This chapter defines the required security enhancements for the Debug Module. The debug operations listed below are modified by the extension.
-
Halt
-
Reset
-
Keepalive
-
Abstract commands (Access Register, Quick Access, Access Memory)
-
System bus access
If any hart in the system implements the Sdsec extension, the Debug Module must also implement the Debug Module Security Extension.
The ISA and non-ISA external debug security extensions impose security constraints and introduce non-backward-compatible changes. The presence of the extensions can be determined by polling the allsecured
or/and anysecured
bits in dmstatus
Details of newly introduced fields in dmstatus. If the field allsecured
or anysecured
is set to 1, it represents that all or any selected harts adopt the Sdsec extension. When any hart adopts the Sdsec extension, it indicates the Debug Module implements Debug Module Security Extension as described in this chapter.
The halt behavior for a hart is detailed in [sdsecextdbg]. According to The RISC-V Debug Specification cite:[dbgspec], a halt request must be responded within one second. However, this constraint must be removed as the request might be pending due to the situations where debugging is disallowed. In the case of halt-on-reset request, the request is only acknowledged by the hart once it has reached a privilege level in which debug is permitted.
The hartreset operation resets selected harts. When M-mode is not allowed to be debugged, the hart will raise a security fault error to the Debug Module. The debugger could monitor the error by polling allsecfault
or/and anysecfault
in dmstatus
.
The ndmreset operation is a system-level reset not tied to hart privilege levels and reset the entire system (excluding the Debug Module). Debug Module Security Extension makes ndmreset read-only 0. The debugger can determine support for the ndmreset operation by setting the field to 1 and subsequently verifying the returned value upon reading.
The keepalive bit serves as an optional request for the hart to remain available for debugging. This bit only takes effect when M-mode is allowed to be debugged; otherwise, the hart behaves as if the bit is not set.
The hart’s response to abstract commands is detailed in [sdsecextdbg]. The following subsection delineates the constraints when the Debug Module issues an abstract command.
The field aamvirtual
in the command (at 0x17 in the Debug Module) determines whether the Access Memory command uses a physical or virtual address. When an Access Memory command is issued with aamvirtual
=0, the hart must check whether the physical access is allowed to access memory. The hart responds with an exception to the Debug Module when M-mode is not permitted to debug, tvm
(in mstatus) is set to 1, and mode
(in satp) enables any kind of virtual translation. In the event of an exception, the Debug Module set cmderr
of abstractcs
(at 0x16 in Debug Module) to 3 and clear the data registers to 0.
When M-mode debugging is not allowed (mdbgen
=0) for a hart, any Quick Access operation will be discarded, causing abstractcs.cmderr
to set to 6.
Note
|
Quick Access abstract commands effect a halt, execution of Program Buffer, and resume of the selected hart. However, it is undesirable for these Quick Access halts to remain pending until debug is allowed, since the debugger blocks while waiting for the Quick Access to complete. Returning an error only for Quick Access commands received when debug is not allowed would require the hart to distinguish between Quick Access halt requests and other halt requests. Because Quick Access is merely an optimized flow and not required for any usage models, it was decided to avoid burdening the hart with extra hardware. Therefore, Quick Access is forbiden when mdbgen is 0.
|
The System Bus Access must be checked by bus initiator protection mechanisms such as IOPMP cite:[iopmp], WorldGuard cite:[worldguard]. The bus protection unit can return error to Debug Module on illegal access, in that case, Debug Module will set sberror
of sbcs
(at 0x38 in Debug Module) to 6 (security fault error).
Note
|
Trusted entities like RoT should configure IOPMP or equivalent protection before granting debug access to M-mode. Similarly, M-mode should apply the protection before enabling supervisor domain debug. |
A dedicated error code, security fault error (cmderr 6), is included in cmderr
of abstractcs
. Issuance of abstract commands under disallowed circumstance sets cmderr
to 6. Additionally, the bus security fault error (sberror 6) is introduced in sberror
of sbcs
to denote errors related to system bus access.
The error raised by resethaltreq, reset can be identified through the fields allsecfault
and anysecfault
in dmstatus. Error status bits are internally maintained for each hart, with the allsecfault
and anysecfault
fields indicating the error status of the currently selected harts. These error statuses are sticky and can only be cleared by writing 1 to acksecfault
in dmcs2.
The state element nsecdbg
is introduced to retain full debugging capabilities, as if the extensions in this specification were not implemented. When nsecdbg
is set to 1:
-
All debug operations are executed with M-mode privilege (equivalent to having
mdbgen
set to 1) for all harts in the system. -
The ndmreset operation is allowed.
-
The
relaxedpriv
field may be configurable. -
System Bus Access may bypass the bus initiator protections.
-
Trace output is enabled in all privilege modes.
{reg: [ {bits: 20, name: 'defined in Debug Module'}, {bits: 1, name: 'anysecured'}, {bits: 1, name: 'allsecured'}, {bits: 3, name: 'defined in Debug Module'}, {bits: 1, name: 'anysecfault'}, {bits: 1, name: 'allsecfault'}, {bits: 5, name: '0'}, ], config:{lanes: 3, hspace:1024}}
Field | Description | Access | Reset |
---|---|---|---|
allsecured |
The field is 1 when all currently selected harts implement Sdsec extension |
R |
- |
anysecured |
The field is 1 when any currently selected hart implements Sdsec extension |
R |
- |
allsecfault |
The field is 1 when all currently selected harts have raised security fault due to reset or keepalive operation. |
R |
- |
anysecfault |
The field is 1 when any currently selected hart has raised security fault due to reset or keepalive operation. |
R |
- |
{reg: [ {bits: 12, name: 'defined in Debug Module'}, {bits: 1, name: 'acksecfault'}, {bits: 19, name: '0'}, ], config:{lanes: 2, hspace:1024}}
Field | Description | Access | Reset |
---|---|---|---|
acksecfault |
0 (nop): No effect. 1 (ack): Clears error status bits for any selected harts. |
W1 |
- |