fw: Add support for blake2s MMIO

In firmware we store the address to firmware blake2s() function at TK1_MMIO_TK1_BLAKE2S so app can use this firmware function sort of like a system call but without context switch.
2025-02-21 15:19:47 -05:00 · 2022-12-09 17:34:17 +01:00 · 2022-12-09 17:34:17 +01:00 · 08e1438d1e
commit 08e1438d1e
parent a48dc7cbbb
5 changed files with 146 additions and 60 deletions
--- a/doc/system_description/software.md
+++ b/doc/system_description/software.md
@ -418,6 +418,35 @@ host <-
  RSP[36..]    = 0
 ```

+### Firmware services
+
+The firmware exposes a BLAKE2s function through a function pointer
+located in MMIO `BLAKE2S` (see memory map below) with the with
+function signature:
+
+```c
+int blake2s(void *out, unsigned long outlen, const void *key,
+	    unsigned long keylen, const void *in, unsigned long inlen,
+	    blake2s_ctx *ctx);
+
+```
+
+where `blake2s_ctx` is:
+
+```c
+typedef struct {
+	uint8_t b[64]; // input buffer
+	uint32_t h[8]; // chained state
+	uint32_t t[2]; // total number of bytes
+	size_t c;      // pointer for b[]
+	size_t outlen; // digest size
+} blake2s_ctx;
+```
+
+The `libcommon` library in
+[tillitis-key1-apps](https://github.com/tillitis/tillitis-key1-apps/)
+has a wrapper for using this function.
+
 ## Memory map

 Assigned top level prefixes:
@ -464,7 +493,7 @@ Assigned core prefixes:
 `sw`. Exceptions are `FW_RAM` and `QEMU_DEBUG`.

 | *name*            | *fw*  | *app*     | *size* | *type*   | *content* | *description*                                                           |
-|-------------------|-------|-----------|--------|----------|-----------|------------------------------------------------------------------------|
+|-------------------|-------|-----------|--------|----------|-----------|-------------------------------------------------------------------------|
 | `TRNG_STATUS`     | r     | r         |        |          |           | TRNG_STATUS_READY_BIT is 1 when an entropy word is available.           |
 | `TRNG_ENTROPY`    | r     | r         | 4B     | u32      |           | Entropy word. Reading a word will clear status.                         |
 | `TIMER_CTRL`      | r/w   | r/w       |        |          |           | If TIMER_STATUS_READY_BIT in TIMER_STATUS is 1, writing anything here   |
@ -496,6 +525,7 @@ Assigned core prefixes:
 | `GPIO`            |       |           |        |          |           |                                                                         |
 | `APP_ADDR`        | r/w   | r         | 4B     | u32      |           | Firmware stores app load address here, so app can read its own location |
 | `APP_SIZE`        | r/w   | r         | 4B     | u32      |           | Firmware stores app app size here, so app can read its own size         |
+| `BLAKE2S`         | r/w   | r         | 4B     | u32      |           | Function pointer to a BLAKE2S function in the firmware                  |
 | `CDI_FIRST`       | r/w   | r         | 32B    | u8[32]   |           | Compound Device Identifier (CDI). UDS+measurement...                    |
 | `CDI_LAST`        |       | r         |        |          |           | Last word of CDI                                                        |

--- a/hw/application_fpga/Makefile
+++ b/hw/application_fpga/Makefile
@ -84,7 +84,8 @@ TESTFW_OBJS = \
 	$(P)/fw/testfw/main.o \
 	$(P)/fw/tk1/start.o \
 	$(P)/fw/tk1/proto.o \
-	$(P)/fw/tk1/lib.o
+	$(P)/fw/tk1/lib.o \
+	$(P)/fw/tk1/blake2s/blake2s.o

