- Revise firmware implementation notes
- Document how to do fw syscalls
- Document how to trigger a syscall function in the firmware, how to
pass arguments, what the caller is responsible for and what is
returned.
- Describe hardware syscall implementation
- how the syscall interrupts are triggered,
- the hardware privilege escalation,
- the UDS protection.
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Co-authored-by: Michael Cardell Widerkrantz <mc@tillitis.se>
Fixing tests that broke when adding interrupt based syscalls
- Removing the blake2s test since the blake2s registers are removed.
- Instead of writing to ADDR_SYSTEM_MODE_CTRL, app mode is now entered
automatically when executing outside of ROM.
- The SPI loop-back test need to clean up after the previous test. We
reset the memory bus to a known idle state. We also reset the DUT to
make the SPI master visible.
Only allow executing from ROM when in one of the following execution
contexts:
- Firmware mode
- Syscall
Co-authored-by: Daniel Jobson <jobson@tillitis.se>
Since the introduction of the syscall mechanism we don't allow
execution in ROM anymore so it's impossible to call the firmware's
blake2s() function.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Instead of manually switching to app mode using the APP_MODE register,
app mode will be enabled when the CPU fetches an instruction outside of
firmware ROM.
Co-authored-by: Mikael Ågren <mikael@tillitis.se>
Add syscall interrupt to be used for syscalls. The interrupt is
triggered by writing to an address in the 0xe1000000-0xe1ffffff
The PicoRV32 core is configured to use its minimal, non RISCV-standard,
interrupt implementation.
In order to be able to leave data for firmware signalling the
intention with a reset or to leave data for the next app in a chain of
apps, we introduce a part of FW_RAM that can be used to store this
data. In order to do this, we:
- Change size of ROM from 6 KB to 8 KB.
- Change size of FW_RAM, from 2 KB to 4 KB.
- Add RESETINFO memory partition inside FW_RAM.
- Add generation of map file.
- Change CFLAGS from using -O2 to using -Os.
- Update address ranges for valid access to ROM and FW_RAM.
- Move stack to be located before data+bss and the RESETINFO data
above them. This also means we introduce hardware stack overflow
protection through the Security Monitor.
- Revise firmware README to the new use of FW_RAM.
Fix off-by-one UART bitrate counter value that will make the RX
sampling and TX sending drift. The impact gets higher as the baudrate
increases and the bitrate counter value gets smaller.
Reconfigure the baudrate to keep 500 kbaud.
Correct a forgotten test in testfw that wasn't updated the last time
frequency was raised in commit
75b028505f0d6dc685d37b84d73ddb9db5ee7ea2 in June 17, 2024.
Add incoming and outgoing CTS (Clear To Send) signals for the FPGA to
let the CH552 and FPGA signal each other that it is OK to send UART
data. The CTS signals indicate "OK to send" if high. If an incoming
CTS signal goes low, the receiver of that signal should immediatly
stop sending UART data.
- Extend hardware checks for invalid memory accesses to include
checking more address space.
- In fw include file: fix two typos for memory ranges that relates to
above that fortunately have no impact on functionality.
- Compare against an expected result and count errors
- Exit with the right error code
- Lower write_word() to 1 clk cycle instead of two. It only requires one
clock cycle to write, otherwise if it is two one have to compensate for it
in the tests since we are counting cycles.
Remove redundant timer state. This fixes a bug where the timer misses a
clock cycle every time the prescaler counter reaches 1. This means if
one uses a large prescaler, like 18E6, it is barely noticeable, but if
one have a low prescaler and a high timer value it becomes significant.
This also yields the running_* registers redundant, which are removed.
Add clarity to the readme.
Update the timer to default to values of one, for prescaler and timer
count.
This removes the possibility to configure the bit rate, data bits and
stop bits at runtime from the API. This reduces the
usage of LCs with ~4%.
It is still possible to configure the core before building.
Update digest of application_fpga.bin.sha256
- The API changes name from `_SWITCH_APP` to `_SYSTEM_MODE_CTRL`.
- The registers and wires changes name to `system_mode_*`, instead of a
mix of `switch_app_*` and `fw_app_mode`.
The removal is coordinated and approved by YosysHQ, and are removed
to keep our headers uniform. These files were written on behalf of
Tillitis.
Two typos was corrected as well.
Move the logic implementing the RAM address and data
scrambling, descrambling into the RAM module. This cleans up
the top level, and makes it easier to change the scrambling
without chaning the top. In order to do correct scrambling the
address to the RAM core must be 16 bits, not 15.
Clean up some minor details at the top level, fixing text
aligment and grouping of ports in instances.
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
