diff --git a/doc/system_description/system_description.md b/doc/system_description/system_description.md index f8029f9..4d3a243 100644 --- a/doc/system_description/system_description.md +++ b/doc/system_description/system_description.md @@ -227,51 +227,51 @@ Assigned core prefixes: *Nota bene*: MMIO accesses should be 32 bit wide, e.g use `lw` and `sw`. Exceptions are `UDS`, `FW_RAM` and `QEMU_DEBUG`. -| *name* | *fw* | *app* | *size* | *type* | *content* | *description* | -|-------------------|-------|-----------|--------|----------|-----------|-------------------------------------------------------------------------| -| `TRNG_STATUS` | r | r | | | | TRNG_STATUS_READY_BIT is 1 when an entropy word is available. | -| `TRNG_ENTROPY` | r | r | 4B | u32 | | Entropy word. Reading a word will clear status. | -| `TIMER_CTRL` | r/w | r/w | | | | If TIMER_STATUS_RUNNING_BIT in TIMER_STATUS is 0, setting | -| | | | | | | TIMER_CTRL_START_BIT here starts the timer. | -| | | | | | | If TIMER_STATUS_RUNNING_BIT in TIMER_STATUS is 1, setting | -| | | | | | | TIMER_CTRL_STOP_BIT here stops the timer. | -| `TIMER_STATUS` | r | r | | | | TIMER_STATUS_RUNNING_BIT is 1 when the timer is running. | -| `TIMER_PRESCALER` | r/w | r/w | 4B | | | Prescaler init value. Write blocked when running. | -| `TIMER_TIMER` | r/w | r/w | 4B | | | Timer init or current value while running. Write blocked when running. | -| `UDS_FIRST` | r[^3] | invisible | 4B | u8[32] | | First word of Unique Device Secret key. Note: Read once per power up. | -| `UDS_LAST` | | invisible | | | | The last word of the UDS. Note: Read once per power up. | -| `UART_BITRATE` | r/w | | | | | TBD | -| `UART_DATABITS` | r/w | | | | | TBD | -| `UART_STOPBITS` | r/w | | | | | TBD | -| `UART_RX_STATUS` | r | r | 1B | u8 | | Non-zero when there is data to read | -| `UART_RX_DATA` | r | r | 1B | u8 | | Data to read. Only LSB contains data | -| `UART_RX_BYTES` | r | r | 4B | u32 | | Number of bytes received from the host and not yet read by SW, FW. | -| `UART_TX_STATUS` | r | r | 1B | u8 | | Non-zero when it's OK to write data to send. | -| `UART_TX_DATA` | w | w | 1B | u8 | | Data to send. Only LSB contains data | -| `TOUCH_STATUS` | r/w | r/w | | | | TOUCH_STATUS_EVENT_BIT is 1 when touched. After detecting a touch | -| | | | | | | event (reading a 1), write anything here to acknowledge it. | -| `FW_RAM` | r/w | invisible | 2 kiB | u8[2048] | | Firmware-only RAM. | -| `UDI` | r | invisible | 8B | u64 | | Unique Device ID (UDI). | -| `QEMU_DEBUG` | w | w | | u8 | | Debug console (only in QEMU) | -| `NAME0` | r | r | 4B | char[4] | "tk1 " | ID of core/stick | -| `NAME1` | r | r | 4B | char[4] | "mkdf" | ID of core/stick | -| `VERSION` | r | r | 4B | u32 | 1 | Current version. | -| `SWITCH_APP` | r/w | r | 1B | u8 | | Write anything here to trigger the switch to application mode. Reading | -| | | | | | | returns 0 if device is in firmware mode, 0xffffffff if in app mode. | -| `LED` | r/w | r/w | 1B | u8 | | Control of the color LEDs in RBG LED on the board. | -| | | | | | | Bit 0 is Blue, bit 1 is Green, and bit 2 is Red LED. | -| `GPIO` | r/w | r/w | 1B | u8 | | Bits 0 and 1 contain the input level of GPIO 1 and 2. | -| | | | | u8 | | Bits 3 and 4 store the output level of GPIO 3 and 4. | -| `APP_ADDR` | r/w | r | 4B | u32 | | Firmware stores app load address here, so app can read its own location | -| `APP_SIZE` | r/w | r | 4B | u32 | | Firmware stores app app size here, so app can read its own size | -| `BLAKE2S` | r/w | r | 4B | u32 | | Function pointer to a BLAKE2S function in the firmware | -| `CDI_FIRST` | r/w | r | 32B | u8[32] | | Compound Device Identifier (CDI). UDS+measurement... | -| `CDI_LAST` | | r | | | | Last word of CDI | -| `RAM_ASLR` | w | invisible | 4B | u32 | | Address Space Randomization seed value for the RAM | -| `RAM_SCRAMBLE` | w | invisible | 