Add complete checks for invalid memory accesses

Also fix two typos for memory ranges that fortunately have no impact on functionality.
2025-01-27 07:47:04 -05:00 · 2024-12-20 10:38:17 +01:00 · 2024-12-20 10:38:17 +01:00 · f2a3d8b23c
commit f2a3d8b23c
parent 66888a3756
7 changed files with 71 additions and 9 deletions
--- a/hw/application_fpga/application_fpga.bin.sha256
+++ b/hw/application_fpga/application_fpga.bin.sha256
@ -1 +1 @@
-44086edb70377991b57d3f1c231f743fcf0c2c9d2303843ec133f76cc42449a8  application_fpga.bin
+d610fd2e21eabe6fd840cee9f2a9f5ec00be8b40fbdfd069232f6450cd108a96  application_fpga.bin
--- a/hw/application_fpga/core/tk1/README.md
+++ b/hw/application_fpga/core/tk1/README.md
@ -164,8 +164,9 @@ ADDR_CPU_MON_LAST: 0x62
 Monitors events and state changes in the SoC and handles security
 violations. Currently checks for:

-1. Trying to execute instructions in FW\_RAM. *Always enabled.*
-2. Trying to access RAM outside of the physical memory. *Always enabled*
+1. Trying to access memory that is outside of the defined size of the
+   defined memory areas. *Always enabled*
+2. Trying to execute instructions in FW\_RAM. *Always enabled.*
 3. Trying to execute instructions from a memory area in RAM defined by
   the application.

--- a/hw/application_fpga/core/tk1/rtl/tk1.v
+++ b/hw/application_fpga/core/tk1/rtl/tk1.v
@ -381,7 +381,8 @@ module tk1 #(
  // Monitor events and state changes in the SoC, and handle
  // security violations. We currently check for:
  //
-  // Any access to RAM but outside of the size of the physical mem.
+  // Any memory access that is outside of the defined size of the
+  // defined memory areas.
  //
  // Trying to execute instructions in FW-RAM.
  //
@ -393,10 +394,70 @@ module tk1 #(
    force_trap_set = 1'h0;

    if (cpu_valid) begin
+      // Outside ROM area
+      if (cpu_addr[31 : 30] == 2'h0 & |cpu_addr[29 : 14]) begin
+        force_trap_set = 1'h1;
+      end
+
+      // Outside RAM area
      if (cpu_addr[31 : 30] == 2'h1 & |cpu_addr[29 : 17]) begin
        force_trap_set = 1'h1;
      end

+      // In RESERVED area
+      if (cpu_addr[31 : 30] == 2'h2) begin
+        force_trap_set = 1'h1;
+      end
+
+      // MMIO
+      if (cpu_addr[31 : 30] == 2'h3) begin
+
+        // Outside TRNG
+        if (cpu_addr[29 : 24] == 6'h00 & |cpu_addr[23 : 10]) begin
+          force_trap_set = 1'h1;
+        end
+
+        // Outside TIMER
+        if (cpu_addr[29 : 24] == 6'h01 & |cpu_addr[23 : 10]) begin
+          force_trap_set = 1'h1;
+        end
+
+        // Outside UDS
+        if (cpu_addr[29 : 24] == 6'h02 & |cpu_addr[23 : 5]) begin
+          force_trap_set = 1'h1;
+        end
+
+        // Outside UART
+        if (cpu_addr[29 : 24] == 6'h03 & |cpu_addr[23 : 10]) begin
+          force_trap_set = 1'h1;
+        end
+
+        // Outside TOUCH_SENSE
+        if (cpu_addr[29 : 24] == 6'h04 & |cpu_addr[23 : 10]) begin
+          force_trap_set = 1'h1;
+        end
+
+        // In unused space
+        if ((cpu_addr[29 : 24] > 6'h04) && (cpu_addr[29 : 24] < 6'h10)) begin
+          force_trap_set = 1'h1;
+        end
+
+        // Outside FW_RAM
+        if (cpu_addr[29 : 24] == 6'h10 & |cpu_addr[23 : 11]) begin
+          force_trap_set = 1'h1;
+        end
+
+        // In unused space
+        if ((cpu_addr[29 : 24] > 6'h10) && (cpu_addr[29 : 24] < 6'h3f)) begin
+          force_trap_set = 1'h1;
+        end
+
+        // Outside TK1
+        if (cpu_addr[29 : 24] == 6'h3f & |cpu_addr[23 : 10]) begin
+          force_trap_set = 1'h1;
+        end
+      end
+
      if (cpu_instr) begin
        if ((cpu_addr >= FW_RAM_FIRST) && (cpu_addr <= FW_RAM_LAST)) begin
          force_trap_set = 1'h1;
--- a/hw/application_fpga/firmware.bin.sha512
+++ b/hw/application_fpga/firmware.bin.sha512
@ -1 +1 @@
-edb39fca7dafb8ea0b89fdeecd960d7656e14ce461e49af97160a8bd6e67d9987e816adad37ba0fcfa63d107c3160988e4c3423ce4a71c39544bc0045888fec1  firmware.bin
+39d5aee11b8553544ba9171f83fbe6f5b7546a15c70d03325e72a2b0ca86c8f7a2b5b6bf121d1d3ffc84a502a2a1a6f3ea140d1424cd424336e055be2f394f83  firmware.bin
--- a/hw/application_fpga/fw/tk1_mem.h
+++ b/hw/application_fpga/fw/tk1_mem.h
@ -82,8 +82,8 @@
 #define TK1_MMIO_TIMER_TIMER 0xc100002c

 #define TK1_MMIO_UDS_BASE 0xc2000000
-#define TK1_MMIO_UDS_FIRST 0xc2000040
-#define TK1_MMIO_UDS_LAST 0xc200005c
+#define TK1_MMIO_UDS_FIRST 0xc2000000
+#define TK1_MMIO_UDS_LAST 0xc200001c

 #define TK1_MMIO_UART_BASE 0xc3000000
 #define TK1_MMIO_UART_RX_STATUS 0xc3000080
--- a/hw/application_fpga/rtl/application_fpga.v
+++ b/hw/application_fpga/rtl/application_fpga.v
@ -392,7 +392,7 @@ module application_fpga (

    ram_cs              = 1'h0;
    ram_we              = 4'h0;
-    ram_address         = cpu_addr[17 : 2];
+    ram_address         = cpu_addr[16 : 2];
    ram_write_data      = cpu_wdata;

    fw_ram_cs           = 1'h0;
--- a/hw/application_fpga/tb/application_fpga_sim.v
+++ b/hw/application_fpga/tb/application_fpga_sim.v
@ -406,7 +406,7 @@ module application_fpga_sim (

    ram_cs              = 1'h0;
    ram_we              = 4'h0;
-    ram_address         = cpu_addr[17 : 2];
+    ram_address         = cpu_addr[16 : 2];
    ram_write_data      = cpu_wdata;

    fw_ram_cs           = 1'h0;