tf-m: Add Attestation support for nRF54L15

Add support for PSA Attestation to the nRF54L15. Includes noup changes to TF-M repository. Ref: NCSDK-22598 Signed-off-by: Sigurd Hellesvik <[email protected]>
nrfconnect · Nov 22, 2024 · 716c951 · 716c951
1 parent a07b87c
commit 716c951
Show file tree

Hide file tree

Showing 9 changed files with 54 additions and 7 deletions.
diff --git a/modules/trusted-firmware-m/Kconfig.tfm.defconfig b/modules/trusted-firmware-m/Kconfig.tfm.defconfig
@@ -66,7 +66,7 @@ config TFM_PARTITION_INITIAL_ATTESTATION
 	select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
 	select PSA_WANT_ALG_ECDSA
 	select PSA_WANT_ECC_SECP_R1_256
-	select SECURE_BOOT_STORAGE
+	select SECURE_BOOT_STORAGE if !TRUSTED_EXECUTION_NONSECURE
 
 config TFM_PARTITION_PROTECTED_STORAGE
 	bool

diff --git a/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt b/modules/trusted-firmware-m/tfm_boards/CMakeLists.txt
@@ -115,7 +115,7 @@ if (${TFM_PARTITION_CRYPTO})
     tfm_sprt
   )
 
-  if (${TFM_PARTITION_INITIAL_ATTESTATION})
+  if ((${TFM_PARTITION_INITIAL_ATTESTATION}) AND CONFIG_IDENTITY_KEY)
     target_sources(platform_s
       PRIVATE
       ${ZEPHYR_NRF_MODULE_DIR}/lib/identity_key/identity_key.c

diff --git a/modules/trusted-firmware-m/tfm_boards/common/attest_hal.c b/modules/trusted-firmware-m/tfm_boards/common/attest_hal.c
@@ -12,12 +12,22 @@
 #include "tfm_plat_boot_seed.h"
 #include "tfm_plat_device_id.h"
 #include "tfm_plat_otp.h"
-#include <nrf_cc3xx_platform.h>
 #include "tfm_strnlen.h"
 #include "nrf_provisioning.h"
-#include <nrfx_nvmc.h>
 #include <bl_storage.h>
 
+
+#ifdef CONFIG_NRFX_NVMC
+#include <nrfx_nvmc.h>
+#endif
+#ifdef CONFIG_HAS_HW_NRF_CC3XX
+#include <nrf_cc3xx_platform.h>
+#endif
+#if defined(CONFIG_CRACEN_HW_PRESENT)
+static volatile uint8_t boot_seed_set = 0;
+static volatile uint8_t boot_seed[32];
+#endif
+
 static enum tfm_security_lifecycle_t map_bl_storage_lcs_to_tfm_slc(enum lcs lcs)
 {
 	switch (lcs) {
@@ -122,6 +132,7 @@ enum tfm_plat_err_t tfm_attest_hal_get_profile_definition(uint32_t *size, uint8_
 
 enum tfm_plat_err_t tfm_plat_get_boot_seed(uint32_t size, uint8_t *buf)
 {
+#if defined(CONFIG_HAS_HW_NRF_CC3XX)
 	int nrf_err;
 
 	if (size != NRF_CC3XX_PLATFORM_TFM_BOOT_SEED_SIZE) {
@@ -132,7 +143,15 @@ enum tfm_plat_err_t tfm_plat_get_boot_seed(uint32_t size, uint8_t *buf)
 	if (nrf_err != NRF_CC3XX_PLATFORM_SUCCESS) {
 		return TFM_PLAT_ERR_SYSTEM_ERR;
 	}
-
+#elif defined(CONFIG_PSA_NEED_CRACEN_KMU_DRIVER)
+	if( !boot_seed_set) {
+		psa_generate_random(boot_seed,32);
+		boot_seed_set = 1;
+	}
+	memcpy(buf,boot_seed, sizeof(uint8_t) * 32);
+#else
+	return TFM_PLAT_ERR_SYSTEM_ERR;
+#endif
 	return TFM_PLAT_ERR_SUCCESS;
 }
 

diff --git a/modules/trusted-firmware-m/tfm_boards/nrf54l15_cpuapp/config.cmake b/modules/trusted-firmware-m/tfm_boards/nrf54l15_cpuapp/config.cmake
@@ -13,3 +13,9 @@ include(${PLATFORM_PATH}/common/${NRF_SOC_VARIANT}/config.cmake)
 
