From beb325b683c6ba9dede67a318354dfae01de70e0 Mon Sep 17 00:00:00 2001
From: Daniel Jobson <jobson@tillitis.se>
Date: Wed, 13 Nov 2024 16:13:16 +0100
Subject: [PATCH] PoC: Deny access to the SPI master in app mode
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Mikael Ågren <mikael@tillitis.se>
---
 hw/application_fpga/README.md          | 12 ++++++------
 hw/application_fpga/core/tk1/rtl/tk1.v | 26 +++++++++++++++++++-------
 2 files changed, 25 insertions(+), 13 deletions(-)

diff --git a/hw/application_fpga/README.md b/hw/application_fpga/README.md
index 44e300c..80fd9ba 100644
--- a/hw/application_fpga/README.md
+++ b/hw/application_fpga/README.md
@@ -139,12 +139,12 @@ Interrupts can be enabled/disabled using the PicoRV32 specific
 The following table shows resource availablility for each execution
 mode:
 
-| *Execution Mode*    | *ROM*  | *FW RAM* |
-|---------------------|--------|----------|
-| Firmware mode       | r/x    | r/w      |
-| App mode            | r      | i        |
-| IRQ_SYSCALL_LO      | r/x    | i        |
-| IRQ_SYSCALL_HI      | r/x    | r/w      |
+| *Execution Mode*    | *ROM*  | *FW RAM* | *SPI* |
+|---------------------|--------|----------|-------|
+| Firmware mode       | r/x    | r/w      | r/w   |
+| App mode            | r      | i        | i     |
+| IRQ_SYSCALL_LO      | r/x    | i        | i     |
+| IRQ_SYSCALL_HI      | r/x    | r/w      | r/w   |
 
 Legend:
 r = readable
diff --git a/hw/application_fpga/core/tk1/rtl/tk1.v b/hw/application_fpga/core/tk1/rtl/tk1.v
index fbbefcc..2d1cd80 100644
--- a/hw/application_fpga/core/tk1/rtl/tk1.v
+++ b/hw/application_fpga/core/tk1/rtl/tk1.v
@@ -182,6 +182,7 @@ module tk1 #(
   reg           spi_tx_data_vld;
   wire          spi_ready;
   wire [ 7 : 0] spi_rx_data;
+  wire          spi_access_en;
 
   wire          rom_exec_en;
 
@@ -205,6 +206,7 @@ module tk1 #(
 
   assign rom_exec_en   = !system_mode | access_level_med | access_level_hi;
   assign fw_ram_en     = !system_mode | access_level_hi;
+  assign spi_access_en = !system_mode | access_level_hi;
 
   //----------------------------------------------------------------
   // Module instance.
@@ -522,8 +524,8 @@ module tk1 #(
     spi_start        = 1'h0;
     spi_tx_data_vld  = 1'h0;
 
-    spi_enable       = write_data[0];
-    spi_tx_data      = write_data[7 : 0];
+    spi_enable       = write_data[0] & spi_access_en;
+    spi_tx_data      = write_data[7 : 0] & {8{spi_access_en}};
 
     if (cs) begin
       tmp_ready = 1'h1;
@@ -588,15 +590,21 @@ module tk1 #(
         end
 
         if (address == ADDR_SPI_EN) begin
-          spi_enable_vld = 1'h1;
+          if (spi_access_en) begin
+            spi_enable_vld = 1'h1;
+          end
         end
 
         if (address == ADDR_SPI_XFER) begin
-          spi_start = 1'h1;
+          if (spi_access_en) begin
+            spi_start = 1'h1;
+          end
         end
 
         if (address == ADDR_SPI_DATA) begin
-          spi_tx_data_vld = 1'h1;
+          if (spi_access_en) begin
+            spi_tx_data_vld = 1'h1;
+          end
         end
 
       end
@@ -644,11 +652,15 @@ module tk1 #(
         end
 
         if (address == ADDR_SPI_XFER) begin
-          tmp_read_data[0] = spi_ready;
+          if (spi_access_en) begin
+            tmp_read_data[0] = spi_ready;
+          end
         end
 
         if (address == ADDR_SPI_DATA) begin
-          tmp_read_data[7 : 0] = spi_rx_data;
+          if (spi_access_en) begin
+            tmp_read_data[7 : 0] = spi_rx_data;
+          end
         end
 
       end