Hey Suresh
I've had a look into this, and it seems to be a limitation of the cryptocell runtime library.
Profile medium enables MBEDTLS_ECDSA_C, which then causes cryptocell's accelerator config to set MBEDTLS_ECDSA_VERIFY_ALT, which are both working as expected.
The problem is that the runtime library doesn't use the MBEDTLS_ECP_DP_SECP521R1_ENABLED define (or any other define) to conditionally enable function pointers in the lists used for selecting ECC functions (see cc_ecpki_info.c), so the linker cant optimize those functions out of the final image.
Actually fixing this issue probably isn't too much of a problem, but there is an underlying problem that currently the runtime library is effectively unmaintained, and I'm not sure that TF-M can commit to fixing all of the issues in it.
Raef
________________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> on behalf of Suresh Marisetty via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: 06 July 2021 15:49
To: David Hu; Mark Horvath
Cc: nd; tf-m(a)lists.trustedfirmware.org
Subject: Re: [TF-M] Questions on Musca-B1 SE implementation - code size analysis
Hi David,
One of our observation is that for Medium profile, some ciphers are disabled in the medcrypto portion through the config file (tfm_mbedcrypto_config_profile_medium.h). However, the CC312 components appears to be generating libraries that are disabled in mbedcrypto. One such example is the object file: cc_ecpki_domain_secp521r1.o generated for medium profile.
Wondering if this is expected or just an overlooked escape. I am assuming all ciphers not enabled in mbedcrypto portion should NOT have corresponding cc312 components, to help optimize the image sizes.
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
From: David Hu <David.Hu(a)arm.com>
Sent: Sunday, July 4, 2021 11:37 PM
To: Marisetty Suresh (CYSC CSS ICW SW SSE) <Suresh.Marisetty(a)infineon.com>; Mark Horvath <Mark.Horvath(a)arm.com>
Cc: nd <nd(a)arm.com>; tf-m(a)lists.trustedfirmware.org
Subject: RE: Questions on Musca-B1 SE implementation - code size analysis
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://goto.infineon.com/SocialEngineering>.
Hi Suresh,
1. Please check t Profile Medium and Profile Large design documents below. The ciphers supported are listed in the document.
Profile Medium: https://tf-m-user-guide.trustedfirmware.org/docs/technical_references/profi…
Profile Large: https://tf-m-user-guide.trustedfirmware.org/docs/technical_references/profi…
1. I don’t think the software countermeasures against physical attacks are enabled in Musca-B1 SE, by default. Mark, please correct me if I misunderstand it.
TF-M implements a Fault Inject Hardening (FIH) library as software countermeasure to mitigate physical attacks.
FIH is enabled as Medium Profile in Profile Large by default. You can set `TFM_FIH_PROFILE` as OFF to disable FIH features.
FIH is not implemented by mebd TLS or CC312. It consists of protections of TF-M SPM critical routine and platform specific isolation configuration.
Please check FIH design document: https://tf-m-user-guide.trustedfirmware.org/docs/technical_references/tfm_p…
Compared to Profile Medium, Profile Large enables more cryptographic algorithms support and FIH library.
It may also include more configurations of higher isolation.
Best regards,
Hu Ziji
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Suresh Marisetty via TF-M
Sent: Sunday, July 4, 2021 2:26 AM
To: Mark Horvath <Mark.Horvath(a)arm.com<mailto:Mark.Horvath@arm.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: [TF-M] Questions on Musca-B1 SE implementation - code size analysis
Hi Mark,
Wondering if someone can provide more visibility in the following in regards to the SE build with profile medium and large:
1. What ciphers are supported in medium vs. large (I see the size of the code bloats up almost twice from 30 to 60K approx) – observation from size of libmbedcrypto and libcrypto_service_cc312 – any clear documentation on this or a link would be helpful (besides code review)
2. When the SE is built for the large profile, assume it also includes “Software countermeasures against physical attacks” since it is offloading to the CC-312
* Is there a way to build the large profile without physical attack counter-measures?
* While library are these countermeasures implemented in (libmbed or lib_cc312)?
1. On our initial analysis, for a medium profile these two libraries appears to be 30K-33K in size each and is this in the right ballpark? (with minsizerel)
I assume the code size increase is due to additional cipher support + physical attack countermeasures. Correct me otherwise.
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
From: Mark Horvath <Mark.Horvath(a)arm.com<mailto:Mark.Horvath@arm.com>>
Sent: Friday, May 14, 2021 5:30 AM
To: Marisetty Suresh (CYSC CSS ICW SW SSE) <Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: Re: Questions on Musca-B1 SE implementation
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://goto.infineon.com/SocialEngineering>.