4B | u32 | | Data scrambling seed value for the RAM | -| `CPU_MON_CTRL` | w | w | 4B | u32 | | Bit 0 enables CPU execution monitor. Can't be unset. Lock adresses | -| `CPU_MON_FIRST` | w | w | 4B | u32 | | First address of the area monitored for execution attempts | -| `CPU_MON_LAST` | w | w | 4B | u32 | | Last address of the area monitored for execution attempts | +| *name* | *fw* | *app* | *size* | *type* | *content* | *description* | +|--------------------|-------|-----------|--------|----------|-----------|-------------------------------------------------------------------------| +| `TRNG_STATUS` | r | r | | | | TRNG_STATUS_READY_BIT is 1 when an entropy word is available. | +| `TRNG_ENTROPY` | r | r | 4B | u32 | | Entropy word. Reading a word will clear status. | +| `TIMER_CTRL` | r/w | r/w | | | | If TIMER_STATUS_RUNNING_BIT in TIMER_STATUS is 0, setting | +| | | | | | | TIMER_CTRL_START_BIT here starts the timer. | +| | | | | | | If TIMER_STATUS_RUNNING_BIT in TIMER_STATUS is 1, setting | +| | | | | | | TIMER_CTRL_STOP_BIT here stops the timer. | +| `TIMER_STATUS` | r | r | | | | TIMER_STATUS_RUNNING_BIT is 1 when the timer is running. | +| `TIMER_PRESCALER` | r/w | r/w | 4B | | | Prescaler init value. Write blocked when running. | +| `TIMER_TIMER` | r/w | r/w | 4B | | | Timer init or current value while running. Write blocked when running. | +| `UDS_FIRST` | r[^3] | invisible | 4B | u8[32] | | First word of Unique Device Secret key. Note: Read once per power up. | +| `UDS_LAST` | | invisible | | | | The last word of the UDS. Note: Read once per power up. | +| `UART_BITRATE` | r/w | | | | | TBD | +| `UART_DATABITS` | r/w | | | | | TBD | +| `UART_STOPBITS` | r/w | | | | | TBD | +| `UART_RX_STATUS` | r | r | 1B | u8 | | Non-zero when there is data to read | +| `UART_RX_DATA` | r | r | 1B | u8 | | Data to read. Only LSB contains data | +| `UART_RX_BYTES` | r | r | 4B | u32 | | Number of bytes received from the host and not yet read by SW, FW. | +| `UART_TX_STATUS` | r | r | 1B | u8 | | Non-zero when it's OK to write data to send. | +| `UART_TX_DATA` | w | w | 1B | u8 | | Data to send. Only LSB contains data | +| `TOUCH_STATUS` | r/w | r/w | | | | TOUCH_STATUS_EVENT_BIT is 1 when touched. After detecting a touch | +| | | | | | | event (reading a 1), write anything here to acknowledge it. | +| `FW_RAM` | r/w | invisible | 2 kiB | u8[2048] | | Firmware-only RAM. | +| `UDI` | r | invisible | 8B | u64 | | Unique Device ID (UDI). | +| `QEMU_DEBUG` | w | w | | u8 | | Debug console (only in QEMU) | +| `NAME0` | r | r | 4B | char[4] | "tk1 " | ID of core/stick | +| `NAME1` | r | r | 4B | char[4] | "mkdf" | ID of core/stick | +| `VERSION` | r | r | 4B | u32 | 1 | Current version. | +| `SYSTEM_MODE_CTRL` | r/w | r | 1B | u8 | | Write anything here to trigger the switch to application mode. Reading | +| | | | | | | returns 0 if device is in firmware mode, 0xffffffff if in app mode. | +| `LED` | r/w | r/w | 1B | u8 | | Control of the color LEDs in RBG LED on the board. | +| | | | | | | Bit 0 is Blue, bit 1 is Green, and bit 2 is Red LED. | +| `GPIO` | r/w | r/w | 1B | u8 | | Bits 0 and 1 contain the input level of GPIO 1 and 2. | +| | | | | u8 | | Bits 3 and 4 store the output level of GPIO 3 and 4. | +| `APP_ADDR` | r/w | r | 4B | u32 | | Firmware stores app load address here, so app can read its own location | +| `APP_SIZE` | r/w | r | 4B | u32 | | Firmware stores app app size here, so app can read its own size | +| `BLAKE2S` | r/w | r | 4B | u32 | | Function pointer to a BLAKE2S function in the firmware | +| `CDI_FIRST` | r/w | r | 32B | u8[32] | | Compound Device Identifier (CDI). UDS+measurement... | +| `CDI_LAST` | | r | | | | Last word of CDI | +| `RAM_ASLR` | w | invisible | 4B | u32 | | Address Space Randomization seed value for the RAM | +| `RAM_SCRAMBLE` | w | invisible | 4B | u32 | | Data scrambling