- TF-M - lists.trustedfirmware.org

NS Client ID mapping for Hybrid Platform

by Mate Toth-Pal

Hi All, As part of the work we are doing for Hybrid Platforms we prepared a patch that makes changes how the Non-Secure Client IDs are handled. When TF-M is run in Hybrid Platform configuration, It has multiple NS agents active the same time. Each of the NS clients (either running in the NSPE the same v8M CPU as SPM, or on the other end of a Mailbox) can have their own way to assign NS Client IDs to clients. To prevent NS clients impersonate other NS clients that are accessing secure services through a different agent, the patch introduces Client ID mapping. For each NS agent partition a range of valid Client IDs is defined in the manifest yaml file. The SPM checks boot time that the ranges don't overlap. The NS agent partitions must make sure that they map incoming client ID's in a way that the output Client ID is always in the range of valid IDs for that NS agent. If an NS agent has multiple mailboxes, it is possible to assign separate ranges for those mailboxes (the range is associated with the Mailbox IRQ in the manifest yaml). Please find the patch here: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/26947 Any questions or comments are welcome! Best Regards, Mate

1 year, 10 months

1
0
0 0

Nordic nRF9160 bootloader gets stuck because of undefined function

by Boeckmann, Lena

Hi folks, I tried running a minimal example on the nRF9160dk. In `boot_hal_bl2.c` the following code is executed: #ifdef FLASH_DEV_NAME result = FLASH_DEV_NAME.Uninitialize(); if (result != ARM_DRIVER_OK) { while(1) {} } #endif /* FLASH_DEV_NAME */ For the Nordic boards `Uninitialize` is not implemented (see `Driver_Flash.c`): ARM_DRIVER_FLASH Driver_FLASH0 = { .GetVersion = NULL, .GetCapabilities = ARM_Flash_GetCapabilities, .Initialize = ARM_Flash_Initialize, .Uninitialize = NULL, .PowerControl = NULL, .ReadData = ARM_Flash_ReadData, .ProgramData = ARM_Flash_ProgramData, .EraseSector = ARM_Flash_EraseSector, .EraseChip = NULL, .GetStatus = NULL, .GetInfo = ARM_Flash_GetInfo }; This leads to a non-zero value being stored in `result` and my program ends up getting stuck in the while loop. Is it possible to fix that? Kind regards, Lena

