Git-Mirrors/tillitis-key
1
0
Fork 0
mirror of https://github.com/tillitis/tillitis-key1.git synced 2024-12-25 23:49:36 -05:00
Code Issues Packages Projects Releases Wiki Activity

fpga: Add stateful access control

Browse Source 
Add access stateful control register that toggles if access to a
      resources is granted based on if code is excuted from ROM or RAM.
      The register is used to enable or block access to SPI but
      potentially other HW resources.

Signed-off-by: Joachim Strömbergson <joachim@assured.se>
This commit is contained in:
Joachim Strömbergson 2024-07-09 12:58:45 +02:00 committed by Daniel Jobson
parent c6abfbcc59
commit fbd1620891
No known key found for this signature in database
GPG Key ID: 3707A9DBF4BB8F1A
2 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
hw/application_fpga/core/tk1/rtl/tk1.v
View File

@ -25,6 +25,9 @@ module tk1(
input wire cpu_valid, input wire cpu_valid,
output wire force_trap, output wire force_trap,
input wire ram_access,
input wire rom_access,
output wire [14 : 0] ram_aslr, output wire [14 : 0] ram_aslr,
output wire [31 : 0] ram_scramble, output wire [31 : 0] ram_scramble,
@ -158,7 +161,9 @@ module tk1(
reg force_trap_reg; reg force_trap_reg;
reg force_trap_set; reg force_trap_set;
reg spi_access_ok; reg access_ok_reg;
reg access_ok_new;
reg access_ok_we;
//---------------------------------------------------------------- //----------------------------------------------------------------
@ -232,13 +237,13 @@ module tk1(
.spi_mosi(spi_mosi), .spi_mosi(spi_mosi),
.spi_miso(spi_miso), .spi_miso(spi_miso),
.spi_enable((spi_enable & spi_access_ok)), .spi_enable((spi_enable & spi_access_ok_reg)),
.spi_enable_vld((spi_enable_vld & spi_access_ok)), .spi_enable_vld((spi_enable_vld & spi_access_ok_reg)),
.spi_start((spi_start & spi_access_ok)), .spi_start((spi_start & spi_access_ok_reg)),
.spi_tx_data(spi_tx_data), .spi_tx_data(spi_tx_data),
.spi_tx_data_vld((spi_tx_data_vld & spi_access_ok)), .spi_tx_data_vld((spi_tx_data_vld & spi_access_ok_reg)),
.spi_rx_data(spi_rx_data), .spi_rx_data(spi_rx_data),
.spi_ready((spi_ready & spi_access_ok)) .spi_ready((spi_ready & spi_access_ok_reg))
); );
`endif // INCLUDE_SPI_MASTER `endif // INCLUDE_SPI_MASTER
@ -280,6 +285,7 @@ module tk1(
ram_aslr_reg <= 15'h0; ram_aslr_reg <= 15'h0;
ram_scramble_reg <= 32'h0; ram_scramble_reg <= 32'h0;
force_trap_reg <= 1'h0; force_trap_reg <= 1'h0;
access_ok_reg <= 1'h0;
end end
else begin else begin
@ -350,6 +356,10 @@ module tk1(
if (force_trap_set) begin if (force_trap_set) begin
force_trap_reg <= 1'h1; force_trap_reg <= 1'h1;
end end
if (access_ok_we) begin
access_ok_reg <= access_ok_new;
end
end end
end // reg_update end // reg_update
@ -378,17 +388,24 @@ module tk1(
//---------------------------------------------------------------- //----------------------------------------------------------------
// spi_access_control // access_control
// //
// Logic thar controls if any access to the SPI master is done // Logic that controls access to resources that only FW (ROM),
// by FW-code. // not applications should be allowed to use.
//---------------------------------------------------------------- //----------------------------------------------------------------
always @* always @*
begin : spi_access_control begin : access_control
spi_access_ok = 1'h0; access_ok_new = 1'h0;
access_ok_we = 1'h0;
if (cpu_addr[31 : 30] == ROM_PREFIX) begin if (rom_access) begin
spi_access_ok = 1'h1; access_ok_new = 1'h1;
access_ok_we = 1'h1;
end
if (ram_access) begin
access_ok_new = 1'h0;
access_ok_we = 1'h1;
end end
end end

3
hw/application_fpga/rtl/application_fpga.v
View File

@ -321,6 +321,9 @@ module application_fpga(
.cpu_trap(cpu_trap), .cpu_trap(cpu_trap),
.force_trap(force_trap), .force_trap(force_trap),
.ram_access(ram_cs),
.rom_access(rom_cs),
.ram_aslr(ram_aslr), .ram_aslr(ram_aslr),
.ram_scramble(ram_scramble), .ram_scramble(ram_scramble),