[SL-UP] Migrate matter certificates on Series3 to a different location (#603)

Author: jmartinez-silabs

examples/platform/silabs/MatterConfig.cpp

@@ -262,6 +262,9 @@ CHIP_ERROR SilabsMatterConfig::InitMatter(const char * appName)
     mbedtls_platform_set_calloc_free(CHIPPlatformMemoryCalloc, CHIPPlatformMemoryFree);
     ReturnErrorOnFailure(chip::Platform::MemoryInit());
     ReturnErrorOnFailure(WifiInterface::GetInstance().InitWiFiStack());
+    // Needs to be done post InitWifiStack for 917.
+    // TODO move it in InitWiFiStack
+    GetPlatform().NvmInit();
 
 #if CHIP_CONFIG_ENABLE_ICD_SERVER
     ReturnErrorOnFailure(WifiSleepManager::GetInstance().Init(&WifiInterface::GetInstance(), &WifiInterface::GetInstance()));

src/platform/silabs/KeyValueStoreManagerImpl.cpp

@@ -24,6 +24,7 @@
 #include "MigrationManager.h"
 #include <cmsis_os2.h>
 #include <crypto/CHIPCryptoPAL.h>
+#include <lib/support/ScopedBuffer.h>
 #include <platform/CHIPDeviceLayer.h>
 #include <platform/KeyValueStoreManager.h>
 #include <platform/silabs/SilabsConfig.h>
@@ -51,10 +52,6 @@ KeyValueStoreManagerImpl KeyValueStoreManagerImpl::sInstance;
 
 CHIP_ERROR KeyValueStoreManagerImpl::Init(void)
 {
-    ReturnErrorOnFailure(SilabsConfig::Init());
-
-    Silabs::MigrationManager::GetMigrationInstance().applyMigrations();
-
     memset(mKvsKeyMap, 0, sizeof(mKvsKeyMap));
     size_t outLen    = 0;
     CHIP_ERROR error = SilabsConfig::ReadConfigValueBin(SilabsConfig::kConfigKey_KvsStringKeyMap,
@@ -275,33 +272,41 @@ void KeyValueStoreManagerImpl::ErasePartition(void)
 
 void KeyValueStoreManagerImpl::KvsMapMigration(void)
 {
-    size_t readlen                                                                        = 0;
-    constexpr uint8_t oldMaxEntires                                                       = 120;
-    char mKvsStoredKeyString[oldMaxEntires][PersistentStorageDelegate::kKeyLengthMax + 1] = { 0 };
-    CHIP_ERROR err =
-        SilabsConfig::ReadConfigValueBin(SilabsConfig::kConfigKey_KvsStringKeyMap, reinterpret_cast<uint8_t *>(mKvsStoredKeyString),
-                                         sizeof(mKvsStoredKeyString), readlen);
+// this migration precedes Series 3, we don't need to run it in that case
+#ifndef _SILICON_LABS_32B_SERIES_3
+    size_t readlen                 = 0;
+    constexpr size_t oldMaxEntries = 120;
+    uint32_t maxStringLen          = 33; // determined by constant PersistentStorageDelegate::kKeyLengthMax + 1 before migration
+    Platform::ScopedMemoryBuffer<char> mKvsStoredKeyString;
+    mKvsStoredKeyString.Alloc(oldMaxEntries * maxStringLen);
+
+    VerifyOrReturn(mKvsStoredKeyString.Get() != nullptr);
+
+    CHIP_ERROR err = SilabsConfig::ReadConfigValueBin(SilabsConfig::kConfigKey_KvsStringKeyMap,
+                                                      reinterpret_cast<uint8_t *>(mKvsStoredKeyString.Get()),
+                                                      oldMaxEntries * maxStringLen, readlen);
 
     if (err == CHIP_NO_ERROR)
     {
-        for (uint8_t i = 0; i < oldMaxEntires; i++)
+        for (uint8_t i = 0; i < std::min(oldMaxEntries, KeyValueStoreManagerImpl::kMaxEntries); i++)
         {
-            if (mKvsStoredKeyString[i][0] != 0)
+            char * keyString = mKvsStoredKeyString.Get() + (i * maxStringLen);
+            if (keyString[0] != 0)
             {
                 size_t dataLen   = 0;
                 uint32_t nvm3Key = CONVERT_KEYMAP_INDEX_TO_NVM3KEY(i);
 
                 if (SilabsConfig::ConfigValueExists(nvm3Key, dataLen))
                 {
                     // Read old data and prefix it with the string Key for the collision prevention mechanism.
-                    size_t keyStringLen    = strlen(mKvsStoredKeyString[i]);
+                    size_t keyStringLen    = strlen(keyString);
                     uint8_t * prefixedData = static_cast<uint8_t *>(Platform::MemoryAlloc(keyStringLen + dataLen));
                     VerifyOrDie(prefixedData != nullptr);
-                    memcpy(prefixedData, mKvsStoredKeyString[i], keyStringLen);
+                    memcpy(prefixedData, keyString, keyStringLen);
 