1 year, 10 months

1
0
0 0

Re: Scheduling bug

by Roman.Mazurak＠infineon.com

Hi Ken, I tested with 2.0.0 release. There are my conclusions. tfm_arch_set_context_ret_code set result (for psa_wait, ...) by using SP stored in sp member of context_ctrl_t structure. It means that before calling tfm_arch_set_context_ret_code TF-M should update SP for thread (partition). thrd_next update result by calling tfm_arch_set_context_ret_code, if query_state_cb (pointing to query_state implemented by backend_ipc.c) returns THRD_STATE_RET_VAL_AVAIL. For all partition except active (interrupted by PendSV) context (values in context_ctrl_t) is correct. But context is invalid for active partition, because it is updated by PendSV after exit from ipc_schedule and thrd_next. As result call for psa_wait would fail if some secure IRQ will update signals_asserted after tfm_spm_partition_psa_wait and before PendSV will call thrd_next. SLIH interrupt can assert such signal (call to backend_assert_signal) in spm_handle_interrupt. I made a simple fix: diff --git a/secure_fw/spm/core/backend_ipc.c b/secure_fw/spm/core/backend_ipc.c index 3a968a3..c8b0742 100644 --- a/secure_fw/spm/core/backend_ipc.c +++ b/secure_fw/spm/core/backend_ipc.c @@ -454,9 +454,14 @@ /* Protect concurrent access to current thread/component and thread status */ CRITICAL_SECTION_ENTER(cs); - pth_next = thrd_next(); p_curr_ctx = (struct context_ctrl_t *)(CURRENT_THREAD->p_context_ctrl); + /* Update SP for current thread, so tfm_arch_set_context_ret_code can use up to date + * value of stack context to return value via R0.*/ + p_curr_ctx->sp = __get_PSP() - sizeof(struct tfm_additional_context_t); + + pth_next = thrd_next(); + AAPCS_DUAL_U32_SET(ctx_ctrls, (uint32_t)p_curr_ctx, (uint32_t)p_curr_ctx); p_part_curr = GET_CURRENT_COMPONENT(); Regards, Roman. From: Bohdan.Hunko--- via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>> Sent: Wednesday, November 8, 2023 22:22 To: Ken.Liu(a)arm.com<mailto:Ken.Liu@arm.com>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Cc: nd(a)arm.com<mailto:nd@arm.com> Subject: [TF-M] Re: Scheduling bug Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informati…>. Hi Ken, I was using 1.8.0 Release Looks like this issue was fixed in new design although we would like to test it and confirm this when we migrate to newest release. We will get back on this to you. Regards, Bohdan Hunko Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com> From: Ken Liu via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>> Sent: Tuesday, November 7, 2023 03:58 To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Cc: nd <nd(a)arm.com<mailto:nd@arm.com>> Subject: [TF-M] Re: Scheduling bug Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://intranet-content.infineon.com/explore/aboutinfineon/rules/informati…>. Hi Bohdan, Can you share us the version you are working on? Looks like the patch is based on a previous version of TFM, and this issue is resolved in the latest code base. The reason to do such abstraction is just because of such similar issues - the logic was coupled tightly because of synching the partition status, thread status and context update which caused maintenance confusion and effort. And we refactored this part to decouple the logic: SPM: Add STATUS_NEED_SCHEDULE to manage scheduler (21054) * Gerrit Code Review (trustedfirmware.org)<https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/21054> Hope this helps, thanks. /Ken From: Bohdan.Hunko--- via TF-M <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>> Sent: Monday, November 6, 2023 10:01 PM To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> Subject: [TF-M] Scheduling bug Hi There seem to be scheduling bug we have found in SPM. This bug is related to handling of interrupts that arrives during SVC call and assert signed for partition. Steps to reproduce: 1. Call psa_wait() from partition (e.g. mailbox partition) 2. During execution of SVC handler generate Interrupt that asserts signal of that partition (e.g. mailbox partition signal ) (adding long delay in SVC handler or adding breakpoint in SVC handler helps to easier reproduce this ) 3. Following sequence happens: * Mailbox IRQ has lower priority than SVC thus SVC is not preempted. * SVC sees that mailbox partition is blocked (as it is waiting for signal and no signals are pending) * SVC triggers pendSV i. Mailbox IRQ and pendSV are both pending * Mailbox IRQ has higher priority than pendSV thus Mailbox IRQ is executed * Mailbox IRQ calls spm_handle_interrupt i. Signal is asserted thus spm_handle_interrupt in thrd_next calls query_state_cb which returns THRD_STATE_RET_VAL_AVAIL and thus tfm_arch_set_context_ret_code is called ii. tfm_arch_set_context_ret_code sets return code using OLD value of partition PSP (as it was never updated, as it is updated in PendSV) * Mailbox IRQ return, pendsv is started and it runs mailbox partition i. Mailbox partition has 0 as signal because return value was written to wrong location is stack Patch I have attached to the mail solves this problem for us BUT it seems more like a workaround than a proper fix( Anyways it would be nice to have this problem review by SPM experts and have proper fix (maybe we have other places with same problem...) Regards, Bohdan Hunko Cypress Semiconductor Ukraine Engineer CSUKR CSS ICW SW FW Mobile: +38099 50 19 714 Bohdan.Hunko(a)infineon.com<mailto:Bohdan.Hunko@infineon.com>

1 year, 10 months

2
3
0 0

SPM thread and FLIH

by Roman.Mazurak＠infineon.com

Hi all, It seems that on v2.0 there is a problem with FLIH handling during execution of SPM thread. 1. A partition #1 is running with unprivileged attribute (CONTROL.nPRIV = 1). 2. It requests PSA API (for example psa_call). 3. psa_call is serviced via SVC. prepare_to_thread_mode_spm schedules handling of psa_call in SPM thread mode (by prepare_to_thread_mode_spm). 4. prepare_to_thread_mode_spm saves CONTROL to saved_control. Than set CONTROL.nPRIV = 0 (privileged for SPM thread). 5. Exit from SVC starts execution of tfm_spm_client_psa_call in SPM thread (privileged). 6. SPM thread is interrupted by FLIH IRQ. 7. FLIH IRQ handler calls spm_handle_interrupt. 8. spm_handle_interrupt switches boundary to prepare environment for FLIH handler (partition #2) and schedules execution of FLIH handler. 9. FLIH handler is executed. 10. tfm_flih_return_to_isr is called on exit from FLIH handler. It restores boundary of partition #1 and set CONTROL.nPRIV = 1. Than returns to FLIH IRQ handler. 11. FLIH IRQ handler exit to SPM thread that has been interrupted on step #6. 12. SPM thread have no enough permissions, because it's running with CONTROL.nPRIV equal to 1 (unprivileged). So, processing environment is unprivileged and tfm_spm_client_psa_call fails on accessing restricted resource. Does my understanding correct? If yes it means that we should fix exit from FLIH to SPM thread. Regards, Roman.

