Introduce syscalls:
- TK1_SYSCALL_PRELOAD_STORE
- TK1_SYSCALL_PRELOAD_STORE_FIN
- TK1_SYSCALL_PRELOAD_DELETE
- TK1_SYSCALL_REG_MGMT = 11
Change preload_store_finalize() not to take USS arg. Unused for
preloaded apps.
Decide where to start from with data from resetinfo part of FW_RAM.
Co-authored-by: Jonas Thörnblad <jonas@tillitis.se>
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Based on earlier code by Daniel Jobson <jobson@tillitis.se> now
integrated into the new world order.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Adds syscalls:
- ALLOCATE_AREA
- DEALLOCATE_AREA
- WRITE_DATA
- READ_DATA
and code to access the filesystem and the flash over SPI.
Based on original work by Daniel Jobson <jobson@tillitis.see> for
these files:
- auth_app.[ch]
- flash.[ch]
- spi.[ch]
- partition_table.[ch]
- rng.[ch]
- storage.[ch]
which are used with small changes to integrate with the new syscall
method.
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
- Merge Makefile and Makefile.include into Makefile
- Format structure
- Remove unused variables, targets etc.
- Add missing check if it is ok to send data to the FPGA.
- Remove 'baud rate calculator.ods'
- Update encode_usb_strings.py to generate strings for
CdcCtrlInterfaceDesc, CdcDataInterfaceDesc,
FidoHidInterfaceDesc, TkeyCtrlInterfaceDesc.
Also store generated strings in UTF-16 instead of hex.
- Update usb_strings.h to match new encode_usb_strings.py
output.
- Remove unused struct SetupReqBuf.
This is an import of the fw-2 tag of tkey-libs.
We import the entire tkey-libs repo minus dot files into the
tillitis-key1 repo to make it very simple not to make mistakes
regarding which firmware tag depends on which tkey-libs tag,
especially considering locking down with NVCM.
Please see README for information about developing with another
tkey-libs or how to import future tkey-libs.
Since tkey-libs is now a part of the repo we also add tkey-libs to the
clean_fw target.
From now on the canonical home of the tk1_mem.h header file describing
the memory map of the TKey lives in tkey-libs:
https://github.com/tillitis/tkey-libs
Build firmware, testfw and testapp using tkey-libs:
https://github.com/tillitis/tkey-libs
In an effort not to have more or less identical code maintained in two
places, use tkey-libs when developing firmware, testfw and the
firmware testapp, too.
You can place the Git directory directly under hw/application_fpga
and then an ordinary make should work.
Or build with:
make LIBDIR=/path/to/tkey-libs
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
- Revise firmware implementation notes
- Document how to do fw syscalls
- Document how to trigger a syscall function in the firmware, how to
pass arguments, what the caller is responsible for and what is
returned.
- Describe hardware syscall implementation
- how the syscall interrupts are triggered,
- the hardware privilege escalation,
- the UDS protection.
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Co-authored-by: Michael Cardell Widerkrantz <mc@tillitis.se>
Introduce new syscall TK1_SYSCALL_GET_VIDPID to get Vendor ID and
Product ID from the protected Unique Device Identification number.
UDI is protected from device apps to protect the serial number, so
apps won't know the exact TKey they are running on other than the CDI.
It may, however, be important to know what *kind* of TKey they are
running on, so we want to expose the Vendor ID and Product ID.
- fpga: Allow UDI to be read when doing syscalls.
- Add the new syscall to firmware.
- Add test to testapp directly after negative test of reading UDI to
read out VID/PID through a syscall.
Fixing tests that broke when adding interrupt based syscalls
- Removing the blake2s test since the blake2s registers are removed.
- Instead of writing to ADDR_SYSTEM_MODE_CTRL, app mode is now entered
automatically when executing outside of ROM.
- The SPI loop-back test need to clean up after the previous test. We
reset the memory bus to a known idle state. We also reset the DUT to
make the SPI master visible.
Only allow executing from ROM when in one of the following execution
contexts:
- Firmware mode
- Syscall
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Since the introduction of the syscall mechanism we don't allow
execution in ROM anymore so it's impossible to call the firmware's
blake2s() function.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Instead of manually switching to app mode using the APP_MODE register,
app mode will be enabled when the CPU fetches an instruction outside of
firmware ROM.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Add syscall interrupt to be used for syscalls. The interrupt is
triggered by writing to an address in the 0xe1000000-0xe1ffffff
The PicoRV32 core is configured to use its minimal, non RISCV-standard,
interrupt implementation.
