SBSFU | SFU_MPU_PROTECT_ENABLE | Pros & Cons

Jakub Standarski · ‎2023-10-13

Hello all,
I have a question about additional MPU protection provided by enabling SFU_MPU_PROTECT_ENABLE.
What are the main benefits of that?
How much "protection value" do we miss if it's disabled?

Jocelyn RICARD · ‎2023-10-23

Hello Jakub,

MPU protection is an internal isolation but also allows cache configurability as well as some address range configuration for read, write and execute capabilities.

If you disable MPU, you lose all of these.

Regarding security, MPU adds a layer to be passed by an attacker.

For instance, if attacker manages to perform a stack overflow on one interface, the setting of stack as non executable reduces the possibilities of such attack. Also, disabling access to secure boot code containing keys, prevents from directly reading such keys.

Best regards

Jocelyn

View solution in original post

Bubbles · ‎2023-10-18

Hi @Jakub Standarski,

this is not easy to quantify. What particular product you have in mind? In some products the MPU is probably the most important part. In others, where there is for example HDP, it's little less important. I understand it's difficult to get it right, especially if you manipulated linker settings.

There are several MPU regions used, each for different purpose. If there's one region you struggle with, you can identify the incorrect setting by disabling various regions and observing the effect.

BR,

J

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

Jakub Standarski · ‎2023-10-23

I was rather wondering whether with all other securities turned on, MPU is also important chunk of that protection mechanism.

As far as I understand, by using additional MPU protection, we can force usage of peripherals' buses in privileged mode (which is not the case by default) or protect access to some kind of vulnerable data.
Does additional MPU protection add anything else than that?

Jocelyn RICARD · ‎2023-10-23

Hello Jakub,

MPU protection is an internal isolation but also allows cache configurability as well as some address range configuration for read, write and execute capabilities.

If you disable MPU, you lose all of these.

Regarding security, MPU adds a layer to be passed by an attacker.

For instance, if attacker manages to perform a stack overflow on one interface, the setting of stack as non executable reduces the possibilities of such attack. Also, disabling access to secure boot code containing keys, prevents from directly reading such keys.

Best regards

Jocelyn

Jakub Standarski · ‎2023-10-23

That's what I needed, thanks!

hw310404 · ‎2023-11-08

Hi @Jakub Standarski are you able to get MPU working? I still get "Hard fault" if I enable it and all the rest of the security mechanism works fine. Any insights are much appreciated.

Jakub Standarski · ‎2024-03-05

Unfortunately not. We are struggling a lot with porting KMS and X509 support on STM32F756ZGTx. We've managed to run bootloader and also go through certs verification, but when we try to jump to the application code, it triggers hard fault. All securities are disabled.

Jocelyn RICARD · ‎2024-03-06

Hello Jakub,

Hardfault is usually quite easy to debug. You have a first view with hardfault analyser, and then you can go back to root cause.

One other thing you can do first is to put a breakpoint on the reset handler of your application, and then go step by step. After few iteration you should understand what is the cause.

Best regards

Jocelyn

Jakub Standarski · ‎2024-03-06

Yeah, usually that's true. But we've narrowed down the issue to the SysTick function, which halts counting. Right after jumping to that function, HardFault is triggered.

Jocelyn RICARD · ‎2024-03-06

I remember an issue related to SysTick in old SBSFU versions. But in latest one it is suspended.

One thing I would check in your case is the value of VTOR to check if it point to the right interrupt vector location