- TF-M - lists.trustedfirmware.org

[RFC] Update on Secure Partition Runtime Library design document

by Ken Liu (Arm Technology China)

Hi, I was trying to fix some typos in this document before, so I just create a short commit; but after couple times of updating I added more content into it, so called a review on this part. The changed part is, involving the RoT Service API implementation into SPRTL to simplify the caller usage. The RoT Service API is proposed in PSA FF 1.0.0, and I think this is the ideal place for putting it. The link: https://review.trustedfirmware.org/c/trusted-firmware-m/+/1886 Thanks. /Ken

6 years, 6 months

1
0
0 0

Re: [TF-M] TF-M / CMSIS-Pack Alignment

by Christian Daudt

Hi Robert, I'm failing to see how TFM and mbed-crypto can be both components in a TF-M system. I would expect that when I call e.g. "psa_import_key " from the NSPE, that must resolve to a single implementation, and it must be the TF-M client api that passes the request to the SPE crypto service - i.e. the code from interface/src/tfm_crypto_*_api.c. Can you describe how you see both being utilized simultaneously? Thanks, Christian. On 2019-09-13, 3:07 AM, "TF-M on behalf of Andrej Butok via TF-M" <tf-m-bounces(a)lists.trustedfirmware.org on behalf of tf-m(a)lists.trustedfirmware.org> wrote: Hi Antonio, If you do not want to change the file name, could you at least change the include name? For example, from #include "psa/crypto.h" to #include "tfm/psa/crypto.h" It works in our port. Is it possible for you? Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Antonio De Angelis via TF-M Sent: Thursday, September 12, 2019 10:57 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Robert, TF-M Crypto and Mbed-crypto are both implementations of the same interface, hence the same header names with different contents. Internally, TF-M Crypto uses Mbed-crypto as a library component, and its include path his hidden into the TF-M build system as Jamie explained, but an user application of TF-M is only able to use and include the TF-M Crypto headers, using the TF-M build system, by including psa/crypto.h If your IDE makes both Mbed-crypto and TF-M Crypto visible to the user application at global level, at build time the IDE must make sure that the right include path is visible, given that the PSA spec currently mandates the name of the header to be included to be psa/crypto.h and neither of the implementations are allowed to rename it without diverging from the spec. /Antonio -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: 12 September 2019 18:53 To: Jamie Fox <Jamie.Fox(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Jamie, The current solution is limiting how TF-M can be used. This is blocking toolchain and silicon vendors for wider adoption of TF-M. I have explained this already to @Ashutosh Singh and he confirmed that this is an issue. Yes, you can prebuild mbed-crypto and use it as a library. However in systems based on software components, TF-M is a component and mbed-crypto also. They are built within a single project with all registered includes.. Having different implementations of an API header with the same name is simply not acceptable when components are global. It would be really good to create a task for each of the issues I have reported in order to track them. I would appreciate if someone from TF-M team can create the tasks and assign to the right person. Thanks, Robert -----Original Message----- From: Jamie Fox <Jamie.Fox(a)arm.com> Sent: Thursday 12 September 2019 18:13 To: Andrej Butok <andrey.butok(a)nxp.com>; Robert Rostohar <Robert.Rostohar(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: RE: TF-M / CMSIS-Pack Alignment Hi Robert, Andrej, Regarding the first point, TF-M and Mbed Crypto are two separate projects, both containing a version of the standard "psa/crypto.h" header. Neither project can remove the header, nor rename it because the name is standardised by the PSA specs. When Mbed Crypto is used as a library by TF-M, we install its PSA headers to "include/mbedcrypto/psa/crypto.h" and then add only the base "include" directory to the include search paths. Then there is no conflict between TF-M and Mbed Crypto headers, because the former can be included with #include "psa/crypto.h" and the latter with #include "mbedcrypto/psa/crypto.h". Only the Crypto service is linked with Mbed Crypto, which it uses as its backend implementation, so that is why it is the only part of TF-M to include Mbed Crypto headers. All other parts of TF-M include the TF-M psa/crypto.h header, which is implemented by service requests to the Crypto service. The only other simple solution I see to this is not to add the Mbed Crypto include directory to the search path at all. Then Mbed Crypto headers would need to be included with #include "mbed-crypto/include/psa/crypto.h" etc. I didn't get chance to read the other issues yet, but maybe it would be easier to create a task for each one on Phabricator (https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper…);reserved=0), so that we can keep track of the discussion and work for each issue more easily? Best wishes, Jamie -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: 12 September 2019 11:52 To: Robert Rostohar <Robert.Rostohar(a)arm.com> Cc: tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Robert, Great! I gave up to convince about the first point https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper… As you are from ARM, hope, you will able to push through all your improvements. Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: Thursday, September 12, 2019 12:34 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] TF-M / CMSIS-Pack Alignment Hi, We are looking into providing TF-M as a CMSIS-Pack [1] and have discovered a few issues in TF-M that are currently blocking us. 1. Crypto headers ./interface/include/psa clash with headers from mbed-crypto .include/psa It seems that TF-M copies the crypto headers from mbed-crypto folder ./include/psa into folder ./mbedcrypto/psa. However TF-M also provides different crypto headers in folder ./interface/include/psa. TF-M modules typically include "psa/crypto.h" except crypto service modules which include "mbedcrypto/psa/crypto.h" through "tfm_mbedcrypto_include.h". The problem is that in our tools both include folders (./include from mbed-crypto installation and ./interface/include from TF-M) are in the global search path causing wrong headers being used. Another issues is the use of "mbedcrypto" prefix in include "mbedcrypto/psa/crypto.h". We have mbed-crypto already installed and copying crypto headers would not be needed when using include "psa/crypto.h". 