suit: manifest-controlled variables

Support for SUIT manifest-controlled variables

Ref: NCSDK-30530

Signed-off-by: Sylwester Konczyk <[email protected]>

Author: SylwesterKonczyk

subsys/suit/CMakeLists.txt

@@ -22,3 +22,4 @@ add_subdirectory_ifdef(CONFIG_SUIT_EXECUTION_MODE execution_mode)
 add_subdirectory_ifdef(CONFIG_SUIT_VALIDATOR validator)
 add_subdirectory_ifdef(CONFIG_SUIT_EVENTS events)
 add_subdirectory_ifdef(CONFIG_SUIT_RECOVERY_BUTTON recovery_button)
+add_subdirectory_ifdef(CONFIG_SUIT_MANIFEST_VARIABLES manifest_variables)

subsys/suit/Kconfig

@@ -148,6 +148,7 @@ config SUIT_ENABLE_DEFAULTS_SDFW
 	imply SUIT_DIGEST
 	imply SUIT_DIGEST_CACHE
 	imply SUIT_IPUC
+	imply SUIT_MANIFEST_VARIABLES
 	imply SUIT_CHECK_IMAGE_MATCH
 	imply SUIT_MCI
 	imply SUIT_METADATA
@@ -199,6 +200,7 @@ rsource "memory_layout/Kconfig"
 rsource "validator/Kconfig"
 rsource "events/Kconfig"
 rsource "recovery_button/Kconfig"
+rsource "manifest_variables/Kconfig"
 
 # Configure SUIT_LOG_LEVEL
 module = SUIT

subsys/suit/manifest_variables/CMakeLists.txt

@@ -0,0 +1,16 @@
+#
+# Copyright (c) 2024 Nordic Semiconductor ASA
+#
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+#
+
+# Module giving an access to manifest-accessible variables and configuration data
+zephyr_interface_library_named(suit_manifest_variables)
+target_include_directories(suit_manifest_variables INTERFACE include)
+
+zephyr_library()
+zephyr_library_sources_ifdef(CONFIG_SUIT_MANIFEST_VARIABLES_IMPL_SDFW src/suit_manifest_variables.c)
+
+zephyr_library_link_libraries(suit_manifest_variables)
+zephyr_library_link_libraries(suit_platform_err)
+zephyr_library_link_libraries(suit_storage_interface)

subsys/suit/manifest_variables/Kconfig

@@ -0,0 +1,72 @@
+#
+# Copyright (c) 2024 Nordic Semiconductor ASA
+#
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+#
+
+config SUIT_MANIFEST_VARIABLES
+	bool "Enable SUIT manifest-accessible variables support"
+
+if SUIT_MANIFEST_VARIABLES
+
+choice SUIT_MANIFEST_VARIABLES_IMPL
+	prompt "Implementation selection"
+	default SUIT_MANIFEST_VARIABLES_IMPL_SDFW if SUIT_PLATFORM_VARIANT_SDFW
+	default SUIT_MANIFEST_VARIABLES_IMPL_IPC if SUIT_PLATFORM_VARIANT_APP
+
+config SUIT_MANIFEST_VARIABLES_IMPL_SDFW
+	bool "SDFW"
+
+config SUIT_MANIFEST_VARIABLES_IMPL_IPC
+	bool "IPC"
+
+endchoice
+
+# Manifest-controlled, NVM-stored variable.
+# Can be modified by Application, Radio Manifests
+# and by IPC clients running on Application and Radio Domains.
+
+config SUIT_MANIFEST_VARIABLES_NVM_BASE_ID
+	int
+	default 0
+
+config SUIT_MANIFEST_VARIABLES_NVM_COUNT
+	int
+	default 8
+
+config SUIT_MANIFEST_VARIABLES_NVM_ACCESS_MASK
+	hex
+	default 0x0D
+
+# Platform-controlled, RAM-stored variable.
+# Manifests and IPC clients are not allowed to modify it.
+
+config SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID
+	int
+	default 128
+
+config SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_COUNT
+	int
+	default 2
+
+config SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_ACCESS_MASK
+	hex
+	default 0x00
+
+# Manifest-controlled, RAM-stored variable.
+# Can be modified by Application and Radio Manifests.
+# IPC clients are not allowed to modify it.
+
+config SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID
+	int
+	default 256
+
+config SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_COUNT
+	int
+	default 4
+
+config SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_ACCESS_MASK
+	hex
+	default 0x0C
+
+endif

