Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

Sigurd Hellesvik — Mon, 30 Dec 2024 07:42:46 GMT

The feature you are describing is what we call APPROTECT or Access Port Protection. See Enabling access port protection mechanism:

Several Nordic Semiconductor SoCs or SiPs supported in the nRF Connect SDK offer an implementation of the access port protection mechanism (AP-Protect). When enabled, this mechanism blocks the debugger from read and write access to all CPU registers and memory-mapped addresses. Accessing these registers and addresses again requires disabling the mechanism and erasing the flash.

[quote user="valerii7"]Could you please confirm that my understanding is correct? The main purpose of the protection is to prevent the code from running on unauthorized hw ([/quote]

If you run Access Port Protection, noone should be able to read out your fw.

If you then also encrypt your DFU, people should not be able to use intercepted DFU images.

I agree with your understanding.

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

valerii7 — Fri, 27 Dec 2024 16:09:44 GMT

Sigurd, thank you very much for the detailed answers, now I understand the code much better and also see how to implement the desired functionality. The FPROTECT obviously doesn't fit my needs, since it's not persistent (I overlooked this).

One last question - I think the UICR "User information configuration registers" could provide complete protection against firmware readout/copy via the debug interface. And, if coupled with an appropriate bootloader with encryption, could guarantee the complete protection of the firmware from copy/reuse. In this way, since FW update files are encrypted and there is also no access via the debug interface to the internal flash (access could be reenabled only after doing a complete erase of the flash), the unencrypted code is never exposed. Could you please confirm that my understanding is correct? The main purpose of the protection is to prevent the code from running on unauthorized hw (prevention of coping the complete device).

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

Sigurd Hellesvik — Fri, 27 Dec 2024 14:37:13 GMT

[quote user="valerii7"]1) MCUBOOT with activated FPROTECT will do only write protection, I'm curious, why not both read and write? Is there any reason not to protect the bootloader from reading as well?[/quote]

Immutability only requires write-protection. As our bootloader is open source either way, I guess it is not any real reason to read-protect it.

Not read-protecting MCUboot also allows for some features such as reading bootloader version or public key from the application. Not that those features are very well supported but at least they are possible.

As you can hear, there are no really definitive reasins either for or against this as far as I know.

[quote user="valerii7"]2) "... This is why the application cannot access the SPU... " - that's a bit confusing, AFAIK MCUBOOT also belongs to NSPE but still has access to SPU. So why it works for mcuboot, but doesn't work for the app?[/quote]

No, MCUboot runs before TF-M+App. So MCUboot runs in "secure-only". It does not have any TF-M, meanining it does not have the NSPE/SPE split => MCUboot has access to everything.

[quote user="valerii7"]3) "you would have to use nrfx libraries directly to write to the SPU." - do I understand this correctly, that the proposed solution is basically to use SPU registers "directly", without involving device tree and FPROTECT library?[/quote]

Yes. TF-M does not use Zephyr, and therefore does not have access to devicetree or FPROTECT.

[quote user="valerii7"]4) one more question - would it be possible to program protection mode over SWD, without bootloader/app code? Something like in STM32 where read/write flash protection can be enabled without any dedicated code, only through a JTAG/SWD. If yes, what would be the tool/command for that?[/quote]

You can write directly to registers using SWD, so almost yes.
However, FPROTECT is not persistent, so this would be undone upon a power cycle.

An alternative to writing from TF-M would be to add custom code to MCUboot to make MCUboot protect the application+TF-M before it boots. Not entirely sure how this would work with TF-M since TF-M uses the SPU to set Secure/Non-Secure to stuff when it starts though.

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

valerii7 — Fri, 27 Dec 2024 14:29:23 GMT

Ok, thank you for the answers. I have a couple more questions now:

1) MCUBOOT with activated FPROTECT will do only write protection, I'm curious, why not both read and write? Is there any reason not to protect the bootloader from reading as well?

2) "... This is why the application cannot access the SPU... " - that's a bit confusing, AFAIK MCUBOOT also belongs to NSPE but still has access to SPU. So why it works for mcuboot, but doesn't work for the app?