1. Device header TF-M currently uses "cmsis.h" as the device header. This is not compliant with CMSIS [2] which defines the naming convention for device headers, startup files and system configuration files. Silicon vendors typically define header filenames that match their device names. The device agnostic way proposed by CMSIS is to use a preprocessor define CMSIS_device_header that reflects the actual device name and is provided by the build environment. We suggest to replace: #include "cmsis.h" with: #include CMSIS_device_header This would affect the following modules: ./secure_fw/core/arch/tfm_arch_v8m_base.c ./secure_fw/core/arch/tfm_arch_v8m_main.c ./secure_fw/core/arch/include/tfm_arch.h ./platform/ext/target: various target files 1. Conditional inclusion of secure services: Storage, Crypto, Attestation Our concept is based on software components and we have described each secure service as a single component that is user selectable. This requires conditional inclusion of a secure service based on preprocessor definitions. TF-M already supports this for secure services Audit Logging (#ifdef TFM_PARTITION_AUDIT_LOG) and Platform (#ifdef TFM_PARTITION_PLATFORM) and also for all test services (#ifdef TFM_PARTITION_TEST_...). We suggest to add this also to secure services Storage (#ifdef TFM_PARTITION_STORAGE), Crypto (#ifdef TFM_PARTITION_CRYPTO) and Attestation (#ifdef TFM_PARTITION_INITIAL_ATTESTATION). This would affect the following modules: ./secure_fw/services/tfm_partition_defs.inc ./secure_fw/services/tfm_service_list.inc ./secure_fw/services/tfm_spm_db.inc ./secure_fw/ns_callable/tfm_veneers.c ./interface/include/tfm_veneers.h We are aware that those file are supposed to be autogenerated however we use them directly at this point. Adding the mentioned preprocessor defines should be trivial and would unblock us. 1. Conditional inclusion of individual test suites We have described also test suites as individual components that are user selectable. This requires conditional inclusion of test suites based on preprocessor definitions. TF-M already supports this for some test suites (#ifdef ENABLE_AUDIT_LOGGING_SERVICE_TESTS, ...). We suggest to add this also for all other test suites. Adding conditional inclusion for secure test suites: ./test/framework/secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS Adding conditional inclusion for non-secure test suites: ./test/framework/non_secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS #ifdef ENABLE_QCBOR_TESTS 1. Deprecated Invert Test suite Invert test suite seems to be deprecated. Tests do nothing and just return. It would make sense to remove it. When we expose it as a component to the user it unnecessary increases the complexity of having another component that does nothing. 1. Tests on non-secure side include headers from secure side Non-secure software should not include any secure side internal headers (ex: from ./secure_fw/core/include) but only those that are exposed as APIs (./interface/include). The following test suites on the non-secure side include internal headers from secure side: Attestation: attestation_ns_interface_testsuite.c #include "secure_fw/services/initial_attestation/attestation.h" Core Positive: core_ns_positive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h #include "tfm_plat_test.h // from ./platform/include Core Interactive: core_ns_interactive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h ./app/tfm_integ_test.c: #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h This actually causes a compile error in our build because tfm_core.h defines the LOG_MSG macro (through secure_utilities.h) which clashes with the inline static function LOG_MSG defined in tfm_integ_test.h. We had to patch the tfm_integ_test.c by adding #undef LOG_MSG after the secure header is indirectly included. ./app/main_ns.c: #include "target_cfg.h" // from ./platform/ext/target/<target_name> target_cfg.h from secure side also contains USART driver definitions for non-secure side. This should be decoupled and non-secure side should not include that header. 1. Dummy platform files ./platform/ext/target/<target_name>/dummy_boot_seed.c ./platform/ext/target/<target_name>/dummy_crypto_keys.c ./platform/ext/target/<target_name>/dummy_device_id.c ./platform/ext/target/<target_name>/dummy_nv_counters.c ./platform/ext/target/<target_name>/attest_hal.c Dummy platform files are intended for testing only and provide a quick way of starting to test TF-M even when the platform files are not yet ported to the platform that the customer using. They are identical and duplicated for all existing targets. We propose to remove the mentioned dummy files from each target and put them in a single folder (./platform/ext/target/template). This simplifies maintenance of the files and also provides a single location of those files that are being used as a platform independent component. 1. Console via USART Console on secure side is retargeted to CMSIS USART driver (./platform/ext/common/uart_stdout.c). USART driver Send function is called also from SVC with highest interrupt priority which blocks the USART interrupt and leads to deadlock. This is not manifested with Musca USART drivers which implement blocking send - not compliant with CMSIS USART Driver [3]. It does occur instantly with any other CMSIS compliant USART driver. As far as I understand the console on secure side will be redesigned to cope with that. There are also other issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. Console on non-secure side is also retargeted to CMSIS USART driver (./app/main_ns.c) however has less constrains. It has the same issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. 1. USART driver implementations for platforms included in TF-M As already mentioned all USART drivers implemented for various platforms included in TF-M are not compliant with CMSIS USART Driver specification [3]. They implement blocking send/receive and no power on/off. Drivers should be rewritten and should pass the CMSIS Driver Validation [4]. Please look into the above issues and help us to overcome them. Thanks, Robert [1] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [2] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [3] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [4] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m This message and any attachments may contain confidential information from Cypress or its subsidiaries. If it has been received in error, please advise the sender and immediately delete this message.

