Git-Mirrors/tillitis-key
1
0
Fork 0
mirror of https://github.com/tillitis/tillitis-key1.git synced 2025-08-10 15:40:03 -04:00
Code Issues Projects Releases Packages Wiki Activity

Make sensitive assets only readable/writable before system_mode is set

Browse source 
After the first time system_mode is set to one, the assets will no
longer be read- or writeable, even if system_mode is set to zero at a
later syscall. This is to make sure syscalls does not have the same
privilege as the firmware has at first boot.

We need to monitor when system_mode is set to one, otherwise we might
accedentially lock the assets before actually leaving firmware, for
example if firmware would use a function set in any of the registers
used in system_mode_ctrl.

Co-authored-by: Mikael Ågren <mikael@tillitis.se>
This commit is contained in:
Daniel Jobson 2024-11-15 11:19:40 +01:00
parent 690bb53267
commit 2abe93cf06
No known key found for this signature in database
GPG key ID: 3707A9DBF4BB8F1A
4 changed files with 25 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hw/application_fpga/rtl/application_fpga.v
View file

@ -143,6 +143,7 @@ module application_fpga (
wire [31 : 0] tk1_read_data;
wire tk1_ready;
wire system_mode;
wire rw_locked;
wire force_trap;
wire [14 : 0] ram_addr_rand;
wire [31 : 0] ram_data_rand;
@ -277,7 +278,7 @@ module application_fpga (
.clk(clk),
.reset_n(reset_n),
.system_mode(system_mode),
.rw_locked(rw_locked),
.cs(uds_cs),
.address(uds_address),
@ -321,6 +322,7 @@ module application_fpga (
.reset_n(reset_n),
.system_mode(system_mode),
.rw_locked (rw_locked),
.cpu_addr (cpu_addr),
.cpu_instr (cpu_instr),