Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[noup] nordic_nrf: 54l Add UARTE defines to peripherals config #153

Open
wants to merge 65 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
65 commits
Select commit Hold shift + click to select a range
a3a03e5
[nrf noup] crypto: Have CRYPTO_HW_ACCELERATOR support nrf_security
SebastianBoe Mar 1, 2024
83c37f8
[nrf noup] crypto: replace usage of mbedtls_hkdf
SebastianBoe Mar 1, 2024
20380fb
[nrf noup] platform: nrf_nordic: Add temp fix for for secure FPU on 9161
SebastianBoe Mar 1, 2024
9244daf
[nrf fromlist] secure_fw: Add option to log output on a shared UART i…
SebastianBoe Mar 1, 2024
8e0ebb2
[nrf toup] platform: nordic_nrf: Add support shared UART and using UA…
SebastianBoe Mar 1, 2024
aa3bbe6
[nrf fromtree] config: Disable cipher crypto module in small and medi…
SebastianBoe Mar 1, 2024
24efcc1
[nrf fromtree] partitions: crypto: Add missing PSA defined algorithms…
SebastianBoe Mar 1, 2024
2c79e2a
[nrf fromtree] platform: exception_info: Add getter for exception inf…
SebastianBoe Mar 1, 2024
76363c0
[nrf fromtree] platform: Change exception handler to use system regis…
SebastianBoe Mar 1, 2024
c183887
[nrf fromtree] platform: Store callee saved register in exception inf…
SebastianBoe Mar 1, 2024
744ee55
[nrf fromtree] platform: nordic_nrf: Store SPU fault information
SebastianBoe Mar 1, 2024
868fa29
[nrf fromtree] platform: nordic_nrf: unify target configuration header
SebastianBoe Mar 1, 2024
9f6cd6e
[nrf fromtree] platform: nordic_nrf: Refactor peripheral SPU configur…
SebastianBoe Mar 1, 2024
7aed5d8
[nrf fromlist] Build: crypto: Do not compile p256 if not enabled
SebastianBoe Mar 1, 2024
9d18510
[nrf fromlist] platform: nordic_nrf: Move startup CMake code into common
SebastianBoe Mar 1, 2024
4e93810
[nrf noup] Do not pass PSA_CONFIG again to crypto library
SebastianBoe Mar 1, 2024
ed1bc89
[nrf fromlist] platform: nordic_nrf: Document FlashInfo fields
SebastianBoe Mar 1, 2024
660bd6d
[nrf fromlist] platform: nordic_nrf: Remove unused driver functions
SebastianBoe Mar 1, 2024
bfde4d7
[nrf fromlist] platform: nordic_nrf: Remove Flash_Uninitialize function
SebastianBoe Mar 1, 2024
f1aa714
[nrf toup] secure_fw: spm: Add stdio_uinit
SebastianBoe Mar 1, 2024
db18f3f
[nrf toup] platform: nordic_nrf: Fix USART driver
SebastianBoe Mar 1, 2024
293f6cf
[nrf noup] Remove check for P256M
SebastianBoe Mar 1, 2024
4eff835
[nrf noup] platform: nordic_nrf: Add support for 54l
SebastianBoe Mar 1, 2024
2a2e1ce
[nrf noup] cmake: tools: Dont add a custom command for running the ma…
SebastianBoe Mar 7, 2024
d824e94
[nrf noup] crypto: Add PAKE support
mswarowsky Feb 29, 2024
a22fef3
[nrf noup] Add missing SPU funcs in target_cfg.c
Vge0rge Mar 8, 2024
5454e8e
Revert "[nrf noup] Add missing SPU funcs in target_cfg.c"
anangl Mar 25, 2024
0cf4946
[nrf fromtree] Crypto: Add missing key derivation APIs in the interface
Summer-ARM Nov 29, 2023
42494c1
[nrf fromtree] TFMV-7: SPM: Fix ARoT to PRot data access vulnerability.
Anton-TF Apr 3, 2024
8959d4c
[nrf fromlist] ps: Fix the support for disabling PS_ENCRYPTION
SebastianBoe Mar 18, 2024
68e552f
[nrf fromlist] platform: nordic_nrf: Add MDK defines required by tfm_ns
SebastianBoe Mar 18, 2024
308344f
[nrf fromlist] platform: nordic_nrf: add support for more UARTs