6 years, 6 months

1
0
0 0

Re: [TF-M] Signing merged single image with dual keys

by Tamas Ban

Hi Kevin, Recently there are two major change in TF-M MCUBoot: - images signed separately with different keys and concatenated after to make one blob. It drives by MCUBOOT_IMAGE_NUMBER (default is 2 on AN521) - It's possible to use keys from HW and not hard-code the public key to the MCUBoot code at compile time. It derives by MCUBOOT_HW_KEY (default is True on AN521) - You can check the bl2/ext/mcuboot/MCUBoot.cmake two see how the scripts are invoked, which order, what kind of attributes. Additional info is in docs/user_guide/tfm_secure_boot.rst You can revert back to previous behaviour, single(S+NS) signed image(key is: *3072.pem) and public-key is embedded in MCUBoot code base with setting MCUBOOT_IMAGE_NUMBER=1 and MCUBOOT_HW_KEY=False Tamas -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Kevin Townsend via TF-M Sent: 13 September 2019 11:48 To: Thomas Törnblom via TF-M <tf-m(a)lists.trustedfirmware.org> Subject: [TF-M] Signing merged single image with dual keys Hi, Updating to the latest code in the TF-M repo, I noticed that there are now two separates keys for signing images: - *3072.pem for the S image - *3072_1.pem for the NS image It's not clear to me how to make this work with a single merged image, which is what we generally need, with an IPC-based system where the S image is generated via the TF-M repo and the NS image in Zephyr, making calls to the S services via the PSA APIs. Previously, we used the ASSEMBLE.PY tool in BL2 to merge the TF-M S and Zephyr NS images, outputting a single binary that we then signed via IMGTOOL.PY using the default or user-defined .pem file. This no longer works, and any attempt to use a binary generated via this method results in: [INF] Starting bootloader [INF] Swap type: none [INF] Swap type: none [ERR] Authentication failed! Image in the primary slot is not valid. [ERR] Unable to find bootable image With the latest dual-key TF-M code, when we build the TF-M repo, we get an S image that is signed using the 3072.pem key, but after a bit of trial and error I haven't found the secret handshake on how to sign the NS image and merge them into a single binary and then copy them over to the MPS2+ (or other HW) and have the BL accept them at startup. Any pointers on how to generate a single merged image with both parts signed using the different keys, or am I going about this the wrong way? Kevin -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