1 year, 10 months

3
5
0 0

Adding platform support for ArmChina Alcor AN557 MPS3 board

by jidong.mei＠armchina.com

Hi I'm working on Adding Platform support for ArmChina Alcor AN557 MPS3 FPGA board . The code has been passed tfm_regression_test on AN557 fpga image and now submit to TF-M git repo. See: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/27267 Could you have a code review on these code ? Any comments and suggestion are welcomed. Thank you! B,R Jidong

1 year, 10 months

1
0
0 0

New TF-M maintainer

by Anton Komlev

Hi Everyone, I am glad to announce the new maintainer of TF-M project: * Antonio de Angelis aka adeaarm Antonio.deAngelis(a)arm.com><mailto:Antonio.deAngelis@arm.com%3e%60> Antonio was with TF-M from the very beginning being one of the project founders. Thank you, Antonio, for agreeing to maintain the project. All the best, Anton

1 year, 10 months

1
0
0 0

Image verification by 'untrusted client'

by Tomasz Jastrzębski

Is TFM-M currently able to verify the signature of the image downloaded by the 'untrusted client'? I mean, are there needed methods exposed to 'untrusted app'? If so, what methods need to be used? Kind regards, Tomasz

1 year, 10 months

1
0
0 0

tf-m main branch (latest commit) compiler error ,when build regression_test for corstone300/an547

by jidong.mei＠armchina.com

Hi I encounter a compile error , with latest main branch tf-m code. Code version : "commit 66c8eada12737f5cf6818ea84739f30ca275437d (HEAD -> main, origin/main, origin/HEAD) Author: Raef Coles <raef.coles(a)arm.com>" Build targert : corstone300/an547 regression_test Build command : cmake -S spe -B build_spe -DTFM_PLATFORM=arm/mps3/corstone300/an547 -DCONFIG_TFM_SOURCE_PATH=<tf-m_path> -DTFM_TOOLCHAIN_FILE=<tf-m_path>/toolchain_GNUARM.cmake -DTEST_S=ON -DTEST_NS=ON -DCMAKE_BUILD_TYPE=Debug & cmake --build build_spe -- install (these command fellow the build_test documentation : https://tf-m-user-guide.trustedfirmware.org/building/tests_build_instructio…) Compile error : "trusted-firmware-m/platform/ext/target/arm/mps3/corstone300/an547/cmsis_drivers/Driver_Flash.c:23:10: fatal error: tfm_hal_device_header.h: No such file or directory #include "tfm_hal_device_header.h" " Could you help to fix this issue. B,R Jidong

1 year, 11 months

3
2
0 0

ITS encryption

by Quach, Brian

Hi, It appears that ITS encryption would be required for PSA Certified Level 3. I'm seeing that this would required a platform specific HAL implementation. Is there some reason PSA Crypto APIs were not used like they were for attestation? Encryption in ITS ================= The ITS can optionally be configured to encrypt the internal trusted storage data. To support encryption in ITS the target platform must provide an implementation of the APIs defined in ``platform/include/tfm_hal_its_encryption.h``:: enum tfm_hal_status_t tfm_hal_its_aead_generate_nonce(uint8_t *nonce, const size_t nonce_size); enum tfm_hal_status_t tfm_hal_its_aead_encrypt( struct tfm_hal_its_auth_crypt_ctx *ctx, const uint8_t *plaintext, const size_t plaintext_size, uint8_t *ciphertext, const size_t ciphertext_size, uint8_t *tag, const size_t tag_size); enum tfm_hal_status_t tfm_hal_its_aead_decrypt( struct tfm_hal_its_auth_crypt_ctx *ctx, const uint8_t *ciphertext, const size_t ciphertext_size, uint8_t *tag, const size_t tag_size, uint8_t *plaintext, const size_t plaintext_size); Regards, Brian Quach SimpleLink MCU Texas Instruments Inc. 12500 TI Blvd, MS F-4000 Dallas, TX 75243 214-479-4076

1 year, 11 months

3
5
0 0

Build without re-downloading packages?

by Tomasz Jastrzębski

Hi All, Since ST platform seems to be supported only passively, I try to adapt tf-m for the new ST U5Axx and U5Gxx MPUs with 4MB flash on my own. It does not come easy since some things are hardcoded and new HAL version is required while breaking HAL changes have been introduced, but this is not the reason why I make this post. Is there any easy way, I mean, some cmake switch, which would allow for a full rebuild without redownloading the required packages? Since clean rebuild from scratch takes time and I need to do it frequently while my Internet connection currently is not super-fast and stable such option would be the most helpful. Kind regards, Tomasz

1 year, 11 months

2
1
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-M