Skip to main content
R
RBorr.1
Visitor II
September 8, 2021
Solved

How detect and store tamper event by linux

  • September 8, 2021
  • 1 reply
  • 1309 views

Hi,

I'm working on a project based on the STM32mp153 MPU with linux OS.

I have configured the TF-A module to manage the tamper with timestamp.

When the tamper event occurs, it is reported in stdout.

I would like to propagate to the kernel and user space the event detected by the TF-A and the possibility of storing the event itself in a system log.

Possibly avoiding polling the deletion of the backup registers.

Do you have an Application note where a standard Tamper management procedure is described?

Regards

Renato Borromeo

    This topic has been closed for replies.
    Best answer by Kevin HUBER

    Hello @RBorr.1​ 

    This question was handled with intern support, so I apologize for the delay in responding on the community.

    We had some discussions at architecture level and for us, we do not understand why you want to process TAMPER event from non secure world.

    Because the target is to detect a violation of resources (a security alert) and if the security alert is not processed from the secure world, it has no sense (except to get a log of what happens in the product (informally).

    But if you really want to propagate the events to the user space, here the answer of an expert:

    A possible way to manage it would be to generate an IT for non secure world (Linux) in the spmin IRQ handler.
 
This function for ex is able to do that: gicv2_raise_sgi(ARM_IRQ_NON_SEC_SGI_0, STM32MP_SECONDARY_CPU);
 
Then you also need to had a buffer to get the TAMP number (or other information linked to the TAMPER violation).
 
That way:
- You make sure the TAMP violation is well managed from the secure world
- You can take some non critical actions (like logging) on non secure processing

    Regards,

    Kévin

    In order to give better visibility on the answered topics, please click on 'Select as Best' on the reply which solved your issue or answered your question. See also 'Best Answers'

    1 reply

    K
    Kevin HUBERAnswer
    Technical Moderator
    October 4, 2021

    Hello @RBorr.1​ 

    This question was handled with intern support, so I apologize for the delay in responding on the community.

    We had some discussions at architecture level and for us, we do not understand why you want to process TAMPER event from non secure world.

    Because the target is to detect a violation of resources (a security alert) and if the security alert is not processed from the secure world, it has no sense (except to get a log of what happens in the product (informally).

    But if you really want to propagate the events to the user space, here the answer of an expert:

    A possible way to manage it would be to generate an IT for non secure world (Linux) in the spmin IRQ handler.
 
This function for ex is able to do that: gicv2_raise_sgi(ARM_IRQ_NON_SEC_SGI_0, STM32MP_SECONDARY_CPU);
 
Then you also need to had a buffer to get the TAMP number (or other information linked to the TAMPER violation).
 
That way:
- You make sure the TAMP violation is well managed from the secure world
- You can take some non critical actions (like logging) on non secure processing

    Regards,

    Kévin

    In order to give better visibility on the answered topics, please click on 'Select as Best' on the reply which solved your issue or answered your question. See also 'Best Answers'

    Terms & ConditionsAccessibility statement