From 86bf027ab533111f39b04acffe1187b326fa729d Mon Sep 17 00:00:00 2001 From: Anthony Chen Date: Fri, 25 Oct 2024 16:54:44 +0800 Subject: [PATCH] [manuf] load assembled image during personalization This enables loading a combined image containing the personalization firmware in slot a and ROM_EXT in slot b during personalization flow at the 2nd bootstrap. This also updates the ft provisioning library to verify the successful ROM_EXT boot-up. Signed-off-by: Anthony Chen --- sw/device/silicon_creator/manuf/base/BUILD | 13 +++++++++++++ sw/device/silicon_creator/rom_ext/sival/BUILD | 4 ++++ sw/host/provisioning/ft/src/main.rs | 14 +++++++++++++- sw/host/provisioning/ft_lib/src/lib.rs | 16 +++++++++++++++- 4 files changed, 45 insertions(+), 2 deletions(-) diff --git a/sw/device/silicon_creator/manuf/base/BUILD b/sw/device/silicon_creator/manuf/base/BUILD index 8269fe5928585..47b1bac8b4d2f 100644 --- a/sw/device/silicon_creator/manuf/base/BUILD +++ b/sw/device/silicon_creator/manuf/base/BUILD @@ -26,6 +26,10 @@ load( "//sw/device/silicon_creator/rom_ext:defs.bzl", "ROM_EXT_VERSION", ) +load( + "//sw/device/silicon_creator/rom/e2e:defs.bzl", + "SLOTS", +) package(default_visibility = ["//visibility:public"]) @@ -340,6 +344,7 @@ bool_flag( _FT_PROVISIONING_CMD_ARGS = """ --elf={sram_ft_individualize} --bootstrap={ft_personalize} + --second-bootstrap={firmware} """ + FT_PROVISIONING_INPUTS + select({ ":ckms_cert_endorsement_params": CLOUD_KMS_CERT_ENDORSEMENT_PARAMS, "//conditions:default": LOCAL_CERT_ENDORSEMENT_PARAMS, @@ -357,15 +362,19 @@ _FT_PROVISIONING_HARNESS = "//sw/host/provisioning/ft:ft_{}" }, fpga = fpga_params( timeout = "long", + assemble = "{ft_personalize}@{slot_a} {rom_ext}@{slot_b}", binaries = { ":sram_ft_individualize_{}".format(config["otp"]): "sram_ft_individualize", ":ft_personalize_{}".format(sku): "ft_personalize", + "//sw/device/silicon_creator/rom_ext/sival:rom_ext_fake_prod_signed_slot_b": "rom_ext", }, changes_otp = True, data = FT_PERSONALIZE_ENDORSEMENT_KEYS, needs_jtag = True, otp = "//hw/ip/otp_ctrl/data/earlgrey_skus/sival:otp_img_test_locked0_manuf_initialized", + slot_a = SLOTS["a"], + slot_b = SLOTS["b"], tags = [ "lc_test_locked0", "manuf", @@ -374,15 +383,19 @@ _FT_PROVISIONING_HARNESS = "//sw/host/provisioning/ft:ft_{}" test_harness = _FT_PROVISIONING_HARNESS.format(sku), ), silicon = silicon_params( + assemble = "{ft_personalize}@{slot_a} {rom_ext}@{slot_b}", binaries = { ":sram_ft_individualize_{}".format(config["otp"]): "sram_ft_individualize", ":ft_personalize_{}".format(sku): "ft_personalize", + "//sw/device/silicon_creator/rom_ext/sival:rom_ext_fake_prod_signed_slot_b": "rom_ext", }, changes_otp = True, data = FT_PERSONALIZE_ENDORSEMENT_KEYS, interface = "teacup", needs_jtag = True, + slot_a = SLOTS["a"], + slot_b = SLOTS["b"], test_cmd = _FT_PROVISIONING_CMD_ARGS, test_harness = _FT_PROVISIONING_HARNESS.format(sku), ), diff --git a/sw/device/silicon_creator/rom_ext/sival/BUILD b/sw/device/silicon_creator/rom_ext/sival/BUILD index 82b6ff44d57c6..131b10ce00a7b 100644 --- a/sw/device/silicon_creator/rom_ext/sival/BUILD +++ b/sw/device/silicon_creator/rom_ext/sival/BUILD @@ -42,12 +42,14 @@ opentitan_binary( exec_env = [ "//hw/top_earlgrey:silicon_creator", "//hw/top_earlgrey:fpga_cw310", + "//hw/top_earlgrey:fpga_cw340", "//hw/top_earlgrey:sim_dv_base", "//hw/top_earlgrey:sim_verilator_base", ], linker_script = "//sw/device/silicon_creator/rom_ext:ld_slot_a", linkopts = LINK_ORDER, manifest = ":manifest_sival", + spx_key = {"//sw/device/silicon_creator/rom/keys/fake/spx:prod_key_0_spx": "prod_key_0"}, deps = [ "//sw/device/lib/crt", "//sw/device/silicon_creator/lib:manifest_def", @@ -62,12 +64,14 @@ opentitan_binary( exec_env = [ "//hw/top_earlgrey:silicon_creator", "//hw/top_earlgrey:fpga_cw310", + "//hw/top_earlgrey:fpga_cw340", "//hw/top_earlgrey:sim_dv_base", "//hw/top_earlgrey:sim_verilator_base", ], linker_script = "//sw/device/silicon_creator/rom_ext:ld_slot_b", linkopts = LINK_ORDER, manifest = ":manifest_sival", + spx_key = {"//sw/device/silicon_creator/rom/keys/fake/spx:prod_key_0_spx": "prod_key_0"}, deps = [ "//sw/device/lib/crt", "//sw/device/silicon_creator/lib:manifest_def", diff --git a/sw/host/provisioning/ft/src/main.rs b/sw/host/provisioning/ft/src/main.rs index e26abeeb3378d..1f833af25b2dd 100644 --- a/sw/host/provisioning/ft/src/main.rs +++ b/sw/host/provisioning/ft/src/main.rs @@ -8,7 +8,10 @@ use std::time::Duration; use anyhow::{bail, Result}; use clap::{Args, Parser}; -use ft_lib::{run_ft_personalize, run_sram_ft_individualize, test_exit, test_unlock, KeyWrapper}; +use ft_lib::{ + check_rom_ext_boot_up, run_ft_personalize, run_sram_ft_individualize, test_exit, test_unlock, + KeyWrapper, +}; use opentitanlib::backend; use opentitanlib::console::spi::SpiConsoleDevice; use opentitanlib::dif::lc_ctrl::DifLcCtrlState; @@ -91,6 +94,10 @@ struct Opts { #[command(flatten)] provisioning_data: ManufFtProvisioningDataInput, + /// Second image (perso FW + ROM_EXT/Owner FW bundle) to bootstrap. + #[arg(long)] + second_bootstrap: PathBuf, + /// Console receive timeout. #[arg(long, value_parser = humantime::parse_duration, default_value = "600s")] timeout: Duration, @@ -232,9 +239,14 @@ fn main() -> Result<()> { opts.provisioning_data.ca_certificate, &rma_unlock_token_hash, &spi_console_device, + opts.second_bootstrap, )?; log::info!("Provisioning Done"); + check_rom_ext_boot_up(&transport, &opts.init, opts.timeout)?; + + log::info!("Successfully boot into ROM_EXT"); + Ok(()) } diff --git a/sw/host/provisioning/ft_lib/src/lib.rs b/sw/host/provisioning/ft_lib/src/lib.rs index b473fa6ecae30..b7e2c4f58d076 100644 --- a/sw/host/provisioning/ft_lib/src/lib.rs +++ b/sw/host/provisioning/ft_lib/src/lib.rs @@ -439,12 +439,14 @@ pub fn run_ft_personalize( ca_certificate: PathBuf, rma_unlock_token_hash: &ArrayVec, spi_console: &SpiConsoleDevice, + second_bootstrap: PathBuf, ) -> Result<()> { // Bootstrap personalization binary into flash. init.bootstrap.init(transport)?; // Bootstrap again since the flash scrambling seeds were provisioned in the previous step. let _ = UartConsole::wait_for(spi_console, r"Bootstrap requested.", timeout)?; - init.bootstrap.init(transport)?; + // This time loading personalization binary in flash slot A and ROM_EXT + Owner FW in flash slot B. + init.bootstrap.load(transport, &second_bootstrap)?; send_rma_unlock_token_hash(rma_unlock_token_hash, timeout, spi_console)?; provision_certificates( cert_endorsement_key_wrapper, @@ -458,3 +460,15 @@ pub fn run_ft_personalize( Ok(()) } + +pub fn check_rom_ext_boot_up( + transport: &TransportWrapper, + init: &InitializeTest, + timeout: Duration, +) -> Result<()> { + transport.reset_target(init.bootstrap.options.reset_delay, true)?; + let uart_console = transport.uart("console")?; + let _ = UartConsole::wait_for(&*uart_console, r"Starting ROM_EXT.*\r\n", timeout)?; + + Ok(()) +}