tfm: Move TF-M attestation data to provisioned OTP region

[MarkusLassila]

Optional fields to TF-M attestation were previously stored in tfm_otp_nv_counters region, which we were not able to provision. This moves the psa_certification_reference to the provisioned OTP-region and adds support for accessing the variable data in
bl_storage.h.

Verification service URL and profile may change with device upgrades, for this reason they are added as Kconfigs.

Note that we still need to keep the tfm_otp_nv_counters region when TFM_PARTITION_PROTECTED_STORAGE and TFM_PS_ROLLBACK_PROTECTION are enabled. TF-M will increase monotonic counters every time new data is written and given the limited size of our OTP-region it would not support many updates.

NCSDK-17932

• bl_storage tests -> Update: Variable data fields are currently only present with TF-M builds. With TF-M build, the application cannot access the provisioned data due provisioned data being secure. So bl_storage_tests are currently not possible.

[NordicBuilder]

CI Information

^{To view the history of this post, clich the 'edited' button above}
Build number: 28

Inputs:

Sources:

sdk-nrf: PR head: 760fdc483c9f628a1a610efcbf879e79a6aa9213

more details

sdk-nrf:

PR head: 760fdc483c9f628a1a610efcbf879e79a6aa9213
merge base: 0eff1df3b72d96eef5021da8245852b3c24b3ff8
target head (main): a9f08286f0d3722edab7cac963c2b1af1283acc0
Diff

Github labels

Enabled	Name	Description
	ci-disabled	Disable the ci execution
	ci-all-test	Run all of ci, no test spec filtering will be done
	ci-force-downstream	Force execution of downstream even if twister fails
	ci-run-twister	Force run twister
	ci-run-zephyr-twister	Force run zephyr twister

List of changed files detected by CI (17)

cmake
│  ├── sysbuild
│  │  │ provision_hex.cmake
doc
│  ├── nrf
│  │  ├── releases_and_maturity
│  │  │  ├── releases
│  │  │  │  │ release-notes-changelog.rst
include
│  │ bl_storage.h
modules
│  ├── trusted-firmware-m
│  │  ├── CMakeLists.txt
│  │  ├── Kconfig
│  │  ├── Kconfig.tfm.pm
│  │  ├── tfm_boards
│  │  │  ├── CMakeLists.txt
│  │  │  ├── common
│  │  │  │  │ attest_hal.c
│  │  │  ├── partition
│  │  │  │  │ flash_layout.h
samples
│  ├── tfm
│  │  ├── tfm_psa_template
│  │  │  ├── README.rst
│  │  │  ├── prj.conf
│  │  │  │ sysbuild.conf
scripts
│  ├── bootloader
│  │  │ provision.py
subsys
│  ├── bootloader
│  │  ├── Kconfig
│  │  ├── bl_storage
│  │  │  │ bl_storage.c
sysbuild
│  ├── Kconfig.sysbuild
│  │ Kconfig.tfm

Outputs:

Toolchain

Version: 342151af73
Build docker image: docker-dtr.nordicsemi.no/sw-production/ncs-build:342151af73_912848a074

Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped; ⚠️ Quarantine

• ◻️ Toolchain - Skipped: existing toolchain is used
• ✅ Build twister - Skipped: Skipping Build & Test as it succeeded in a previous run: 27
• ✅ Integration tests
  • ✅ test-sdk-audio - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ desktop52_verification - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-boot
  • ✅ test-fw-nrfconnect-apps - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test_ble_nrf_config - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-ble_mesh - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-ble_samples - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-chip
  • ✅ test-fw-nrfconnect-nfc - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_libmodem-nrf - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_serial_lte_modem - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_zephyr_lwm2m - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_samples - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_lwm2m - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ doc-internal - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_thingy91 - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf_crypto - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-rpc - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-rs - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-fem
  • ✅ test-fw-nrfconnect-tfm - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-thread - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-zigbee - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-sdk-find-my - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_mosh - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-nrf-iot_positioning - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-sdk-sidewalk - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-sdk-wifi - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-low-level - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-sdk-pmic-samples - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-sdk-mcuboot - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-sdk-dfu - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-fw-nrfconnect-ps - Skipped: Job was skipped as it succeeded in a previous run
  • ✅ test-secdom-samples-public - Skipped: Job was skipped as it succeeded in a previous run
  • ⚠️ test-fw-nrfconnect-fw-update
  • ⚠️ test-fw-nrfconnect-nrf-iot_cloud

Note: This message is automatically posted and updated by the CI

[NordicBuilder]

You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds.

Note: This comment is automatically posted by the Documentation Publishing GitHub Action.

[SeppoTakalo]

Why are these functions introduced inside header file? These are not marked as inline. Also, as these are static, it means that multiple implementations might end up in the flash. One for each .c file that uses these.