 #-------------------------------------------------------------------
 # All: Complete build of HW and FW.
--- a/hw/application_fpga/fw/testfw/main.c
+++ b/hw/application_fpga/fw/testfw/main.c
@ -3,6 +3,7 @@
 * SPDX-License-Identifier: GPL-2.0-only
 */

+#include "../tk1/blake2s/blake2s.h"
 #include "../tk1/lib.h"
 #include "../tk1/proto.h"
 #include "../tk1/types.h"
@ -23,6 +24,10 @@ volatile uint32_t *timer_status =    (volatile uint32_t *)TK1_MMIO_TIMER_STATUS;
 volatile uint32_t *timer_ctrl      = (volatile uint32_t *)TK1_MMIO_TIMER_CTRL;
 volatile uint32_t *trng_status     = (volatile uint32_t *)TK1_MMIO_TRNG_STATUS;
 volatile uint32_t *trng_entropy    = (volatile uint32_t *)TK1_MMIO_TRNG_ENTROPY;
+volatile uint32_t *fw_blake2s_addr = (volatile uint32_t *)TK1_MMIO_TK1_BLAKE2S;
+
+// Function pointer to blake2s()
+volatile int (*fw_blake2s)(void *, unsigned long, const void *, unsigned long, const void *, unsigned long, blake2s_ctx *);
 // clang-format on

 // TODO Real UDA is 4 words (16 bytes)
@ -57,6 +62,23 @@ void puthexn(uint8_t *p, int n)
 	}
 }

+void hexdump(uint8_t *buf, int len)
+{
+	uint8_t *row;
+	uint8_t *byte;
+	uint8_t *max;
+
+	row = buf;
+	max = &buf[len];
+	for (byte = 0; byte != max; row = byte) {
+		for (byte = row; byte != max && byte != (row + 16); byte++) {
+			puthex(*byte);
+		}
+
+		puts("\r\n");
+	}
+}
+
 void reverseword(uint32_t *wordp)
 {
 	*wordp = ((*wordp & 0xff000000) >> 24) | ((*wordp & 0x00ff0000) >> 8) |
@ -157,6 +179,9 @@ int main()
 		anyfailed = 1;
 	}

+	// Store function pointer to blake2s() so it's reachable from app
+	*fw_blake2s_addr = (uint32_t)blake2s;
+
 	// Turn on application mode.
 	// -------------------------
 	*switch_app = 1;
@ -238,6 +263,32 @@ int main()
 		anyfailed = 1;
 	}

+	// Testing the blake2s MMIO in app mode
+
+	fw_blake2s = (volatile int (*)(void *, unsigned long, const void *,
+				       unsigned long, const void *,
+				       unsigned long, blake2s_ctx *)) *
+		     fw_blake2s_addr;
+
+	char msg[17] = "dldlkjsdkljdslsdj";
+	uint32_t digest0[8];
+	uint32_t digest1[8];
+	blake2s_ctx b2s_ctx;
+
+	blake2s(&digest0[0], 32, NULL, 0, &msg, 17, &b2s_ctx);
+	fw_blake2s(&digest1[0], 32, NULL, 0, &msg, 17, &b2s_ctx);
+
+	puts("digest #0: \r\n");
+	hexdump((uint8_t *)digest0, 32);
+
+	puts("digest #1: \r\n");
+	hexdump((uint8_t *)digest1, 32);
+
+	if (!memeq(digest0, digest1, 32)) {
+		puts("FAIL: Digests not the same\r\n");
+		anyfailed = 1;
+	}
+
 	// Check and display test results.
 	if (anyfailed) {
 		puts("Some test FAILED!\r\n");
--- a/hw/application_fpga/fw/tk1/main.c
+++ b/hw/application_fpga/fw/tk1/main.c
@ -21,6 +21,7 @@ static volatile uint32_t *app_addr =   (volatile uint32_t *)TK1_MMIO_TK1_APP_ADD
 static volatile uint32_t *app_size        = (volatile uint32_t *)TK1_MMIO_TK1_APP_SIZE;
 static volatile uint8_t  *fw_ram          = (volatile uint8_t  *)TK1_MMIO_FW_RAM_BASE;
 static volatile uint32_t *led             = (volatile uint32_t *)TK1_MMIO_TK1_LED;
+static volatile uint32_t *fw_blake2s_addr = (volatile uint32_t *)TK1_MMIO_TK1_BLAKE2S;

 #define LED_RED   (1 << TK1_MMIO_TK1_LED_R_BIT)
 #define LED_GREEN (1 << TK1_MMIO_TK1_LED_G_BIT)
@ -149,6 +150,8 @@ int main()
 	uint8_t uss[32] = {0};
 	uint8_t digest[32] = {0};
 	enum state state = FW_STATE_INITIAL;
+	// Let the app know the function adddress for blake2s()
+	*fw_blake2s_addr = (uint32_t)blake2s;

 	print_hw_version(namever);

--- a/hw/application_fpga/fw/tk1_mem.h
+++ b/hw/application_fpga/fw/tk1_mem.h
@ -87,6 +87,7 @@ enum {
    TK1_MMIO_TK1_GPIO4_BIT    = 3,
    TK1_MMIO_TK1_APP_ADDR     = TK1_MMIO_TK1_BASE | 0x30,
    TK1_MMIO_TK1_APP_SIZE     = TK1_MMIO_TK1_BASE | 0x34,
+    TK1_MMIO_TK1_BLAKE2S      = TK1_MMIO_TK1_BASE | 0x40,
    TK1_MMIO_TK1_CDI_FIRST    = TK1_MMIO_TK1_BASE | 0x80,
    TK1_MMIO_TK1_CDI_LAST     = TK1_MMIO_TK1_BASE | 0x9c, // Address of last 32-bit word of CDI.
    TK1_MMIO_TK1_UDI_FIRST    = TK1_MMIO_TK1_BASE | 0xc0,