bootloader: Lock KMU keys

This commit adds locking of KMU keys used by NSIB
for signature verification when they are no longer
needed.
This way, the next stage will not be able to use
these keys.

Signed-off-by: Artur Hadasz <[email protected]>

Author: ahasztag

include/bl_crypto.h

@@ -101,6 +101,16 @@ int bl_root_of_trust_verify_external(const uint8_t *public_key,
 				     const uint8_t *firmware,
 				     const uint32_t firmware_len);
 
+/**
+ * @brief Perform root of trust housekeeping operations.
+ *
+ * This function performs cleanup and security housekeeping tasks for the
+ * root of trust crypto subsystems. It ensures that cryptographic keys are
+ * properly secured and non-essential key material is removed from volatile
+ * memory after the bootloader no longer needs access to them.
+ */
+void bl_root_of_trust_housekeeping(void);
+
 /**
  * @brief Initialize a sha256 operation context variable.
  *
@@ -271,6 +281,17 @@ int bl_ed25519_validate(const uint8_t *hash,
 			uint32_t hash_len,
 			const uint8_t *signature);
 
+/**
+ * @brief Perform ED25519 key storage housekeeping operations.
+ *
+ * This function performs crypto key storage housekeeping for ED25519 keys.
+ * It iterates through KMU (Key Management Unit) keys, applies security
+ * policies by locking them, and purges key material from volatile memory.
+ * This ensures keys are secured and memory is cleaned up after the bootloader
+ * completes its cryptographic operations.
+ */
+void bl_ed25519_keys_housekeeping(void);
+
 /**
  * @brief Structure describing the BL_ROT_VERIFY EXT_API.
  */

include/bl_validation.h

@@ -93,6 +93,20 @@ int get_monotonic_version(counter_t *version_out);
  */
 int get_monotonic_slot(counter_t *slot_out);
 
+/**
+ * @brief Perform validation of trust housekeeping operations.
+ *
+ * This function performs validation-related housekeeping tasks
+ * It ensures that cryptographic keys and validation-related resources
+ * are properly secured and cleaned up after validation operations are completed.
+ *
+ * Call this function only if you are certain that either the currently
+ * validated S0/S1 image will be booted, or that neither image will be booted.
+ * Otherwise, invoking this function could prevent the alternate image
+ * from booting in the event the current validation fails at a later stage.
+ */
+void bl_validate_housekeeping(void);
+
   /** @} */
 
 #ifdef __cplusplus

samples/bootloader/src/main.c

@@ -122,6 +122,14 @@ static void validate_and_boot(const struct fw_info *fw_info, counter_t slot)
 		}
 	}
 
+	/*
+	 * We can lock the keys and other resources now, as any failures
+	 * in the bl_boot function are considered fatal and would prevent
+	 * the alternate image from booting as well.
+	 * Thus, we meet the criteria for calling bl_validate_housekeeping.
+	 */
+	bl_validate_housekeeping();
+
 	bl_boot(fw_info);
 }
 
@@ -156,5 +164,6 @@ int main(void)
 	}
 
 	printk("No bootable image found. Aborting boot.\r\n");
+	bl_validate_housekeeping();
 	return 0;
 }

subsys/bootloader/bl_crypto/bl_crypto.c

@@ -129,6 +129,13 @@ int bl_root_of_trust_verify_external(
 					firmware, firmware_len, true);
 }
 
+void bl_root_of_trust_housekeeping(void)
+{
+#if defined(CONFIG_SB_CRYPTO_PSA_ED25519)
+	bl_ed25519_keys_housekeeping();
+#endif
+}
+
 #if !defined(CONFIG_BL_SHA256_EXT_API_REQUIRED) && !defined(CONFIG_SB_CRYPTO_NONE)
 int bl_sha256_verify(const uint8_t *data, uint32_t data_len, const uint8_t *expected)
 {

subsys/bootloader/bl_crypto/bl_crypto_ed25519.c

@@ -28,6 +28,32 @@ static psa_key_id_t kmu_key_ids[] =  {
 BUILD_ASSERT(INT8_MAX >= ARRAY_SIZE(kmu_key_ids),
 		"Number of KMU keys too big");
 
+void bl_ed25519_keys_housekeeping(void)
+{
+	psa_status_t status;
+
+	/* We will continue through all keys, even if we have error while
+	 * processing any of it. Only doing BOOT_LOG_DBG, as we do not
+	 * really want to inform on failures to lock.
+	 */
+	for (int i = 0; i < ARRAY_SIZE(kmu_key_ids); ++i) {
+		psa_key_attributes_t attr;
+
+		status = psa_get_key_attributes(kmu_key_ids[i], &attr);
+		LOG_DBG("KMU key 0x%x(%d) attr query status == %d",
+			kmu_key_ids[i], i, status);
+
+		if (status == PSA_SUCCESS) {
+			status = cracen_kmu_block(&attr);
+			LOG_DBG("KMU key lock status == %d", status);
+		}
+
+		status = psa_purge_key(kmu_key_ids[i]);
+		LOG_DBG("KMU key 0x%x(%d) purge status == %d",
+			kmu_key_ids[i], i, status);
+	}
+}
+
 int bl_ed25519_validate(const uint8_t *data, uint32_t data_len, const uint8_t *signature)
 {
 	psa_status_t status = PSA_ERROR_BAD_STATE;

subsys/bootloader/bl_validation/bl_validation.c

@@ -524,6 +524,11 @@ bool bl_validate_firmware_local(uint32_t fw_address, const struct fw_info *fwinf
 {
 	return validate_firmware(fw_address, fw_address, fwinfo, false);
 }
+
+void bl_validate_housekeeping(void)
+{
+	bl_root_of_trust_housekeeping();
+}
 #endif
 
 bool bl_validate_firmware_available(void)