Commit Graph

163 Commits

Author SHA1 Message Date
Michael Cardell Widerkrantz
d77654bb8e
fw: No .data or .bss segment
We don't use any .data or .bss segment at all to keep all the firmware
variables in the stack in protected fw_ram.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
56e34b3add
fw/testfw: Use fw_ram for firmware stack
This means firmware's stack shouldn't be accessible to programs
running in app_mode.

It also means we don't need to take special care of secure_ctx which
can now be an ordinary stack variable.

Nonetheless we zero out secure_ctx after final use and inline some
assembler to zero out the entire fw_ram after use, just before
switching to app_mode.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
d2240b3e0f
fw: Use a bit string for allowed_commands
For every state, define a constant bitstring with allowed commands and
check incoming command agains that.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
8edfdf9c36
fw: Remove state init_loading, introduce state fail
- We always assert on allowed commands in a state.
- We don't allow FW_CMD_LOAD_APP to be used twice.
- Enter fail state on read buffer overrun, header endpoint not for us,
  header parse error, and unknown firmware command.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
65f100a3c0
fw: Use byte readable UDS
UDS is now byte readable (but not writable).

Use UDS and USS directly in a blake2s_update() instead of
concatenating them into fw_ram. UDS will still live for a short while
in fw_ram in the blake2s context buffer but will soon be overwritten.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
b34fdbcd37
testfw: Use wordcpy_s() and memcpy_s()
Use new wordcpy_s() and memcpy_s() functions from lib.c.

Add a local memcpy() which compiling with -Os seems to demand. Why?

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
cc032d9883
fw: Hide HTIF functions better when using NOCONSOLE
We define macros for them that expand to nothing or to a constant to
avoid any extra function calls to dummy functions when running on real
hardware with no console.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
3a7ec9b9a0
fw: Run forever_redflash() when aborting from asserts
Should be more vissible than an eternal loop.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
bbbe1e2f31
fw: Move LED defines and function to own files
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
ccc3b16569
fw: Safer memory functions + asserts
Introduce memcpy_s() and wordcpy_s() that takes the destination buffer
size as an argument. Use assert() which aborts our program to an
eternal loop if we hit problems.

Sprinkle asserts elsewhere as well.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
f386cec1ed
fw: Add destination buffer size to read()
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:00 +01:00
Michael Cardell Widerkrantz
b292c72534
fw: Remove unnecessary memcpy() from putinthex()
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:00 +01:00
Joachim Strömbergson
b9c415f5d6
bank1 access should also be disabled by default.
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-13 12:43:07 +01:00
Joachim Strömbergson
000b7644b5
Update fw ram last address to match new mem size
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-08 13:31:45 +01:00
Daniel Lublin
5f4f5c6584
Correct for new fw-ram size
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-08 12:34:34 +01:00
Daniel Lublin
ebe59647bb
Adjust header file to new fw_ram size
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-08 11:26:25 +01:00
Joachim Strömbergson
a63ba8eb13
Double the size of the fw_ram to 2 kByte
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-08 11:20:38 +01:00
Matthew Mets
0a31685dc0 Add modified case plastic design for MTA1 programmer 2023-03-07 17:09:38 +01:00
Daniel Lublin
8fd0fca967
Grow largest frame length to 512 bytes 2023-03-07 13:52:02 +01:00
Joachim Strömbergson
2e2ca04ab7
Bump FPGA design version to 5
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-07 12:30:10 +01:00
Joachim Strömbergson
d075cc72c3
Manually merged changes for scrambling
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-07 10:42:59 +01:00
Joachim Strömbergson
3eb5b7879c Add API address to read out number of bytes in Rx FIFO
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-07 08:22:27 +01:00
Joachim Strömbergson
4db4e39205
Clarify the purpose and functionality of the tk1 core
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-07 08:20:18 +01:00
Joachim Strömbergson
74fd7e3001
Fix spelling nits
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-07 08:16:42 +01:00
Joachim Strömbergson
6f327d2ff9
Block changing of monitor addresses when enabled
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 15:41:55 +01:00
Joachim Strömbergson
66ebe5089a
Add fw_ram as always active exe monitor area
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 15:41:55 +01:00
Michael Cardell Widerkrantz
0caf260553
Add CPU_MON offsets
Introduces offsets for setting addresses to check for execution and
offset for controlling the execution monitor.

