From 6aa01f2d8c9c33bfa08e441c9435ec01a57eb385 Mon Sep 17 00:00:00 2001
From: Daniel Jobson <jobson@tillitis.se>
Date: Thu, 14 Nov 2024 14:02:53 +0100
Subject: [PATCH] Automatically control system_mode in hardware
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Raise privilege (go to firmware mode) when a function call occurs
to the function set in syscall_addr_reg. Automatically revoke privilege
when executing above ROM (go to app mode).

Remove the option of writing to system_mode through the API.

Co-authored-by: Mikael Ågren <mikael@tillitis.se>
---
 hw/application_fpga/core/tk1/rtl/tk1.v | 31 +++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 6 deletions(-)

diff --git a/hw/application_fpga/core/tk1/rtl/tk1.v b/hw/application_fpga/core/tk1/rtl/tk1.v
index 80cfc17..7ce3a5e 100644
--- a/hw/application_fpga/core/tk1/rtl/tk1.v
+++ b/hw/application_fpga/core/tk1/rtl/tk1.v
@@ -106,6 +106,7 @@ module tk1 (
   localparam FW_RAM_FIRST = 32'hd0000000;
   localparam FW_RAM_LAST = 32'hd00007ff;
 
+  localparam FW_ROM_LAST = 32'h00001fff;
 
   // ILLEGAL_ADDR is outside of the physical memory, and will trap in
   // the security monitor if accessed.
@@ -118,6 +119,7 @@ module tk1 (
   reg           cdi_mem_we;
 
   reg           system_mode_reg;
+  reg           system_mode_new;
   reg           system_mode_we;
 
   reg  [ 2 : 0] led_reg;
@@ -297,7 +299,7 @@ module tk1 (
       gpio2_reg[1] <= gpio2_reg[0];
 
       if (system_mode_we) begin
-        system_mode_reg <= 1'h1;
+        system_mode_reg <= system_mode_new;
       end
 
       if (led_we) begin
@@ -422,12 +424,33 @@ module tk1 (
     end
   end
 
+  //----------------------------------------------------------------
+  // system_mode_ctrl will raise the privilege when the function in
+  // `syscall_addr_reg` is called.
+  //
+  // Automatically lowers the privilege when executing above ROM
+  // ----------------------------------------------------------------
+  always @* begin : system_mode_ctrl
+    system_mode_new = 1'h0;
+    system_mode_we  = 1'h0;
+
+    if (cpu_valid & cpu_instr) begin
+      if (cpu_addr == syscall_addr_reg) begin
+        system_mode_new = 1'h0;
+        system_mode_we  = 1'h1;
+      end
+
+      if (cpu_addr > FW_ROM_LAST) begin
+        system_mode_new = 1'h1;
+        system_mode_we  = 1'h1;
+      end
+    end
+  end
 
   //----------------------------------------------------------------
   // api
   //----------------------------------------------------------------
   always @* begin : api
-    system_mode_we   = 1'h0;
     led_we           = 1'h0;
     gpio3_we         = 1'h0;
     gpio4_we         = 1'h0;
@@ -455,10 +478,6 @@ module tk1 (
     if (cs) begin
       tmp_ready = 1'h1;
       if (we) begin
-        if (address == ADDR_SYSTEM_MODE_CTRL) begin
-          system_mode_we = 1'h1;
-        end
-
         if (address == ADDR_LED) begin
           led_we = 1'h1;
         end