subsys/suit/manifest_variables/include/suit_manifest_variables.h

@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2024 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+ */
+
+/** @file
+ * @brief SUIT Manifest-accessible variables.
+ *
+ * @details Variables are readable by any SUIT manifest, the SDFW and the IPC
+ * clients, modifiability of variables depends on access mask.
+ */
+
+#ifndef SUIT_MANIFEST_VARIABLES_H__
+#define SUIT_MANIFEST_VARIABLES_H__
+
+#include <stdint.h>
+#include <suit_plat_err.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** Selected IPC clients are allowed to modify a variable, i.e:
+ * MFST_VAR_ACCESS_IPC | MFST_VAR_ACCESS_APP means that variable can be modified
+ * by App Domain SUIT manifests and IPC clients executed on App Domain cores
+ *
+ */
+#define MFST_VAR_ACCESS_IPC 0x01
+
+/* Nordic Top, Secure Domain, System Controller manifests are allowed
+ * to modify a variable, modifiability by System Controller IPC client
+ * depends on MFST_VAR_ACCESS_IPC
+ */
+#define MFST_VAR_ACCESS_SEC 0x02
+
+/* Root, App Domain manifests are allowed to modify a variable, modifiability by
+ * App Domain IPC client depends on MFST_VAR_ACCESS_IPC
+ */
+#define MFST_VAR_ACCESS_APP 0x04
+
+/* Radio Domain manifests are allowed to modify a variable, modifiability by
+ * Radio Domain IPC client depends on MFST_VAR_ACCESS_IPC
+ */
+#define MFST_VAR_ACCESS_RAD 0x08
+
+/**
+ * @brief Modify a variable value
+ *
+ * @param[in]  id			Variable Identifier
+ * @param[in]  val			Value to assigned to variable
+ *
+ * @retval SUIT_PLAT_SUCCESS		On success.
+ * @retval SUIT_PLAT_ERR_NOT_FOUND	Variable with given id is not supported.
+ * @retval SUIT_PLAT_ERR_SIZE		Applies to NVM-based variables. Given val
+ *					exceeds 8 bits.
+ * @retval SUIT_PLAT_ERR_IO		Storage backend was unable to modify NVM content.
+ */
+suit_plat_err_t suit_mfst_var_set(uint32_t id, uint32_t val);
+
+/**
+ * @brief Read out a variable value
+ *
+ * @param[in]   id			Variable Identifier
+ * @param[out]  val			Value to assigned to variable
+ *
+ * @retval SUIT_PLAT_SUCCESS		On success.
+ * @retval SUIT_PLAT_ERR_NOT_FOUND	Variable with given id is not supported.
+ * @retval SUIT_PLAT_ERR_INVAL          Invalid parameter, i.e. null pointer
+ * @retval SUIT_PLAT_ERR_IO		Storage backend was unable to read out NVM content.
+ */
+suit_plat_err_t suit_mfst_var_get(uint32_t id, uint32_t *val);
+
+/**
+ * @brief Read out an access mask
+ *
+ * @note Module does not enforce variable access privileges, but provides
+ *	 information about access mask, so privileges can be enforced
+ *       on client of this module.
+ *
+ * @param[in]   id			Variable Identifier
+ * @param[out]  access_mask		Access mask
+ *
+ * @retval SUIT_PLAT_SUCCESS		On success.
+ * @retval SUIT_PLAT_ERR_NOT_FOUND	Variable with given id is not supported.
+ * @retval SUIT_PLAT_ERR_INVAL          Invalid parameter, i.e. null pointer
+ */
+suit_plat_err_t suit_mfst_var_get_access_mask(uint32_t id, uint32_t *access_mask);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* SUIT_MANIFEST_VARIABLES_H__ */

