Git-Mirrors/tillitis-key
1
0
Fork 0
mirror of https://github.com/tillitis/tillitis-key1.git synced 2025-04-06 14:03:40 -04:00
Code Issues Packages Projects Releases Wiki Activity
675 Commits 31 Branches 16 Tags
Commit Graph

675 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mikael Ågren
03b93cac84
Optionally add size of pre loaded app 0 when generating partition table 2025-04-04 19:11:08 +02:00
Michael Cardell Widerkrantz
781bce9602
fw: Add status syscall for flash status 
Add a way of reporting invalid partition table copy through a new
syscall for TKey status.
 2025-04-04 16:02:55 +02:00
Michael Cardell Widerkrantz
092bac027d
fw: Indicate which partition table used by return value when reading 
- Return 0: Slot 0 used.
- Return 1: Slot 1 used, indicating slot 0 broken!
 2025-04-04 15:36:43 +02:00
Michael Cardell Widerkrantz
58887b97d8
fw: Load default partition table image when installing preloaded app 2025-04-04 15:25:31 +02:00
Michael Cardell Widerkrantz
00460f02ac
build: Ignore .bin files explicitly 2025-04-04 15:24:55 +02:00
Michael Cardell Widerkrantz
e12a683605
Update length and digest of testloadapp 2025-04-04 14:54:35 +02:00
Michael Cardell Widerkrantz
d85d60db72
fw: Implement redundancy of partition table 2025-04-04 14:32:15 +02:00
Michael Cardell Widerkrantz
6cae31dc1e
Remove commented out code about creating partition table 2025-04-04 13:59:34 +02:00
Mikael Ågren
469546ff33
fw: Add checksum to partition table 
Refuse to boot if blake2s digest over the partition table does not match
digest stored on flash
 2025-04-04 13:41:56 +02:00
Michael Cardell Widerkrantz
7d9aa7c647
tool: Introduce b2s tool to help compute BLAKE2s digests 2025-04-04 13:41:56 +02:00
Mikael Ågren
12a4575911
testapp: Fix illegal TK1_SYSCALL_RESET call 2025-04-04 13:41:55 +02:00
Mikael Ågren
e1e964082f
fw: Only allow sector aligned erase ops 2025-04-04 13:41:55 +02:00
Mikael Ågren
a8f355e19a
fw: Remove storage area address and size from partition table 
Instead we calculate start addresses from area index and use fixed size.
 2025-04-04 13:41:55 +02:00
Mikael Ågren
d0310ff3e0
fw: Remove TK1_SYSCALL_REG_MGMT 
Validate preload API access using the fixed, pre-calculated app digest
instead of letting an app register itself as a management app.
 2025-04-04 13:41:54 +02:00
Mikael Ågren
e5a574204b
fw: Remove pre loaded app auth and status from partition table 2025-04-04 13:41:54 +02:00
Mikael Ågren
f1da9f257e
Add tool to inspect partition table dump 2025-04-04 13:41:54 +02:00
Michael Cardell Widerkrantz
ba53340f61
fw: Only allow a specific app to start from first flash 
Store size and app digest in ROM and compare to what we are booting.
 2025-04-04 13:41:53 +02:00
Mikael Ågren
43ee135777
testloadapp: Delete any existing preloaded app before installing 2025-04-04 13:41:53 +02:00
Mikael Ågren
68917cc1bb
WIP: verify pre loaded app 2 2025-04-04 13:41:53 +02:00
Mikael Ågren
33bed6fc94
testloadapp: Use blake2s from tkey-libs 2025-04-04 13:41:52 +02:00
Mikael Ågren
dfce024158
Add tool to create a flash image containing a preloaded app at slot 0 2025-04-04 13:41:52 +02:00
Mikael Ågren
2d89e4b382
Do not hardcode preloaded app 1 size 
Hardcoding it causes preload_check_valid_app and therefore preload_store
to assume there already is an app installed. Causing the
TK1_SYSCALL_PRELOAD_STORE syscall to fail.
 2025-04-04 13:41:52 +02:00
Mikael Ågren
8b1bb01771
Add QEMU_SYSCALL to enable Qemu syscalls 
Enable Qemu syscall handling by defining QEMU_SYSCALL instead of
QEMU_DEBUG. That way we can select either or.
 2025-04-04 13:41:51 +02:00
Michael Cardell Widerkrantz
f7cc3a1135
Add start of test app for installing and verifying flash app 
Currently needs LIBDIR set to tkey-libs with blake2s().
 2025-04-04 13:41:51 +02:00
Mikael Ågren
bca578a3e9
Do note delete or corrupt preloaded app 0 when storing preloaded app 1 2025-04-04 13:41:51 +02:00
Mikael Ågren
b1d52c58c0
Delete app digest and signature when preloaded app is deleted 2025-04-04 13:41:50 +02:00
Mikael Ågren
1afa354321
Store app digest and signature for each app slot 2025-04-04 13:41:50 +02:00
Michael Cardell Widerkrantz
42cb68a7ff
Introduce syscalls to change preloaded app 
Introduce syscalls:

- TK1_SYSCALL_PRELOAD_STORE
- TK1_SYSCALL_PRELOAD_STORE_FIN
- TK1_SYSCALL_PRELOAD_DELETE
- TK1_SYSCALL_REG_MGMT = 11

Change preload_store_finalize() not to take USS arg. Unused for
preloaded apps.
 2025-04-04 13:41:50 +02:00
Mikael Ågren
b44fa2949a
Add second pre-loaded app slot in flash 2025-04-04 13:41:49 +02:00
Mikael Ågren
31b86345c0
When requested, verify app digest before running 2025-04-04 13:41:49 +02:00
Mikael Ågren
44624d8e3f
Handle reset info in reset syscall 
Disabling debug printouts to get firmware to fit in ROM
 2025-04-04 13:41:49 +02:00
Jonas Thörnblad
4a2c1e59f8
Add resetinfo testapp 
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Co-authored-by: Michael Cardell Widerkrantz <mc@tillitis.se>
 2025-04-04 13:41:48 +02:00
Michael Cardell Widerkrantz
c84d8e8a8d
Add resetinfo handling 
Decide where to start from with data from resetinfo part of FW_RAM.