 # Override PS_CRYPTO_KDF_ALG
 set(PS_CRYPTO_KDF_ALG                  PSA_ALG_SP800_108_COUNTER_CMAC CACHE STRING    "KDF Algorithm to use")
+
+set(CONFIG_NRFX_RRAMC                ON          CACHE BOOL      "Enable nrfx drivers for RRAMC")
+add_compile_definitions(CONFIG_NRFX_RRAMC)
+
+# Override attestation to sign message instead of hash, because CRACEN drivers can not sign a hash.
+set(ATTEST_SIGN_MESSAGE               ON         CACHE BOOL      "Sign message instead of hash")
diff --git a/modules/trusted-firmware-m/tfm_config.h.in b/modules/trusted-firmware-m/tfm_config.h.in
@@ -100,6 +100,9 @@
 /* The stack size of the Initial Attestation Secure Partition */
 #cmakedefine ATTEST_STACK_SIZE @ATTEST_STACK_SIZE@
 
+/* Sign message instead of message hash */
+#cmakedefine01 ATTEST_SIGN_MESSAGE
+
 /* Set the initial attestation token profile */
 /* The TF-M config_base.h configuration will do
  * #define ATTEST_TOKEN_PROFILE_PSA_IOT_1 1, if non of the token profiles are

diff --git a/samples/tfm/tfm_psa_template/boards/nrf54l15dk_nrf54l15_cpuapp_ns.conf b/samples/tfm/tfm_psa_template/boards/nrf54l15dk_nrf54l15_cpuapp_ns.conf
@@ -0,0 +1,13 @@
+CONFIG_TFM_NRF_PROVISIONING=n
+CONFIG_TFM_DUMMY_PROVISIONING=y
+
+CONFIG_SPI_NOR=n
+CONFIG_TFM_EXCEPTION_INFO_DUMP=y
+CONFIG_TFM_CMAKE_BUILD_TYPE_DEBUG=y
+CONFIG_TFM_SPM_LOG_LEVEL_DEBUG=y
+CONFIG_RESET_ON_FATAL_ERROR=n
+CONFIG_PM_PARTITION_SIZE_TFM=0x50800
+# CONFIG_PSA_WANT_ALG_ECDSA_ANY=y
+CONFIG_DEBUG=y
+CONFIG_DEBUG_THREAD_INFO=y
+CONFIG_DEBUG_OPTIMIZATIONS=y
diff --git a/samples/tfm/tfm_psa_template/sysbuild/mcuboot/boards/nrf54l15dk_nrf54l15_cpuapp.conf b/samples/tfm/tfm_psa_template/sysbuild/mcuboot/boards/nrf54l15dk_nrf54l15_cpuapp.conf
@@ -0,0 +1,6 @@
+CONFIG_PM_PARTITION_SIZE_MCUBOOT=0xb800
+CONFIG_SPI_NOR=n
+CONFIG_BOOT_MAX_IMG_SECTORS=256
+
+# FPROTECT is set in NSIB instead
+CONFIG_FPROTECT=n
diff --git a/subsys/bootloader/bl_storage/Kconfig b/subsys/bootloader/bl_storage/Kconfig
@@ -6,4 +6,4 @@
 
 config SECURE_BOOT_STORAGE
 	bool "Library for accessing the bootloader storage"
-	select NRFX_RRAMC if SOC_SERIES_NRF54LX
+	select NRFX_RRAMC if SOC_SERIES_NRF54LX && !TRUSTED_EXECUTION_NONSECURE
diff --git a/west.yml b/west.yml
@@ -150,7 +150,7 @@ manifest:
     - name: trusted-firmware-m
       repo-path: sdk-trusted-firmware-m
       path: modules/tee/tf-m/trusted-firmware-m
-      revision: 82e7763eba112a350d58dd52dc39f340a291ffd0
+      revision: pull/180/head
     - name: psa-arch-tests
       repo-path: sdk-psa-arch-tests
       path: modules/tee/tf-m/psa-arch-tests