subsys/suit/manifest_variables/src/suit_manifest_variables.c

@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2024 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+ */
+
+#include <suit_manifest_variables.h>
+#include <suit_storage.h>
+#include <zephyr/logging/log.h>
+
+LOG_MODULE_REGISTER(suit_mfst_vars, CONFIG_SUIT_LOG_LEVEL);
+
+static uint32_t plat_volatile_values[CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_COUNT];
+static uint32_t mfst_volatile_values[CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_COUNT];
+
+suit_plat_err_t suit_mfst_var_get_access_mask(uint32_t id, uint32_t *access_mask)
+{
+	if (access_mask == NULL) {
+		return SUIT_PLAT_ERR_INVAL;
+	}
+
+	if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID &&
+	    id < CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID +
+			    CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_COUNT) {
+
+		*access_mask = CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_ACCESS_MASK;
+		return SUIT_PLAT_SUCCESS;
+
+	} else if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID &&
+		   id < CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID +
+				   CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_COUNT) {
+
+		*access_mask = CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_ACCESS_MASK;
+		return SUIT_PLAT_SUCCESS;
+
+	} else if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID &&
+		   id < CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID +
+				   CONFIG_SUIT_MANIFEST_VARIABLES_NVM_COUNT) {
+
+		*access_mask = CONFIG_SUIT_MANIFEST_VARIABLES_NVM_ACCESS_MASK;
+		return SUIT_PLAT_SUCCESS;
+	}
+
+	LOG_ERR("Variable does not exist, id: %d", id);
+	return SUIT_PLAT_ERR_NOT_FOUND;
+}
+
+suit_plat_err_t suit_mfst_var_set(uint32_t id, uint32_t val)
+{
+	if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID &&
+	    id < CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID +
+			    CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_COUNT) {
+
+		uint32_t idx = id - CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID;
+
+		plat_volatile_values[idx] = val;
+		return SUIT_PLAT_SUCCESS;
+
+	} else if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID &&
+		   id < CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID +
+				   CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_COUNT) {
+
+		uint32_t idx = id - CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID;
+
+		mfst_volatile_values[idx] = val;
+		return SUIT_PLAT_SUCCESS;
+
+	} else if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID &&
+		   id < CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID +
+				   CONFIG_SUIT_MANIFEST_VARIABLES_NVM_COUNT) {
+
+		if (val > 0xFF) {
+			/* size of NVM based variable is limited to 8 bits
+			 */
+			return SUIT_PLAT_ERR_SIZE;
+		}
+
+		uint32_t idx = id - CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID;
+
+		if (suit_storage_var_set(idx, val) == SUIT_PLAT_SUCCESS) {
+			return SUIT_PLAT_SUCCESS;
+		}
+
+		LOG_ERR("Cannot set persistent variable, idx: %d", idx);
+
+		return SUIT_PLAT_ERR_IO;
+	}
+
+	LOG_ERR("Variable does not exist, id: %d", id);
+	return SUIT_PLAT_ERR_NOT_FOUND;
+}
+
+suit_plat_err_t suit_mfst_var_get(uint32_t id, uint32_t *val)
+{
+	if (val == NULL) {
+		return SUIT_PLAT_ERR_INVAL;
+	}
+
+	if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID &&
+	    id < CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID +
+			    CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_COUNT) {
+
+		uint32_t idx = id - CONFIG_SUIT_MANIFEST_VARIABLES_PLAT_VOLATILE_BASE_ID;
+
+		*val = plat_volatile_values[idx];
+		return SUIT_PLAT_SUCCESS;
+
+	} else if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID &&
+		   id < CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID +
+				   CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_COUNT) {
+
+		uint32_t idx = id - CONFIG_SUIT_MANIFEST_VARIABLES_MFST_VOLATILE_BASE_ID;
+
+		*val = mfst_volatile_values[idx];
+		return SUIT_PLAT_SUCCESS;
+
+	} else if (id >= CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID &&
+		   id < CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID +
+				   CONFIG_SUIT_MANIFEST_VARIABLES_NVM_COUNT) {
+
+		uint32_t idx = id - CONFIG_SUIT_MANIFEST_VARIABLES_NVM_BASE_ID;
+		uint8_t nvm_val = 0;
+
+		if (suit_storage_var_get(idx, &nvm_val) == SUIT_PLAT_SUCCESS) {
+			*val = nvm_val;
+			return SUIT_PLAT_SUCCESS;
+		}
+
+		LOG_ERR("Cannot get persistent variable, idx: %d", idx);
+		return SUIT_PLAT_ERR_IO;
+	}
+
+	LOG_ERR("Variable does not exist, id: %d", id);
+	return SUIT_PLAT_ERR_NOT_FOUND;
+}