                     SilabsConfig::ReadConfigValueBin(nvm3Key, prefixedData + keyStringLen, dataLen, readlen);
                     SilabsConfig::WriteConfigValueBin(nvm3Key, prefixedData, keyStringLen + dataLen);
-                    mKvsKeyMap[i] = KeyValueStoreMgrImpl().hashKvsKeyString(mKvsStoredKeyString[i]);
+                    mKvsKeyMap[i] = KeyValueStoreMgrImpl().hashKvsKeyString(keyString);
                     Platform::MemoryFree(prefixedData);
                 }
             }
@@ -315,6 +320,7 @@ void KeyValueStoreManagerImpl::KvsMapMigration(void)
         // start with a fresh kvs section.
         KeyValueStoreMgrImpl().ErasePartition();
     }
+#endif
 }
 
 void KeyValueStoreManagerImpl::KvsKeyMapCleanup(void * argument)

src/platform/silabs/MigrationManager.cpp

@@ -16,10 +16,19 @@
  */
 
 #include "MigrationManager.h"
+#include "sl_component_catalog.h"
+#include "sl_core.h"
+#include <headers/ProvisionManager.h>
+#include <headers/ProvisionStorage.h>
+#include <lib/support/CodeUtils.h>
+#include <lib/support/ScopedBuffer.h>
+#include <lib/support/Span.h>
 #include <platform/CHIPDeviceLayer.h>
 #include <platform/silabs/SilabsConfig.h>
 #include <stdio.h>
 
+extern uint8_t linker_static_secure_tokens_begin; // Symbol defined by the linker script needed for MigrateS3Certificates
+
 using namespace ::chip::DeviceLayer::Internal;
 using namespace ::chip::DeviceLayer::PersistedStorage;
 
@@ -35,25 +44,46 @@ typedef struct
     func_ptr migrationFunc;
 } migrationData_t;
 
-#define COUNT_OF(A) (sizeof(A) / sizeof((A)[0]))
 static migrationData_t migrationTable[] = {
     { .migrationGroup = 1, .migrationFunc = MigrateKvsMap },
     { .migrationGroup = 2, .migrationFunc = MigrateDacProvider },
     { .migrationGroup = 3, .migrationFunc = MigrateCounterConfigs },
     { .migrationGroup = 4, .migrationFunc = MigrateHardwareVersion },
+    { .migrationGroup = 5, .migrationFunc = MigrateS3Certificates },
     // add any additional migration neccesary. migrationGroup should stay equal if done in the same commit or increment by 1 for
     // each new entry.
 };
 
 } // namespace
 
-void MigrationManager::applyMigrations()
+void MigrationManager::ApplyMigrations()
 {
+#ifdef SL_CATALOG_ZIGBEE_ZCL_FRAMEWORK_CORE_PRESENT
+    // Suspend all other threads so they don't interfere with the migration
+    // This is mostly targeted to the zigbee task that overwrites our certificates
+    uint32_t threadCount = osThreadGetCount();
+    chip::Platform::ScopedMemoryBuffer<osThreadId_t> threadIdTable;
+    threadIdTable.Alloc(threadCount);
+    if (threadIdTable.Get() != nullptr)
+    {
+        //  Forms a table of the active thread ids
+        osThreadEnumerate(threadIdTable.Get(), threadCount);
+        for (uint8_t tIdIndex = 0; tIdIndex < threadCount; tIdIndex++)
+        {
+            osThreadId_t tId = threadIdTable[tIdIndex];
+            if (tId != osThreadGetId())
+            {
+                osThreadSuspend(tId);
+            }
+        }
+    }
+#endif // SL_CATALOG_ZIGBEE_ZCL_FRAMEWORK_CORE_PRESENT
+
     uint32_t lastMigationGroupDone = 0;
     SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_MigrationCounter, lastMigationGroupDone);
 
