Threaded RPC with uVisor example
Warning: uVisor is superseded by the Secure Partition Manager (SPM) defined in the ARM Platform Security Architecture (PSA). uVisor is deprecated as of Mbed OS 5.10, and being replaced by a native PSA-compliant implementation of SPM.
This is a simple example to show how to use several uVisor APIs to build a box that securely stores a number. This number can only be written by one box, but read by all boxes.
- Create and run secure boxes.
- Secure static and dynamic memory inside secure boxes.
- Run threads inside secure boxes.
- Issue RPC requests to other secure boxes and wait for their completion.
- Receive and process incoming RPC requests from other secure boxes.
- Get box id and namespace of the RPC caller.
This demo contains three secure boxes:
- The secure number vault. This box stores one number that can only be written to by Client A, but read by everyone.
- Client A, which attempts to write (and succeeds) and read the secure number.
- Client B, which attempts to write (but fails) and read the secure number.
As usual, all the code/data that is not protected by a secure box ends up in the public box (also known as box 0), which is visible by all other boxes and, hence, insecure. The public box also attempts to write (but fails) and read the secure number.
For a release build, please enter:
$ mbed compile -m K64F -t GCC_ARM -c
You will find the resulting binary in
BUILD/K64F/GCC_ARM/mbed-os-example-uvisor-number-store.bin. You can drag and drop it onto your board USB drive.
Press the reset button. The
box_number_store secure box will use 3 LEDs on your target to signal the execution of the
set_number APIs. You can observe the example output on the serial port:
$ screen /dev/tty.usbmodem1422 9600
You will see an output similar to the following one:
***** uVisor secure number store example ***** vault : Only client_a can write into the vault vault : All clients can read the vault client_b: Attempt to write 0xFFFFFED4 (denied) client_a: Attempt to read : 0x00000000 (granted) client_a: Attempt to write 0xFFFFFE0C (granted) public : Attempt to read : 0xFFFFFE0C (granted) public : Attempt to write 0x00000019 (denied) client_b: Attempt to read : 0xFFFFFE0C (granted) client_a: Attempt to read : 0xFFFFFE0C (granted) ...
Note: If your target does not have 3 different LEDs or LED colours, you will see the same LED blink multiple times. The example use the general mbed OS naming structure
When a debugger is connected, you can observe debug output from uVisor. Please note that these messages are sent through semihosting, which halts the program execution if a debugger is not connected. For more information please read the Debugging uVisor on mbed OS guide. To build a debug version of this example, please enter:
$ mbed compile -m K64F -t GCC_ARM --profile mbed-os/tools/profiles/debug.json -c
- Use of exporters for multiple IDEs is not supported at the moment.
- uVisor will halt the system on unregistered interrupts arrival. Do not attempt to push any SW buttons not listed in this document.
If you have problems, you can review the documentation for suggestions on what could be wrong and how to fix it.