It would simplify things now we have the ITS APIs implemented. The downside is that platforms without the ITS APIs (i.e. those with some on-chip OTP but no on-chip MTP flash) would need to roll their own solution for storing the monotonic counter values in OTP.
Kind regards, Jamie
From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Adrian Shaw via TF-M Sent: 24 January 2020 10:07 To: Tamas Ban Tamas.Ban@arm.com Cc: nd nd@arm.com; tf-m@lists.trustedfirmware.org Subject: Re: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Yes. Wouldn’t that simplify things?
Adrian
On 24 Jan 2020, at 09:08, Tamas Ban via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> wrote:
Do you mean to use the ITS API to read/write a monotonous counter in trusted flash?
Tamas
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Adrian Shaw via TF-M Sent: 23 January 2020 13:10 To: Raef Coles <Raef.Coles@arm.commailto:Raef.Coles@arm.com> Cc: nd <nd@arm.commailto:nd@arm.com>; Adrian Shaw via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Subject: Re: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Do you mean the transfer of the Protected Storage service? If that is the case, then you don’t need an NV counter API because you can use the ITS API.
Adrian
On 23 Jan 2020, at 08:19, Raef Coles via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> wrote:
I believe the reason this is being proposed is the transferal of secure storage (as opposed to protected storage) to an application root of trust partition. Such a partition would still require access to the NV counters, at least as far as I know. We ran into this issue while creating the patch to do the transferal, and Jamie suggested this was the most sensible fix.
Raef
________________________________________ From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> on behalf of Adrian Shaw via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Sent: 22 January 2020 18:38 To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org; Minos Galanakis Cc: nd Subject: Re: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Hi Minos,
What are the use cases for Application Root of Trust services that need NV counters?
The NV counters are used by the PSA Root of Trust for rollback protection of images and secure storage. There are usually very few available. Hence the question above.
Adrian ________________________________ From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> on behalf of Minos Galanakis via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Sent: 22 January 2020 17:28 To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Cc: nd <nd@arm.commailto:nd@arm.com> Subject: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Hi,
The Non-Volatile (NV) counters are a part of the PSA Root of Trust. In order to enable Applications residing in the Root of Trust partition to use the counters, an appropriate interface is needed.
This proposal is to enhance the existing platform service, in order to expose a generic API aimed at providing access to Non-Volatile counters to applications residing in the Application Root of Trust.
This implementation will not modify or affect the existing tfm_plat_nv_counters API or its’ platform specific implementation and will instead introduce a shim layer between a psa_call and the existing logic.
All input, question or comments are greatly appreciated.
Minos
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M@lists.trustedfirmware.orgmailto:TF-M@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M@lists.trustedfirmware.orgmailto:TF-M@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
Agreed. In which case I am happy with the original proposal.
Best, Adrian
On 24 Jan 2020, at 11:47, Jamie Fox <Jamie.Fox@arm.commailto:Jamie.Fox@arm.com> wrote:
It would simplify things now we have the ITS APIs implemented. The downside is that platforms without the ITS APIs (i.e. those with some on-chip OTP but no on-chip MTP flash) would need to roll their own solution for storing the monotonic counter values in OTP.
Kind regards, Jamie
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Adrian Shaw via TF-M Sent: 24 January 2020 10:07 To: Tamas Ban <Tamas.Ban@arm.commailto:Tamas.Ban@arm.com> Cc: nd <nd@arm.commailto:nd@arm.com>; tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org Subject: Re: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Yes. Wouldn’t that simplify things?
Adrian
On 24 Jan 2020, at 09:08, Tamas Ban via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> wrote:
Do you mean to use the ITS API to read/write a monotonous counter in trusted flash?
Tamas
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Adrian Shaw via TF-M Sent: 23 January 2020 13:10 To: Raef Coles <Raef.Coles@arm.commailto:Raef.Coles@arm.com> Cc: nd <nd@arm.commailto:nd@arm.com>; Adrian Shaw via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Subject: Re: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Do you mean the transfer of the Protected Storage service? If that is the case, then you don’t need an NV counter API because you can use the ITS API.
Adrian
On 23 Jan 2020, at 08:19, Raef Coles via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> wrote:
I believe the reason this is being proposed is the transferal of secure storage (as opposed to protected storage) to an application root of trust partition. Such a partition would still require access to the NV counters, at least as far as I know. We ran into this issue while creating the patch to do the transferal, and Jamie suggested this was the most sensible fix.
Raef
________________________________________ From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> on behalf of Adrian Shaw via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Sent: 22 January 2020 18:38 To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org; Minos Galanakis Cc: nd Subject: Re: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Hi Minos,
What are the use cases for Application Root of Trust services that need NV counters?
The NV counters are used by the PSA Root of Trust for rollback protection of images and secure storage. There are usually very few available. Hence the question above.
Adrian ________________________________ From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> on behalf of Minos Galanakis via TF-M <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Sent: 22 January 2020 17:28 To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org <tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org> Cc: nd <nd@arm.commailto:nd@arm.com> Subject: [TF-M] [Request For Comments] Expose the NV counters under platform service.
Hi,
The Non-Volatile (NV) counters are a part of the PSA Root of Trust. In order to enable Applications residing in the Root of Trust partition to use the counters, an appropriate interface is needed.
This proposal is to enhance the existing platform service, in order to expose a generic API aimed at providing access to Non-Volatile counters to applications residing in the Application Root of Trust.
This implementation will not modify or affect the existing tfm_plat_nv_counters API or its’ platform specific implementation and will instead introduce a shim layer between a psa_call and the existing logic.
All input, question or comments are greatly appreciated.
Minos
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M@lists.trustedfirmware.orgmailto:TF-M@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-M mailing list TF-M@lists.trustedfirmware.orgmailto:TF-M@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-m
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
tf-m@lists.trustedfirmware.org