6 years, 6 months

2
1
0 0

TF-M / CMSIS-Zone Alignment

by Robert Rostohar

Hi, We are working on CMSIS-Zone Utility [1] which is a GUI tool for configuring a complex system. This includes also TrustZone setup (SAU) and device specific MPC and PPC. This tool can be also used to configure SAU, MPC and PPC in TF-M. However TF-M currently requires that a specific region number is used for NS_REGION_CODE (0), NS_REGION_DATA (1), ... Those region numbers are used when SAU is configured in function sau_and_idau_cfg and the code in function tfm_core_memory_permission_check_handler depends on it. Is it really necessary that a specific region number is being used and why? I have received indication that this in not really needed and that the code should be redesigned. This would enable the use of CMSIS-Zone to configure TF-M out of the box. Thanks, Robert [1] https://github.com/ARM-software/CMSIS-Zone IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

6 years, 6 months

1
0
0 0

Signing merged single image with dual keys

by Kevin Townsend

Hi, Updating to the latest code in the TF-M repo, I noticed that there are now two separates keys for signing images: - *3072.pem for the S image - *3072_1.pem for the NS image It's not clear to me how to make this work with a single merged image, which is what we generally need, with an IPC-based system where the S image is generated via the TF-M repo and the NS image in Zephyr, making calls to the S services via the PSA APIs. Previously, we used the ASSEMBLE.PY tool in BL2 to merge the TF-M S and Zephyr NS images, outputting a single binary that we then signed via IMGTOOL.PY using the default or user-defined .pem file. This no longer works, and any attempt to use a binary generated via this method results in: [INF] Starting bootloader [INF] Swap type: none [INF] Swap type: none [ERR] Authentication failed! Image in the primary slot is not valid. [ERR] Unable to find bootable image With the latest dual-key TF-M code, when we build the TF-M repo, we get an S image that is signed using the 3072.pem key, but after a bit of trial and error I haven't found the secret handshake on how to sign the NS image and merge them into a single binary and then copy them over to the MPS2+ (or other HW) and have the BL accept them at startup. Any pointers on how to generate a single merged image with both parts signed using the different keys, or am I going about this the wrong way? Kevin