     uint32_t completedMigrationGroup = lastMigationGroupDone;
-    for (uint32_t i = 0; i < COUNT_OF(migrationTable); i++)
+    for (uint32_t i = 0; i < MATTER_ARRAY_SIZE(migrationTable); i++)
     {
         if (lastMigationGroupDone < migrationTable[i].migrationGroup)
         {
@@ -62,12 +92,27 @@ void MigrationManager::applyMigrations()
         }
     }
     SilabsConfig::WriteConfigValue(SilabsConfig::kConfigKey_MigrationCounter, completedMigrationGroup);
+
+#ifdef SL_CATALOG_ZIGBEE_ZCL_FRAMEWORK_CORE_PRESENT
+    // resume all threads
+    if (threadIdTable.Get() != nullptr)
+    {
+        for (uint8_t tIdIndex = 0; tIdIndex < threadCount; tIdIndex++)
+        {
+            osThreadId_t tId = threadIdTable[tIdIndex];
+            if (tId != osThreadGetId())
+            {
+                osThreadResume(tId);
+            }
+        }
+    }
+#endif // SL_CATALOG_ZIGBEE_ZCL_FRAMEWORK_CORE_PRESENT
 }
 
 void MigrationManager::MigrateUint16(uint32_t old_key, uint32_t new_key)
 {
     uint16_t value = 0;
-    if (SilabsConfig::ConfigValueExists(old_key) && (CHIP_NO_ERROR == SilabsConfig::ReadConfigValue(old_key, value)))
+    if (CHIP_NO_ERROR == SilabsConfig::ReadConfigValue(old_key, value))
     {
         if (CHIP_NO_ERROR == SilabsConfig::WriteConfigValue(new_key, value))
         {
@@ -80,7 +125,7 @@ void MigrationManager::MigrateUint16(uint32_t old_key, uint32_t new_key)
 void MigrationManager::MigrateUint32(uint32_t old_key, uint32_t new_key)
 {
     uint32_t value = 0;
-    if (SilabsConfig::ConfigValueExists(old_key) && (CHIP_NO_ERROR == SilabsConfig::ReadConfigValue(old_key, value)))
+    if (CHIP_NO_ERROR == SilabsConfig::ReadConfigValue(old_key, value))
     {
         if (CHIP_NO_ERROR == SilabsConfig::WriteConfigValue(new_key, value))
         {
@@ -132,6 +177,63 @@ void MigrateHardwareVersion(void)
     MigrationManager::MigrateUint16(kOldKey_HardwareVersion, SilabsConfig::kConfigKey_HardwareVersion);
 }
 
+void MigrateS3Certificates()
+{
+#ifdef _SILICON_LABS_32B_SERIES_3
+    uint32_t tokenStartAddr = reinterpret_cast<uint32_t>(&linker_static_secure_tokens_begin);
+    uint32_t secondPageAddr = tokenStartAddr + FLASH_PAGE_SIZE;
+    uint32_t credsBaseAddr  = 0;
+
+    // when credentials have been provided and stored in the first page of the static token location, we temporarely migrate them to
+    // the second page.
+    if (CHIP_NO_ERROR == SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_Base_Addr, credsBaseAddr) &&
+        (credsBaseAddr >= tokenStartAddr && credsBaseAddr < secondPageAddr))
+    {
+        uint32_t cdSize                = 0;
+        uint32_t dacSize               = 0;
+        uint32_t paiSize               = 0;
+        Provision::Manager & provision = Provision::Manager::GetInstance();
+
+        // Read the size of each credential type to determine the buffer size needed
+        VerifyOrReturn(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_CD_Size, cdSize) == CHIP_NO_ERROR);
+        VerifyOrReturn(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_DAC_Size, dacSize) == CHIP_NO_ERROR);
+        VerifyOrReturn(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_PAI_Size, paiSize) == CHIP_NO_ERROR);
+
+        // Depending on existing configuration, certifications could be overlapping from the first page to the second page.
+        // To mitigate any risk, we want to read all buffer before starting to move any of them.
+        // allocate buffers for each certificate.
+        // ScopedMemoryBuffer will automatically free the memory when it goes out of scope.
+        Platform::ScopedMemoryBuffer<uint8_t> dacBuffer;
+        Platform::ScopedMemoryBuffer<uint8_t> paiBuffer;
+        Platform::ScopedMemoryBuffer<uint8_t> cdBuffer;
+        dacBuffer.Alloc(dacSize);
+        VerifyOrReturn(dacBuffer.Get() != nullptr);
+        paiBuffer.Alloc(paiSize);
+        VerifyOrReturn(paiBuffer.Get() != nullptr);
+        cdBuffer.Alloc(cdSize);
+        VerifyOrReturn(cdBuffer.Get() != nullptr);
+
+        MutableByteSpan dacBufferSpan(dacBuffer.Get(), dacSize);
+        MutableByteSpan paiBufferSpan(paiBuffer.Get(), paiSize);
+        MutableByteSpan cdBufferSpan(cdBuffer.Get(), cdSize);
+
+        provision.Init();
+        // Read All certificates are the current location
+        VerifyOrReturn(provision.GetStorage().GetDeviceAttestationCert(dacBufferSpan) == CHIP_NO_ERROR);
+        VerifyOrReturn(provision.GetStorage().GetProductAttestationIntermediateCert(paiBufferSpan) == CHIP_NO_ERROR);
+        VerifyOrReturn(provision.GetStorage().GetCertificationDeclaration(cdBufferSpan) == CHIP_NO_ERROR);
+
+        provision.GetStorage().Initialize(0, 0);
+        provision.GetStorage().SetCredentialsBaseAddress(secondPageAddr);
+        // Write all certs back to the second page
+        // The first set/write, after an Initialize, erases the new page. We don't need to do it explicitly.
+        provision.GetStorage().SetDeviceAttestationCert(dacBufferSpan);
+        provision.GetStorage().SetProductAttestationIntermediateCert(paiBufferSpan);
+        provision.GetStorage().SetCertificationDeclaration(cdBufferSpan);
+    }
+#endif //_SILICON_LABS_32B_SERIES_3
+}
+
 } // namespace Silabs
 } // namespace DeviceLayer
 } // namespace chip

