Git-Mirrors
/
tillitis-key
mirror of https://github.com/tillitis/tillitis-key1.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add release notes for TK1-24.03 

Clarifying earlier release notes.
This commit is contained in:
dehanj 2024-03-25 09:34:14 +01:00 committed by Michael Cardell Widerkrantz
parent 574e17f26a
commit 1c90b1aa3d
No known key found for this signature in database
GPG Key ID: D3DB3DDF57E704E5
1 changed files with 75 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
doc/release_notes.md
View File

@ -2,6 +2,73 @@
Descriptions of the tagged TKey releases.
## TK1-24.03
This is an official release of the "Bellatrix" version of the Tillitis'
TKey. This version is ready for general use.
Using OCI image `ghcr.io/tillitis/tkey-builder:4`, built from
`../contrib/Dockerfile`, and the generic
`../hw/application_fpga/data/uds.hex` and
`../hw/application_fpga/data/udi.hex`, a clean build should generate
the following digest:
```
321924aa3b26507f2a02325750e63c83b306c7831f8e2c87e8d198cecf8cc1c1 application_fpga.bin
```
### FPGA
- Security Monitor now prevents access to RAM outside of the physical
memory. If it detects an access outside of the RAM address space, it
will halt the CPU.
- CPU Monitor changes name to Security monitor, which CPU Monitor is a
part of. Prepare for more functions in the future.
- Support incremental builds for the bitstream, when changing UDS/UDI
between builds. Requires tkey-builder:3 or higher.
- Update Verilog linter to Verilog-2005 and fixed warnings.
- Complete testbenches and add 9 tests for the FPGA cores.
### Firmware
- Protect zeroisation against compiler optimisation by using
secure_wipe(), fixing a memset() that was removed during
compilation.
- Make memeq() function side channel silent.
- Change memory constants to defines instead of an enum, to be
compatible with ISO C.
- Deprecate TK1_MMIO_TK1_RAM_ASLR and introduce
TK1_MMIO_TK1_RAM_ADDR_RAND instead to distinguish from OS-level
ASLR.
- Use pedantic warnings while building firmware and fixed warnings.
- Use clang-tidy in CI.
- Fix warnings from splint.
### TP1
- New plastic clip o and update of BOM.
- Build TP1 firmware in CI.
### CH552
- Fixed a bug where a byte of data could in some rare circumstances be
dropped, causing a client app to hang.
- General clean-up of code, translated all comments to English.
### TK1
- New injection moulded plastic case
### tkey-builder
- Updated to version 3. Bumping Ubuntu to 23.10, Yosys to 0.36 and
nextpnr to 0.6.
- Updated to version 4. Bumping pico-sdk to 1.5.1, adding clang-tidy
and splint.
### Docs
- Fixing broken links, cleaning up docs and READMEs.
- Clarify warm boot attack mitigations and scope for Bellatrix in
threat model.
For full change log [see](https://github.com/tillitis/tillitis-key1/compare/TK1-23.03.2...TK1-24.03)
## TK1-23.03.2
This is the official release of the "Bellatrix" version of the
@ -87,12 +154,12 @@ f11d6b0f57c5405598206dcfea284008413391a2c51f124a2e2ae8600cb78f0b application_fp
will start flashing red. Note that the CPU will stay in the trap
state until the TKey device is disconnected.
- (HW) The RAM memory now includes an initial adress and scrambling
mechanism to make it harder to find assets generated by and
stored in the RAM by applications. The address space layout
randomizarion (ASLR) and data value scrambling is set up by the
firmware before the application is loaded, and does not affect
how applications executes.
- (HW) The RAM memory now includes an address randomisation and data
scrambling mechanism to make it harder for someone outside of the
CPU to find assets generated by and stored in the RAM by
applications. This randomisation and scrambling is set up by
firmware before the application is loaded, and does not affect how
applications executes.
- (HW) The UART Rx FIFO now allows applications to read out the
number of bytes received and not yet consumed by the application.
@ -142,8 +209,8 @@ f11d6b0f57c5405598206dcfea284008413391a2c51f124a2e2ae8600cb78f0b application_fp
PicoRV32. Please compile your programs with the Zmmul extension,
`-march=rv32iczmmul` for `clang`.
- (HW) The UDI is locked down and can now only be accessed by
firmware, not applications.
- (HW) The UDI is locked down and can only be accessed by firmware, to
prevent applications from tracking a particular TKey.
- (HW) The timer MMIO API now takes separate start and stop bits for
triggering the respective action, mitigating a time-of-check to