- Generated by
1.16.1
Flow protection mechanism. More...
Topics | |
| Flow protection core functionality | |
| Flow protection handling core functionality. | |
| Function calling flow protection | |
| Support for flow protected functions. | |
| Looping flow protection | |
| Support for flow protected loops. | |
| Branching flow protection | |
| Support for flow protected branches. | |
| Switching flow protection | |
| Support for flow protected switches. | |
| Expectation handling | |
| Expectation handling support functionality. | |
Flow protection mechanism.
The flow protection mechanism is based on events and expectations that need to be balanced. Every check that an event has occured should correspond to an expectation that has been raised.
This is a common API with various backends that implement its functionality. The backends can be divided into the following classes:
The None backend allows the use of flow protection macros on platforms that do not support any of the regular backends. It allows portability of code including flow protection macros, without implementing any protection mechanims.
Security Counter based backends allow a check that the execution matches the general expected code flow, but do not provide protection against individual instruction skips within a part of linear code flow.
There are two Secure Counter backends, called Local and Global. Local and Global backends implement functionality differently but are to be used in the same way. Both are based on the Security Counter and rely on the matching Security Counter backend to be active for the platform.
For the current Global implementation, users can omit MCUX_CSSL_FP_PROTECTED_TYPE, MCUX_CSSL_FP_FUNCTION_CALL, MCUX_CSSL_FP_FUNCTION_CALL_VOID macros, as they resolve to standard unprotected code you would use without these macros. (This might change in the future.)
The CodeSignature backend allows protection against individual instruction skips in non-linear and linear code.
The set of macros useful for the CodeSignature backend is disjoint from the set of useful macros for Local / Global backends.
Only MCUX_CSSL_FP_FUNCTION_DECL, MCUX_CSSL_FP_FUNCTION_DEF, and MCUX_CSSL_FP_FUNCTION_POINTER have an impact for CodeSignature. Whereas, for Local and Global backends, these three macros do not have any impact.
1.16.1