seed value for the RAM | +| `CPU_MON_CTRL` | w | w | 4B | u32 | | Bit 0 enables CPU execution monitor. Can't be unset. Lock adresses | +| `CPU_MON_FIRST` | w | w | 4B | u32 | | First address of the area monitored for execution attempts | +| `CPU_MON_LAST` | w | w | 4B | u32 | | Last address of the area monitored for execution attempts | [^3]: The UDS can only be read *once* per power-cycle. diff --git a/hw/application_fpga/application_fpga.bin.sha256 b/hw/application_fpga/application_fpga.bin.sha256 index ab43462..9bb5d6a 100644 --- a/hw/application_fpga/application_fpga.bin.sha256 +++ b/hw/application_fpga/application_fpga.bin.sha256 @@ -1 +1 @@ -6585aafa13727dc5bf560f34c457048ca3d13ee6ab502c2afc737b1e70fa5a00 application_fpga.bin +f28a9b5585b34f050f959159efd926164357bc6a2e9479531e9b87e6222671e2 application_fpga.bin diff --git a/hw/application_fpga/core/fw_ram/README.md b/hw/application_fpga/core/fw_ram/README.md index fc06273..46c311d 100644 --- a/hw/application_fpga/core/fw_ram/README.md +++ b/hw/application_fpga/core/fw_ram/README.md @@ -21,5 +21,6 @@ The contents of the fw_ram is cleared when the FPGA is powered up and configured by the bitstream. The contents is not cleared by a system reset. -If the fw_app_mode input is set, no memory accesses are allowed. Any -reads when the fw_app_mode is set will retun an all zero word. +If the system_mode input is set, i.e. in firmware mode, no memory +accesses are allowed. Any reads when the system_mode is set will +return an all zero word. diff --git a/hw/application_fpga/core/fw_ram/rtl/fw_ram.v b/hw/application_fpga/core/fw_ram/rtl/fw_ram.v index dfc8cc2..150f6b5 100644 --- a/hw/application_fpga/core/fw_ram/rtl/fw_ram.v +++ b/hw/application_fpga/core/fw_ram/rtl/fw_ram.v @@ -17,7 +17,7 @@ module fw_ram ( input wire clk, input wire reset_n, - input wire fw_app_mode, + input wire system_mode, input wire cs, input wire [ 3 : 0] we, @@ -35,7 +35,7 @@ module fw_ram ( reg [31 : 0] mem_read_data0; reg [31 : 0] mem_read_data1; reg ready_reg; - wire fw_app_cs; + wire system_mode_cs; reg bank0; reg bank1; @@ -43,9 +43,9 @@ module fw_ram ( //---------------------------------------------------------------- // Concurrent assignment of ports. //---------------------------------------------------------------- - assign read_data = tmp_read_data; - assign ready = ready_reg; - assign fw_app_cs = cs && ~fw_app_mode; + assign read_data = tmp_read_data; + assign ready = ready_reg; + assign system_mode_cs = cs && ~system_mode; //---------------------------------------------------------------- @@ -56,12 +56,12 @@ module fw_ram ( .RADDR({3'h0, address[7 : 0]}), .RCLK(clk), .RCLKE(1'h1), - .RE(fw_app_cs & bank0), + .RE(system_mode_cs & bank0), .WADDR({3'h0, address[7 : 0]}), .WCLK(clk), .WCLKE(1'h1), .WDATA(write_data[15 : 0]), - .WE((|we & fw_app_cs & bank0)), + .WE((|we & system_mode_cs & bank0)), .MASK({{8{~we[1]}}, {8{~we[0]}}}) ); @@ -70,12 +70,12 @@ module fw_ram ( .RADDR({3'h0, address[7 : 0]}), .RCLK(clk), .RCLKE(1'h1), - .RE(fw_app_cs & bank0), + .RE(system_mode_cs & bank0), .WADDR({3'h0, address[7 : 0]}), .WCLK(clk), .WCLKE(1'h1), .WDATA(write_data[31 : 16]), - .WE((|we & fw_app_cs & bank0)), + .WE((|we & system_mode_cs & bank0)), .MASK({{8{~we[3]}}, {8{~we[2]}}}) ); @@ -85,12 +85,12 @@ module fw_ram ( .RADDR({3'h0, address[7 : 0]}), .RCLK(clk), .RCLKE(1'h1), - .RE(fw_app_cs & bank1), + .RE(system_mode_cs & bank1), .WADDR({3'h0, address[7 : 0]}), .WCLK(clk), .WCLKE(1'h1), .WDATA(write_data[15 : 0]), - .WE((|we & fw_app_cs & bank1)), + .WE((|we & system_mode_cs & bank1)), .MASK({{8{~we[1]}}, {8{~we[0]}}}) ); @@ -99,12 +99,12 @@ module fw_ram ( .RADDR({3'h0, address[7 : 0]}), .RCLK(clk), .RCLKE(1'h1), - .RE(fw_app_cs & bank1), + .RE(system_mode_cs & bank1), .WADDR({3'h0, address[7 : 0]}), .WCLK(clk), .WCLKE(1'h1), .WDATA(write_data[31 : 16]), - .WE((|we & fw_app_cs & bank1)), + .WE((|we & system_mode_cs & bank1)), .MASK({{8{~we[3]}}, {8{~we[2]}}}) ); @@ -129,7 +129,7 @@ module fw_ram ( bank1 = 1'h0; tmp_read_data = 32'h0; - if (fw_app_cs) begin + if (system_mode_cs) begin if (address[8]) begin bank1 = 1'h1; tmp_read_data = mem_read_data1; diff --git a/hw/application_fpga/core/tk1/README.md b/hw/application_fpga/core/tk1/README.md index 1da5d98..eea2275 100644 --- a/hw/application_fpga/core/tk1/README.md +++ b/hw/application_fpga/core/tk1/README.md @@ -26,7 +26,7 @@ applications. ### Control of execution mode ``` - ADDR_SWITCH_APP: 0x08 + ADDR_SYSTEM_MODE_CTRL: 0x08 ``` This register controls if the device is executing in FW mode or in App @@ -75,7 +75,7 @@ corresponding register is one or zero. These registers provide read only information to the loaded app to itself - where it was loaded and its size. The values are written by FW as part of the loading of the app. The registers can't be written -when the ADDR_SWITCH_APP has been set. +when the ADDR_SYSTEM_MODE_CTRL has been set. ### Access to Blake2s @@ -86,7 +86,7 @@ when the ADDR_SWITCH_APP has been set. This register provides the 32-bit function pointer address to the Blake2s hash function in the FW. It is written by FW during boot. The -register can't be written to when the ADDR_SWITCH_APP has been set. +register can't be written to when the ADDR_SYSTEM_MODE_CTRL has been set. ### Access to CDI @@ -99,7 +99,7 @@ register can't be written to when the ADDR_SWITCH_APP has been set. These registers provide access to the 256-bit compound device secret calculated by the FW as part of loading an application. The registers are written by the FW. The register can't be written to when the -ADDR_SWITCH_APP has been set. Apps can read the CDI and is it as base +ADDR_SYSTEM_MODE_CTRL has been set. Apps can read the CDI and is it as base secret for any secrets it needs to perform its intended use case. diff --git a/hw/application_fpga/core/tk1/rtl/tk1.v b/hw/application_fpga/core/tk1/rtl/tk1.v index f6f5edc..f432b13 100644 --- a/hw/application_fpga/core/tk1/rtl/tk1.v +++ b/hw/application_fpga/core/tk1/rtl/tk1.v @@ -18,7 +18,7 @@ module tk1 ( input wire reset_n, input wire cpu_trap, - output wire fw_app_mode, + output wire system_mode, input wire [31 : 0] cpu_addr, input wire cpu_instr, @@ -59,7 +59,7 @@ module tk1 ( localparam ADDR_NAME1 = 8'h01; localparam ADDR_VERSION = 8'h02; - localparam ADDR_SWITCH_APP = 8'h08; + localparam ADDR_SYSTEM_MODE_CTRL = 8'h08; localparam ADDR_LED = 8'h09; localparam LED_R_BIT = 2; @@ -112,8 +112,8 @@ module tk1 ( reg [31 : 0] cdi_mem [0 : 7]; reg cdi_mem_we; - reg switch_app_reg; - reg switch_app_we; + reg system_mode_reg; + reg system_mode_we; reg [ 2 : 0] led_reg; reg led_we; @@ -185,7 +185,7 @@ module tk1 ( assign read_data = tmp_read_data; assign ready = tmp_ready; - assign fw_app_mode = switch_app_reg; + assign system_mode = system_mode_reg; assign force_trap = force_trap_reg; @@ -248,7 +248,7 @@ module tk1 ( //---------------------------------------------------------------- always @(posedge clk) begin : reg_update if (!reset_n) begin - switch_app_reg <= 1'h0; + system_mode_reg <= 1'h0; led_reg <= 3'h6; gpio1_reg <= 2'h0; gpio2_reg <= 2'h0; @@ -287,8 +287,8 @@ module tk1 ( gpio2_reg[0] <= gpio2; gpio2_reg[1] <= gpio2_reg[0]; - if (switch_app_we) begin - switch_app_reg <= 1'h1; + if (system_mode_we) begin + system_mode_reg <= 1'h1; end if (led_we) begin @@ -414,7 +414,7 @@ module tk1 ( // api //---------------------------------------------------------------- always @* begin : api - switch_app_we = 1'h0; + system_mode_we = 1'h0; led_we = 1'h0; gpio3_we = 1'h0; gpio4_we = 1'h0; @@ -443,8 +443,8 @@ module tk1 ( if (cs) begin tmp_ready = 1'h1; if (we) begin - if (address == ADDR_SWITCH_APP) begin - switch_app_we = 1'h1; + if (address == ADDR_SYSTEM_MODE_CTRL) begin + system_mode_we = 1'h1; end if (address == ADDR_LED) begin @@ -457,13 +457,13 @@ module tk1 ( end if (address == ADDR_APP_START) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin app_start_we = 1'h1; end end if (address == ADDR_APP_SIZE) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin app_size_we = 1'h1; end end @@ -473,25 +473,25 @@ module tk1 ( end if (address == ADDR_BLAKE2S) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin blake2s_addr_we = 1'h1; end end if ((address >= ADDR_CDI_FIRST) && (address <= ADDR_CDI_LAST)) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin cdi_mem_we = 1'h1; end end if (address == ADDR_RAM_ADDR_RAND) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin ram_addr_rand_we = 1'h1; end end if (address == ADDR_RAM_DATA_RAND) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin ram_data_rand_we = 1'h1; end end @@ -538,8 +538,8 @@ module tk1 ( tmp_read_data = TK1_VERSION; end - if (address == ADDR_SWITCH_APP) begin - tmp_read_data = {32{switch_app_reg}}; + if (address == ADDR_SYSTEM_MODE_CTRL) begin + tmp_read_data = {32{system_mode_reg}}; end if (address == ADDR_LED) begin @@ -567,7 +567,7 @@ module tk1 ( end if ((address >= ADDR_UDI_FIRST) && (address <= ADDR_UDI_LAST)) begin - if (!switch_app_reg) begin + if (!system_mode_reg) begin tmp_read_data = udi_rdata; end end diff --git a/hw/application_fpga/core/tk1/tb/tb_tk1.v b/hw/application_fpga/core/tk1/tb/tb_tk1.v index f83211b..640a714 100644 --- a/hw/application_fpga/core/tk1/tb/tb_tk1.v +++ b/hw/application_fpga/core/tk1/tb/tb_tk1.v @@ -27,7 +27,7 @@ module tb_tk1 (); localparam ADDR_NAME1 = 8'h01; localparam ADDR_VERSION = 8'h02; - localparam ADDR_SWITCH_APP = 8'h08; + localparam ADDR_SYSTEM_MODE_CTRL = 8'h08; localparam ADDR_LED = 8'h09; localparam LED_R_BIT = 2; @@ -76,7 +76,7 @@ module tb_tk1 (); reg tb_clk; reg tb_reset_n; reg tb_cpu_trap; - wire tb_fw_app_mode; + wire tb_system_mode; reg [31 : 0] tb_cpu_addr; reg tb_cpu_instr; @@ -122,7 +122,7 @@ module tb_tk1 (); .reset_n(tb_reset_n), .cpu_trap(tb_cpu_trap), - .fw_app_mode(tb_fw_app_mode), + .system_mode(tb_system_mode), .cpu_addr (tb_cpu_addr), .cpu_instr (tb_cpu_instr), @@ -192,7 +192,7 @@ module tb_tk1 (); $display("------------"); if (tb_main_monitor) begin $display("Inputs and outputs:"); - $display("tb_cpu_trap: 0x%1x, fw_app_mode: 0x%1x", tb_cpu_trap, tb_fw_app_mode); + $display("tb_cpu_trap: 0x%1x, system_mode: 0x%1x", tb_cpu_trap, tb_system_mode); $display("cpu_addr: 0x%08x, cpu_instr: 0x%1x, cpu_valid: 0x%1x, force_tap: 0x%1x", tb_cpu_addr, tb_cpu_instr, tb_cpu_valid, tb_force_trap); $display("ram_addr_rand: 0x%08x, ram_data_rand: 0x%08x", tb_ram_addr_rand, @@ -441,7 +441,7 @@ module tb_tk1 (); read_check_word(ADDR_CDI_LAST + 0, 32'h70717273); $display("--- test3: Switch to app mode."); - write_word(ADDR_SWITCH_APP, 32'hdeadbeef); + write_word(ADDR_SYSTEM_MODE_CTRL, 32'hdeadbeef); $display("--- test3: Try to write CDI again."); write_word(ADDR_CDI_FIRST + 0, 32'hfffefdfc); @@ -489,7 +489,7 @@ module tb_tk1 (); read_check_word(ADDR_BLAKE2S, 32'hcafebabe); $display("--- test4: Switch to app mode."); - write_word(ADDR_SWITCH_APP, 32'hf00ff00f); + write_word(ADDR_SYSTEM_MODE_CTRL, 32'hf00ff00f); $display("--- test4: Write Blake2s entry point again."); write_word(ADDR_BLAKE2S, 32'hdeadbeef); @@ -525,7 +525,7 @@ module tb_tk1 (); read_check_word(ADDR_APP_SIZE, 32'h47114711); $display("--- test5: Switch to app mode."); - write_word(ADDR_SWITCH_APP, 32'hf000000); + write_word(ADDR_SYSTEM_MODE_CTRL, 32'hf000000); $display("--- test5: Write app start address and size again."); write_word(ADDR_APP_START, 32'hdeadbeef); @@ -564,7 +564,7 @@ module tb_tk1 (); dut.ram_addr_rand, dut.ram_data_rand); $display("--- test6: Switch to app mode."); - write_word(ADDR_SWITCH_APP, 32'hf000000); + write_word(ADDR_SYSTEM_MODE_CTRL, 32'hf000000); $display("--- test6: Write to ADDR_RAM_ADDR_RAND