src/platform/silabs/MigrationManager.h

@@ -30,7 +30,7 @@ class MigrationManager
      * User should get the object from this getter.
      */
     static MigrationManager & GetMigrationInstance();
-    static void applyMigrations();
+    static void ApplyMigrations();
     static void MigrateUint16(uint32_t old_key, uint32_t new_key);
     static void MigrateUint32(uint32_t old_key, uint32_t new_key);
 
@@ -47,6 +47,7 @@ void MigrateKvsMap(void);
 void MigrateDacProvider(void);
 void MigrateCounterConfigs(void);
 void MigrateHardwareVersion(void);
+void MigrateS3Certificates(void);
 
 } // namespace Silabs
 } // namespace DeviceLayer

src/platform/silabs/platformAbstraction/BUILD.gn

@@ -24,6 +24,8 @@ source_set("common") {
     "${chip_root}/src/platform/silabs/platformAbstraction/SilabsPlatform.h",
     "${chip_root}/src/platform/silabs/platformAbstraction/SilabsPlatformBase.h",
   ]
+
+  include_dirs = [ "${chip_root}/src/platform/silabs" ]
   public_deps = [
     "${chip_root}/src/app/icd/server:icd-server-config",
     "${chip_root}/src/lib/core",

src/platform/silabs/platformAbstraction/GsdkSpam.cpp

@@ -96,6 +96,7 @@ SilabsPlatform::SilabsButtonCb SilabsPlatform::mButtonCallback = nullptr;
 
 CHIP_ERROR SilabsPlatform::Init(void)
 {
+    NvmInit();
 #ifdef _SILICON_LABS_32B_SERIES_2
     // Read the cause of last reset.
     mRebootCause = RMU_ResetCauseGet();

src/platform/silabs/platformAbstraction/SilabsPlatform.cpp

@@ -19,6 +19,7 @@
 
 #include <lib/support/CodeUtils.h>
 #include <platform/DiagnosticDataProvider.h>
+#include <platform/silabs/MigrationManager.h>
 #include <platform/silabs/SilabsConfig.h>
 #include <platform/silabs/platformAbstraction/SilabsPlatform.h>
 
@@ -41,6 +42,13 @@ CHIP_ERROR SilabsPlatform::VerifyIfUpdated()
     return CHIP_NO_ERROR;
 }
 
+CHIP_ERROR SilabsPlatform::NvmInit()
+{
+    ReturnErrorOnFailure(Internal::SilabsConfig::Init());
+    Silabs::MigrationManager::GetMigrationInstance().ApplyMigrations();
+    return CHIP_NO_ERROR;
+}
+
 } // namespace Silabs
 } // namespace DeviceLayer
 } // namespace chip

src/platform/silabs/platformAbstraction/SilabsPlatform.h

@@ -80,6 +80,13 @@ class SilabsPlatform : virtual public SilabsPlatformAbstractionBase
      */
     CHIP_ERROR VerifyIfUpdated();
 
+    /**
+     * @brief Initialize the nvm driver (e.g., NVM3), and execute any needed migrations.
+     *
+     * @return CHIP_ERROR : CHIP_NO_ERROR when succesful, a relevant CHIP_ERROR otherwise.
+     */
+    CHIP_ERROR NvmInit();
+
 private:
     friend SilabsPlatform & GetPlatform(void);