-
Notifications
You must be signed in to change notification settings - Fork 790
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[imm_rom_ext] Mint CDI_0 certs in immutable rom ext
Since CDI_0 attests the integrity of rom_ext, this PR moves the UDS & CDI_0 stage to the immutable rom_ext part, which will be executed before mutable rom_ext, to establish root trust in hardware. SKU owners can choose whether the immutability should be enforced using the `CREATOR_SW_CFG_IMMUTABLE_ROM_EXT_EN` OTP field. Change-Id: If971654a27ea32eaf74d20d385e48801d28e1da5 Signed-off-by: Yi-Hsuan Deng <[email protected]>
- Loading branch information
Showing
14 changed files
with
205 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
sw/device/silicon_creator/imm_rom_ext/e2e/boot_message/BUILD
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# Copyright lowRISC contributors (OpenTitan project). | ||
# Licensed under the Apache License, Version 2.0, see LICENSE for details. | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
load( | ||
"//rules/opentitan:defs.bzl", | ||
"fpga_params", | ||
"opentitan_test", | ||
) | ||
|
||
package(default_visibility = ["//visibility:public"]) | ||
|
||
opentitan_test( | ||
name = "boot_test", | ||
srcs = ["boot_test.c"], | ||
exec_env = { | ||
"//hw/top_earlgrey:fpga_cw310_rom_ext": None, | ||
"//hw/top_earlgrey:fpga_cw340_rom_ext": None, | ||
}, | ||
fpga = fpga_params( | ||
exit_success = "\nIMM_ROM_EXT v", | ||
), | ||
deps = [ | ||
"//sw/device/lib/testing/test_framework:ottf_main", | ||
], | ||
) |
9 changes: 9 additions & 0 deletions
9
sw/device/silicon_creator/imm_rom_ext/e2e/boot_message/boot_test.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
// Copyright lowRISC contributors (OpenTitan project). | ||
// Licensed under the Apache License, Version 2.0, see LICENSE for details. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
#include "sw/device/lib/testing/test_framework/ottf_main.h" | ||
|
||
OTTF_DEFINE_TEST_CONFIG(); | ||
|
||
bool test_main(void) { return true; } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
// Copyright lowRISC contributors (OpenTitan project). | ||
// Licensed under the Apache License, Version 2.0, see LICENSE for details. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
#include "sw/device/silicon_creator/rom_ext/rom_ext_manifest.h" | ||
|
||
#include "sw/device/silicon_creator/lib/manifest.h" | ||
|
||
#include "hw/top_earlgrey/sw/autogen/top_earlgrey.h" // Generated. | ||
|
||
enum { | ||
kFlashHalf = TOP_EARLGREY_FLASH_CTRL_MEM_SIZE_BYTES / 2, | ||
}; | ||
|
||
const manifest_t *rom_ext_manifest(void) { | ||
uintptr_t pc = 0; | ||
asm("auipc %[pc], 0;" : [pc] "=r"(pc)); | ||
|
||
// Align the PC to the current flash side. The ROM_EXT must be the first | ||
// entity in each flash side, so this alignment is the manifest address. | ||
pc &= ~((uintptr_t)kFlashHalf - 1); | ||
return (const manifest_t *)pc; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
// Copyright lowRISC contributors (OpenTitan project). | ||
// Licensed under the Apache License, Version 2.0, see LICENSE for details. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_ROM_EXT_ROM_EXT_MANIFEST_H_ | ||
#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_ROM_EXT_ROM_EXT_MANIFEST_H_ | ||
|
||
#include "sw/device/lib/base/macros.h" | ||
#include "sw/device/silicon_creator/lib/manifest.h" | ||
|
||
#ifdef __cplusplus | ||
extern "C" { | ||
#endif // __cplusplus | ||
|
||
/** | ||
* Return the pointer to rom_ext manifest on the active flash bank. | ||
*/ | ||
OT_WARN_UNUSED_RESULT | ||
const manifest_t *rom_ext_manifest(void); | ||
|
||
#ifdef __cplusplus | ||
} // extern "C" | ||
#endif // __cplusplus | ||
|
||
#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_ROM_EXT_ROM_EXT_MANIFEST_H_ |