6 years, 6 months

1
0
0 0

Re: [TF-M] TF-M / CMSIS-Pack Alignment

by Andrej Butok

Hi Antonio, If you do not want to change the file name, could you at least change the include name? For example, from #include "psa/crypto.h" to #include "tfm/psa/crypto.h" It works in our port. Is it possible for you? Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Antonio De Angelis via TF-M Sent: Thursday, September 12, 2019 10:57 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Robert, TF-M Crypto and Mbed-crypto are both implementations of the same interface, hence the same header names with different contents. Internally, TF-M Crypto uses Mbed-crypto as a library component, and its include path his hidden into the TF-M build system as Jamie explained, but an user application of TF-M is only able to use and include the TF-M Crypto headers, using the TF-M build system, by including psa/crypto.h If your IDE makes both Mbed-crypto and TF-M Crypto visible to the user application at global level, at build time the IDE must make sure that the right include path is visible, given that the PSA spec currently mandates the name of the header to be included to be psa/crypto.h and neither of the implementations are allowed to rename it without diverging from the spec. /Antonio -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: 12 September 2019 18:53 To: Jamie Fox <Jamie.Fox(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Jamie, The current solution is limiting how TF-M can be used. This is blocking toolchain and silicon vendors for wider adoption of TF-M. I have explained this already to @Ashutosh Singh and he confirmed that this is an issue. Yes, you can prebuild mbed-crypto and use it as a library. However in systems based on software components, TF-M is a component and mbed-crypto also. They are built within a single project with all registered includes.. Having different implementations of an API header with the same name is simply not acceptable when components are global. It would be really good to create a task for each of the issues I have reported in order to track them. I would appreciate if someone from TF-M team can create the tasks and assign to the right person. Thanks, Robert -----Original Message----- From: Jamie Fox <Jamie.Fox(a)arm.com> Sent: Thursday 12 September 2019 18:13 To: Andrej Butok <andrey.butok(a)nxp.com>; Robert Rostohar <Robert.Rostohar(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: RE: TF-M / CMSIS-Pack Alignment Hi Robert, Andrej, Regarding the first point, TF-M and Mbed Crypto are two separate projects, both containing a version of the standard "psa/crypto.h" header. Neither project can remove the header, nor rename it because the name is standardised by the PSA specs. When Mbed Crypto is used as a library by TF-M, we install its PSA headers to "include/mbedcrypto/psa/crypto.h" and then add only the base "include" directory to the include search paths. Then there is no conflict between TF-M and Mbed Crypto headers, because the former can be included with #include "psa/crypto.h" and the latter with #include "mbedcrypto/psa/crypto.h". Only the Crypto service is linked with Mbed Crypto, which it uses as its backend implementation, so that is why it is the only part of TF-M to include Mbed Crypto headers. All other parts of TF-M include the TF-M psa/crypto.h header, which is implemented by service requests to the Crypto service. The only other simple solution I see to this is not to add the Mbed Crypto include directory to the search path at all. Then Mbed Crypto headers would need to be included with #include "mbed-crypto/include/psa/crypto.h" etc. I didn't get chance to read the other issues yet, but maybe it would be easier to create a task for each one on Phabricator (https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper…);reserved=0), so that we can keep track of the discussion and work for each issue more easily? Best wishes, Jamie -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: 12 September 2019 11:52 To: Robert Rostohar <Robert.Rostohar(a)arm.com> Cc: tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Robert, Great! I gave up to convince about the first point https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper… As you are from ARM, hope, you will able to push through all your improvements. Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: Thursday, September 12, 2019 12:34 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] TF-M / CMSIS-Pack Alignment Hi, We are looking into providing TF-M as a CMSIS-Pack [1] and have discovered a few issues in TF-M that are currently blocking us. 1. Crypto headers ./interface/include/psa clash with headers from mbed-crypto .include/psa It seems that TF-M copies the crypto headers from mbed-crypto folder ./include/psa into folder ./mbedcrypto/psa. However TF-M also provides different crypto headers in folder ./interface/include/psa. TF-M modules typically include "psa/crypto.h" except crypto service modules which include "mbedcrypto/psa/crypto.h" through "tfm_mbedcrypto_include.h". The problem is that in our tools both include folders (./include from mbed-crypto installation and ./interface/include from TF-M) are in the global search path causing wrong headers being used. Another issues is the use of "mbedcrypto" prefix in include "mbedcrypto/psa/crypto.h". We have mbed-crypto already installed and copying crypto headers would not be needed when using include "psa/crypto.h". 1. Device header TF-M currently uses "cmsis.h" as the device header. This is not compliant with CMSIS [2] which defines the naming convention for device headers, startup files and system configuration files. Silicon vendors typically define header filenames that match their device names. The device agnostic way proposed by CMSIS is to use a preprocessor define CMSIS_device_header that reflects the actual device name and is provided by the build environment. We suggest to replace: #include "cmsis.h" with: #include CMSIS_device_header This would affect the following modules: ./secure_fw/core/arch/tfm_arch_v8m_base.c ./secure_fw/core/arch/tfm_arch_v8m_main.c ./secure_fw/core/arch/include/tfm_arch.h ./platform/ext/target: various target files 1. Conditional inclusion of secure services: Storage, Crypto, Attestation Our concept is based on software components and we have described each secure service as a single component that is user selectable. This requires conditional inclusion of a secure service based on preprocessor definitions. TF-M already supports this for secure services Audit Logging (#ifdef TFM_PARTITION_AUDIT_LOG) and Platform (#ifdef TFM_PARTITION_PLATFORM) and also for all test services (#ifdef TFM_PARTITION_TEST_...). We suggest to add this also to secure services Storage (#ifdef TFM_PARTITION_STORAGE), Crypto (#ifdef TFM_PARTITION_CRYPTO) and Attestation (#ifdef TFM_PARTITION_INITIAL_ATTESTATION). This would affect the following modules: ./secure_fw/services/tfm_partition_defs.inc ./secure_fw/services/tfm_service_list.inc ./secure_fw/services/tfm_spm_db.inc ./secure_fw/ns_callable/tfm_veneers.c ./interface/include/tfm_veneers.h We are aware that those file are supposed to be autogenerated however we use them directly at this point. Adding the mentioned preprocessor defines should be trivial and would unblock us. 1. Conditional inclusion of individual test suites We have described also test suites as individual components that are user selectable. This requires conditional inclusion of test suites based on preprocessor definitions. TF-M already supports this for some test suites (#ifdef ENABLE_AUDIT_LOGGING_SERVICE_TESTS, ...). We suggest to add this also for all other test suites. Adding conditional inclusion for secure test suites: ./test/framework/secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS Adding conditional inclusion for non-secure test suites: ./test/framework/non_secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS #ifdef ENABLE_QCBOR_TESTS 1. Deprecated Invert Test suite Invert test suite seems to be deprecated. Tests do nothing and just return. It would make sense to remove it. When we expose it as a component to the user it unnecessary increases the complexity of having another component that does nothing. 1. Tests on non-secure side include headers from secure side Non-secure software should not include any secure side internal headers (ex: from ./secure_fw/core/include) but only those that are exposed as APIs (./interface/include). The following test suites on the non-secure side include internal headers from secure side: Attestation: attestation_ns_interface_testsuite.c #include "secure_fw/services/initial_attestation/attestation.h" Core Positive: core_ns_positive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h #include "tfm_plat_test.h // from ./platform/include Core Interactive: core_ns_interactive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h ./app/tfm_integ_test.c: #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h This actually causes a compile error in our build because tfm_core.h defines the LOG_MSG macro (through secure_utilities.h) which clashes with the inline static function LOG_MSG defined in tfm_integ_test.h. We had to patch the tfm_integ_test.c by adding #undef LOG_MSG after the secure header is indirectly included. ./app/main_ns.c: #include "target_cfg.h" // from ./platform/ext/target/<target_name> target_cfg.h from secure side also contains USART driver definitions for non-secure side. This should be decoupled and non-secure side should not include that header. 1. Dummy platform files ./platform/ext/target/<target_name>/dummy_boot_seed.c ./platform/ext/target/<target_name>/dummy_crypto_keys.c ./platform/ext/target/<target_name>/dummy_device_id.c ./platform/ext/target/<target_name>/dummy_nv_counters.c ./platform/ext/target/<target_name>/attest_hal.c Dummy platform files are intended for testing only and provide a quick way of starting to test TF-M even when the platform files are not yet ported to the platform that the customer using. They are identical and duplicated for all existing targets. We propose to remove the mentioned dummy files from each target and put them in a single folder (./platform/ext/target/template). This simplifies maintenance of the files and also provides a single location of those files that are being used as a platform independent component. 1. Console via USART Console on secure side is retargeted to CMSIS USART driver (./platform/ext/common/uart_stdout.c). USART driver Send function is called also from SVC with highest interrupt priority which blocks the USART interrupt and leads to deadlock. This is not manifested with Musca USART drivers which implement blocking send - not compliant with CMSIS USART Driver [3]. It does occur instantly with any other CMSIS compliant USART driver. As far as I understand the console on secure side will be redesigned to cope with that. There are also other issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. Console on non-secure side is also retargeted to CMSIS USART driver (./app/main_ns.c) however has less constrains. It has the same issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. 1. USART driver implementations for platforms included in TF-M As already mentioned all USART drivers implemented for various platforms included in TF-M are not compliant with CMSIS USART Driver specification [3]. They implement blocking send/receive and no power on/off. Drivers should be rewritten and should pass the CMSIS Driver Validation [4]. Please look into the above issues and help us to overcome them. Thanks, Robert [1] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [2] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [3] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [4] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru…

