[sw/silicon_creator] Add flash_ctrl_bank_erase_perms_set().
Doc for flash_ctrl bank erase permissions was added in #11449. This
commit adds `flash_ctrl_bank_erase_perms_set()` that need to be called
before a bank erase.
Signed-off-by: Alphan Ulusoy <alphan@google.com>
diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl.c b/sw/device/silicon_creator/lib/drivers/flash_ctrl.c
index ab7529b..cf3d2ef 100644
--- a/sw/device/silicon_creator/lib/drivers/flash_ctrl.c
+++ b/sw/device/silicon_creator/lib/drivers/flash_ctrl.c
@@ -528,6 +528,27 @@
sec_mmio_write32(cfg_addr, reg);
}
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable) {
+ uint32_t reg;
+ switch (launder32(enable)) {
+ case kHardenedBoolTrue:
+ HARDENED_CHECK_EQ(enable, kHardenedBoolTrue);
+ reg = bitfield_bit32_write(
+ 0, FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_0_BIT, true);
+ reg = bitfield_bit32_write(
+ reg, FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_1_BIT, true);
+ break;
+ case kHardenedBoolFalse:
+ HARDENED_CHECK_EQ(enable, kHardenedBoolFalse);
+ reg = 0;
+ break;
+ default:
+ HARDENED_UNREACHABLE();
+ }
+ sec_mmio_write32_shadowed(kBase + FLASH_CTRL_MP_BANK_CFG_SHADOWED_REG_OFFSET,
+ reg);
+}
+
/**
* Information pages that should be locked by ROM_EXT before handing over
* execution to the first owner boot stage. See
diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl.h b/sw/device/silicon_creator/lib/drivers/flash_ctrl.h
index 9a06558..b82448c 100644
--- a/sw/device/silicon_creator/lib/drivers/flash_ctrl.h
+++ b/sw/device/silicon_creator/lib/drivers/flash_ctrl.h
@@ -152,6 +152,7 @@
kFlashCtrlSecMmioExecSet = 1,
kFlashCtrlSecMmioInfoCfgSet = 1,
kFlashCtrlSecMmioInfoPermsSet = 1,
+ kFlashCtrlSecMmioBankErasePermsSet = 1,
kFlashCtrlSecMmioInit = 5,
};
@@ -432,6 +433,17 @@
void flash_ctrl_info_cfg_set(flash_ctrl_info_page_t info_page, flash_ctrl_cfg_t cfg);
/**
+ * Set bank erase permissions for both flash banks.
+ *
+ * The caller is responsible for calling
+ * `SEC_MMIO_WRITE_INCREMENT(kFlashCtrlSecMmioBankErasePermsSet)` when
+ * sec_mmio is being used to check expectations.
+ *
+ * @param enable Whether to enable bank erase.
+ */
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable);
+
+/**
* Enable execution from flash.
*
* Note: a ePMP region must also be configured in order to execute code in
diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc b/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc
index bcafd74..1bf028e 100644
--- a/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc
+++ b/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc
@@ -601,6 +601,20 @@
flash_ctrl_creator_info_pages_lockdown();
}
+TEST_F(FlashCtrlTest, BankErasePermsSet) {
+ EXPECT_SEC_WRITE32_SHADOWED(
+ base_ + FLASH_CTRL_MP_BANK_CFG_SHADOWED_REG_OFFSET,
+ {
+ {FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_0_BIT, 1},
+ {FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_1_BIT, 1},
+ });
+ flash_ctrl_bank_erase_perms_set(kHardenedBoolTrue);
+
+ EXPECT_SEC_WRITE32_SHADOWED(
+ base_ + FLASH_CTRL_MP_BANK_CFG_SHADOWED_REG_OFFSET, 0);
+ flash_ctrl_bank_erase_perms_set(kHardenedBoolFalse);
+}
+
struct EraseVerifyCase {
/**
* Address.
diff --git a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc
index a512ac6..51c31e9 100644
--- a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc
+++ b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc
@@ -70,6 +70,10 @@
MockFlashCtrl::Instance().InfoCfgSet(info_page, cfg);
}
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable) {
+ MockFlashCtrl::Instance().BankErasePermsSet(enable);
+}
+
void flash_ctrl_exec_set(uint32_t exec_val) {
MockFlashCtrl::Instance().ExecSet(exec_val);
}
diff --git a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h
index e211fe8..0c38b59 100644
--- a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h
+++ b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h
@@ -33,6 +33,7 @@
MOCK_METHOD(void, InfoPermsSet, (flash_ctrl_info_page_t, flash_ctrl_perms_t));
MOCK_METHOD(void, DataDefaultCfgSet, (flash_ctrl_cfg_t));
MOCK_METHOD(void, InfoCfgSet, (flash_ctrl_info_page_t, flash_ctrl_cfg_t));
+ MOCK_METHOD(void, BankErasePermsSet, (hardened_bool_t));
MOCK_METHOD(void, ExecSet, (uint32_t));
MOCK_METHOD(void, CreatorInfoPagesLockdown, ());
};
@@ -107,6 +108,10 @@
MockFlashCtrl::Instance().InfoCfgSet(info_page, cfg);
}
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable) {
+ MockFlashCtrl::Instance().BankErasePermsSet(enable);
+}
+
void flash_ctrl_exec_set(uint32_t exec_val) {
MockFlashCtrl::Instance().ExecSet(exec_val);
}