Hi Suresh,
Yes, by default the cc312 acceleration is turned on at build time for SE, and the algorithms will be handled by HW instead of the SW implementation. If you would like to use SW crypto instead you can pass the HW_ACCELERATOR="OFF" flag to cmake when building the SE TF-M instance.
And here are the TF-M image sizes as of now with GCC in release mode:
SE: ~185 KiB code flash and ~63 KiB RAM
Host: ~22 KiB code flash and ~16 KiB RAM
(a few more KiB needed for the images in flash for image header and trailer if loaded by mcuboot)
Best regards,
Mark
________________________________
From: David Hu <David.Hu(a)arm.com<mailto:David.Hu@arm.com>>
Sent: Thursday, May 13, 2021 5:26 AM
To: Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com> <Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com>>; Tamas Ban <Tamas.Ban(a)arm.com<mailto:Tamas.Ban@arm.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>; Mark Horvath <Mark.Horvath(a)arm.com<mailto:Mark.Horvath@arm.com>>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: RE: Questions on Musca-B1 SE implementation
Hi @Mark Horvath<mailto:Mark.Horvath@arm.com>,
Could you please help take a look at the following questions about Musca-B1 SE?
Thanks 😊
Best regards,
Hu Ziji
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Suresh Marisetty via TF-M
Sent: Thursday, May 13, 2021 6:04 AM
To: Tamas Ban <Tamas.Ban(a)arm.com<mailto:Tamas.Ban@arm.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: Re: [TF-M] Questions on Musca-B1 SE implementation
Hi Tamas,
The following is good information. A few questions:
1. Is it correct to state that for the SE, the PSA RoT services do not have any software Crypto implementation, but leverage from CC-312?
2. What is the size of the TFM on the host (M33) with only PSA RoT service proxy with redirection to SE
3. Just trying to understand the TFM image size requirements on M33 vs. SE
4. How much of the Flash region/code Executed In Place vs. execution out of SRAM (XIP)
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
From: Tamas Ban <Tamas.Ban(a)arm.com<mailto:Tamas.Ban@arm.com>>
Sent: Friday, April 30, 2021 12:40 AM
To: Marisetty Suresh (CYSC CSS ICW SW SSE) <Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: RE: Questions on Musca-B1 SE implementation
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://goto.infineon.com/SocialEngineering>.
Hi Suresh,
Here is a link how to build images to Musca-B1 SE:
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…
I have built with GCC and MinSizeRel build type:
Profile Medium:
Memory region Used Size Region Size %age Used
FLASH: 101464 B 381 KB 26.01%
RAM: 61304 B 64 KB 93.54%
[100%] Built target tfm_s
Profile Large:
Memory region Used Size Region Size %age Used
FLASH: 170448 B 381 KB 43.69%
RAM: 62980 B 64 KB 96.10%
[ 97%] Built target tfm_s
The profiles means different capabilities of TF-M, they were introduced to support constrained devices as well, with limited capability.
There is a detailed description about the profiles here:
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/techn…
BR,
Tamas
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Suresh Marisetty via TF-M
Sent: 2021. április 29., csütörtök 21:49
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Subject: [TF-M] Questions on Musca-B1 SE implementation
I am following up on a question that came up on the TFM Core and MCUBoot image sizes that is built for SE on Musca-B1.
We are trying to figure out the resource requirements for SE, to be able to host the TF-M as suggested in the slides below. Wondering if anyone throw more light on the RAM/FLASH requirements for it.
Also, does the TFM profile small/medium/large map to this at all or is it different from them. Also, what’s are the estimated latencies of boot on SE with all the Flash accesses, etc.
https://www.trustedfirmware.org/docs/Musca-B1-Secure-Enclave-Solution.pdfhttps://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…
Any info on this would be appreciated.
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
Hi Poppy,
Platform folder represents a HW integration layer.
What kind of use case you have in mind to call the secure services from there?
Thanks,
Anton
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Edward Yang via TF-M
Sent: Tuesday, July 6, 2021 9:30 AM
To: tf-m(a)lists.trustedfirmware.org; nd <nd(a)arm.com>
Subject: [TF-M] Whether the codes in platform folder of tf-m project can be allowed to call secure services in secure_fw folder?
Hi experts,
The tf-m project includes secure_fw and paltform these two folders, I want to know whether the codes in platform folder are allowed to call secure services directly?
Best Regards,
Poppy Wu
Macronix Microelectronics (Suzhou) Co.,Ltd
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi experts,
The tf-m project includes secure_fw and paltform these two folders, I want
to know whether the codes in platform folder are allowed to call secure
services directly?
