG_UDC_BUF_FORCE_NOCACHE is false and CONFIG_NOCACHE_MEMORY
is true.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
For Enterprise crypto MbedTLS needs more heap either separate pool or
libc heap, based on experiments 55000 was arrived for a successful
WPA2-EAP-TLS association.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add basic WPA2 EAP-TLS support.
Also, add test infrasturcture esp. the certification handling,
non-certificate credentials are take as runtime input and certificated
are build time input for testing.
A real application can set certificates at runtime too.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
First commit to support serial driver running on r_sci_uart for Renesas
RA devices.
Signed-off-by: The Nguyen <the.nguyen.yf@renesas.com>
Signed-off-by: Duy Phuong Hoang. Nguyen <duy.nguyen.xa@renesas.com>