6 years, 6 months

1
0
0 0

Re: [TF-M] TF-M / CMSIS-Pack Alignment

by Antonio De Angelis

Hi Robert, TF-M Crypto and Mbed-crypto are both implementations of the same interface, hence the same header names with different contents. Internally, TF-M Crypto uses Mbed-crypto as a library component, and its include path his hidden into the TF-M build system as Jamie explained, but an user application of TF-M is only able to use and include the TF-M Crypto headers, using the TF-M build system, by including psa/crypto.h If your IDE makes both Mbed-crypto and TF-M Crypto visible to the user application at global level, at build time the IDE must make sure that the right include path is visible, given that the PSA spec currently mandates the name of the header to be included to be psa/crypto.h and neither of the implementations are allowed to rename it without diverging from the spec. /Antonio -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: 12 September 2019 18:53 To: Jamie Fox <Jamie.Fox(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Jamie, The current solution is limiting how TF-M can be used. This is blocking toolchain and silicon vendors for wider adoption of TF-M. I have explained this already to @Ashutosh Singh and he confirmed that this is an issue. Yes, you can prebuild mbed-crypto and use it as a library. However in systems based on software components, TF-M is a component and mbed-crypto also. They are built within a single project with all registered includes.. Having different implementations of an API header with the same name is simply not acceptable when components are global. It would be really good to create a task for each of the issues I have reported in order to track them. I would appreciate if someone from TF-M team can create the tasks and assign to the right person. Thanks, Robert -----Original Message----- From: Jamie Fox <Jamie.Fox(a)arm.com> Sent: Thursday 12 September 2019 18:13 To: Andrej Butok <andrey.butok(a)nxp.com>; Robert Rostohar <Robert.Rostohar(a)arm.com>; tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: RE: TF-M / CMSIS-Pack Alignment Hi Robert, Andrej, Regarding the first point, TF-M and Mbed Crypto are two separate projects, both containing a version of the standard "psa/crypto.h" header. Neither project can remove the header, nor rename it because the name is standardised by the PSA specs. When Mbed Crypto is used as a library by TF-M, we install its PSA headers to "include/mbedcrypto/psa/crypto.h" and then add only the base "include" directory to the include search paths. Then there is no conflict between TF-M and Mbed Crypto headers, because the former can be included with #include "psa/crypto.h" and the latter with #include "mbedcrypto/psa/crypto.h". Only the Crypto service is linked with Mbed Crypto, which it uses as its backend implementation, so that is why it is the only part of TF-M to include Mbed Crypto headers. All other parts of TF-M include the TF-M psa/crypto.h header, which is implemented by service requests to the Crypto service. The only other simple solution I see to this is not to add the Mbed Crypto include directory to the search path at all. Then Mbed Crypto headers would need to be included with #include "mbed-crypto/include/psa/crypto.h" etc. I didn't get chance to read the other issues yet, but maybe it would be easier to create a task for each one on Phabricator (https://developer.trustedfirmware.org/), so that we can keep track of the discussion and work for each issue more easily? Best wishes, Jamie -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: 12 September 2019 11:52 To: Robert Rostohar <Robert.Rostohar(a)arm.com> Cc: tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Robert, Great! I gave up to convince about the first point https://developer.trustedfirmware.org/T428 As you are from ARM, hope, you will able to push through all your improvements. Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: Thursday, September 12, 2019 12:34 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] TF-M / CMSIS-Pack Alignment Hi, We are looking into providing TF-M as a CMSIS-Pack [1] and have discovered a few issues in TF-M that are currently blocking us. 1. Crypto headers ./interface/include/psa clash with headers from mbed-crypto .include/psa It seems that TF-M copies the crypto headers from mbed-crypto folder ./include/psa into folder ./mbedcrypto/psa. However TF-M also provides different crypto headers in folder ./interface/include/psa. TF-M modules typically include "psa/crypto.h" except crypto service modules which include "mbedcrypto/psa/crypto.h" through "tfm_mbedcrypto_include.h". The problem is that in our tools both include folders (./include from mbed-crypto installation and ./interface/include from TF-M) are in the global search path causing wrong headers being used. Another issues is the use of "mbedcrypto" prefix in include "mbedcrypto/psa/crypto.h". We have mbed-crypto already installed and copying crypto headers would not be needed when using include "psa/crypto.h". 1. Device header TF-M currently uses "cmsis.h" as the device header. This is not compliant with CMSIS [2] which defines the naming convention for device headers, startup files and system configuration files. Silicon vendors typically define header filenames that match their device names. The device agnostic way proposed by CMSIS is to use a preprocessor define CMSIS_device_header that reflects the actual device name and is provided by the build environment. We suggest to replace: #include "cmsis.h" with: #include CMSIS_device_header This would affect the following modules: ./secure_fw/core/arch/tfm_arch_v8m_base.c ./secure_fw/core/arch/tfm_arch_v8m_main.c ./secure_fw/core/arch/include/tfm_arch.h ./platform/ext/target: various target files 1. Conditional inclusion of secure services: Storage, Crypto, Attestation Our concept is based on software components and we have described each secure service as a single component that is user selectable. This requires conditional inclusion of a secure service based on preprocessor definitions. TF-M already supports this for secure services Audit Logging (#ifdef TFM_PARTITION_AUDIT_LOG) and Platform (#ifdef TFM_PARTITION_PLATFORM) and also for all test services (#ifdef TFM_PARTITION_TEST_...). We suggest to add this also to secure services Storage (#ifdef TFM_PARTITION_STORAGE), Crypto (#ifdef TFM_PARTITION_CRYPTO) and Attestation (#ifdef TFM_PARTITION_INITIAL_ATTESTATION). This would affect the following modules: ./secure_fw/services/tfm_partition_defs.inc ./secure_fw/services/tfm_service_list.inc ./secure_fw/services/tfm_spm_db.inc ./secure_fw/ns_callable/tfm_veneers.c ./interface/include/tfm_veneers.h We are aware that those file are supposed to be autogenerated however we use them directly at this point. Adding the mentioned preprocessor defines should be trivial and would unblock us. 1. Conditional inclusion of individual test suites We have described also test suites as individual components that are user selectable. This requires conditional inclusion of test suites based on preprocessor definitions. TF-M already supports this for some test suites (#ifdef ENABLE_AUDIT_LOGGING_SERVICE_TESTS, ...). We suggest to add this also for all other test suites. Adding conditional inclusion for secure test suites: ./test/framework/secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS Adding conditional inclusion for non-secure test suites: ./test/framework/non_secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS #ifdef ENABLE_QCBOR_TESTS 1. Deprecated Invert Test suite Invert test suite seems to be deprecated. Tests do nothing and just return. It would make sense to remove it. When we expose it as a component to the user it unnecessary increases the complexity of having another component that does nothing. 1. Tests on non-secure side include headers from secure side Non-secure software should not include any secure side internal headers (ex: from ./secure_fw/core/include) but only those that are exposed as APIs (./interface/include). The following test suites on the non-secure side include internal headers from secure side: Attestation: attestation_ns_interface_testsuite.c #include "secure_fw/services/initial_attestation/attestation.h" Core Positive: core_ns_positive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h #include "tfm_plat_test.h // from ./platform/include Core Interactive: core_ns_interactive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h ./app/tfm_integ_test.c: #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h This actually causes a compile error in our build because tfm_core.h defines the LOG_MSG macro (through secure_utilities.h) which clashes with the inline static function LOG_MSG defined in tfm_integ_test.h. We had to patch the tfm_integ_test.c by adding #undef LOG_MSG after the secure header is indirectly included. ./app/main_ns.c: #include "target_cfg.h" // from ./platform/ext/target/<target_name> target_cfg.h from secure side also contains USART driver definitions for non-secure side. This should be decoupled and non-secure side should not include that header. 1. Dummy platform files ./platform/ext/target/<target_name>/dummy_boot_seed.c ./platform/ext/target/<target_name>/dummy_crypto_keys.c ./platform/ext/target/<target_name>/dummy_device_id.c ./platform/ext/target/<target_name>/dummy_nv_counters.c ./platform/ext/target/<target_name>/attest_hal.c Dummy platform files are intended for testing only and provide a quick way of starting to test TF-M even when the platform files are not yet ported to the platform that the customer using. They are identical and duplicated for all existing targets. We propose to remove the mentioned dummy files from each target and put them in a single folder (./platform/ext/target/template). This simplifies maintenance of the files and also provides a single location of those files that are being used as a platform independent component. 1. Console via USART Console on secure side is retargeted to CMSIS USART driver (./platform/ext/common/uart_stdout.c). USART driver Send function is called also from SVC with highest interrupt priority which blocks the USART interrupt and leads to deadlock. This is not manifested with Musca USART drivers which implement blocking send - not compliant with CMSIS USART Driver [3]. It does occur instantly with any other CMSIS compliant USART driver. As far as I understand the console on secure side will be redesigned to cope with that. There are also other issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. Console on non-secure side is also retargeted to CMSIS USART driver (./app/main_ns.c) however has less constrains. It has the same issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. 1. USART driver implementations for platforms included in TF-M As already mentioned all USART drivers implemented for various platforms included in TF-M are not compliant with CMSIS USART Driver specification [3]. They implement blocking send/receive and no power on/off. Drivers should be rewritten and should pass the CMSIS Driver Validation [4]. Please look into the above issues and help us to overcome them. Thanks, Robert [1] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [2] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [3] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [4] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

