- TF-M - lists.trustedfirmware.org

by Antonio De Angelis

Open CI infrastructure has been down since this morning and currently still not working. Will post updates to the mailing list once they are available. Thanks, Antonio

1 year, 3 months

1
1
0 0

ITS Encryption

by Jain, Saurabh

Hi All I am quite new to TF-M and would like some insight into the query below. I appreciate any help you can provide. We're adding encryption support for ITS and for nonce requirement, we're thinking of accessing TRNG which is part of the crypto partition. Now, we're aware of the possible cyclic dependency issue with the IPC model but since we're using the SFN model, will it be okay to access crypto service(TRNG) from ITS? In other words, would cyclic dependency be a concern in SFN model provided there are no limitations on hardware? Thanks in advance. Saurabh

1 year, 3 months

3
3
0 0

Notice of platform deprecation: TC2

by Jackson Cooper-Driver

Hi all, A heads up that the Total Compute 2022 (TC2) platform is due to be deprecated. If there is no objection, I will go ahead and remove TC2 from the TF-M codebase a month from now (25/11/24). Thank you. Thanks, Jackson

1 year, 3 months

1
0
0 0

increased interrupt latency when calling the PSA PS API

by Fontanilles, Tomi

Hi all, I'm currently looking into an issue reported internally where the maximum latency for a zero-latency, priority 0 interrupt dramatically increases during a call to the PSA Protected Storage (PS) API. The maximum interrupt latency goes up ~10-fold, or even some more at times (it varies), and this is not acceptable to code running on the NS side for normal operation. It's as simple as calling psa_ps_set(1, 4, buf, PSA_STORAGE_FLAG_NONE) once. During that call (which I am told was also seen to be unreasonably long: 600ms for 4 bytes, 1s for 1000 bytes), the maximum interrupt latency goes up. It (the maximum) seems to not vary too much even if increasing the size of stored assets (tested up to 4000 bytes), though it can get up to 20 times higher than the normal interrupt latency. Also, other functions were tested (psa_generate_random(), psa_hash_compute()). Those don't provoke an increased interrupt latency. Maybe it's only about the PS, or maybe some other calls can provoke that as well. Does someone have an explanation for that? And even more importantly, can that interrupt latency be reduced, ideally down to normal levels? Thanks in advance. Tomi

1 year, 3 months

2
5
0 0

Set PSA_2_0_0 as default attest profile and removal of PSA_IOT_PROFILE_1

by Tamas Ban

Hi, We are going to set the PSA_2_0_0 profile as the default for the initial attestation service. This will impact which claims are included in the token and their key values. More details are here: https://www.ietf.org/archive/id/draft-tschofenig-rats-psa-token-24.html Changes on review: https://review.trustedfirmware.org/q/topic:%22attest_profile_update%22 As a follow-up action, the PSA_IOT_PROFILE_1 is being deprecated. We are planning to remove it from the code base as well. To figure out the timing of this we would like to collect some data: * If you are using the PSA_IOT_PROFILE_1 please let us know what would be a feasible time for you to switch over the PSA_2_0_0 profile. Thanks! Best regards, Tamas Ban

1 year, 3 months

3
2
0 0

Discussion on TF-M Copyright notices update

by Anton Komlev

Hello, I would like to open discussion on TF-M copyright notice unification following other projects in TrustedFirware.org<https://www.trustedfirmware.org/> which already adopted Linux Foundation copyrights<https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-…>. With the change TF-M copyright notice will be unified to: Copyright (c) XXXX[-YYYY], The TrustedFirmware-M Contributors. All rights reserved. The change to the contribution process is proposed here: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/31664 Please share your thoughts on the subject. I plan to bring this topic to the tech forum agenda on Thursday. Please join the discussion. Thanks, Anton

1 year, 3 months

1
1
0 0

PSA Certification for TF-M

by Zhang, Hao

Hi TF-M committee, I have a question regarding PSA certification. Am I understanding correctly that if a platform wants to be ported to TF-M and the product wants to pass PSA certified, the TF-M version needs to come from a certain LTS tag release (e.g. TF-M v2.1.0<https://github.com/TrustedFirmware-M/trusted-firmware-m/tree/TF-Mv2.1.0> with commit 0c4c99b<https://github.com/TrustedFirmware-M/trusted-firmware-m/commit/0c4c99ba33b3…> that was pushed 5 months ago). However, Zephyr v3.7.0 is using TF-M version<https://github.com/zephyrproject-rtos/zephyr/blob/v3.7.0/west.yml#L330C17-L…> that is updated after TF-M v2.1.0. Does that means efforts need to be done to manually modify west.yml in Zephyr to roll back to the tag release of v2.1.0 for PSA certification? Thank you very much, Best, [https://opengraph.githubassets.com/f92ee5eaaedaf25d7ae17b5e8fc073a1573b0f31…]<https://github.com/zephyrproject-rtos/zephyr/blob/v3.7.0/west.yml#L330C17-L…> zephyr/west.yml at v3.7.0 · zephyrproject-rtos/zephyr<https://github.com/zephyrproject-rtos/zephyr/blob/v3.7.0/west.yml#L330C17-L…> Primary Git Repository for the Zephyr Project. Zephyr is a new generation, scalable, optimized, secure RTOS for multiple hardware architectures. - zephyrproject-rtos/zephyr github.com [https://opengraph.githubassets.com/685e753ecccd8431b5e0c4ed32fb794a49e2bcb3…]<https://github.com/TrustedFirmware-M/trusted-firmware-m/tree/TF-Mv2.1.0> GitHub - TrustedFirmware-M/trusted-firmware-m at TF-Mv2.1.0<https://github.com/TrustedFirmware-M/trusted-firmware-m/tree/TF-Mv2.1.0> Read-only mirror for Trusted Firmware-M. Contribute to TrustedFirmware-M/trusted-firmware-m development by creating an account on GitHub. github.com Best regards, Hao

