- TF-M - lists.trustedfirmware.org

Re: [TF-M] Security vulnerability notice - SVC handler fetches incorrect caller stack pointer under specific cases.

by Anton Komlev

Hi Kumar, All, Thanks for bringing this topic up. At the moment there is no plan for issuing the release v1.2.1 because of lack of policy for such hot fix releases. The release policy upgrade proposal shall be reviewed and agreed in the Steering Committee with the main questions: 1. What is the hot fix baseline? 2. What is the testing scope of the fix? 3. On which platform(s) the fix shall be tested? The policy is under discussion and the community input is welcome. Please share your thoughts on the topic. The release v1.3.0 is expected by end of March-beginning of April, which will include the fix. Thanks, Anton -----Original Message----- From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Kumar Gala via TF-M Sent: Friday, March 5, 2021 5:36 PM To: Ken Liu <Ken.Liu(a)arm.com> Cc: nd <nd(a)arm.com>; tf-m(a)lists.trustedfirmware.org Subject: Re: [TF-M] Security vulnerability notice - SVC handler fetches incorrect caller stack pointer under specific cases. > On Mar 5, 2021, at 9:28 AM, Ken Liu via TF-M <tf-m(a)lists.trustedfirmware.org> wrote: > > Hi Everyone, > > There is a new security vulnerability reported about the SVC handler fetches a wrong caller stack pointer under specific cases, which impacts the subsequent execution. > > Please find the security advisory specific to TF-M and patches that have been developed as per the TrustedFirmware.org security process[1] below : > > 1. TF-M Security advisory: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/9005 > 2. Fix based on the latest master has been merged into TF-M repo. The patch also can be found in Gerrit:https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8575 and https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8576. > > Please let us know if you have any comments. > > BR > > /Ken Liu > > [1] https://developer.trustedfirmware.org/w/collaboration/security_center/repor… > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m Is there plans for a security release of TFM v1.2 with this fix? - k -- TF-M mailing list TF-M(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m

4 years, 4 months

1
0
0 0

Re: [TF-M] Security vulnerability notice - SVC handler fetches incorrect caller stack pointer under specific cases.

by Kumar Gala

> On Mar 5, 2021, at 9:28 AM, Ken Liu via TF-M <tf-m(a)lists.trustedfirmware.org> wrote: > > Hi Everyone, > > There is a new security vulnerability reported about the SVC handler fetches a wrong caller stack pointer under specific cases, which impacts the subsequent execution. > > Please find the security advisory specific to TF-M and patches that have been developed as per the TrustedFirmware.org security process[1] below : > > 1. TF-M Security advisory: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/9005 > 2. Fix based on the latest master has been merged into TF-M repo. The patch also can be found in Gerrit:https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8575 and https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8576. > > Please let us know if you have any comments. > > BR > > /Ken Liu > > [1] https://developer.trustedfirmware.org/w/collaboration/security_center/repor… > -- > TF-M mailing list > TF-M(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-m Is there plans for a security release of TFM v1.2 with this fix? - k

4 years, 4 months

1
0
0 0

Security vulnerability notice - SVC handler fetches incorrect caller stack pointer under specific cases.

by Ken Liu

Hi Everyone, There is a new security vulnerability reported about the SVC handler fetches a wrong caller stack pointer under specific cases, which impacts the subsequent execution. Please find the security advisory specific to TF-M and patches that have been developed as per the TrustedFirmware.org security process[1] below : 1. TF-M Security advisory: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/9005 2. Fix based on the latest master has been merged into TF-M repo. The patch also can be found in Gerrit: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8575 and https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8576. Please let us know if you have any comments. BR /Ken Liu [1] https://developer.trustedfirmware.org/w/collaboration/security_center/repor…

4 years, 4 months

1
0
0 0

Re: [TF-M] Technical Forum call - March 4

by Anton Komlev

The agenda for the forum tomorrow: 1. CMSIS Pack for TF-M v1.2 presentation 2. AOB Thanks, Anton From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M Sent: Monday, March 1, 2021 11:58 AM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: [TF-M] Technical Forum call - March 4 Hi, The next Technical Forum is planned on Thursday, March 4, 07:00-08:00 UTC (Asia time zone). Please reply on this email with your proposals for agenda topics. Recording and slides of previous meetings are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ Best regards, Anton

