mirror of
https://github.com/tillitis/tillitis-key1.git
synced 2025-03-12 18:16:55 -04:00
PoC: Deny access to the SPI master in app mode
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
This commit is contained in:
Daniel Jobson
Mikael Ågren
parent
2e1925555d
commit
beb325b683
@ -139,12 +139,12 @@ Interrupts can be enabled/disabled using the PicoRV32 specific
|
|||||||
The following table shows resource availablility for each execution
|
The following table shows resource availablility for each execution
|
||||||
mode:
|
mode:
|
||||||
|
|
||||||
| *Execution Mode* | *ROM* | *FW RAM* |
|
| *Execution Mode* | *ROM* | *FW RAM* | *SPI* |
|
||||||
|---------------------|--------|----------|
|
|---------------------|--------|----------|-------|
|
||||||
| Firmware mode | r/x | r/w |
|
| Firmware mode | r/x | r/w | r/w |
|
||||||
| App mode | r | i |
|
| App mode | r | i | i |
|
||||||
| IRQ_SYSCALL_LO | r/x | i |
|
| IRQ_SYSCALL_LO | r/x | i | i |
|
||||||
| IRQ_SYSCALL_HI | r/x | r/w |
|
| IRQ_SYSCALL_HI | r/x | r/w | r/w |
|
||||||
|
|
||||||
Legend:
|
Legend:
|
||||||
r = readable
|
r = readable
|
||||||
|
|||||||
@ -182,6 +182,7 @@ module tk1 #(
|
|||||||
reg spi_tx_data_vld;
|
reg spi_tx_data_vld;
|
||||||
wire spi_ready;
|
wire spi_ready;
|
||||||
wire [ 7 : 0] spi_rx_data;
|
wire [ 7 : 0] spi_rx_data;
|
||||||
|
wire spi_access_en;
|
||||||
|
|
||||||
wire rom_exec_en;
|
wire rom_exec_en;
|
||||||
|
|
||||||
@ -205,6 +206,7 @@ module tk1 #(
|
|||||||
|
|
||||||
assign rom_exec_en = !system_mode | access_level_med | access_level_hi;
|
assign rom_exec_en = !system_mode | access_level_med | access_level_hi;
|
||||||
assign fw_ram_en = !system_mode | access_level_hi;
|
assign fw_ram_en = !system_mode | access_level_hi;
|
||||||
|
assign spi_access_en = !system_mode | access_level_hi;
|
||||||
|
|
||||||
//----------------------------------------------------------------
|
//----------------------------------------------------------------
|
||||||
// Module instance.
|
// Module instance.
|
||||||
@ -522,8 +524,8 @@ module tk1 #(
|
|||||||
spi_start = 1'h0;
|
spi_start = 1'h0;
|
||||||
spi_tx_data_vld = 1'h0;
|
spi_tx_data_vld = 1'h0;
|
||||||
|
|
||||||
spi_enable = write_data[0];
|
spi_enable = write_data[0] & spi_access_en;
|
||||||
spi_tx_data = write_data[7 : 0];
|
spi_tx_data = write_data[7 : 0] & {8{spi_access_en}};
|
||||||
|
|
||||||
if (cs) begin
|
if (cs) begin
|
||||||
tmp_ready = 1'h1;
|
tmp_ready = 1'h1;
|
||||||
@ -588,16 +590,22 @@ module tk1 #(
|
|||||||
end
|
end
|
||||||
|
|
||||||
if (address == ADDR_SPI_EN) begin
|
if (address == ADDR_SPI_EN) begin
|
||||||
|
if (spi_access_en) begin
|
||||||
spi_enable_vld = 1'h1;
|
spi_enable_vld = 1'h1;
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if (address == ADDR_SPI_XFER) begin
|
if (address == ADDR_SPI_XFER) begin
|
||||||
|
if (spi_access_en) begin
|
||||||
spi_start = 1'h1;
|
spi_start = 1'h1;
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if (address == ADDR_SPI_DATA) begin
|
if (address == ADDR_SPI_DATA) begin
|
||||||
|
if (spi_access_en) begin
|
||||||
spi_tx_data_vld = 1'h1;
|
spi_tx_data_vld = 1'h1;
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
else begin
|
else begin
|
||||||
@ -644,12 +652,16 @@ module tk1 #(
|
|||||||
end
|
end
|
||||||
|
|
||||||
if (address == ADDR_SPI_XFER) begin
|
if (address == ADDR_SPI_XFER) begin
|
||||||
|
if (spi_access_en) begin
|
||||||
tmp_read_data[0] = spi_ready;
|
tmp_read_data[0] = spi_ready;
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if (address == ADDR_SPI_DATA) begin
|
if (address == ADDR_SPI_DATA) begin
|
||||||
|
if (spi_access_en) begin
|
||||||
tmp_read_data[7 : 0] = spi_rx_data;
|
tmp_read_data[7 : 0] = spi_rx_data;
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user