- TK1_MMIO_TK1_CPU_MON_CTRL
- TK1_MMIO_TK1_CPU_MON_FIRST
- TK1_MMIO_TK1_CPU_MON_LAST
2023-03-06 15:41:55 +01:00
Joachim Strömbergson
5c05ae657e
exe monitor can only be enabled, not disabled
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 15:41:55 +01:00
Joachim Strömbergson
7612d00ccf
Feed CPU illegal instruction to trigger trap
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 15:41:55 +01:00
Joachim Strömbergson
8ba97e16f3
Move force_jump function to top level mem system
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 15:41:54 +01:00
Joachim Strömbergson
86ea45e10a
Add CPU execution monitor
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 15:41:53 +01:00
Joachim Strömbergson
e514f778b2 Remove stray variable for blake2s address update
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 11:32:38 +01:00
Joachim Strömbergson
adcccc44de Change reset value for the trap led to black
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 11:32:38 +01:00
Joachim Strömbergson
d335dd708a Add HW to detect trap in cpu and signal using the LEDs
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-03-06 11:32:38 +01:00
Matthew Mets
0c200dc4e4 Add latest (unreleased) clip plastic design 2023-03-01 13:57:35 +01:00
Matthew Mets
1e8da7de53 Add clip plastic for Acrab release (version 15) 2023-03-01 13:57:35 +01:00
Daniel Lublin
c9593f11c8 Config verilator lint to ignore known 3rd-party warnings; let warnings be fatal
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-01 13:37:31 +01:00
Matthew Mets
4995fdb93d Add tk1 case plastic designs 2023-02-28 11:33:40 +01:00
Joachim Strömbergson
caeee54e19
Change LED reset value to black
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-02-27 13:21:51 +01:00
Joachim Strömbergson
317561ad32
Remove options that are the same as the default values
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-02-27 10:22:04 +01:00
Daniel Lublin
9a6a790715
Add github action with basic CI that builds
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-02-03 14:28:56 +01:00
Daniel Lublin
eea8923170 Update fw & testfw to new api
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-01-30 15:48:57 +01:00
Joachim Strömbergson
6137b88fe0 Add separate start, stop bits and running status bit in API
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-01-30 15:48:57 +01:00
Joachim Strömbergson
ab03ebd12c
Improve wording ans size info in header
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-01-30 13:19:01 +01:00
Joachim Strömbergson
cc464e5be2
The memory is 256 x 32 bits, not 512 x 32 bits
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-01-30 13:00:43 +01:00
Joachim Strömbergson
f020495695
Cleanup of tb for timer core
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2023-01-20 10:14:44 +01:00
Daniel Lublin
60efb3c25e
Correct to new path 2023-01-13 15:42:46 +01:00
Matthew Mets
072b204d3d
Add (hardware) production tests for the TK-1 and TP-1 (#69)
* ch552 firmware: add ch55x support files directly

* Add sdcc compiler to docker image, for building CH552 firmware

* Rework production test script

* Add menu-based test runner
* Rewrite production test flows as lists of individual tests
* Add both production flows and manual tests to menu

* Switch to using included binaries

* production test: Update message format
* test_txrx_touchpad: Retry if device communications fail
* production test: put all binaries in binaries/ folder
* binaries/top.bin: replace broken binary

* flash_check: Check for explicit flash IDs

* Document most test procedures

* Test plan documentation

* Sample udev rules

* Production test: allow external references to be overridden

* Remove outdated descriptions

* Correct shebang

* Update shebangs to comply with PEP 394

Change the python scripts to call python instead of python3, as this
works cross platform. See:
https://peps.python.org/pep-0394/#for-python-script-publishers

* Move production test to higher-level directory

* Clarify production test setup

* Move USB C connector test to separate directory

Co-authored-by: Michael Cardell Widerkrantz <mc@tillitis.se>
2023-01-11 16:33:01 +01:00
Matthew Mets
34c1a20015
Remove outdated description 2023-01-09 10:31:26 +01:00
Daniel Lublin
f3c4e6c818
Revise UDI
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-01-05 14:34:32 +01:00