SebastianBoe Mar 15, 2024
17c198f
[nrf fromlist] platform: nordic_nrf: Support RRAMC
SebastianBoe Mar 18, 2024
813aa16
[nrf noup] platform: nordic_nrf: Add support for 54l
SebastianBoe Mar 14, 2024
2128757
[nrf noup] platform: nordic_nrf: Add support for 54l
SebastianBoe Mar 20, 2024
1a17888
[nrf noup] platform: nordic_nrf: include autoconf.h from target_cfg.c
SebastianBoe Mar 19, 2024
f3cc572
[nrf noup] platform: nordic_nrf: Add support for 54l
SebastianBoe Mar 21, 2024
9c8fa41
[nrf toup] platform: nordic_nrf: Add support shared UART and using UA…
SebastianBoe Apr 10, 2024
9145452
[nrf noup] Support CMAC KDF and custom builtin solution
vili-nordic Apr 15, 2024
f62fbdd
[noup] platform: nordic_nrf: Add LFXO support for 54L
mswarowsky Apr 23, 2024
be60427
[nrf noup] platform: nordic_nrf: Add debug port support
mswarowsky Apr 23, 2024
017ecdf
[nrf noup] platform: nordic_nrf: configure the NRF_RRAMC_S peripheral
SebastianBoe Apr 11, 2024
a829788
[nrf noup] tfm: Detect wrong headers being included
SebastianBoe Apr 10, 2024
7b734fe
[noup] platform: nordic_nrf: Configure XL1/2 pin based on Kconfig
mswarowsky Apr 24, 2024
ddd5acf
[nrf noup] Fix support CMAC KDF and custom builtin solution
mswarowsky Apr 30, 2024
79ad65e
[nrf noup] platform: nordic_nrf: Enable PS encryption again
mswarowsky Apr 30, 2024
87059eb
[nrf noup] platform: nordic_nrf: 54L Add ITS encryption support
mswarowsky May 2, 2024
fb1c0db
[nrf noup] platform: nordic_nrf: config of UART instances
mswarowsky May 8, 2024
6e6d572
[nrf noup] tfm: 54l: Improve MPC configuration documentation
SebastianBoe May 3, 2024
016b1dd
[nrf noup] tfm: 54l: Lock unused MPC OVERRIDES
SebastianBoe May 14, 2024
dd01147
[nrf noup] Add MPC and SPC error reporting for nrf54l
vili-nordic Apr 19, 2024
2ade42f
[nrf fromtree] Platform: Nordic: refactor spu_peripheral_config to us…
SebastianBoe May 14, 2024
a1bbc60
[nrf noup] nordic_nrf: refactor spu_peripheral_config to use base add…
SebastianBoe May 14, 2024
232f8b5
[nrf fromlist] Platform: Nordic: Add function for calculating spu ins…
SebastianBoe May 14, 2024
a35b6a4
[nrf fromlist] Platform: Nordic: Port spu_peripheral_config
SebastianBoe May 16, 2024
4e3cdd2
[nrf noup] nrf54l: configure pins as secure
SebastianBoe May 14, 2024
57aa07d
[nrf noup] Platform: 54l: Delete dead code in target_cfg.c
SebastianBoe May 16, 2024
406ebd5
[nrf noup] Platform: 54L: Refactor UART security configuration
SebastianBoe May 16, 2024
67783a6
[nrf noup] Platform: Nordic: Configure misc. peripherals as Secure
SebastianBoe May 16, 2024
3ebf3d3
[nrf noup] platform: nordic_nrf: 54L Use HUK library for EITS
mswarowsky May 21, 2024
39a386c
[nrf fromtree] Platform: nordic_nrf: Don't configure NRF_VMC as non-s…
nordic-mare May 23, 2024
92a5b4f
[nrf noup] cmake: Fix TFM psa_crypto_config linking error
rlubos May 21, 2024
e6e34d6
[nrf noup] nRF54L support for secure interrupts
vili-nordic May 23, 2024
c2db73d
[noup] nordic_nrf: 54l Add UARTE defines to peripherals config
mswarowsky May 27, 2024
bb857da
[noup] nordic_nrf: 54l: Add TIMER00 config for regression tests
mswarowsky May 27, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmake/spe-CMakeLists.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ cmake_minimum_required(VERSION 3.15)
include(spe_config)
include(spe_export)

