Benjamin Cabé

Zephyr Weekly Update – Trusted Firmware-M 2.0 integration

Zephyr Weekly Update - January 19, 2024

Zephyr Weekly Update - January 19, 2024

Happy Friday, and welcome back for another Zephyr Weekly Update. One of the main highlights this week is certainly the recent upgrade to Trusted Firmware-M 2.0.

On the topic of security, I really encourage everyone to watch our latest Zephyr Tech Talk, if you missed the opportunity to watch it live. Kasia Zalewska did an outstanding job of explaining some of the typical security vulnerabilities in embedded software, and what are some of the tools that can help mitigate them. I really loved the live demo part where she demonstrated a buffer overflow attack, as this really made it easier for me to understand how they can be conducted by an attacker, and how software can be hardened to detect/avoid them.

Update to TF-M 2.0

Trusted Firmware provides a reference implementation of secure software for Cortex-A (TF-A) and Cortex-M (TF-M). You can think of it as a toolbox that provides you with all the libraries and code you need to align with Arm’s latest recommendations and specifications regarding security. To quote the trustedfirmware.org website, “this forms the foundations of a Trusted Execution Environment (TEE) on application processors, or the Secure Processing Environment (SPE) of microcontrollers”.

Trusted Firmware-M v2.0.0 was released at the end of last year and one of the main highlights is its smaller memory footprint, in particular thanks to an update to mbedTLS 3.5.0.

As of this week, Zephyr supports TF-M 2.0.0! (PR #66288)

Socket service API

A new socket service has been introduced. It is somewhat similar to Linux’s inetd in that it allows to have only one thread that listens on a set of blocking sockets, and therefore save memory. When there is activity on one of the sockets, the service calls the appropriate callback (servlet? :)) to do the actual work.

A good starting point to learn more is to look at the newly introduced service-based echo server code sample. And of course, more details can also be found in the pull request, PR #66758.

Boards & SoCs

M5Stack AtomS3 Lite

SoC driver updates

General drivers

Miscellaneous


A big thank you to the 9 individuals who had their first pull request accepted this week, 💙 🙌: @gzzi, @toonst, @laurin, @VitekST, @amrithvenkat, @shenyi97, @MirkoCovizzi, @mschappa, and @lopsided98.

As always, I very much welcome your thoughts and feedback in the comments below!

If you enjoyed this article, don’t forget to subscribe to this blog to be notified of upcoming publications! And of course, you can also always find me on Twitter and Mastodon.

Catch up on all previous issues of the Zephyr Weekly Update:

Exit mobile version