- TF-M - lists.trustedfirmware.org

by Thomas Törnblom

I just noticed that there has been an MCUBoot patch merged, which appears to cause build issues in loader.c for MUSCA_A, which seems to be the only target requiring RAM_LOADING: --- [ 98%] Building C object bl2/ext/mcuboot/CMakeFiles/mcuboot.dir/bootutil/src/loader.o C:/Users/thomasto/Projects/tf-m2/trusted-firmware-m/bl2/ext/mcuboot/bootutil/src/loader.c:189:24: error: expected value in expression #if MCUBOOT_RAM_LOADING ^ 1 error generated. make[2]: *** [bl2/ext/mcuboot/CMakeFiles/mcuboot.dir/build.make:341: bl2/ext/mcuboot/CMakeFiles/mcuboot.dir/bootutil/src/loader.o] Error 1 make[1]: *** [CMakeFiles/Makefile2:1265: bl2/ext/mcuboot/CMakeFiles/mcuboot.dir/all] Error 2 make: *** [Makefile:118: all] Error 2 --- Thomas -- *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>

6 years, 1 month

1
0
0 0

Re: [TF-M] Will TFM crypto service suppot national encryption algorithm in the future?

by Shebu Varghese Kuriakose

Hi Matt, TF-M plans to continue using Mbedcrypto in the crypto service. Mbed Crypto implements the PSA Crypto APIs and is also now part of trustedfirmware.org community project alongside TF-M. However, it is possible with some effort for a platform using TF-M to use another crypto library in the TF-M crypto service. Of course the library will need to support PSA Crypto APIs to be PSA compliant. There is support for ARIA, Camellia in Mbed TLS. There has already been a PR for SM4 support sometime back - https://github.com/ARMmbed/mbedtls/pull/1165. SM2/SM3 algorithm support can be contributed to MbedTLS project (Mbed Crypto is now merged to Mbed TLS project). The maintainers will have to review and integrate the contribution as their bandwidth permits while finding time to review several contributions that the project is receiving. I am adding psa-crypto mailing list which is used for Mbedcrypto/PSA Crypto discussions. Regards, Shebu From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Matt via TF-M Sent: Thursday, April 16, 2020 8:24 AM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Will TFM crypto service suppot national encryption algorithm in the future? Hi All TFM experts, TFM crypto service is based on mbedcrypto and there is no national encryption algorithm support in current mbedcrypto implementation. The Chinese market has a strong demand for national encryption algorithms, such as SM2/SM3/SM4, will TFM crypto service change to other crypto implementation to support the national encryption algorithm in the future? Thanks, -Matt

6 years, 1 month

2
1
0 0

Will TFM crypto service suppot national encryption algorithm in the future?

by Matt

Hi All TFM experts, TFM crypto service is based on mbedcrypto and there is no national encryption algorithm support in current mbedcrypto implementation. The Chinese market has a strong demand for national encryption algorithms, such as SM2/SM3/SM4, will TFM crypto service change to other crypto implementation to support the national encryption algorithm in the future? Thanks, -Matt

6 years, 2 months

1
0
0 0

Re: [TF-M] [TF-A] Project Maintenance Proposal for tf.org Projects

by Sandrine Bailleux

Hi all, Thanks to all who have commented on this proposal so far. I've edited the original document to try and incorporate all feedback gathered so far (through the TSC meeting, this email thread and the TF-A tech call). Please have another look and flag anything I might have missed: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p… The major changes are: == Removed concept of self-review == This is proving too controversial, several people do not want to allow self-review. Roles of maintainer and code owner are still cumulative but cannot be both exercised for the same patch. The exact method of dealing with review bottleneck is still to be decided. In addition to the current proposal of increasing the maintainers pool, the most popular alternatives mentioned so far are: - Set a minimum wait time for feedback before a patch can be merged without any further delay. - Mandate distinct reviewers for a patch. == Enhanced the section "Patch contribution Guidelines" == Mentioned that patches should be small, on-topic, with comprehensive commit messages. == Added a note about how to deal with disagreement == If reviewers cannot find a common ground, the proposal is to call out a 3rd-party maintainer. == Removed "out-of-date" platform state == Squashed it into "limited support" to reduce the number of states. == Removed "orphan" state from platform support life cycle == This concept is orthogonal to the level of functionality. Added a note in the "Code Owner" section instead. == Per-project guidelines as a complementary document == Added a list of things that it would typically cover. == Added requirement on fully supported platforms to document the features they support == == Added todo mentioning that the proposal might cover branching strategies in the future == The full diff may be seen here: https://developer.trustedfirmware.org/phriction/diff/73/?l=4&r=5 This proposal is still open for discussion at this stage and further feedback is most welcome! Regards, Sandrine

6 years, 2 months

1
0
0 0

Design of symmetric key algorithms based Initial Attestation in TF-M

by David Hu

Hi all, Hope you all well! Profile Small (https://review.trustedfirmware.org/c/trusted-firmware-m/+/3598) includes symmetric key algorithm based Initial Attestation, as its Initial Attestation feature. I propose a design of symmetric key algorithm based Initial Attestation in TF-M, to complete the Profile Small feature list. Could you please take a look the design document at https://review.trustedfirmware.org/c/trusted-firmware-m/+/3898/? Any feedback is welcome! I also upload a PoC of symmetric key algorithm based Initial Attestation in TF-M. Please check the patch set at https://review.trustedfirmware.org/q/topic:%22symmetric-attest%22+(status:o…. Best regards, Hu Ziji