[MarkusLassila]

The functions are inside header file as they are used both in MCUboot and in application (TF-M). This is how it was previously achieved and I did not change this (yet). Having the functions inside bl_storage.c would mean that the bl_storage.c would be split with functions / headers that are available in MCUboot and functions / headers that are available in TF-M.

I guess we are already kind of doing the same in header file, so if you think that moving this split to bl_storage.c would be an improvement, I can give it a go.

[MarkusLassila]

Functions moved to bl_storage.c.

[SeppoTakalo]

Otherwise looks OK, but I don't understand why the implementation is inside header file and not in bl_storage.c

[Vge0rge]

Overall this looks good!
Some comments but I don't see anything seriously wrong with this.
Next time if you can please split such a change to more commits so that it is a bit more easy to follow.
I will give a second look to this before I approve.

[Vge0rge]

Doesn't that seem a bit out of place here?
I think that placing this in the same file with the rest of the TFM configurations makes it more logical to me:

sdk-nrf/modules/trusted-firmware-m/Kconfig

Line 473 in 9190d3a

I am not an expert on sysbuild but is the the only way to have this information to be visible by all the images in the build?

[MarkusLassila]

The provisioning is done for the MCUboot, so it does not see the Kconfigs of the application. It might be possible to change this to include Kconfigs of the application, but whether this makes sense would need input from @nordicjm.

[nordicjm]

sysbuild files go in sysbuild, this is the correct folder

[Vge0rge]

This should is be defined in the TFM build I think.

[NordicBuilder]

Memory footprint analysis revealed the following potential issues

sample.matter.template.debug[nrf7002dk/nrf5340/cpuapp]: High ROM usage: 912202[B] - link (cc: @kkasperczyk-no @ArekBalysNordic @markaj-nordic)
sample.matter.template.release[nrf7002dk/nrf5340/cpuapp]: High ROM usage: 821126[B] - link (cc: @kkasperczyk-no @ArekBalysNordic @markaj-nordic)

Note: This message is automatically posted and updated by the CI (latest/sdk-nrf/PR-17522/27)

[MarkusLassila]

sample.matter.template.release

Tried running:
cd /ncs/nrf/samples/matter/template
west build -p -b nrf7002dk/nrf5340/cpuapp . -T sample.matter.template.release

With my commit and without my commits. There was no difference, except saving 14 bytes with b0n, so I think that the space warning is due to other commits on main branch.

I did have to disable the following:
CONFIG_CHIP_FACTORY_DATA=n
CONFIG_CHIP_FACTORY_DATA_BUILD=n
MATTER_FACTORY_DATA_GENERATE=n

[kkasperczyk-no]

so I think that the space warning is due to other commits on main branch.

Yeah, unfortunately it's a little bit useless warning, because we never know which commit it applies to...

[SeppoTakalo]

Looks OK in general.
I left few remarks.

[SeppoTakalo]

Is it intentional here that url_len does not contain NUL byte?

Suggested change

	uint32_t url_len = strlen(url);
	uint32_t url_len = sizeof(CONFIG_TFM_ATTEST_VERIFICATION_SERVICE_URL);

[MarkusLassila]

Yes. This is intentional. The data is fed to be CBOR encoded, which includes the length of the data. The null byte is not needed.

[SeppoTakalo]

If you used strlen( ) in the beginning, then memcpy() would only copy the string without the terminating NUL character.

[MarkusLassila]

This is intentional.

[SeppoTakalo]

Is it really that we cannot guarantee the word alignment anymore?

[MarkusLassila]

I restored the check. I thought the check was originally added as the otp_copy32 required the alignment, but now I am unsure about this.

[NordicBuilder]

You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds.

Note: This comment is automatically posted by the Documentation Publish GitHub Action.

[MarkusLassila]

Ping: @Vge0rge, @nrfconnect/ncs-pluto

[greg-fer]

Minor nit.

[greg-fer]

Suggested change

	# Get variable data to be written to the OTP-region.
	# Get variable data to be written to the OTP region.

[sonarqubecloud]

Quality Gate failed

Failed conditions
2 Security Hotspots
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

[nordicjm]

this means doc cannot be generated

[MarkusLassila]

Do you mean that the documentation cannot be generated for the below functions? What would you suggest?

I added the check for TF-M, because it seemed it seemed to save some space on mcuboot on non-tfm builds.

[nordicjm]

remove the #ifdef from the header file, it is enough to just have that in the .c file

[nordicjm]

nice to replace magic numbers with defines

[nordicjm]

not addressed

[nordicjm]

size / sizeof(uint32_t)

[MarkusLassila]

This function is removed in the next commit. Will fix on otp_copy.

[nordicjm]

why are things being changed to be changed again in fixup commits?

[nordicjm]

max line length is 100, this fits on one line with space to spare (plus for 2 lines the alignment of the second line is off)

[MarkusLassila]

This function is removed in the next commit. Will fix on otp_copy.

[nordicjm]

defines at top of file with other defines

[MarkusLassila]

Ping @nordicjm