Daniel Lublin
c573155ba1
Sleep for a random number of cycles before reading out UDS to FW RAM
...
To protect against warm boot attacks.
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2022-12-19 15:25:29 +01:00
Daniel Lublin
9b9a125c66
Purge UDA; never implemented, now deprecated
...
Fixes #58
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2022-12-19 14:32:01 +01:00
Michael Cardell Widerkrantz
08e1438d1e
fw: Add support for blake2s MMIO
...
In firmware we store the address to firmware blake2s() function at
TK1_MMIO_TK1_BLAKE2S so app can use this firmware function sort of
like a system call but without context switch.
2022-12-15 12:59:52 +01:00
Michael Cardell Widerkrantz
3220d1c119
testfw: Remove test_ prefix on UART functions
2022-12-02 16:12:25 +01:00
Michael Cardell Widerkrantz
65bc96a725
fw: Prefix all HTIF console I/O functions with htif_
2022-12-02 15:09:10 +01:00
Michael Cardell Widerkrantz
a0974a2c0b
fw: Make FW_CMD_NAME_VERSION return names as ASCII arrays
...
Signed-off-by: Michael Cardell Widerkrantz <mc@tillitis.se>
2022-11-28 16:17:19 +01:00
Daniel Lublin
a2bc95f49a
Flash red when ending in unknown stat
...
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2022-11-28 16:17:19 +01:00
Daniel Lublin
687ee4f8b1
Let LED be steady white when loading app
2022-11-28 16:17:19 +01:00
Michael Cardell Widerkrantz
60b2dcfbb9
fw: Don't allow an app size of 0
2022-11-28 16:17:19 +01:00
Michael Cardell Widerkrantz
c80dc53027
fw: Introduce an explicit state machine - changes protocol!
...
We introduce an explicit state machine (see README).
With the new states we:
- combine setting size and USS to a single command.
- start the device app immediatiely when having receceived the last
data chunk and returning the digest.
- Loop forever and wait for the stick to be removed if we end up in
unknown state.
Signed-off-by: Michael Cardell Widerkrantz <mc@tillitis.se>
2022-11-28 16:17:19 +01:00
Joachim Strömbergson
a15a94fe8e
Move readme:s for boards and firmware to doc subdir
...
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2022-11-21 16:27:30 +01:00
Daniel Lublin
acb9c37ee7
Add fw cmd to get UDI
2022-11-21 15:45:27 +01:00
Daniel Lublin
a2ffb6d007
Correct reference
2022-11-15 15:19:45 +01:00
Daniel Lublin
a14662c622
Change to max 100 KB app with 28 KB stack
2022-11-02 15:52:29 +01:00
Daniel Lublin
8755a65a38
Format code
2022-10-31 10:07:23 +01:00
Daniel Lublin
85ef93cd3c
Clarify switch_app reads and writes; add read test to testfw
2022-10-26 11:38:58 +02:00
Daniel Lublin
4b4f014d38
Rename to TK1
2022-10-26 09:20:02 +02:00
Daniel Lublin
db8f9cf881
Document SRAM==SPRAM; fix whitespace
2022-10-24 11:58:54 +02:00
Michael Cardell Widerkrantz
490571b6c0
Clear all RAM during start
...
Since SRAM has some data remanence even without power it seems good
hygien to clear all RAM when starting the device so as not to leak
potential sensitive data between device apps.
2022-10-24 11:52:52 +02:00
Daniel Lublin
65f2272a45
Add TRNG to testfw, document
2022-10-20 12:05:19 +02:00
Michael Cardell Widerkrantz
c52f7d52cd
testfw: Add timer tests
2022-10-20 11:34:01 +02:00
Michael Cardell Widerkrantz
cbe6d3db8d
Use the new firmware-only RAM for CDI computation
...
To protect UDS we use a special firmware-only RAM for both the in
parameter to the blake2s() function and for the blake2s_ctx.
2022-10-18 14:51:30 +02:00
Michael Cardell Widerkrantz
6d08a82c05
Pass the blake2s_ctx to blake2s() as arg
...
Instead of allocating the blake2s_ctx in the blake2s() function we
pass it as a pointer as an argument to be able to better control where
the variable is in memory.
2022-10-18 14:51:26 +02:00
Daniel Lublin
7129205cb0
Add fw_ram size to mem-include
2022-10-17 11:38:04 +02:00
Daniel Lublin
69c3f77e5e
testfw: tidy, clean-up, fmt
2022-10-17 11:15:26 +02:00
Joachim Strömbergson
f6046d55a9
Change ADDR_CTRL to be a pulsed start_stop signal
2022-10-14 08:50:30 +02:00
Joachim Strömbergson
2be934ee22
Restore start and stop bits, but clarify in documenation
2022-10-13 16:10:08 +02:00
Joachim Strömbergson
00d180d34e
Change to a single run bit and update access control
2022-10-13 14:58:39 +02:00
Joachim Strömbergson
5e5550461f
Removing confusing negation in message
2022-10-13 13:56:12 +02:00
Joachim Strömbergson
1b03459ab3
Remove app-accessible debug register from mta1 core
2022-10-13 13:51:19 +02:00
Joachim Strömbergson
51a22dc32c
Merge branch 'fw_ram'
2022-10-13 13:16:53 +02:00
Joachim Strömbergson
1f2a585aba
Add test case for fw_ram
2022-10-13 13:16:11 +02:00
Daniel Lublin
55c5081486
Adjust and document the firmware state-machine, including USS
...
In particular, order of LOAD_USS and LOAD_APP_SIZE is not required, but
the need to send both is documented. This is followed up with adjustment
in the host programs' Go code, to try to reinforce this. LoadApp() will
take the secretPhrase parameter (to be hashed as USS), and loadUSS()
will be unexported.
Correct CMD/RSP lengths in pseudo-code.
2022-10-12 15:12:07 +02:00
Joachim Strömbergson
a51619e5b7
Add fw_ram module
2022-10-11 16:58:26 +02:00
Joachim Strömbergson
7e0692b150
Replace FiGaRO based TRNG with new ROSC based TRNG
2022-10-11 13:17:04 +02:00
Joachim Strömbergson
87dab3fe6d
Remove name, version addresses for cores
2022-10-11 09:55:56 +02:00
Daniel Lublin
0d16dd5959
Adjust flashing after frequency bump
2022-10-03 08:06:29 +02:00
Daniel Lublin
3f61182a88
Doc how qemu needs to be built; nits
2022-09-30 11:34:09 +02:00
Daniel Lublin
99efb78ed8
Receive USS and hash into CDI
...
- We're OK with USS not being loaded, and use an all-zero USS if so.
- We require USS to be loaded before app_size (if at all).
2022-09-29 14:58:23 +02:00
Daniel Lublin
df67966d8f
Be consistent and check for errors first
2022-09-28 10:34:48 +02:00
Daniel Lublin
8066c1092e
Make fmt output changes that will be made
2022-09-21 10:13:39 +02:00
Joachim Strömbergson
715de60f4a
Make initial public release
2022-09-19 08:51:11 +02:00