Co-authored-by: Jonas Thörnblad <jonas@tillitis.se>
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
 2025-04-04 13:41:48 +02:00
Michael Cardell Widerkrantz
e293d1b779
Document state machine 
Golden path not updated
 2025-04-04 13:41:48 +02:00
Michael Cardell Widerkrantz
7dab492557
Experiment with new state machine 2025-04-04 13:41:47 +02:00
Michael Cardell Widerkrantz
b0a066fd3f
Experiment with state machine when starting from flash 
- Move around code to start an app from flash.
- Mark experimental stuff and debug stuff more clearly.
 2025-04-04 13:41:47 +02:00
Michael Cardell Widerkrantz
ee5feef2f4
Introduce symbolic names for present and present & authenticated 
A preloaded app can be:

- present and not yet authenticated (0x01)
- present and authenticated (0x02)

Let's use symbolic names for these.
 2025-04-04 13:41:47 +02:00
Michael Cardell Widerkrantz
b8ba3868ce
Make run_flash() and run() both call jump_to_app() 2025-04-04 13:41:46 +02:00
Michael Cardell Widerkrantz
8274f6f9a1
Add hardcoded preloaded app size 
- Enable TKEY_DEBUG
- Wait for something on CDC before continuing
 2025-04-04 13:41:46 +02:00
Mikael Ågren
0917aa2a1b
Add script to load pre-loaded app into flash 2025-04-04 13:41:46 +02:00
Mikael Ågren
333140fae7
fw: Replace custom picorv32 instructions in qemu target 2025-04-04 13:41:45 +02:00
Michael Cardell Widerkrantz
60e80c5a38
Add start of pre-loaded app from flash 
Based on earlier code by Daniel Jobson <jobson@tillitis.se> now
integrated into the new world order.

Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
 2025-04-04 13:41:45 +02:00
Michael Cardell Widerkrantz
8da9eef5d0
Add filesystem code and storage syscalls 
Adds syscalls:

- ALLOCATE_AREA
- DEALLOCATE_AREA
- WRITE_DATA
- READ_DATA

and code to access the filesystem and the flash over SPI.

Based on original work by Daniel Jobson <jobson@tillitis.see> for
these files:

- auth_app.[ch]
- flash.[ch]
- spi.[ch]
- partition_table.[ch]
- rng.[ch]
- storage.[ch]

which are used with small changes to integrate with the new syscall
method.

Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
 2025-04-04 13:41:44 +02:00
Michael Cardell Widerkrantz
e86e60fcfe
Update firmware state machine 
Include flash apps and states in firmware state machine description
and diagram.
 2025-03-18 17:40:10 +01:00
Michael Cardell Widerkrantz
3195f2f21b
Clarify golden path 
- Clarify what the default behaviour is.
- Clarify when we should halt CPU.
- Move common things when booting from flash and UART to its own
  section.
 2025-03-18 17:40:10 +01:00
Michael Cardell Widerkrantz
bfda615f8c
doc: Add description on how firmware starts app from flash 
A first attempt at describing how to start an app from flash and how
to handle information left in resetinfo from the previous app in the
chain.
 2025-03-18 17:40:02 +01:00
Jonas Thörnblad
8d8f4c7faf
ch552: Misc. cleanup 
- Merge Makefile and Makefile.include into Makefile
  - Format structure
  - Remove unused variables, targets etc.

- Add missing check if it is ok to send data to the FPGA.

- Remove 'baud rate calculator.ods'

- Update encode_usb_strings.py to generate strings for
  CdcCtrlInterfaceDesc, CdcDataInterfaceDesc,
  FidoHidInterfaceDesc, TkeyCtrlInterfaceDesc.
  Also store generated strings in UTF-16 instead of hex.

- Update usb_strings.h to match new encode_usb_strings.py
  output.

- Remove unused struct SetupReqBuf.
 2025-03-14 09:49:26 +01:00
Michael Cardell Widerkrantz
33f14122ad
doc: Add note about building 2025-03-13 11:07:47 +01:00
Michael Cardell Widerkrantz
435b1f9d29
build: Update binary digests 2025-03-13 11:07:47 +01:00
Michael Cardell Widerkrantz
16a9e8c367
fw: Import tkey-libs fw-2 
This is an import of the fw-2 tag of tkey-libs.

We import the entire tkey-libs repo minus dot files into the
tillitis-key1 repo to make it very simple not to make mistakes
regarding which firmware tag depends on which tkey-libs tag,
especially considering locking down with NVCM.

Please see README for information about developing with another
tkey-libs or how to import future tkey-libs.

Since tkey-libs is now a part of the repo we also add tkey-libs to the
clean_fw target.
 2025-03-13 11:07:47 +01:00