Best Regards,
Poppy Wu
Macronix Microelectronics (Suzhou) Co.,Ltd
============================================================================
CONFIDENTIALITY NOTE:
This e-mail and any attachments may contain confidential information and/or personal data, which is protected by applicable laws. Please be reminded that duplication, disclosure, distribution, or use of this e-mail (and/or its attachments) or any part thereof is prohibited. If you receive this e-mail in error, please notify us immediately and delete this mail as well as its attachment(s) from your system. In addition, please be informed that collection, processing, and/or use of personal data is prohibited unless expressly permitted by personal data protection laws. Thank you for your attention and cooperation.
Macronix International Co., Ltd.
=====================================================================
Hi,
The next Technical Forum is planned on Thursday, July 8 at 15:00-16:00 UTC (US time zone).
Please reply on this email with your proposals for agenda topics.
Recording and slides of previous meetings are here:
https://www.trustedfirmware.org/meetings/tf-m-technical-forum/
Best regards,
Anton
Hi Mark,
Wondering if someone can provide more visibility in the following in regards to the SE build with profile medium and large:
1. What ciphers are supported in medium vs. large (I see the size of the code bloats up almost twice from 30 to 60K approx) – observation from size of libmbedcrypto and libcrypto_service_cc312 – any clear documentation on this or a link would be helpful (besides code review)
2. When the SE is built for the large profile, assume it also includes “Software countermeasures against physical attacks” since it is offloading to the CC-312
* Is there a way to build the large profile without physical attack counter-measures?
* While library are these countermeasures implemented in (libmbed or lib_cc312)?
3. On our initial analysis, for a medium profile these two libraries appears to be 30K-33K in size each and is this in the right ballpark? (with minsizerel)
I assume the code size increase is due to additional cipher support + physical attack countermeasures. Correct me otherwise.
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
From: Mark Horvath <Mark.Horvath(a)arm.com>
Sent: Friday, May 14, 2021 5:30 AM
To: Marisetty Suresh (CYSC CSS ICW SW SSE) <Suresh.Marisetty(a)infineon.com>; tf-m(a)lists.trustedfirmware.org
Cc: nd <nd(a)arm.com>
Subject: Re: Questions on Musca-B1 SE implementation
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://goto.infineon.com/SocialEngineering>.
Hi Suresh,
Yes, by default the cc312 acceleration is turned on at build time for SE, and the algorithms will be handled by HW instead of the SW implementation. If you would like to use SW crypto instead you can pass the HW_ACCELERATOR="OFF" flag to cmake when building the SE TF-M instance.
And here are the TF-M image sizes as of now with GCC in release mode:
SE: ~185 KiB code flash and ~63 KiB RAM
Host: ~22 KiB code flash and ~16 KiB RAM
(a few more KiB needed for the images in flash for image header and trailer if loaded by mcuboot)
Best regards,
Mark
________________________________
From: David Hu <David.Hu(a)arm.com<mailto:David.Hu@arm.com>>
Sent: Thursday, May 13, 2021 5:26 AM
To: Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com> <Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com>>; Tamas Ban <Tamas.Ban(a)arm.com<mailto:Tamas.Ban@arm.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org> <tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>>; Mark Horvath <Mark.Horvath(a)arm.com<mailto:Mark.Horvath@arm.com>>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: RE: Questions on Musca-B1 SE implementation
Hi @Mark Horvath<mailto:Mark.Horvath@arm.com>,
Could you please help take a look at the following questions about Musca-B1 SE?
Thanks 😊
Best regards,
Hu Ziji
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Suresh Marisetty via TF-M
Sent: Thursday, May 13, 2021 6:04 AM
To: Tamas Ban <Tamas.Ban(a)arm.com<mailto:Tamas.Ban@arm.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: Re: [TF-M] Questions on Musca-B1 SE implementation
Hi Tamas,
The following is good information. A few questions:
1. Is it correct to state that for the SE, the PSA RoT services do not have any software Crypto implementation, but leverage from CC-312?
2. What is the size of the TFM on the host (M33) with only PSA RoT service proxy with redirection to SE
3. Just trying to understand the TFM image size requirements on M33 vs. SE
4. How much of the Flash region/code Executed In Place vs. execution out of SRAM (XIP)
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
From: Tamas Ban <Tamas.Ban(a)arm.com<mailto:Tamas.Ban@arm.com>>
Sent: Friday, April 30, 2021 12:40 AM
To: Marisetty Suresh (CYSC CSS ICW SW SSE) <Suresh.Marisetty(a)infineon.com<mailto:Suresh.Marisetty@infineon.com>>; tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Cc: nd <nd(a)arm.com<mailto:nd@arm.com>>
Subject: RE: Questions on Musca-B1 SE implementation
Caution: This e-mail originated outside Infineon Technologies. Do not click on links or open attachments unless you validate it is safe<https://goto.infineon.com/SocialEngineering>.
