-
Notifications
You must be signed in to change notification settings - Fork 46
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
17 changed files
with
365 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
// Licensed under the Apache-2.0 license | ||
|
||
use caliptra_registers::soc_ifc::SocIfcReg; | ||
|
||
pub struct FipsTestHook; | ||
|
||
impl FipsTestHook { | ||
pub const RSVD: u8 = 0x0; | ||
// Set by Caliptra | ||
pub const COMPLETE: u8 = 0x1; | ||
// Set by external test | ||
pub const CONTINUE: u8 = 0x10; | ||
pub const HALT_SELF_TESTS: u8 = 0x21; | ||
pub const SHA384_ERROR: u8 = 0x22; | ||
pub const LMS_ERROR: u8 = 0x23; | ||
|
||
/// # Safety | ||
/// | ||
/// This function interrupts normal flow and halts operation of the ROM or FW | ||
/// (Only when the hook_cmd matches the value from get_fips_test_hook_code) | ||
pub unsafe fn halt_if_hook_set(hook_cmd: u8) { | ||
if get_fips_test_hook_code() == hook_cmd { | ||
// Report that we've reached this point | ||
set_fips_test_hook_code(FipsTestHook::COMPLETE); | ||
|
||
// Wait for the CONTINUE command | ||
while get_fips_test_hook_code() != FipsTestHook::CONTINUE {} | ||
|
||
// Write COMPLETE | ||
set_fips_test_hook_code(FipsTestHook::COMPLETE); | ||
} | ||
} | ||
|
||
/// # Safety | ||
/// | ||
/// This function returns an intentionally corrupted version of the data provided | ||
/// (Only when the hook_cmd matches the value from get_fips_test_hook_code) | ||
pub unsafe fn corrupt_data_if_hook_set<T: core::marker::Copy>(hook_cmd: u8, data: &T) -> T { | ||
if get_fips_test_hook_code() == hook_cmd { | ||
let mut mut_data = *data; | ||
let ptr_t = &mut mut_data as *mut T; | ||
let mut_u8 = ptr_t as *mut u8; | ||
let byte_0 = unsafe { &mut *mut_u8 }; | ||
|
||
// Corrupt (invert) the first byte | ||
*byte_0 = !*byte_0; | ||
|
||
return mut_data; | ||
} | ||
|
||
*data | ||
} | ||
} | ||
|
||
/// # Safety | ||
/// | ||
/// Temporarily creates a new instance of SocIfcReg instead of following the | ||
/// normal convention of sharing one instance | ||
unsafe fn get_fips_test_hook_code() -> u8 { | ||
// Bits 23:16 indicate the 8 bit code for the enabled FIPS test hook | ||
const CODE_MASK: u32 = 0x00FF0000; | ||
const CODE_OFFSET: u32 = 16; | ||
let soc_ifc = unsafe { SocIfcReg::new() }; | ||
let soc_ifc_regs = soc_ifc.regs(); | ||
let val = soc_ifc_regs.cptra_dbg_manuf_service_reg().read(); | ||
((val & CODE_MASK) >> CODE_OFFSET) as u8 | ||
} | ||
|
||
/// # Safety | ||
/// | ||
/// Temporarily creates a new instance of SocIfcReg instead of following the | ||
/// normal convention of sharing one instance | ||
unsafe fn set_fips_test_hook_code(code: u8) { | ||
// Bits 23:16 indicate the 8 bit code for the enabled FIPS test hook | ||
const CODE_MASK: u32 = 0x00FF0000; | ||
const CODE_OFFSET: u32 = 16; | ||
let mut soc_ifc = unsafe { SocIfcReg::new() }; | ||
let soc_ifc_regs = soc_ifc.regs_mut(); | ||
let val = (soc_ifc_regs.cptra_dbg_manuf_service_reg().read() & !(CODE_MASK)) | ||
| ((code as u32) << CODE_OFFSET); | ||
soc_ifc_regs.cptra_dbg_manuf_service_reg().write(|_| val); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
// Licensed under the Apache-2.0 license | ||
|
||
use caliptra_builder::firmware::{APP_WITH_UART, FMC_WITH_UART, ROM_WITH_UART_FIPS_TEST_HOOKS}; | ||
use caliptra_builder::ImageOptions; | ||
use caliptra_drivers::CaliptraError; | ||
use caliptra_hw_model::{BootParams, HwModel, InitParams}; | ||
|
||
#[test] | ||
fn test_fips_hook_exit() { | ||
let rom = caliptra_builder::build_firmware_rom(&ROM_WITH_UART_FIPS_TEST_HOOKS).unwrap(); | ||
|
||
let image_bundle = caliptra_builder::build_and_sign_image( | ||
&FMC_WITH_UART, | ||
&APP_WITH_UART, | ||
ImageOptions::default(), | ||
) | ||
.unwrap() | ||
.to_bytes() | ||
.unwrap(); | ||
|
||
let init_params = InitParams { | ||
rom: &rom, | ||
..Default::default() | ||
}; | ||
|
||
let boot_params = BootParams { | ||
fw_image: Some(&image_bundle), | ||
..Default::default() | ||
}; | ||
|
||
let mut hw = caliptra_hw_model::new(init_params, boot_params).unwrap(); | ||
|
||
// Wait for fatal error | ||
hw.step_until(|m| m.soc_ifc().cptra_fw_error_fatal().read() != 0); | ||
|
||
// Verify fatal code is correct | ||
assert_eq!( | ||
hw.soc_ifc().cptra_fw_error_fatal().read(), | ||
u32::from(CaliptraError::ROM_GLOBAL_FIPS_HOOKS_ROM_EXIT) | ||
); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.