boot/zephyr: Add fault injection hardening profile to Zephyr config

Add fault injection hardening profile configuration to Zephyr config. Default config is to not have any hardening in SW against hardware level fault injection like clock or power glitching, EM pulse, laser beam, etc. Change-Id: I67d22d257ead83e1e288de0ee7621aac32bf50eb Signed-off-by: Tamas Ban <tamas.ban@arm.com> Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2020-07-10 12:40:11 +01:00 · 2020-07-10 12:40:11 +01:00 · fce873364e
parent e8fe6cf259
commit fce873364e
3 changed files with 59 additions and 1 deletions
--- a/boot/zephyr/CMakeLists.txt
+++ b/boot/zephyr/CMakeLists.txt
@ -100,8 +100,15 @@ zephyr_library_sources(
  ${BOOT_DIR}/bootutil/src/image_ec256.c
  ${BOOT_DIR}/bootutil/src/image_ed25519.c
  ${BOOT_DIR}/bootutil/src/bootutil_misc.c
+  ${BOOT_DIR}/bootutil/src/fault_injection_hardening.c
  )

+if(CONFIG_BOOT_FIH_PROFILE_HIGH)
+zephyr_library_sources(
+  ${BOOT_DIR}/bootutil/src/fault_injection_hardening_delay_rng_mbedtls.c
+  )
+endif()
+
 if(CONFIG_SINGLE_APPLICATION_SLOT)
 zephyr_library_sources(
  ${BOOT_DIR}/zephyr/single_loader.c
@ -117,7 +124,6 @@ zephyr_library_sources(
  )
 endif()

-
 if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256)
  zephyr_library_include_directories(
    ${MBEDTLS_ASN1_DIR}/include
--- a/boot/zephyr/Kconfig
+++ b/boot/zephyr/Kconfig
@ -297,6 +297,42 @@ config BOOT_SHARE_DATA
 	bool "Save application specific data in shared memory area"
 	default n

+choice
+	prompt "Fault injection hardening profile"
+	default BOOT_FIH_PROFILE_OFF
+
+config BOOT_FIH_PROFILE_OFF
+	bool "No hardening against hardware level fault injection"
+	help
+	  No hardening in SW against hardware level fault injection: power or
+	  clock glitching, etc.
+
+config BOOT_FIH_PROFILE_LOW
+	bool "Moderate level hardening against hardware level fault injection"
+	help
+	  Moderate level hardening: Long global fail loop to avoid break out,
+	  control flow integrity check to discover discrepancy in expected code
+	  flow.
+
+config BOOT_FIH_PROFILE_MEDIUM
+	bool "Medium level hardening against hardware level fault injection"
+	help
+	  Medium level hardening: Long global fail loop to avoid break out,
+	  control flow integrity check to discover discrepancy in expected code
+	  flow, double variables to discover register or memory corruption.
+
+config BOOT_FIH_PROFILE_HIGH
+	bool "Maximum level hardening against hardware level fault injection"
+	select MBEDTLS
+	help
+	  Maximum level hardening: Long global fail loop to avoid break out,
+	  control flow integrity check to discover discrepancy in expected code
+	  flow, double variables to discover register or memory corruption, random
+	  delays to make code execution less predictable. Random delays requires an
+	  entropy source.
+
+endchoice
+
 config BOOT_WAIT_FOR_USB_DFU
 	bool "Wait for a prescribed duration to see if USB DFU is invoked"
 	default n
--- a/boot/zephyr/include/mcuboot_config/mcuboot_config.h
+++ b/boot/zephyr/include/mcuboot_config/mcuboot_config.h
@ -125,6 +125,22 @@
 #define MCUBOOT_DATA_SHARING
 #endif

+#ifdef CONFIG_BOOT_FIH_PROFILE_OFF
+#define MCUBOOT_FIH_PROFILE_OFF
+#endif
+
+#ifdef CONFIG_BOOT_FIH_PROFILE_LOW
+#define MCUBOOT_FIH_PROFILE_LOW
+#endif
+
+#ifdef CONFIG_BOOT_FIH_PROFILE_MEDIUM
+#define MCUBOOT_FIH_PROFILE_MEDIUM
+#endif
+
+#ifdef CONFIG_BOOT_FIH_PROFILE_HIGH
+#define MCUBOOT_FIH_PROFILE_HIGH
+#endif
+
 /*
 * Enabling this option uses newer flash map APIs. This saves RAM and
 * avoids deprecated API usage.