Using Tamper with TF-M in STM32U5

Question

Hi,In TFM and SBSFU applications, by default the anti-tamper protection is enabled for both internal tamper events and external tamper events. It is activated at the start of TFM_SBSFU_Boot, and remains active.In case of tamper detection, sensitive data in SRAM2, caches and cryptographic peripherals are immediately erased, and the tamper interruption triggers a reset and the application is blocked (can't boot).I'm using the anti-tamper protection in TFM with stm32U585, but I don't want the tamper interruption to trigger a reset, I have changed the default configuration in TAMP_IRQHandler(), but still a reset is triggered and the application is blocked at tamper detection, I have tried to catch reset causes (reset flags), and I have found a software reset flag (Set by hardware when a software reset occurs.) and NRST Pin reset flag (Set by hardware when a reset from the NRST pin occurs.), So I wonder what would be the cause of NRST reset, and is there any relation between NRST , TAMP and RTC, could the anti-tamper protection / RTC triggers NRST reset.Is it even possible to change this default configuration in TFM_SBSFU_Boot ?Any explanation or a hint, please !Thank you.Regards,ZK

Jocelyn RICARD · Answer

Hello @ZKRAC.1​,In secureboot part, TAMP_IRQHandler is implemented in low_level_security.c and is calling NVIC_SystemReset(), reason why you have this behaviour.In TFM part, the IRQ handler is located in the autogenerated file tfm_secure_irq_handlers_ipc.inc. It is sending the SPM_TAMPER_IRQ signal that is captured in platform_sp_init function:    if (signals & SPM_TAMPER_IRQ)    {        tfm_hal_system_reset();    }So, in any case you end up in a reset.Best regardsJocelyn

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded