1*91f16700Schasinglulufvp_r-Platform Threat Model 2*91f16700Schasinglulu*************************** 3*91f16700Schasinglulu 4*91f16700Schasinglulu************************ 5*91f16700SchasingluluIntroduction 6*91f16700Schasinglulu************************ 7*91f16700SchasingluluThis document provides a threat model for TF-A fvp_r platform. 8*91f16700Schasinglulu 9*91f16700Schasinglulu************************ 10*91f16700SchasingluluTarget of Evaluation 11*91f16700Schasinglulu************************ 12*91f16700SchasingluluIn this threat model, the target of evaluation is the fvp_r platform of Trusted 13*91f16700SchasingluluFirmware for A-class Processors (TF-A). The fvp_r platform provides limited 14*91f16700Schasinglulusupport of AArch64 R-class Processors (v8-R64). 15*91f16700Schasinglulu 16*91f16700SchasingluluThis is a delta document, only pointing out differences from the general TF-A 17*91f16700Schasingluluthreat-model document, :ref:`Generic Threat Model` 18*91f16700Schasinglulu 19*91f16700SchasingluluBL1 Only 20*91f16700Schasinglulu======== 21*91f16700SchasingluluThe most fundamental difference between the threat model for the current fvp_r 22*91f16700Schasingluluimplementation compared to the general TF-A threat model, is that fvp_r is 23*91f16700Schasinglulucurrently limited to BL1 only. Any threats from the general TF-A threat model 24*91f16700Schasingluluunrelated to BL1 are therefore not relevant to the fvp_r implementation. 25*91f16700Schasinglulu 26*91f16700SchasingluluThe fvp_r BL1 implementation directly loads a customer/partner-defined runtime 27*91f16700Schasinglulusystem. The threat model for that runtime system, being partner-defined, is 28*91f16700Schasingluluout-of-scope for this threat-model. 29*91f16700Schasinglulu 30*91f16700SchasingluluRelatedly, all exceptions, synchronous and asynchronous, are disabled during BL1 31*91f16700Schasingluluexecution. So, any references to exceptions are not relevant. 32*91f16700Schasinglulu 33*91f16700SchasingluluEL3 is Unsupported and All Secure 34*91f16700Schasinglulu================================= 35*91f16700Schasingluluv8-R64 cores do not support EL3, and (essentially) all operation is defined as 36*91f16700SchasingluluSecure-mode. Therefore: 37*91f16700Schasinglulu 38*91f16700Schasinglulu - Any threats regarding NS operation are not relevant. 39*91f16700Schasinglulu 40*91f16700Schasinglulu - Any mentions of SMCs are also not relevant. 41*91f16700Schasinglulu 42*91f16700Schasinglulu - Anything otherwise-relevant code running in EL3 is instead run in EL2. 43*91f16700Schasinglulu 44*91f16700SchasingluluMPU instead of MMU 45*91f16700Schasinglulu================== 46*91f16700Schasingluluv8-R64 cores, running in EL2, use an MPU for memory management, rather than an 47*91f16700SchasingluluMMU. The MPU in the fvp_r implementation is configured to function effectively 48*91f16700Schasingluluidentically with the MMU for the usual BL1 implementation. There are 49*91f16700Schasinglulumemory-map differences, but the MPU configuration is functionally equivalent. 50*91f16700Schasinglulu 51*91f16700SchasingluluNo AArch32 Support 52*91f16700Schasinglulu================== 53*91f16700SchasingluluAnother substantial difference between v8-A and v8-R64 cores is that v8-R64 does 54*91f16700Schasinglulunot support AArch32. However, this is not believed to have any threat-modeling 55*91f16700Schasingluluramifications. 56*91f16700Schasinglulu 57*91f16700Schasinglulu 58*91f16700SchasingluluThreat Assessment 59*91f16700Schasinglulu================= 60*91f16700SchasingluluFor this section, please reference the Threat Assessment under the general TF-A 61*91f16700Schasingluluthreat-model document, :ref:`Generic Threat Model` 62*91f16700Schasinglulu 63*91f16700SchasingluluThe following threats from that document are still relevant to the fvp_r 64*91f16700Schasingluluimplementation: 65*91f16700Schasinglulu 66*91f16700Schasinglulu - ID 01: An attacker can mangle firmware images to execute arbitrary code. 67*91f16700Schasinglulu 68*91f16700Schasinglulu - ID 03: An attacker can use Time-of-Check-Time-of-Use (TOCTOU) attack to 69*91f16700Schasinglulu bypass image authentication during the boot process. 70*91f16700Schasinglulu 71*91f16700Schasinglulu - ID 04: An attacker with physical access can execute arbitrary image by 72*91f16700Schasinglulu bypassing the signature verification stage using clock- or power-glitching 73*91f16700Schasinglulu techniques. 74*91f16700Schasinglulu 75*91f16700Schasinglulu - ID 05: Information leak via UART logs such as crashes 76*91f16700Schasinglulu 77*91f16700Schasinglulu - ID 06: An attacker can read sensitive data and execute arbitrary code 78*91f16700Schasinglulu through the external debug and trace interface. 79*91f16700Schasinglulu 80*91f16700Schasinglulu - ID 08: Memory corruption due to memory overflows and lack of boundary 81*91f16700Schasinglulu checking when accessing resources could allow an attacker to execute 82*91f16700Schasinglulu arbitrary code, modify some state variable to change the normal flow of 83*91f16700Schasinglulu the program, or leak sensitive. 84*91f16700Schasinglulu 85*91f16700Schasinglulu - ID 11: Misconfiguration of the Memory Protection Unit (MPU) may allow 86*91f16700Schasinglulu normal world software to access sensitive data or execute arbitrary code. 87*91f16700Schasinglulu Arguably, MPUs having fewer memory regions, there may be a temptation to 88*91f16700Schasinglulu share memory regions, making this a greater threat. However, since the 89*91f16700Schasinglulu fvp_r implementation is limited to BL1, since BL1's regions are fixed, 90*91f16700Schasinglulu and since the MPU configuration is equivalent with that for the fvp 91*91f16700Schasinglulu platform and others, this is not expected to be a concern. 92*91f16700Schasinglulu 93*91f16700Schasinglulu - ID 15: Improper handling of input data received over a UART interface may 94*91f16700Schasinglulu allow an attacker to tamper with TF-A execution environment. 95*91f16700Schasinglulu 96*91f16700Schasinglulu 97*91f16700Schasinglulu-------------- 98*91f16700Schasinglulu 99*91f16700Schasinglulu*Copyright (c) 2021-2023, Arm Limited. All rights reserved.* 100