6 years, 2 months

1
0
0 0

TF-M Technical Forum call - April 16

by Anton Komlev

Hello, The next Technical Forum is planned on Thursday, April 16 at 7:00-8:00 UTC. Please reply on this email with your proposals for agenda topics. Best regards, Anton Komlev

6 years, 2 months

1
0
0 0

Invitation: TF-M Tech Forum @ Every 2 weeks from 07:00 to 08:00 on Thursday 2 times (BST) (tf-m@lists.trustedfirmware.org)

by Bill Fletcher

You have been invited to the following event. Title: TF-M Tech Forum About TF-M Tech forum:This is an open forum for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC.Feel free to forward it to colleagues.Details of previous meetings are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h When: Every 2 weeks from 07:00 to 08:00 on Thursday 2 times United Kingdom Time Calendar: tf-m(a)lists.trustedfirmware.org Who: * Bill Fletcher- creator * tf-m(a)lists.trustedfirmware.org Event details: https://www.google.com/calendar/event?action=VIEW&eid=NmJrNmtzbHVyYThiczFkY… Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-m(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

6 years, 2 months

1
0
0 0

Re: [TF-M] Multi-threaded single-scheduler model proposal

by Shreve, Erik

I see the discussion of today's tech forum agenda has begun ahead of time. :) Individual public key operations can take ms even when accelerated with HW. Further, the HW accelerators operate as math coprocessors with a series of math operations stitched together by SW. No doubt existing models in TF-M have the benefit of simplicity for the secure code analysis. However, their simplicity complicates the scheduling of the non-trusted code. The qualifier in this statement "No impact to time deterministic execution on the NS side unless two threads call secure services" is the issue. I believe we need a middle ground to drive additional adoption. Erik Shreve, PSEM Software Security Engineer & Architect (CMCU Platform Development) From: TF-M [mailto:tf-m-bounces@lists.trustedfirmware.org] On Behalf Of DeMars, Alan via TF-M Sent: Thursday, April 02, 2020 9:47 AM To: Reinhard Keil; tf-m(a)lists.trustedfirmware.org Cc: nd Subject: [EXTERNAL] Re: [TF-M] Multi-threaded single-scheduler model proposal I used crypto accelerator as a hypothetical example. In a real world use case we are faced with, the process kicked off by the secure service may take a long time (ie several ms). It is not acceptable to be parked in wfe during that time. Alan From: Reinhard Keil [mailto:Reinhard.Keil@arm.com] Sent: Thursday, April 2, 2020 6:52 AM To: DeMars, Alan; tf-m(a)lists.trustedfirmware.org Cc: nd Subject: [EXTERNAL] RE: [TF-M] Multi-threaded single-scheduler model proposal Alan, "I was afraid that this was the proposal. No lower priority NS threads can run while waiting for the secure interrupt. Only higher priority threads that are initiated by a NS interrupt can run." You are correct, scheduling of lower priority NS threads would be not possible. This is definitely a shortcoming of the solution. May I ask: how long does a hardware crypto operation take? What time could be used for low priority NS thread execution? Reinhard

6 years, 2 months

3
4
0 0

Re: [TF-M] Using tfm_plat_get_huk_derived_key(), TFM key-storage?

by Jamie Fox

Hi Andrej, Key derivation should be deterministic - given the same input parameters, tfm_plat_get_huk_derived_key() should always derive the same key. Each platform needs to implement tfm_plat_get_huk_derived_key() to use a key derivation function (KDF) to derive keys from the hardware unique key (HUK) that is kept in some one time programmable (OTP) memory on the chip. Depending on the platform, the key derivation might be done with a crypto accelerator, or it might be done with a software implementation of a KDF if no accelerator is available. You can use the Musca-B1 implementation as an example (https://git.trustedfirmware.org/trusted-firmware-m.git/tree/platform/ext/ta…), which uses CryptoCell-312 to derive keys from the HUK. Other Arm platforms only have dummy implementations of this function. In general, users of this API will keep their derived keys in volatile memory and redo the key derivation on each boot, as the cost of key derivation is low. Kind regards, Jamie From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: 09 April 2020 11:49 To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Using tfm_plat_get_huk_derived_key(), TFM key-storage? Hello, Could you clarify: 1) Must the tfm_plat_get_huk_derived_key() function to return the same key per each call (as it's done now), or it may return randomized key (per each call) derived from HUK? 2) If tfm_plat_get_huk_derived_key() may return a different key per call, the generated key must be stored in persistent storage. Is this key persistent storage already implemented (using the default parameters) for example in ITS, or the key-storage must be implemented additionally? It looks like the current TFM key storage is placed in RAM, or I have missed something? Thank you, Andrej Butok

6 years, 2 months

2
1
0 0

Using tfm_plat_get_huk_derived_key(), TFM key-storage?

by Andrej Butok

Hello, Could you clarify: 1) Must the tfm_plat_get_huk_derived_key() function to return the same key per each call (as it's done now), or it may return randomized key (per each call) derived from HUK? 2) If tfm_plat_get_huk_derived_key() may return a different key per call, the generated key must be stored in persistent storage. Is this key persistent storage already implemented (using the default parameters) for example in ITS, or the key-storage must be implemented additionally? It looks like the current TFM key storage is placed in RAM, or I have missed something? Thank you, Andrej Butok

6 years, 2 months

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-M