Page MenuHomePhabricator
Create Task
Maniphest T615

Simplify RTOS / TF-M interface (single thread execution)
Closed, ResolvedPublic
Actions

Description

When using TF-M on v8-M with Secure Function Call SFC (aka Library) mode, the entry to the secure side is protected by a Mutex.
Thus only one thread at the time is calling a secure service. The picture below should therefore represent the execution flow (Level 1 isolation).

Under this assumption there is no need to implement TZ_context management in the RTOS (https://arm-software.github.io/CMSIS_5/Core/html/using_TrustZone_pg.html#RTOS_TrustZone). Any RTOS could be used, provided that the Mutex capability is sufficient.

Moreover this design should create a really simple secure side:

  • Only one stack is needed on the secure side for Thread mode execution
  • No multi-threading issues that need to be resolved (i.e. with access of hardware crypto accelerators)

The drawback of course is that only one task at a time can use a secure service. However an RTOS with priority inversion will ensure that the Secure service is executed as fast as possible, once a scheduling conflict arises.

I would like to gather feedback on that approach. Let me know what you think.

Event Timeline

KenLSoft added a subscriber: KenLSoft.EditedDec 13 2019, 2:55 AM


Attach the diagram.

ReinhardKeil added a comment.Dec 13 2019, 8:23 AM

This is related to https://lists.trustedfirmware.org/pipermail/tf-m/2019-December/000581.html.
Pictures are filed here as the email list does not support pictures.

davidwang added a comment.Dec 15 2019, 2:05 AM
In T615#7152, @ReinhardKeil wrote:

This is related to https://lists.trustedfirmware.org/pipermail/tf-m/2019-December/000581.html.
Pictures are filed here as the email list does not support pictures.

This diagram is correct for the SFC mode. For the NS client ID ("client-oriented policy" in the diagram), the users may use it for a different purpose. But it's OK to ignore if have no requirement.
The current RTOS integration enables the TZ API is to make it generic. If the specific implementation doesn't need multiple secure context and different NS client ID support, then they can leave the implementation empty.

ReinhardKeil added a comment.EditedDec 17 2019, 8:16 AM

TZ API is not generic - otherwise it would be widely supported by RTOSes. It is good that the implementation can be empty as there are also requirements to use TF-M without RTOS.

The "Client-oriented policy" is relative easy to overcome. I'm not sure that it adds real-world value for security. A simple access key might do the same job.

I suggest to add a define setting that removes from TF-M all code that is related to the TZ_context management interface.

davidwang added a comment.Dec 18 2019, 3:36 PM

Yes, the TZ API is not widely supported and the RTOSes which support v8m TZ are inventing their own "TZ" API for secure context switch (e.g. FreeRTOS). So, we intended to make the "Secure Context Management" ecosystem more aligned. For example, we are also introducing TZ API in RT-Thread.
But you're right, it's optional if there's no multiple secure context in TF-M. The value of NS client ID and NS access policy are use case specific. We provide the way to support that but it should be optional.
We will check if anything will go wrong if RTOS doesn't call the TZ API to TF-M. If we found issues, then will fix them.
Thanks for the valuable input!

shebuk added a subscriber: shebuk.Jan 7 2020, 10:54 AM

Yes, looks like we can keep TZ context management as option to disable for RTOSes integrating TFM. There are RTOS vendors who have exprressed supporting multiple secure contexts in TF-M as a requirement.

ReinhardKeil added a comment.Feb 3 2020, 3:05 PM

Are the patches now part of a release? I'm asking as there is a need to support PSA Certification for Level 2 with FreeRTOS.

kevin-peng-hao added a comment.Feb 13 2020, 7:36 AM

Hi Reinhard, FYI the patches have been merged.

davidwang added a comment.Feb 13 2020, 7:38 AM

Thanks, Kevin.

davidwang closed this task as Resolved.Feb 13 2020, 7:38 AM
davidwang assigned this task to kevin-peng-hao.
ReinhardKeil added a comment.Feb 13 2020, 11:32 AM

Great, I asssue that this is configured with a #define.

What is the name of that #define?

Is there a central file that contains all the TF-M defines?

kevin-peng-hao added a comment.Feb 14 2020, 1:47 AM

It's configured in CommonConfig.cmake, line #321.
The name is CONFIG_TFM_ENABLE_CTX_MGMT.