6 years, 6 months

1
0
0 0

Re: [TF-M] TF-M / CMSIS-Pack Alignment

by Jamie Fox

Hi Robert, Andrej, Regarding the first point, TF-M and Mbed Crypto are two separate projects, both containing a version of the standard "psa/crypto.h" header. Neither project can remove the header, nor rename it because the name is standardised by the PSA specs. When Mbed Crypto is used as a library by TF-M, we install its PSA headers to "include/mbedcrypto/psa/crypto.h" and then add only the base "include" directory to the include search paths. Then there is no conflict between TF-M and Mbed Crypto headers, because the former can be included with #include "psa/crypto.h" and the latter with #include "mbedcrypto/psa/crypto.h". Only the Crypto service is linked with Mbed Crypto, which it uses as its backend implementation, so that is why it is the only part of TF-M to include Mbed Crypto headers. All other parts of TF-M include the TF-M psa/crypto.h header, which is implemented by service requests to the Crypto service. The only other simple solution I see to this is not to add the Mbed Crypto include directory to the search path at all. Then Mbed Crypto headers would need to be included with #include "mbed-crypto/include/psa/crypto.h" etc. I didn't get chance to read the other issues yet, but maybe it would be easier to create a task for each one on Phabricator (https://developer.trustedfirmware.org/), so that we can keep track of the discussion and work for each issue more easily? Best wishes, Jamie -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: 12 September 2019 11:52 To: Robert Rostohar <Robert.Rostohar(a)arm.com> Cc: tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] TF-M / CMSIS-Pack Alignment Hi Robert, Great! I gave up to convince about the first point https://developer.trustedfirmware.org/T428 As you are from ARM, hope, you will able to push through all your improvements. Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: Thursday, September 12, 2019 12:34 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] TF-M / CMSIS-Pack Alignment Hi, We are looking into providing TF-M as a CMSIS-Pack [1] and have discovered a few issues in TF-M that are currently blocking us. 1. Crypto headers ./interface/include/psa clash with headers from mbed-crypto .include/psa It seems that TF-M copies the crypto headers from mbed-crypto folder ./include/psa into folder ./mbedcrypto/psa. However TF-M also provides different crypto headers in folder ./interface/include/psa. TF-M modules typically include "psa/crypto.h" except crypto service modules which include "mbedcrypto/psa/crypto.h" through "tfm_mbedcrypto_include.h". The problem is that in our tools both include folders (./include from mbed-crypto installation and ./interface/include from TF-M) are in the global search path causing wrong headers being used. Another issues is the use of "mbedcrypto" prefix in include "mbedcrypto/psa/crypto.h". We have mbed-crypto already installed and copying crypto headers would not be needed when using include "psa/crypto.h". 1. Device header TF-M currently uses "cmsis.h" as the device header. This is not compliant with CMSIS [2] which defines the naming convention for device headers, startup files and system configuration files. Silicon vendors typically define header filenames that match their device names. The device agnostic way proposed by CMSIS is to use a preprocessor define CMSIS_device_header that reflects the actual device name and is provided by the build environment. We suggest to replace: #include "cmsis.h" with: #include CMSIS_device_header This would affect the following modules: ./secure_fw/core/arch/tfm_arch_v8m_base.c ./secure_fw/core/arch/tfm_arch_v8m_main.c ./secure_fw/core/arch/include/tfm_arch.h ./platform/ext/target: various target files 1. Conditional inclusion of secure services: Storage, Crypto, Attestation Our concept is based on software components and we have described each secure service as a single component that is user selectable. This requires conditional inclusion of a secure service based on preprocessor definitions. TF-M already supports this for secure services Audit Logging (#ifdef TFM_PARTITION_AUDIT_LOG) and Platform (#ifdef TFM_PARTITION_PLATFORM) and also for all test services (#ifdef TFM_PARTITION_TEST_...). We suggest to add this also to secure services Storage (#ifdef TFM_PARTITION_STORAGE), Crypto (#ifdef TFM_PARTITION_CRYPTO) and Attestation (#ifdef TFM_PARTITION_INITIAL_ATTESTATION). This would affect the following modules: ./secure_fw/services/tfm_partition_defs.inc ./secure_fw/services/tfm_service_list.inc ./secure_fw/services/tfm_spm_db.inc ./secure_fw/ns_callable/tfm_veneers.c ./interface/include/tfm_veneers.h We are aware that those file are supposed to be autogenerated however we use them directly at this point. Adding the mentioned preprocessor defines should be trivial and would unblock us. 1. Conditional inclusion of individual test suites We have described also test suites as individual components that are user selectable. This requires conditional inclusion of test suites based on preprocessor definitions. TF-M already supports this for some test suites (#ifdef ENABLE_AUDIT_LOGGING_SERVICE_TESTS, ...). We suggest to add this also for all other test suites. Adding conditional inclusion for secure test suites: ./test/framework/secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS Adding conditional inclusion for non-secure test suites: ./test/framework/non_secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS #ifdef ENABLE_QCBOR_TESTS 1. Deprecated Invert Test suite Invert test suite seems to be deprecated. Tests do nothing and just return. It would make sense to remove it. When we expose it as a component to the user it unnecessary increases the complexity of having another component that does nothing. 1. Tests on non-secure side include headers from secure side Non-secure software should not include any secure side internal headers (ex: from ./secure_fw/core/include) but only those that are exposed as APIs (./interface/include). The following test suites on the non-secure side include internal headers from secure side: Attestation: attestation_ns_interface_testsuite.c #include "secure_fw/services/initial_attestation/attestation.h" Core Positive: core_ns_positive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h #include "tfm_plat_test.h // from ./platform/include Core Interactive: core_ns_interactive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h ./app/tfm_integ_test.c: #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h This actually causes a compile error in our build because tfm_core.h defines the LOG_MSG macro (through secure_utilities.h) which clashes with the inline static function LOG_MSG defined in tfm_integ_test.h. We had to patch the tfm_integ_test.c by adding #undef LOG_MSG after the secure header is indirectly included. ./app/main_ns.c: #include "target_cfg.h" // from ./platform/ext/target/<target_name> target_cfg.h from secure side also contains USART driver definitions for non-secure side. This should be decoupled and non-secure side should not include that header. 1. Dummy platform files ./platform/ext/target/<target_name>/dummy_boot_seed.c ./platform/ext/target/<target_name>/dummy_crypto_keys.c ./platform/ext/target/<target_name>/dummy_device_id.c ./platform/ext/target/<target_name>/dummy_nv_counters.c ./platform/ext/target/<target_name>/attest_hal.c Dummy platform files are intended for testing only and provide a quick way of starting to test TF-M even when the platform files are not yet ported to the platform that the customer using. They are identical and duplicated for all existing targets. We propose to remove the mentioned dummy files from each target and put them in a single folder (./platform/ext/target/template). This simplifies maintenance of the files and also provides a single location of those files that are being used as a platform independent component. 1. Console via USART Console on secure side is retargeted to CMSIS USART driver (./platform/ext/common/uart_stdout.c). USART driver Send function is called also from SVC with highest interrupt priority which blocks the USART interrupt and leads to deadlock. This is not manifested with Musca USART drivers which implement blocking send - not compliant with CMSIS USART Driver [3]. It does occur instantly with any other CMSIS compliant USART driver. As far as I understand the console on secure side will be redesigned to cope with that. There are also other issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. Console on non-secure side is also retargeted to CMSIS USART driver (./app/main_ns.c) however has less constrains. It has the same issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. 1. USART driver implementations for platforms included in TF-M As already mentioned all USART drivers implemented for various platforms included in TF-M are not compliant with CMSIS USART Driver specification [3]. They implement blocking send/receive and no power on/off. Drivers should be rewritten and should pass the CMSIS Driver Validation [4]. Please look into the above issues and help us to overcome them. Thanks, Robert [1] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [2] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [3] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [4] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru… -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

6 years, 6 months

2
1
0 0

Rust implementation of the Armv8-M Security Extension

by Juan Leni

Hi Hugues / Nicolas, Having Rust/LLVM support would be ideal! Juan > Hi Nicolas, > > Thanks for your mail. > From the four LLVM patches needed described in [1], the first one (L1) has landed upstream [2]. Regarding the other ones and your other questions, we are waiting for more information and we will keep you updated as soon as possible. > > Kind regards, > Hugues > > [2] https://reviews.llvm.org/D59888 > > -----Original Message----- > From: TF-M <tf-m-bounces at lists.trustedfirmware.org <https://lists.trustedfirmware.org/mailman/listinfo/tf-m>> On Behalf Of Nicolas Stalder via TF-M > Sent: 30 August 2019 12:25 > To: tf-m at lists.trustedfirmware.org <https://lists.trustedfirmware.org/mailman/listinfo/tf-m> > Subject: [TF-M] Rust implementation of the Armv8-M Security Extension > > Hi > > My company SoloKeys produces open source FIDO2 security tokens (USB + NFC), and we're in the process of a) moving to a Cortex-M33 microcontroller, and > b) an implementation in Rust. > > This is mostly to say that we're very interested in the security extensions [1] landing in LLVM, so embedded Rust can eventually use them, I understand Hugues de Valon from Arm has done some exploratory work on this. > > What is the status of this upstreaming process, are there any road blocks, and is there any ETA on public availability? > > Regards, > Nicolas Stalder > SoloKeys > > [1] http://lists.llvm.org/pipermail/llvm-dev/2019-March/131358.html > -- > TF-M mailing list > TF-M at lists.trustedfirmware.org <https://lists.trustedfirmware.org/mailman/listinfo/tf-m> > https://lists.trustedfirmware.org/mailman/listinfo/tf-m

