Commit Graph

58 Commits

Author SHA1 Message Date
Daniel Jobson
30f5d359ea
fw: remove address-of operator (&) where it is not needed
- `digest` is an array and hence the address of the first element is
  returned.
- This will keep it more consistent with the rest of the code base.
- Fixed misspelled comment.
2024-09-23 15:42:23 +02:00
Daniel Jobson
80a155a1c2
Include authentication of preloaded app 2024-09-23 15:42:23 +02:00
Daniel Jobson
0abfdf592b
fw: break out trng and xorwow to rng.[ch] 2024-09-23 15:42:23 +02:00
Daniel Jobson
54b8b1cc4e
fw: Break out htif functions for qemu to separate files 2024-09-23 15:42:18 +02:00
Daniel Jobson
534ac06e86
Add fw state and fw cmd to trigger a start of a preloaded app 2024-09-23 15:37:14 +02:00
Daniel Jobson
c3baad9a23
WIP partition table 2024-09-23 15:37:13 +02:00
Daniel Jobson
2246dbfa45
fw: Create compute_app_digest() function 2024-09-23 15:37:13 +02:00
Daniel Jobson
698b2796ee
Remove types.h in favor of standard libs such as stdint, stddef 2024-09-23 15:37:13 +02:00
Joachim Strömbergson
53c5e70795
FPGA: Update names for RAM randomization API
Update:
- README
- testbench
- Symbolic names and variables in fw
- registers
- port name and wires
- Update fpga and fw digests

Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2024-07-10 13:45:26 +02:00
dehanj
b4c525695a
Remove redundant RAM address and data scrambling
The RAM address and data scrambling API was called twice, once before filling
RAM with random values, and once after. Since moving to a significantly
better PRNG (xorwow) this is now deemed unnecessary. See issue #225.

This changes both FPGA and firmware hashes.
2024-06-13 12:54:47 +02:00
Joachim Strömbergson
eade3e11c5
Fill RAM with random data using xorwow.
xorwow provides significantly better random data, compared to previously
used function. Making it harder to predict what data RAM is filled with.
It adds a startup time of approx 80 ms, but can be compensated with
optimising other parts of the startup routine.

This changes both firmware and fpga hashes.

Signed-off-by: Joachim Strömbergson <joachim@assured.se>
2024-06-11 11:15:00 +02:00
dehanj
4bd249816a
fw: Remove unused header includes 2024-03-26 13:09:06 +01:00
dehanj
3a6a60ff26
fw: Protect zeroisation against compiler optimisation.
The memset() responsible for the zeroisation of the secure_ctx under
the compute_cdi() function in FW's main.c, was optimised away by the
compiler. Instead of using memset(), secure_wipe() is introduced
which uses a volatile keyword to prevent the compiler to try to
optimise it. Secure_wipe() is now used on all locations handling
removal of sensitive data.
2024-03-26 13:09:01 +01:00
Michael Cardell Widerkrantz
09c1f3f549
Silence splint somewhat
The only real changes are some unitialized variables and that we now
make explicit that we don't care about the return value from memset().
2024-03-22 11:03:13 +01:00
Michael Cardell Widerkrantz
4d4db70590
fw: Change ASLR name in MMIO
Use _RAM_ADDR_RAND instead of _RAM_ASLR since this is not OS-level
ASLR we're talking about. It's address randomization as seen from
outside of the CPU, not from the process running inside it. Ordinary
ASLR is visible from the CPU.
2024-03-19 14:36:31 +01:00
Michael Cardell Widerkrantz
e085d0ebd0
Add void to function signatures meant to be used without args 2024-03-19 08:41:39 +01:00
dehanj
9d36acde08
FW: Force the CPU to hang on errors 2024-03-14 15:48:10 +01:00
Michael Cardell Widerkrantz
c126199a41
fw: UDS not byte-readable
Since UDS is not byte-readable we copy it by word to local_uds. Now
UDS lives for a short while in local_uds on the stack in FW_RAM and in
the internal buffer of the blake2s context (also in FW_RAM) but is
very soon overwritten.
2023-03-27 16:24:02 +02:00
Michael Cardell Widerkrantz
cefb6ca9c1
fw: Change max frame size to 128 bytes 2023-03-27 10:58:16 +02:00
Michael Cardell Widerkrantz
c443ef8a3e
fw: clang-tidy and splint: New make target: check
Add clang-tidy and splint static analytics check. For now, we use only
the cert-* warnings on clang-tidy and run splint with a lot of flags
to allow more things.

Changes to silence these analytics:

- Stop returning stuff from our debug print functions. We don't check
  them anyway and we don't have any way of detecting transmission
  failure.

- Declare more things static that isn't used outside of a file.