set_target_properties(tfm_config psa_interface PROPERTIES IMPORTED_GLOBAL True)
set_target_properties(tfm_config psa_interface psa_crypto_config PROPERTIES IMPORTED_GLOBAL True)
target_link_libraries(tfm_config INTERFACE psa_interface)

# In actual NS integration, NS side build should include the source files
Expand Down
2 changes: 2 additions & 0 deletions config/check_config.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ tfm_invalid_config(TFM_MULTI_CORE_TOPOLOGY AND TFM_NS_MANAGE_NSID)
tfm_invalid_config(TFM_PLAT_SPECIFIC_MULTI_CORE_COMM AND NOT TFM_MULTI_CORE_TOPOLOGY)
tfm_invalid_config(TFM_ISOLATION_LEVEL EQUAL 3 AND CONFIG_TFM_STACK_WATERMARKS)

tfm_invalid_config(CONFIG_TFM_LOG_SHARE_UART AND NOT SECURE_UART1)

########################## BL2 #################################################

get_property(MCUBOOT_STRATEGY_LIST CACHE MCUBOOT_UPGRADE_STRATEGY PROPERTY STRINGS)
Expand Down
4 changes: 4 additions & 0 deletions config/config_base.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,9 @@ set(CONFIG_TFM_HALT_ON_CORE_PANIC OFF CACHE BOOL "On fatal e

set(CONFIG_TFM_STACK_WATERMARKS OFF CACHE BOOL "Whether to pre-fill partition stacks with a set value to help determine stack usage")

set(PROJECT_CONFIG_HEADER_FILE "${CMAKE_SOURCE_DIR}/config/config_base.h" CACHE FILEPATH "User defined header file for TF-M config")

set(CONFIG_TFM_LOG_SHARE_UART OFF CACHE BOOL "Allow TF-M and the non-secure application to share the UART instance. TF-M will use it while it is booting, after which the non-secure application will use it until an eventual fatal error is handled and logged by TF-M. Logging from TF-M will therefore otherwise be suppressed")
############################ Platform ##########################################

set(NUM_MAILBOX_QUEUE_SLOT 1 CACHE BOOL "Number of mailbox queue slots")
Expand Down Expand Up @@ -121,6 +124,7 @@ set(BL2_TRAILER_SIZE 0x000 CACHE STRING "BL2 Trailer
set(TFM_PARTITION_PROTECTED_STORAGE OFF CACHE BOOL "Enable Protected Storage partition")
set(PS_ENCRYPTION ON CACHE BOOL "Enable encryption for Protected Storage partition")
set(PS_CRYPTO_AEAD_ALG PSA_ALG_GCM CACHE STRING "The AEAD algorithm to use for authenticated encryption in Protected Storage")
set(PS_CRYPTO_KDF_ALG PSA_ALG_HKDF\(PSA_ALG_SHA_256\) CACHE STRING "KDF Algorithm to use for Protect Storage")

set(TFM_PARTITION_INTERNAL_TRUSTED_STORAGE OFF CACHE BOOL "Enable Internal Trusted Storage partition")
set(ITS_ENCRYPTION OFF CACHE BOOL "Enable authenticated encryption of ITS files using platform specific APIs")
Expand Down
2 changes: 1 addition & 1 deletion config/profile/config_profile_medium.h
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@