4 years, 4 months

1
0
0 0

Re: [TF-M] Review on Firmware Update service in TF-M

by Sherry Zhang

Hi, Add some technical details. The newly added Firmware Update service provides the functionality of updating firmware images. It provides a standard interface for updating firmware and it is designed as platform/bootloader independent. The nonsecure application can call this service to achieve the firmware update by integrating TF-M with, for example, OTA library in the nonsecure side. The implementation provides a shim layer between the bootloader and the firmware update partition. Other bootloaders besides MCUboot should be easily ported with this partition. Any comment is very welcomed! Regards, Sherry Zhang From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Sherry Zhang via TF-M Sent: Monday, January 18, 2021 1:52 PM To: tf-m(a)lists.trustedfirmware.org Cc: nd <nd(a)arm.com> Subject: [TF-M] Review on Firmware Update service in TF-M Hi, I created the patchset of adding the Firmware Update service in TF-M feature branch. I would like to ask you to review this patchset if you are interested in it. Top of the patchset: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/7883 Regards, Sherry Zhang

4 years, 4 months

1
1
0 0

Deprecation of the nRF5340 PDK platform

by Głąbek, Andrzej

Hello, I would like to propose the deprecation of the nRF5340 PDK platform (nordic_nrf/nrf5340pdk_nrf5340_cpuapp) and the removal of this platform after the v1.3.0 release. The nRF5340 PDK is a preview development kit with an early revision (Engineering A) of the nRF5340 SoC and it has been replaced by the nRF5340 DK (as indicated here: https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF5340-PDK), which is also supported by TF-M. As per the process, should you have any objections to this deprecation, please respond to this proposal within 4 weeks. Best regards, Andrzej Głąbek

4 years, 4 months

1
0
0 0

Re: [TF-M] Please update TFM_TEST_REPO_VERSION

by David Hu

Hi Thomas, Sorry for the trouble. Could you let me know whether this change brought some problems or it fixed something? Best regards, Hu Ziji From: TF-M <tf-m-bounces(a)lists.trustedfirmware.org> On Behalf Of Thomas Törnblom via TF-M Sent: Friday, February 26, 2021 6:03 PM To: tf-m(a)lists.trustedfirmware.org Subject: [TF-M] Please update TFM_TEST_REPO_VERSION For some reason it seems that IAR is the only toolchain affected by: https://git.trustedfirmware.org/TF-M/tf-m-tests.git/commit/app/main_ns.c?id… Can we please update update the version to at least 4ae00fe? Cheers, Thomas -- Thomas Törnblom, Product Engineer IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com<mailto:thomas.tornblom@iar.com> Website: www.iar.com<http://www.iar.com> Twitter: www.twitter.com/iarsystems<http://www.twitter.com/iarsystems>

4 years, 4 months

2
7
0 0

Technical Forum call - March 4

by Anton Komlev

Hi, The next Technical Forum is planned on Thursday, March 4, 07:00-08:00 UTC (Asia time zone). Please reply on this email with your proposals for agenda topics. Recording and slides of previous meetings are here: https://www.trustedfirmware.org/meetings/tf-m-technical-forum/ Best regards, Anton

4 years, 4 months

1
0
0 0

Profile Large design document for review

by David Hu

Hi all, Can I ask for your comments on the TF-M Profile Large design document? TF-M Profile Large is one of TF-M Profiles. Profile Medium and Profile Small have been supported in TF-M. The document can be reviewed via https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/8546/1/docs/…. Any comment is welcome! Best regards, Hu Ziji

4 years, 4 months

1
0
0 0

Please update TFM_TEST_REPO_VERSION

by Thomas Törnblom

For some reason it seems that IAR is the only toolchain affected by: https://git.trustedfirmware.org/TF-M/tf-m-tests.git/commit/app/main_ns.c?id… Can we please update update the version to at least 4ae00fe? Cheers, Thomas -- *Thomas Törnblom*, /Product Engineer/ IAR Systems AB Box 23051, Strandbodgatan 1 SE-750 23 Uppsala, SWEDEN Mobile: +46 76 180 17 80 Fax: +46 18 16 78 01 E-mail: thomas.tornblom(a)iar.com <mailto:thomas.tornblom@iar.com> Website: www.iar.com <http://www.iar.com> Twitter: www.twitter.com/iarsystems <http://www.twitter.com/iarsystems>

4 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-M