- Change types to be more consistent, typically to size_t or
  something or to uint32_t.
2023-03-22 11:05:32 +01:00
Michael Cardell Widerkrantz
7ce1d9fe06
fw: Remove forgotten hexdump 2023-03-16 14:03:11 +01:00
Michael Cardell Widerkrantz
1f10c8e2db
fw: Initialize automatic variables 2023-03-16 13:51:24 +01:00
Michael Cardell Widerkrantz
226bcbaed1
fw: Update comments 2023-03-16 13:30:56 +01:00
Michael Cardell Widerkrantz
00d806df10
fw: Rename variable rnd to rnd_sleep to indicate what it's for 2023-03-16 13:17:42 +01:00
Michael Cardell Widerkrantz
cd2dc55371
fw: Add function declaration for static functions 2023-03-14 11:31:48 +01:00
Daniel Lublin
2b9bfc0eff
Consistently set any new state and do break out of case/default
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 11:31:48 +01:00
Michael Cardell Widerkrantz
f9960de506
fw: Re-introduce print_hw_version() - simplify namever handling 2023-03-14 11:31:48 +01:00
Michael Cardell Widerkrantz
78eb472ac9
fw: Go to state fail on bad command lengths 2023-03-14 11:31:48 +01:00
Michael Cardell Widerkrantz
ebf8a11ed0
fw: Move all variable declaration to first in scope 2023-03-14 11:31:48 +01:00
Michael Cardell Widerkrantz
9c766794db
fw: Move scramble RAM to own function 2023-03-14 11:31:47 +01:00
Michael Cardell Widerkrantz
9de7f294df
fw: Move all command switches to their own functions 2023-03-14 11:31:47 +01:00
Michael Cardell Widerkrantz
4e3f5469ef
fw: Simplify logic
Switch on state, then read commands specifically in the states that
allow reading of commands, then switch on specific command.
2023-03-14 11:31:47 +01:00
Daniel Lublin
957df5e6b4
fw: enable addr & data scrambling; fill RAM with random data
Use a rnd_word() func

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:03 +01:00
Daniel Lublin
4afdc1cd1f
fw: Steady white led while waiting cmd; led off while loading app
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:03 +01:00
Daniel Lublin
7eb4d0304b
fw: load app at the start of RAM
Since app is always loaded at the start of RAM, the TK1_APP_ADDR define
is no longer needed.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:03 +01:00
Daniel Lublin
425fdb4b90
fw: adjust for 2 KB of FW_RAM
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
56e34b3add
fw/testfw: Use fw_ram for firmware stack
This means firmware's stack shouldn't be accessible to programs
running in app_mode.

It also means we don't need to take special care of secure_ctx which
can now be an ordinary stack variable.

Nonetheless we zero out secure_ctx after final use and inline some
assembler to zero out the entire fw_ram after use, just before
switching to app_mode.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
d2240b3e0f
fw: Use a bit string for allowed_commands
For every state, define a constant bitstring with allowed commands and
check incoming command agains that.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
8edfdf9c36
fw: Remove state init_loading, introduce state fail
- We always assert on allowed commands in a state.
- We don't allow FW_CMD_LOAD_APP to be used twice.
- Enter fail state on read buffer overrun, header endpoint not for us,
  header parse error, and unknown firmware command.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:02 +01:00
Michael Cardell Widerkrantz
65f100a3c0
fw: Use byte readable UDS
UDS is now byte readable (but not writable).

Use UDS and USS directly in a blake2s_update() instead of
concatenating them into fw_ram. UDS will still live for a short while
in fw_ram in the blake2s context buffer but will soon be overwritten.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
bbbe1e2f31
fw: Move LED defines and function to own files
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
ccc3b16569
fw: Safer memory functions + asserts
Introduce memcpy_s() and wordcpy_s() that takes the destination buffer
size as an argument. Use assert() which aborts our program to an
eternal loop if we hit problems.

Sprinkle asserts elsewhere as well.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:01 +01:00
Michael Cardell Widerkrantz
f386cec1ed
fw: Add destination buffer size to read()
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-03-14 10:25:00 +01:00
Daniel Lublin
8fd0fca967
Grow largest frame length to 512 bytes 2023-03-07 13:52:02 +01:00
Daniel Lublin
eea8923170 Update fw & testfw to new api
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2023-01-30 15:48:57 +01:00
Daniel Lublin
c573155ba1
Sleep for a random number of cycles before reading out UDS to FW RAM
To protect against warm boot attacks.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
2022-12-19 15:25:29 +01:00
Michael Cardell Widerkrantz
08e1438d1e
fw: Add support for blake2s MMIO
In firmware we store the address to firmware blake2s() function at
TK1_MMIO_TK1_BLAKE2S so app can use this firmware function sort of
like a system call but without context switch.
2022-12-15 12:59:52 +01:00
Michael Cardell Widerkrantz
65bc96a725
fw: Prefix all HTIF console I/O functions with htif_ 2022-12-02 15:09:10 +01:00
Michael Cardell Widerkrantz
a0974a2c0b
fw: Make FW_CMD_NAME_VERSION return names as ASCII arrays
Signed-off-by: Michael Cardell Widerkrantz <mc@tillitis.se>
2022-11-28 16:17:19 +01:00
Daniel Lublin
a2bc95f49a
Flash red when ending in unknown stat
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2022-11-28 16:17:19 +01:00