/* Enable PSA Crypto Cipher module */
#ifndef CRYPTO_CIPHER_MODULE_ENABLED
#define CRYPTO_CIPHER_MODULE_ENABLED 1
#define CRYPTO_CIPHER_MODULE_ENABLED 0
#endif

/* Enable PSA Crypto asymmetric key signature module */
Expand Down
2 changes: 1 addition & 1 deletion config/profile/config_profile_medium_arotless.h
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@

/* Enable PSA Crypto Cipher module */
#ifndef CRYPTO_CIPHER_MODULE_ENABLED
#define CRYPTO_CIPHER_MODULE_ENABLED 1
#define CRYPTO_CIPHER_MODULE_ENABLED 0
#endif

/* Enable PSA Crypto asymmetric key signature module */
Expand Down
2 changes: 1 addition & 1 deletion config/profile/config_profile_small.h
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@

/* Enable PSA Crypto Cipher module */
#ifndef CRYPTO_CIPHER_MODULE_ENABLED
#define CRYPTO_CIPHER_MODULE_ENABLED 1
#define CRYPTO_CIPHER_MODULE_ENABLED 0
#endif

/* Enable PSA Crypto asymmetric key signature module */
Expand Down
2 changes: 1 addition & 1 deletion config/profile/profile_medium.conf
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ CONFIG_CRYPTO_KEY_MODULE_ENABLED=y
CONFIG_CRYPTO_AEAD_MODULE_ENABLED=y
CONFIG_CRYPTO_MAC_MODULE_ENABLED=y
CONFIG_CRYPTO_HASH_MODULE_ENABLED=y
CONFIG_CRYPTO_CIPHER_MODULE_ENABLED=y
CONFIG_CRYPTO_CIPHER_MODULE_ENABLED=n
CONFIG_CRYPTO_ASYM_SIGN_MODULE_ENABLED=y
CONFIG_CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED=n
CONFIG_CRYPTO_KEY_DERIVATION_MODULE_ENABLED=y
Expand Down
2 changes: 1 addition & 1 deletion config/profile/profile_medium_arotless.conf
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ CONFIG_CRYPTO_KEY_MODULE_ENABLED=y
CONFIG_CRYPTO_AEAD_MODULE_ENABLED=y
CONFIG_CRYPTO_MAC_MODULE_ENABLED=y
CONFIG_CRYPTO_HASH_MODULE_ENABLED=y
CONFIG_CRYPTO_CIPHER_MODULE_ENABLED=y
CONFIG_CRYPTO_CIPHER_MODULE_ENABLED=n
CONFIG_CRYPTO_ASYM_SIGN_MODULE_ENABLED=y
CONFIG_CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED=n
CONFIG_CRYPTO_KEY_DERIVATION_MODULE_ENABLED=y
Expand Down
2 changes: 1 addition & 1 deletion config/profile/profile_small.conf
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ CONFIG_CRYPTO_KEY_MODULE_ENABLED=y
CONFIG_CRYPTO_AEAD_MODULE_ENABLED=y
CONFIG_CRYPTO_MAC_MODULE_ENABLED=y
CONFIG_CRYPTO_HASH_MODULE_ENABLED=y
CONFIG_CRYPTO_CIPHER_MODULE_ENABLED=y
CONFIG_CRYPTO_CIPHER_MODULE_ENABLED=n
CONFIG_CRYPTO_ASYM_SIGN_MODULE_ENABLED=n
CONFIG_CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED=n
CONFIG_CRYPTO_KEY_DERIVATION_MODULE_ENABLED=y
Expand Down
69 changes: 69 additions & 0 deletions docs/security/security_advisories/debug_log_vulnerability.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
Advisory TFMV-7
===============