1 year, 3 months

3
6
0 0

Security vulnerability notice - Unchecked user-supplied pointer via mailbox messages may cause write of arbitrary address

by Anton Komlev

Hello, This email is a notification of a new security vulnerability reported to TF-M by Infineon Technologies AG, in collaboration with: Tobias Scharnowski, Simon Wörner and Johannes Willbold from fuzzware.io. Unchecked user-supplied pointer via mailbox messages may cause write of arbitrary address. Please find the security advisory attached. The fix has been merged on the latest main branch tfm_spe_mailbox: Do not write-back on input vectors checks failure<https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/31512> We're preparing a hotfix release v2.1.1 to include fixes for this vulnerability and bugs reported till that date via TF-M issue tracker: https://github.com/TrustedFirmware-M/trusted-firmware-m/issues?q=is%3Aissue Thanks and best regards Author

1 year, 4 months

1
0
0 0

QEMU usage

by Matthew Dalzell

Hi everyone, It has come to our attention that QEMU is no longer able to run the regression tests in a timely manner, and before we go ahead and outright disable them, we would like to know if anyone is using QEMU for their platform testing. If so, please reply to this message and we can have further discussion on the point. Thanks, Matt

1 year, 4 months

2
1
0 0

Re: Looking for suggestions about make Mbed TLS APIs non-secure callable APIs on armv8m

by Shebu Varghese Kuriakose

+ TF-M mailing list From: David Horstmann via mbed-tls <mbed-tls(a)lists.trustedfirmware.org> Sent: Tuesday, September 24, 2024 5:14 PM To: mbed-tls(a)lists.trustedfirmware.org; Lee, William <William.Lee(a)garmin.com> Subject: [mbed-tls] Re: Looking for suggestions about make Mbed TLS APIs non-secure callable APIs on armv8m Hi William, Since Mbed TLS is a cross-platform library, we don't deal directly with TrustZone-M. However, if I have understood correctly, I think your usecase is solved by the Trusted Firmware M (TF-M) project[1], which is an implementation of secure firmware that provides cryptography services via non-secure-callable APIs. TF-M uses Mbed TLS internally and implements the PSA Certified Cryptography API[2]. The Crypto Service Integration Guide[3] in the documentation should be a good starting point for what you are trying to do. I hope that helps, David Horstmann Mbed TLS developer [1] https://www.trustedfirmware.org/projects/tf-m [2] https://www.psacertified.org/getting-certified/crypto-api-compliance/ [3] https://trustedfirmware-m.readthedocs.io/en/latest/integration_guide/servic… [https://www.trustedfirmware.org/images/social-media-image.png]<https://www.trustedfirmware.org/projects/tf-m> TrustedFirmware-M (TF-M)<https://www.trustedfirmware.org/projects/tf-m> TrustedFirmware-M (TF-M) implements the Secure Processing Environment (SPE) for Armv8-M, Armv8.1-M architectures or dual-core platforms. www.trustedfirmware.org<http://www.trustedfirmware.org> ________________________________ From: Lee, William via mbed-tls <mbed-tls(a)lists.trustedfirmware.org<mailto:mbed-tls@lists.trustedfirmware.org>> Sent: 24 September 2024 15:08 To: mbed-tls(a)lists.trustedfirmware.org<mailto:mbed-tls@lists.trustedfirmware.org> <mbed-tls(a)lists.trustedfirmware.org<mailto:mbed-tls@lists.trustedfirmware.org>> Subject: [mbed-tls] Looking for suggestions about make Mbed TLS APIs non-secure callable APIs on armv8m Hi Mbed TLS, I am looking for some suggestions about make some (or all) Mbed TLS APIs non-secure callable APIs on armv8m. The background is that I am going to have a secure firmware that provides encryption services by building part (or whole) of Mbed TLS into that firmware and make those original mbedtls_x APIs non-secure callable, so the existing non-secure firmware could link those non-secure callable APIs and use them. Some of my thoughts: (1) The easiest way to do it I can think of is just add the attribute "cmse_nonsecure_call" to those APIs' declaration (or use a macro to wrap the attribute for conditional build to not impact others don't want it), but I do not think this modification could be accepted by upstream 🙂. (2) So my another thought is duplicate all header files and put them under another folder, assuming it is my-include folder, then I can do whatever I want to my-include folder, but there is also a problem I can think of: a merge/compare burden between include and my-include folder after I have updated Mbed TLS. I really appreciate other suggestions! Thanks, William

1 year, 4 months

2
1
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-M