and ADDR_RAM_DATA_RAND again."); write_word(ADDR_RAM_ADDR_RAND, 32'hdeadbeef); diff --git a/hw/application_fpga/core/uds/README.md b/hw/application_fpga/core/uds/README.md index 145411f..0a100d8 100644 --- a/hw/application_fpga/core/uds/README.md +++ b/hw/application_fpga/core/uds/README.md @@ -6,7 +6,7 @@ Unique Device Secret core This core store and protect the Unique Device Secret (UDS) asset. The UDS can be accessed as eight separate 32-bit words. The words can only -be accessed as long as the fw_app_mode input is low, implying that the +be accessed as long as the system_mode input is low, implying that the CPU is executing the FW. The UDS words can be accessed in any order, but a given word can only diff --git a/hw/application_fpga/core/uds/rtl/uds.v b/hw/application_fpga/core/uds/rtl/uds.v index 1bbb7b9..2aaa112 100644 --- a/hw/application_fpga/core/uds/rtl/uds.v +++ b/hw/application_fpga/core/uds/rtl/uds.v @@ -17,7 +17,7 @@ module uds ( input wire clk, input wire reset_n, - input wire fw_app_mode, + input wire system_mode, input wire cs, input wire [ 2 : 0] address, @@ -89,7 +89,7 @@ module uds ( if (cs) begin tmp_ready = 1'h1; - if (!fw_app_mode) begin + if (!system_mode) begin if (uds_rd_reg[address[2 : 0]] == 1'h0) begin uds_rd_we = 1'h1; end diff --git a/hw/application_fpga/core/uds/tb/tb_uds.v b/hw/application_fpga/core/uds/tb/tb_uds.v index 652f867..9792c19 100644 --- a/hw/application_fpga/core/uds/tb/tb_uds.v +++ b/hw/application_fpga/core/uds/tb/tb_uds.v @@ -37,7 +37,7 @@ module tb_uds (); reg tb_clk; reg tb_reset_n; - reg tb_fw_app_mode; + reg tb_system_mode; reg tb_cs; reg [ 7 : 0] tb_address; wire [31 : 0] tb_read_data; @@ -50,7 +50,7 @@ module tb_uds (); .clk(tb_clk), .reset_n(tb_reset_n), - .fw_app_mode(tb_fw_app_mode), + .system_mode(tb_system_mode), .cs(tb_cs), .address(tb_address), @@ -95,7 +95,7 @@ module tb_uds (); $display("State of DUT at cycle: %08d", cycle_ctr); $display("------------"); $display("Inputs and outputs:"); - $display("fw_app_mode: 0x%1x", tb_fw_app_mode); + $display("system_mode: 0x%1x", tb_system_mode); $display("cs: 0x%1x, address: 0x%02x, read_data: 0x%08x", tb_cs, tb_address, tb_read_data); $display(""); @@ -160,7 +160,7 @@ module tb_uds (); tb_clk = 1'h0; tb_reset_n = 1'h1; - tb_fw_app_mode = 1'h0; + tb_system_mode = 1'h0; tb_cs = 1'h0; tb_address = 8'h0; end diff --git a/hw/application_fpga/fw/README.md b/hw/application_fpga/fw/README.md index 6a1de76..8a11fb5 100644 --- a/hw/application_fpga/fw/README.md +++ b/hw/application_fpga/fw/README.md @@ -188,7 +188,7 @@ Typical expected use scenario: more automatic variables. 8. Firmware starts the application by first switching to from - firmware mode to application mode by writing to the `SWITCH_APP` + firmware mode to application mode by writing to the `SYSTEM_MODE_CTRL` register. In this mode the MMIO region is restricted, e.g. some registers are removed (`UDS`), and some are switched from read/write to read-only (see [the memory diff --git a/hw/application_fpga/fw/testfw/main.c b/hw/application_fpga/fw/testfw/main.c index 4302097..5ed6076 100644 --- a/hw/application_fpga/fw/testfw/main.c +++ b/hw/application_fpga/fw/testfw/main.c @@ -10,20 +10,20 @@ #include "../tk1_mem.h" // clang-format off -volatile uint32_t *tk1name0 = (volatile uint32_t *)TK1_MMIO_TK1_NAME0; -volatile uint32_t *tk1name1 = (volatile uint32_t *)TK1_MMIO_TK1_NAME1; -volatile uint32_t *uds = (volatile uint32_t *)TK1_MMIO_UDS_FIRST; -volatile uint32_t *cdi = (volatile uint32_t *)TK1_MMIO_TK1_CDI_FIRST; -volatile uint32_t *udi = (volatile uint32_t *)TK1_MMIO_TK1_UDI_FIRST; -volatile uint32_t *switch_app = (volatile uint32_t *)TK1_MMIO_TK1_SWITCH_APP; -volatile uint8_t *fw_ram = (volatile uint8_t *)TK1_MMIO_FW_RAM_BASE; -volatile uint32_t *timer = (volatile uint32_t *)TK1_MMIO_TIMER_TIMER; -volatile uint32_t *timer_prescaler = (volatile uint32_t *)TK1_MMIO_TIMER_PRESCALER; -volatile uint32_t *timer_status = (volatile uint32_t *)TK1_MMIO_TIMER_STATUS; -volatile uint32_t *timer_ctrl = (volatile uint32_t *)TK1_MMIO_TIMER_CTRL; -volatile uint32_t *trng_status = (volatile uint32_t *)TK1_MMIO_TRNG_STATUS; -volatile uint32_t *trng_entropy = (volatile uint32_t *)TK1_MMIO_TRNG_ENTROPY; -volatile uint32_t *fw_blake2s_addr = (volatile uint32_t *)TK1_MMIO_TK1_BLAKE2S; +volatile uint32_t *tk1name0 = (volatile uint32_t *)TK1_MMIO_TK1_NAME0; +volatile uint32_t *tk1name1 = (volatile uint32_t *)TK1_MMIO_TK1_NAME1; +volatile uint32_t *uds = (volatile uint32_t *)TK1_MMIO_UDS_FIRST; +volatile uint32_t *cdi = (volatile uint32_t *)TK1_MMIO_TK1_CDI_FIRST; +volatile uint32_t *udi = (volatile uint32_t *)TK1_MMIO_TK1_UDI_FIRST; +volatile uint32_t *system_mode_ctrl = (volatile uint32_t *)TK1_MMIO_TK1_SYSTEM_MODE_CTRL; +volatile uint8_t *fw_ram = (volatile uint8_t *)TK1_MMIO_FW_RAM_BASE; +volatile uint32_t *timer = (volatile uint32_t *)TK1_MMIO_TIMER_TIMER; +volatile uint32_t *timer_prescaler = (volatile uint32_t *)TK1_MMIO_TIMER_PRESCALER; +volatile uint32_t *timer_status = (volatile uint32_t *)TK1_MMIO_TIMER_STATUS; +volatile uint32_t *timer_ctrl = (volatile uint32_t *)TK1_MMIO_TIMER_CTRL; +volatile uint32_t *trng_status = (volatile uint32_t *)TK1_MMIO_TRNG_STATUS; +volatile uint32_t *trng_entropy = (volatile uint32_t *)TK1_MMIO_TRNG_ENTROPY; +volatile uint32_t *fw_blake2s_addr = (volatile uint32_t *)TK1_MMIO_TK1_BLAKE2S; // clang-format on #define UDS_WORDS 8 @@ -257,9 +257,9 @@ int main(void) } } - uint32_t sw = *switch_app; + uint32_t sw = *system_mode_ctrl; if (sw != 0) { - failmsg("switch_app is not 0 in fw mode"); + failmsg("system_mode_ctrl is not 0 in fw mode"); anyfailed = 1; } @@ -269,11 +269,11 @@ int main(void) // Turn on application mode. // ------------------------- - *switch_app = 1; + *system_mode_ctrl = 1; - sw = *switch_app; + sw = *system_mode_ctrl; if (sw != 0xffffffff) { - failmsg("switch_app is not 0xffffffff in app mode"); + failmsg("system_mode_ctrl is not 0xffffffff in app mode"); anyfailed = 1; } diff --git a/hw/application_fpga/fw/tk1/main.c b/hw/application_fpga/fw/tk1/main.c index b6f59ec..524b0dc 100644 --- a/hw/application_fpga/fw/tk1/main.c +++ b/hw/application_fpga/fw/tk1/main.c @@ -12,24 +12,24 @@ #include "types.h" // clang-format off -static volatile uint32_t *uds = (volatile uint32_t *)TK1_MMIO_UDS_FIRST; -static volatile uint32_t *switch_app = (volatile uint32_t *)TK1_MMIO_TK1_SWITCH_APP; -static volatile uint32_t *name0 = (volatile uint32_t *)TK1_MMIO_TK1_NAME0; -static volatile uint32_t *name1 = (volatile uint32_t *)TK1_MMIO_TK1_NAME1; -static volatile uint32_t *ver = (volatile uint32_t *)TK1_MMIO_TK1_VERSION; -static volatile uint32_t *udi = (volatile uint32_t *)TK1_MMIO_TK1_UDI_FIRST; -static volatile uint32_t *cdi = (volatile uint32_t *)TK1_MMIO_TK1_CDI_FIRST; -static volatile uint32_t *app_addr = (volatile uint32_t *)TK1_MMIO_TK1_APP_ADDR; -static volatile uint32_t *app_size = (volatile uint32_t *)TK1_MMIO_TK1_APP_SIZE; -static volatile uint32_t *fw_blake2s_addr = (volatile uint32_t *)TK1_MMIO_TK1_BLAKE2S; -static volatile uint32_t *trng_status = (volatile uint32_t *)TK1_MMIO_TRNG_STATUS; -static volatile uint32_t *trng_entropy = (volatile uint32_t *)TK1_MMIO_TRNG_ENTROPY; -static volatile uint32_t *timer = (volatile uint32_t *)TK1_MMIO_TIMER_TIMER; -static volatile uint32_t *timer_prescaler = (volatile uint32_t *)TK1_MMIO_TIMER_PRESCALER; -static volatile uint32_t *timer_status = (volatile uint32_t *)TK1_MMIO_TIMER_STATUS; -static volatile uint32_t *timer_ctrl = (volatile uint32_t *)TK1_MMIO_TIMER_CTRL; -static volatile uint32_t *ram_addr_rand = (volatile uint32_t *)TK1_MMIO_TK1_RAM_ADDR_RAND; -static volatile uint32_t *ram_data_rand = (volatile uint32_t *)TK1_MMIO_TK1_RAM_DATA_RAND; +static volatile uint32_t *uds = (volatile