3) "you would have to use nrfx libraries directly to write to the SPU." - do I understand this correctly, that the proposed solution is basically to use SPU registers "directly", without involving device tree and FPROTECT library?

4) one more question - would it be possible to program protection mode over SWD, without bootloader/app code? Something like in STM32 where read/write flash protection can be enabled without any dedicated code, only through a JTAG/SWD. If yes, what would be the tool/command for that?

Best regards, Valerii

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

Sigurd Hellesvik — Fri, 27 Dec 2024 13:50:38 GMT

[quote user="valerii7"]Not completely, it fails with the same CMake error if I add only CONFIG_FPROTECT in child_image/mcuboot.conf But if I also add CONFIG_NORDIC_SECURITY_BACKEND it will compile ok.[/quote]

I guess that makes sense.

Nice, then we got protection the bootloader it seems.

[quote user=""]My research showed that the device tree for NS board has no SPU, ficr and uicr peripherals (why??). And if I try to add these peripherals in a device tree overlay file I get following compilation errors:[/quote]

With TF-M (_ns), your application is split in two:

NSPE and SPE. See An Introduction to Trusted Firmware-M (TF-M) .

Your Zephyr application is NSPE, while the SPE has access to the SPU. I guess that the same would be true for FICR and UICR as well. This is why the application cannot access the SPU.

To use FPROTECT from TF-M, you can for an custom secure service. See the TF-M secure peripheral partition sample for how this can be done. This does not support Zephyr, so you would have to use nrfx libraries directly to write to the SPU.

Did this make sense?

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

valerii7 — Fri, 27 Dec 2024 12:26:14 GMT

Not completely, it fails with the same CMake error if I add only CONFIG_FPROTECT in child_image/mcuboot.conf But if I also add CONFIG_NORDIC_SECURITY_BACKEND it will compile ok.

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

Sigurd Hellesvik — Fri, 27 Dec 2024 11:53:00 GMT

[quote user="valerii7"]no, I'm using "Build system default" in the build configuration (I assume in the v2.7.0 SDK and toolchain this means usage of an older "Multi-image build" approach with parent and child images).[/quote]

I have experienced that it can vary. I recommend explicitly selecting either with or without sysbuild. This way you will know for sure and we wont have to guess.

Anyhow, for Multi-image builds:

[quote user="valerii7"]2) I want to protect my bootloader from read/write over SWD interface, I also would like to protect my application in the same way;[/quote]

Let us start by protecting the bootloader.

Then set CONFIG_FPROTECT in child_image/mcuboot.conf only.

Does this work as expected?

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

valerii7 — Fri, 27 Dec 2024 11:49:47 GMT

Hi,

no, I'm using "Build system default" in the build configuration (I assume in the v2.7.0 SDK and toolchain this means usage of an older "Multi-image build" approach with parent and child images).

Best regards, Valerii

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

Sigurd Hellesvik — Fri, 27 Dec 2024 11:41:08 GMT

One more question before I start answering
Do you use Sysbuild to build your project?

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

valerii7 — Fri, 27 Dec 2024 11:29:48 GMT

Hi Sigurd,

1) I'm setting "CONFIG_FPROTECT=y" in prj.conf

2) I want to protect my bootloader from read/write over SWD interface, I also would like to protect my application in the same way;

3) yes, I tried with mqtt sample from Nordic ("C:\ncs\v2.7.0\nrf\samples\net\mqtt"), simple adding "CONFIG_FPROTECT=y" into the prj.conf causes the "CMake Error at C:/ncs/v2.7.0/nrf/lib/fprotect/CMakeLists.txt:15 (message):
No fprotect backend selected". Adding "CONFIG_NORDIC_SECURITY_BACKEND=y" doesn't help.

Best regards, Valerii

RE: Can't use CONFIG_FPROTECT=y in MCUBOOT+APP (with TFM), compilation results in "No fprotect backend selected." CMake error

Sigurd Hellesvik — Fri, 27 Dec 2024 11:09:29 GMT

Hi,

[quote user=""]I wanted to enable read/write protection for MCUBOOT partition in my firmware from the application [/quote]

Which configuration do you set and where?

What do you want to protect?

Do you get the same issue without MCUboot?

Regards,
Sigurd Hellesvik