6 years, 6 months

1
0
0 0

Re: [TF-M] TF-M / CMSIS-Pack Alignment

by Andrej Butok

Hi Robert, Great! I gave up to convince about the first point https://developer.trustedfirmware.org/T428 As you are from ARM, hope, you will able to push through all your improvements. Thanks, Andrej Butok -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Robert Rostohar via TF-M Sent: Thursday, September 12, 2019 12:34 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] TF-M / CMSIS-Pack Alignment Hi, We are looking into providing TF-M as a CMSIS-Pack [1] and have discovered a few issues in TF-M that are currently blocking us. 1. Crypto headers ./interface/include/psa clash with headers from mbed-crypto .include/psa It seems that TF-M copies the crypto headers from mbed-crypto folder ./include/psa into folder ./mbedcrypto/psa. However TF-M also provides different crypto headers in folder ./interface/include/psa. TF-M modules typically include "psa/crypto.h" except crypto service modules which include "mbedcrypto/psa/crypto.h" through "tfm_mbedcrypto_include.h". The problem is that in our tools both include folders (./include from mbed-crypto installation and ./interface/include from TF-M) are in the global search path causing wrong headers being used. Another issues is the use of "mbedcrypto" prefix in include "mbedcrypto/psa/crypto.h". We have mbed-crypto already installed and copying crypto headers would not be needed when using include "psa/crypto.h". 1. Device header TF-M currently uses "cmsis.h" as the device header. This is not compliant with CMSIS [2] which defines the naming convention for device headers, startup files and system configuration files. Silicon vendors typically define header filenames that match their device names. The device agnostic way proposed by CMSIS is to use a preprocessor define CMSIS_device_header that reflects the actual device name and is provided by the build environment. We suggest to replace: #include "cmsis.h" with: #include CMSIS_device_header This would affect the following modules: ./secure_fw/core/arch/tfm_arch_v8m_base.c ./secure_fw/core/arch/tfm_arch_v8m_main.c ./secure_fw/core/arch/include/tfm_arch.h ./platform/ext/target: various target files 1. Conditional inclusion of secure services: Storage, Crypto, Attestation Our concept is based on software components and we have described each secure service as a single component that is user selectable. This requires conditional inclusion of a secure service based on preprocessor definitions. TF-M already supports this for secure services Audit Logging (#ifdef TFM_PARTITION_AUDIT_LOG) and Platform (#ifdef TFM_PARTITION_PLATFORM) and also for all test services (#ifdef TFM_PARTITION_TEST_...). We suggest to add this also to secure services Storage (#ifdef TFM_PARTITION_STORAGE), Crypto (#ifdef TFM_PARTITION_CRYPTO) and Attestation (#ifdef TFM_PARTITION_INITIAL_ATTESTATION). This would affect the following modules: ./secure_fw/services/tfm_partition_defs.inc ./secure_fw/services/tfm_service_list.inc ./secure_fw/services/tfm_spm_db.inc ./secure_fw/ns_callable/tfm_veneers.c ./interface/include/tfm_veneers.h We are aware that those file are supposed to be autogenerated however we use them directly at this point. Adding the mentioned preprocessor defines should be trivial and would unblock us. 1. Conditional inclusion of individual test suites We have described also test suites as individual components that are user selectable. This requires conditional inclusion of test suites based on preprocessor definitions. TF-M already supports this for some test suites (#ifdef ENABLE_AUDIT_LOGGING_SERVICE_TESTS, ...). We suggest to add this also for all other test suites. Adding conditional inclusion for secure test suites: ./test/framework/secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS Adding conditional inclusion for non-secure test suites: ./test/framework/non_secure_suites.c #ifdef ENABLE_SECURE_STORAGE_SERVICE_TESTS #ifdef ENABLE_CRYPTO_SERVICE_TESTS #ifdef ENABLE_INITIAL_ATTESTATION_SERVICE_TESTS #ifdef ENABLE_QCBOR_TESTS 1. Deprecated Invert Test suite Invert test suite seems to be deprecated. Tests do nothing and just return. It would make sense to remove it. When we expose it as a component to the user it unnecessary increases the complexity of having another component that does nothing. 1. Tests on non-secure side include headers from secure side Non-secure software should not include any secure side internal headers (ex: from ./secure_fw/core/include) but only those that are exposed as APIs (./interface/include). The following test suites on the non-secure side include internal headers from secure side: Attestation: attestation_ns_interface_testsuite.c #include "secure_fw/services/initial_attestation/attestation.h" Core Positive: core_ns_positive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h #include "tfm_plat_test.h // from ./platform/include Core Interactive: core_ns_interactive_testsuite.c #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h ./app/tfm_integ_test.c: #include "test/test_services/tfm_core_test/core_test_defs.h" #include "tfm_core.h" // from ./secure_fw/core/include through core_test_defs.h This actually causes a compile error in our build because tfm_core.h defines the LOG_MSG macro (through secure_utilities.h) which clashes with the inline static function LOG_MSG defined in tfm_integ_test.h. We had to patch the tfm_integ_test.c by adding #undef LOG_MSG after the secure header is indirectly included. ./app/main_ns.c: #include "target_cfg.h" // from ./platform/ext/target/<target_name> target_cfg.h from secure side also contains USART driver definitions for non-secure side. This should be decoupled and non-secure side should not include that header. 1. Dummy platform files ./platform/ext/target/<target_name>/dummy_boot_seed.c ./platform/ext/target/<target_name>/dummy_crypto_keys.c ./platform/ext/target/<target_name>/dummy_device_id.c ./platform/ext/target/<target_name>/dummy_nv_counters.c ./platform/ext/target/<target_name>/attest_hal.c Dummy platform files are intended for testing only and provide a quick way of starting to test TF-M even when the platform files are not yet ported to the platform that the customer using. They are identical and duplicated for all existing targets. We propose to remove the mentioned dummy files from each target and put them in a single folder (./platform/ext/target/template). This simplifies maintenance of the files and also provides a single location of those files that are being used as a platform independent component. 1. Console via USART Console on secure side is retargeted to CMSIS USART driver (./platform/ext/common/uart_stdout.c). USART driver Send function is called also from SVC with highest interrupt priority which blocks the USART interrupt and leads to deadlock. This is not manifested with Musca USART drivers which implement blocking send - not compliant with CMSIS USART Driver [3]. It does occur instantly with any other CMSIS compliant USART driver. As far as I understand the console on secure side will be redesigned to cope with that. There are also other issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. Console on non-secure side is also retargeted to CMSIS USART driver (./app/main_ns.c) however has less constrains. It has the same issues with using the USART driver: * missing wait while busy after send * missing power on/off This is being address with: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Freview.tr… It also tries to address printf retargeting issues however this needs another iteration. 1. USART driver implementations for platforms included in TF-M As already mentioned all USART drivers implemented for various platforms included in TF-M are not compliant with CMSIS USART Driver specification [3]. They implement blocking send/receive and no power on/off. Drivers should be rewritten and should pass the CMSIS Driver Validation [4]. Please look into the above issues and help us to overcome them. Thanks, Robert [1] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [2] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [3] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… [4] https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.keil.c… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.tru…

6 years, 6 months

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-M