FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How detect and store tamper event by linux

Go to solution
RBorr.1
Associate

‎2021-09-08 02:26 AM

Hi,

I'm working on a project based on the STM32mp153 MPU with linux OS.

I have configured the TF-A module to manage the tamper with timestamp.

When the tamper event occurs, it is reported in stdout.

I would like to propagate to the kernel and user space the event detected by the TF-A and the possibility of storing the event itself in a system log.

Possibly avoiding polling the deletion of the backup registers.

Do you have an Application note where a standard Tamper management procedure is described?

Regards

Renato Borromeo

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Kevin HUBER
ST Employee

‎2021-10-04 08:39 AM

Hello @RBorr.1​ 

This question was handled with intern support, so I apologize for the delay in responding on the community.

We had some discussions at architecture level and for us, we do not understand why you want to process TAMPER event from non secure world.

Because the target is to detect a violation of resources (a security alert) and if the security alert is not processed from the secure world, it has no sense (except to get a log of what happens in the product (informally).

But if you really want to propagate the events to the user space, here the answer of an expert:

A possible way to manage it would be to generate an IT for non secure world (Linux) in the spmin IRQ handler.
 
This function for ex is able to do that: gicv2_raise_sgi(ARM_IRQ_NON_SEC_SGI_0, STM32MP_SECONDARY_CPU);
 
Then you also need to had a buffer to get the TAMP number (or other information linked to the TAMPER violation).
 
That way:
- You make sure the TAMP violation is well managed from the secure world
- You can take some non critical actions (like logging) on non secure processing

Regards,

Kévin

In order to give better visibility on the answered topics, please click on 'Select as Best' on the reply which solved your issue or answered your question. See also 'Best Answers'

In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.

View solution in original post

0 Kudos
1 REPLY 1
Go to solution
Kevin HUBER
ST Employee

‎2021-10-04 08:39 AM

Hello @RBorr.1​ 

This question was handled with intern support, so I apologize for the delay in responding on the community.

We had some discussions at architecture level and for us, we do not understand why you want to process TAMPER event from non secure world.

Because the target is to detect a violation of resources (a security alert) and if the security alert is not processed from the secure world, it has no sense (except to get a log of what happens in the product (informally).

But if you really want to propagate the events to the user space, here the answer of an expert:

A possible way to manage it would be to generate an IT for non secure world (Linux) in the spmin IRQ handler.
 
This function for ex is able to do that: gicv2_raise_sgi(ARM_IRQ_NON_SEC_SGI_0, STM32MP_SECONDARY_CPU);
 
Then you also need to had a buffer to get the TAMP number (or other information linked to the TAMPER violation).
 
That way:
- You make sure the TAMP violation is well managed from the secure world
- You can take some non critical actions (like logging) on non secure processing

Regards,

Kévin

In order to give better visibility on the answered topics, please click on 'Select as Best' on the reply which solved your issue or answered your question. See also 'Best Answers'

In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
0 Kudos
Top