Git-Mirrors/tillitis-key
1
0
Fork 0
mirror of https://github.com/tillitis/tillitis-key1.git synced 2025-11-26 18:36:30 -05:00
Code Issues Projects Releases Packages Wiki Activity

PoC: Make sensitive assets only readable/writable before system_mode is set

Browse source 
After the first time system_mode is set to one, the assets will no
longer be read- or writeable, even if system_mode is set to zero at a
later syscall. This is to make sure syscalls does not have the same
privilege as the firmware has at first boot.

We need to monitor when system_mode is set to one, otherwise we might
accedentially lock the assets before actually leaving firmware, for
example if firmware would use a function set in any of the registers
used in system_mode_ctrl.

Co-authored-by: Mikael Ågren <mikael@tillitis.se>
This commit is contained in:
Daniel Jobson 2024-11-15 11:19:40 +01:00 committed by Mikael Ågren
parent 7f34f5db91
commit 2ec2196e92
No known key found for this signature in database
GPG key ID: E02DA3D397792C46
5 changed files with 44 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

5
hw/application_fpga/core/uds/rtl/uds.v
View file

@ -17,8 +17,7 @@ module uds (
input wire clk,
input wire reset_n,
input wire system_mode,
input wire en,
input wire cs,
input wire [ 2 : 0] address,
output wire [31 : 0] read_data,
@ -89,7 +88,7 @@ module uds (
if (cs) begin
tmp_ready = 1'h1;
if (!system_mode) begin
if (en) begin
if (uds_rd_reg[address[2 : 0]] == 1'h0) begin
uds_rd_we = 1'h1;
end