uint32_t *)TK1_MMIO_UDS_FIRST; +static volatile uint32_t *system_mode_ctrl = (volatile uint32_t *)TK1_MMIO_TK1_SYSTEM_MODE_CTRL; +static volatile uint32_t *name0 = (volatile uint32_t *)TK1_MMIO_TK1_NAME0; +static volatile uint32_t *name1 = (volatile uint32_t *)TK1_MMIO_TK1_NAME1; +static volatile uint32_t *ver = (volatile uint32_t *)TK1_MMIO_TK1_VERSION; +static volatile uint32_t *udi = (volatile uint32_t *)TK1_MMIO_TK1_UDI_FIRST; +static volatile uint32_t *cdi = (volatile uint32_t *)TK1_MMIO_TK1_CDI_FIRST; +static volatile uint32_t *app_addr = (volatile uint32_t *)TK1_MMIO_TK1_APP_ADDR; +static volatile uint32_t *app_size = (volatile uint32_t *)TK1_MMIO_TK1_APP_SIZE; +static volatile uint32_t *fw_blake2s_addr = (volatile uint32_t *)TK1_MMIO_TK1_BLAKE2S; +static volatile uint32_t *trng_status = (volatile uint32_t *)TK1_MMIO_TRNG_STATUS; +static volatile uint32_t *trng_entropy = (volatile uint32_t *)TK1_MMIO_TRNG_ENTROPY; +static volatile uint32_t *timer = (volatile uint32_t *)TK1_MMIO_TIMER_TIMER; +static volatile uint32_t *timer_prescaler = (volatile uint32_t *)TK1_MMIO_TIMER_PRESCALER; +static volatile uint32_t *timer_status = (volatile uint32_t *)TK1_MMIO_TIMER_STATUS; +static volatile uint32_t *timer_ctrl = (volatile uint32_t *)TK1_MMIO_TIMER_CTRL; +static volatile uint32_t *ram_addr_rand = (volatile uint32_t *)TK1_MMIO_TK1_RAM_ADDR_RAND; +static volatile uint32_t *ram_data_rand = (volatile uint32_t *)TK1_MMIO_TK1_RAM_DATA_RAND; // clang-format on // Context for the loading of a TKey program @@ -343,7 +343,7 @@ static void run(const struct context *ctx) // clang-format on // Flip over to application mode - *switch_app = 1; + *system_mode_ctrl = 1; // XXX Firmware stack now no longer available // Don't use any function calls! diff --git a/hw/application_fpga/fw/tk1_mem.h b/hw/application_fpga/fw/tk1_mem.h index 8bd5c07..565d818 100644 --- a/hw/application_fpga/fw/tk1_mem.h +++ b/hw/application_fpga/fw/tk1_mem.h @@ -109,7 +109,9 @@ #define TK1_MMIO_TK1_NAME1 0xff000004 #define TK1_MMIO_TK1_VERSION 0xff000008 +// Deprecated - use _SYSTEM_MODE_CTRL instead #define TK1_MMIO_TK1_SWITCH_APP 0xff000020 +#define TK1_MMIO_TK1_SYSTEM_MODE_CTRL 0xff000020 #define TK1_MMIO_TK1_LED 0xff000024 #define TK1_MMIO_TK1_LED_R_BIT 2 diff --git a/hw/application_fpga/rtl/application_fpga.v b/hw/application_fpga/rtl/application_fpga.v index 4deb307..5cff407 100644 --- a/hw/application_fpga/rtl/application_fpga.v +++ b/hw/application_fpga/rtl/application_fpga.v @@ -142,7 +142,7 @@ module application_fpga ( reg [31 : 0] tk1_write_data; wire [31 : 0] tk1_read_data; wire tk1_ready; - wire fw_app_mode; + wire system_mode; wire force_trap; wire [14 : 0] ram_addr_rand; wire [31 : 0] ram_data_rand; @@ -237,7 +237,7 @@ module application_fpga ( .clk(clk), .reset_n(reset_n), - .fw_app_mode(fw_app_mode), + .system_mode(system_mode), .cs(fw_ram_cs), .we(fw_ram_we), @@ -277,7 +277,7 @@ module application_fpga ( .clk(clk), .reset_n(reset_n), - .fw_app_mode(fw_app_mode), + .system_mode(system_mode), .cs(uds_cs), .address(uds_address), @@ -320,7 +320,7 @@ module application_fpga ( .clk(clk), .reset_n(reset_n), - .fw_app_mode(fw_app_mode), + .system_mode(system_mode), .cpu_addr (cpu_addr), .cpu_instr (cpu_instr), diff --git a/hw/application_fpga/tb/application_fpga_vsim.v b/hw/application_fpga/tb/application_fpga_vsim.v index 13cc16d..e259e16 100644 --- a/hw/application_fpga/tb/application_fpga_vsim.v +++ b/hw/application_fpga/tb/application_fpga_vsim.v @@ -152,7 +152,7 @@ module application_fpga ( reg [31 : 0] tk1_write_data; wire [31 : 0] tk1_read_data; wire tk1_ready; - wire fw_app_mode; + wire system_mode; //---------------------------------------------------------------- @@ -304,7 +304,7 @@ module application_fpga ( .clk(clk), .reset_n(reset_n), - .fw_app_mode(fw_app_mode), + .system_mode(system_mode), .led_r(led_r), .led_g(led_g),