Hi. I was looking into a failing test-case in the Zephyr project for the NMI not being processed when using TF-M.
The issue is that SCB.AIRCR.BFHFNMINS bit is not set, so the non-secure write to SCB.ICSR.NMIPENDSET is ignored.
Is this a decision that was explicitly made for the TF-M configuration to not allow the non-secure application to use the NMI handler? I could not find anything in the TF-M documentation mentioning the NMI.
Are there security concerns related to the NMI?
Joakim Andersson | Senior R&D Engineer Trondheim, Norway nordicsemi.comhttps://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.nordicsemi.com%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603241347%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=axNIH9bfiD3Gfy8IyRG7nqwZK9xAmwct0OpXcAlh0HY%3D&reserved=0 | devzone.nordicsemi.comhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdevzone.nordicsemi.com%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603251297%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jFUIsbKkjvW4z17qcEAE1y90OdkA5D4SG4GfWczoN7E%3D&reserved=0 Facebookhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Fnordicsemiconductor%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603261257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=O0h9EmN358WY7ghahL7SHEcXh71BL2pbGiDJ6eYNKgU%3D&reserved=0 | LinkedInhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnordic-semiconductor-asa%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603261257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IfoCPSaNetWjwQcseA5DJEveE%2F71382blsTNvGwOYes%3D&reserved=0 | Twitterhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FNordicTweets&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603261257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7DMtcNur2qmNhD89zW2jVEXEZMDPQwrcXY%2B0sEM8Nas%3D&reserved=0 | YouTubehttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fuser%2FNordicSemi&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603271210%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=n%2FNDG%2BN%2FJqbfXB%2F1etmyVj0d5W%2Bpy9QGPstNucOFMAU%3D&reserved=0 | Instagramhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.instagram.com%2Fnordicsemi%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603271210%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=s%2FEb8fN1SgLYJxy53qukL7rqv9XLTE%2FaJ%2FSZT2CZO9o%3D&reserved=0
Hi Andersson,
The main usage of BFHFNMINS is that some software only uses the single Non-Secure State. So the faults need to be Non-secure as well. Handling those faults in Non-secure can have some security issues as Secure is not aware of any those exceptions are triggered. So if you are using both NS and S, BFHFNMINS should not be set.
Best Regards, Kevin
From: Andersson, Joakim via TF-M tf-m@lists.trustedfirmware.org Sent: Wednesday, June 1, 2022 6:58 PM To: tf-m@lists.trustedfirmware.org Subject: [TF-M] Non-secure use of NMI
Hi. I was looking into a failing test-case in the Zephyr project for the NMI not being processed when using TF-M.
The issue is that SCB.AIRCR.BFHFNMINS bit is not set, so the non-secure write to SCB.ICSR.NMIPENDSET is ignored.
Is this a decision that was explicitly made for the TF-M configuration to not allow the non-secure application to use the NMI handler? I could not find anything in the TF-M documentation mentioning the NMI.
Are there security concerns related to the NMI?
Joakim Andersson | Senior R&D Engineer Trondheim, Norway nordicsemi.comhttps://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.nordicsemi.com%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603241347%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=axNIH9bfiD3Gfy8IyRG7nqwZK9xAmwct0OpXcAlh0HY%3D&reserved=0 | devzone.nordicsemi.comhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdevzone.nordicsemi.com%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603251297%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jFUIsbKkjvW4z17qcEAE1y90OdkA5D4SG4GfWczoN7E%3D&reserved=0 Facebookhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Fnordicsemiconductor%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603261257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=O0h9EmN358WY7ghahL7SHEcXh71BL2pbGiDJ6eYNKgU%3D&reserved=0 | LinkedInhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnordic-semiconductor-asa%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603261257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IfoCPSaNetWjwQcseA5DJEveE%2F71382blsTNvGwOYes%3D&reserved=0 | Twitterhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FNordicTweets&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603261257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7DMtcNur2qmNhD89zW2jVEXEZMDPQwrcXY%2B0sEM8Nas%3D&reserved=0 | YouTubehttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fuser%2FNordicSemi&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603271210%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=n%2FNDG%2BN%2FJqbfXB%2F1etmyVj0d5W%2Bpy9QGPstNucOFMAU%3D&reserved=0 | Instagramhttps://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.instagram.com%2Fnordicsemi%2F&data=04%7C01%7CJoakim.Andersson%40nordicsemi.no%7C0d3ed81ea8d74110a3a508d870161ca3%7C28e5afa2bf6f419a8cf6b31c6e9e5e8d%7C0%7C0%7C637382587603271210%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=s%2FEb8fN1SgLYJxy53qukL7rqv9XLTE%2FaJ%2FSZT2CZO9o%3D&reserved=0
tf-m@lists.trustedfirmware.org
-
Andersson, Joakim -
Kevin Peng