+------------------+-----------------------------------------------------------+
| Title | ARoT can access PRoT data via debug logging functionality |
+==================+===========================================================+
| CVE ID | `CVE-2023-51712`_ |
+------------------+-----------------------------------------------------------+
| Public | The issue was publicly reported on 2023.12.04 |
| Disclosure Date | |
+------------------+-----------------------------------------------------------+
| Versions | All version up to TF-M v2.0.0 inclusive |
| Affected | |
+------------------+-----------------------------------------------------------+
| Configurations | IPC mode with TFM_SP_LOG_RAW_ENABLED=1 |
+------------------+-----------------------------------------------------------+
| Impact | A malicious ARoT partition can expose any part of memory |
| | via stdio interface if TFM_SP_LOG_RAW_ENABLED is set |
+------------------+-----------------------------------------------------------+
| Fix Version | TBD |
+------------------+-----------------------------------------------------------+
| Credit | Roman Mazurak, Infineon |
+------------------+-----------------------------------------------------------+

Background
----------

TF-M log subsystem if enabled by ``TFM_SP_LOG_RAW_ENABLED`` config option,
uses a SVC call to print logging messages on the stdio output interface.
Since the SVC handler has the highest privilege level and full memory
access, this communication channel can be exploited to expose any memory content
to stdout device, usually UART.
The logging subsystem is available to the secure side only but in isolation
level 2 and higher PSA Root of Trust partitions (PRoT) shall be protected
from an access from Application Root of Trust (ARoT) partitions. Although
a direct call of ``tfm_hal_output_sp_log()`` from ARoT partition will be
blocked by MPU raising the ``MemoryManagement()`` exception, a malicious
ARoT partition can create an alternative SVC call to output any memory
data like this:

.. code-block:: c

static int tfm_output_unpriv_string(const unsigned char *str, size_t len)
{
__ASM volatile("SVC %0 \n"
"BX LR \n"
: : "I" (2));
}

Impact
------

In IPC mode with PSA isolation level 2 and higher and ``TFM_SP_LOG_RAW_ENABLED``
option enabled an ARoT partition can expose to the stdout device any memory
data using TF-M logging subsystem via SVC call.

Mitigation
----------

Ensure that data sent for logging belongs to the current partition. For that purpose
``tfm_hal_memory_check(curr_partition->boundary, data, size, TFM_HAL_ACCESS_READABLE)``
is added to the logging function of the SVC handler. If the check fails
then ``tfm_core_panic()`` is invoked and system halts.

.. _CVE-2023-51712: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51712

---------------------

*Copyright (c) 2024, Arm Limited. All rights reserved.*
4 changes: 4 additions & 0 deletions docs/security/security_advisories/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ Security Advisories
profile_small_key_id_encoding_vulnerability
fwu_write_vulnerability
cc3xx_partial_tag_compare_on_chacha20_poly1305
debug_log_vulnerability

+------------+-----------------------------------------------------------------+
| ID | Title |
Expand All @@ -33,13 +34,16 @@ Security Advisories
| |TFMV-6| | Partial tag comparison when using Chacha20-Poly1305 on the PSA |
| | driver API interface in CryptoCell enabled platforms |
+------------+-----------------------------------------------------------------+
| |TFMV-7| | ARoT can access PRoT data via debug logging functionality |
+------------+-----------------------------------------------------------------+

.. |TFMV-1| replace:: :doc:`TFMV-1 <stack_seal_vulnerability>`
.. |TFMV-2| replace:: :doc:`TFMV-2 <svc_caller_sp_fetching_vulnerability>`
.. |TFMV-3| replace:: :doc:`TFMV-3 <crypto_multi_part_ops_abort_fail>`
.. |TFMV-4| replace:: :doc:`TFMV-4 <profile_small_key_id_encoding_vulnerability>`
.. |TFMV-5| replace:: :doc:`TFMV-5 <fwu_write_vulnerability>`
.. |TFMV-6| replace:: :doc:`TFMV-6 <cc3xx_partial_tag_compare_on_chacha20_poly1305>`
.. |TFMV-7| replace:: :doc:`TFMV-7 <debug_log_vulnerability>`

--------------

Expand Down
Loading