Hi Suresh,
Here is a link how to build images to Musca-B1 SE:
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…
I have built with GCC and MinSizeRel build type:
Profile Medium:
Memory region Used Size Region Size %age Used
FLASH: 101464 B 381 KB 26.01%
RAM: 61304 B 64 KB 93.54%
[100%] Built target tfm_s
Profile Large:
Memory region Used Size Region Size %age Used
FLASH: 170448 B 381 KB 43.69%
RAM: 62980 B 64 KB 96.10%
[ 97%] Built target tfm_s
The profiles means different capabilities of TF-M, they were introduced to support constrained devices as well, with limited capability.
There is a detailed description about the profiles here:
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/techn…
BR,
Tamas
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org<mailto:tf-m-bounces@lists.trustedfirmware.org>> On Behalf Of Suresh Marisetty via TF-M
Sent: 2021. április 29., csütörtök 21:49
To: tf-m(a)lists.trustedfirmware.org<mailto:tf-m@lists.trustedfirmware.org>
Subject: [TF-M] Questions on Musca-B1 SE implementation
I am following up on a question that came up on the TFM Core and MCUBoot image sizes that is built for SE on Musca-B1.
We are trying to figure out the resource requirements for SE, to be able to host the TF-M as suggested in the slides below. Wondering if anyone throw more light on the RAM/FLASH requirements for it.
Also, does the TFM profile small/medium/large map to this at all or is it different from them. Also, what’s are the estimated latencies of boot on SE with all the Flash accesses, etc.
https://www.trustedfirmware.org/docs/Musca-B1-Secure-Enclave-Solution.pdfhttps://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/platform/e…
Any info on this would be appreciated.
thanks
Suresh Marisetty
Infineon Semiconductor Corporation
Hi Matt,
Do you want to just build psa-arch tests alone?
I check the psa-arch-tests build command documentation (api-tests/dev_apis/README.md), it doesn't mention '-DCMAKE_BUILD_TYPE'.
Usually, we build it from TF-M side. It has debug symbols if you build from TF-M with '-DCMAKE_BUILD_TYPE=Debug'.
Also, you can build debug variant through the DS-5 environment. It also works.
BR,
Summer
________________________________
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> on behalf of Matt via TF-M <tf-m(a)lists.trustedfirmware.org>
Sent: Thursday, July 1, 2021 9:11 AM
To: tf-m(a)lists.trustedfirmware.org <tf-m(a)lists.trustedfirmware.org>
Subject: [TF-M] How to build psa-arch-tests to debug mode with debug symbols
Hi All experts,
I want to build psa-arch-tests to debug mode with debug symbols. I have tried the following command, but it does not take effect.
cmake ../ -G"<generator_name>" -DTARGET=<platform_name> -DCPU_ARCH=<cpu_architecture_version> -DCMAKE_BUILD_TYPE=Debug -DSUITE=<suite_name> -DPSA_INCLUDE_PATHS="<include_path1>;<include_path2>;...;<include_pathn>"
cmake --build .
How can I build psa-arch-tests to debug mode with debug symbols?
Thanks,
Matt
Hi All experts,
I want to build psa-arch-tests to debug mode with debug symbols. I have tried the following command, but it does not take effect.
cmake ../ -G"<generator_name>" -DTARGET=<platform_name> -DCPU_ARCH=<cpu_architecture_version> -DCMAKE_BUILD_TYPE=Debug -DSUITE=<suite_name> -DPSA_INCLUDE_PATHS="<include_path1>;<include_path2>;...;<include_pathn>"
cmake --build .
How can I build psa-arch-tests to debug mode with debug symbols?
Thanks,
Matt
Hi,
To better maintain tf-m documentation, we plan to enable 'turn warnings into errors' in documentation HTML generation. The patch<https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/10424> is on review now.
One note is that sphinx should be updated to 2.0.1, otherwise there will be some 'duplicate label' warnings, which will fail documentation generation.
Best Regards,
Summer
Hi,
Please consider separating the configuration files from the scripts/tools. That would enable re-using the scripts in other projects.
I.e. if the .clang-format file lives in the tf-m repo, then the script running clang-format could be used with multiple repositories.
/George
From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Salome Thirot via TF-M
Sent: 28 June 2021 11:42
To: tf-m(a)lists.trustedfirmware.org
Subject: [TF-M] Static check framework for TF-M
Hi all,
Hugo L'Hostis and I have written a series of patches to enable various checks that can be done locally before committing the code, they will be added in the tf-m-tools repository. The patches are the following, any comment is welcome:
cppcheck:
https://review.trustedfirmware.org/c/TF-M/tf-m-tools/+/10009/8
clang-format:
https://review.trustedfirmware.org/c/TF-M/tf-m-tools/+/10463/2
copyright headers:
https://review.trustedfirmware.org/c/TF-M/tf-m-tools/+/10464/2
Regards,
Salome