Google Git
Sign in
opensecura/3p/lowrisc/opentitan/166121795634fafb03b5d74c6f19ded0a581a7a8^!/.
commit
166121795634fafb03b5d74c6f19ded0a581a7a8
[log]
author
Alphan Ulusoy <alphan@google.com>
Tue May 17 11:23:31 2022 -0400
committer
Alphan Ulusoy <alphan@google.com>
Tue May 17 14:22:11 2022 -0400
tree
ec1f1e7fb56d57e67a31a112706f0855c2b98f96
parent
616e6c79b4e72636ef997ceb72dd468cc27e2237 [diff]
[sw/silicon_creator] Add flash_ctrl_bank_erase_perms_set().

Doc for flash_ctrl bank erase permissions was added in #11449. This
commit adds `flash_ctrl_bank_erase_perms_set()` that need to be called
before a bank erase.

Signed-off-by: Alphan Ulusoy <alphan@google.com>

diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl.c b/sw/device/silicon_creator/lib/drivers/flash_ctrl.c
index ab7529b..cf3d2ef 100644
--- a/sw/device/silicon_creator/lib/drivers/flash_ctrl.c
+++ b/sw/device/silicon_creator/lib/drivers/flash_ctrl.c

@@ -528,6 +528,27 @@
   sec_mmio_write32(cfg_addr, reg);
 }
 
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable) {
+  uint32_t reg;
+  switch (launder32(enable)) {
+    case kHardenedBoolTrue:
+      HARDENED_CHECK_EQ(enable, kHardenedBoolTrue);
+      reg = bitfield_bit32_write(
+          0, FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_0_BIT, true);
+      reg = bitfield_bit32_write(
+          reg, FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_1_BIT, true);
+      break;
+    case kHardenedBoolFalse:
+      HARDENED_CHECK_EQ(enable, kHardenedBoolFalse);
+      reg = 0;
+      break;
+    default:
+      HARDENED_UNREACHABLE();
+  }
+  sec_mmio_write32_shadowed(kBase + FLASH_CTRL_MP_BANK_CFG_SHADOWED_REG_OFFSET,
+                            reg);
+}
+
 /**
  * Information pages that should be locked by ROM_EXT before handing over
  * execution to the first owner boot stage. See

diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl.h b/sw/device/silicon_creator/lib/drivers/flash_ctrl.h
index 9a06558..b82448c 100644
--- a/sw/device/silicon_creator/lib/drivers/flash_ctrl.h
+++ b/sw/device/silicon_creator/lib/drivers/flash_ctrl.h

@@ -152,6 +152,7 @@
   kFlashCtrlSecMmioExecSet = 1,
   kFlashCtrlSecMmioInfoCfgSet = 1,
   kFlashCtrlSecMmioInfoPermsSet = 1,
+  kFlashCtrlSecMmioBankErasePermsSet = 1,
   kFlashCtrlSecMmioInit = 5,
 };
 
@@ -432,6 +433,17 @@
 void flash_ctrl_info_cfg_set(flash_ctrl_info_page_t info_page, flash_ctrl_cfg_t cfg);
 
 /**
+ * Set bank erase permissions for both flash banks.
+ *
+ * The caller is responsible for calling
+ * `SEC_MMIO_WRITE_INCREMENT(kFlashCtrlSecMmioBankErasePermsSet)` when
+ * sec_mmio is being used to check expectations.
+ *
+ * @param enable Whether to enable bank erase.
+ */
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable);
+
+/**
  * Enable execution from flash.
  *
  * Note: a ePMP region must also be configured in order to execute code in

diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc b/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc
index bcafd74..1bf028e 100644
--- a/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc
+++ b/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc

@@ -601,6 +601,20 @@
   flash_ctrl_creator_info_pages_lockdown();
 }
 
+TEST_F(FlashCtrlTest, BankErasePermsSet) {
+  EXPECT_SEC_WRITE32_SHADOWED(
+      base_ + FLASH_CTRL_MP_BANK_CFG_SHADOWED_REG_OFFSET,
+      {
+          {FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_0_BIT, 1},
+          {FLASH_CTRL_MP_BANK_CFG_SHADOWED_ERASE_EN_1_BIT, 1},
+      });
+  flash_ctrl_bank_erase_perms_set(kHardenedBoolTrue);
+
+  EXPECT_SEC_WRITE32_SHADOWED(
+      base_ + FLASH_CTRL_MP_BANK_CFG_SHADOWED_REG_OFFSET, 0);
+  flash_ctrl_bank_erase_perms_set(kHardenedBoolFalse);
+}
+
 struct EraseVerifyCase {
   /**
    * Address.

diff --git a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc
index a512ac6..51c31e9 100644
--- a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc
+++ b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.cc

@@ -70,6 +70,10 @@
   MockFlashCtrl::Instance().InfoCfgSet(info_page, cfg);
 }
 
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable) {
+  MockFlashCtrl::Instance().BankErasePermsSet(enable);
+}
+
 void flash_ctrl_exec_set(uint32_t exec_val) {
   MockFlashCtrl::Instance().ExecSet(exec_val);
 }

diff --git a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h
index e211fe8..0c38b59 100644
--- a/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h
+++ b/sw/device/silicon_creator/lib/drivers/mock_flash_ctrl.h

@@ -33,6 +33,7 @@
   MOCK_METHOD(void, InfoPermsSet, (flash_ctrl_info_page_t, flash_ctrl_perms_t));
   MOCK_METHOD(void, DataDefaultCfgSet, (flash_ctrl_cfg_t));
   MOCK_METHOD(void, InfoCfgSet, (flash_ctrl_info_page_t, flash_ctrl_cfg_t));
+  MOCK_METHOD(void, BankErasePermsSet, (hardened_bool_t));
   MOCK_METHOD(void, ExecSet, (uint32_t));
   MOCK_METHOD(void, CreatorInfoPagesLockdown, ());
 };
@@ -107,6 +108,10 @@
   MockFlashCtrl::Instance().InfoCfgSet(info_page, cfg);
 }
 
+void flash_ctrl_bank_erase_perms_set(hardened_bool_t enable) {
+  MockFlashCtrl::Instance().BankErasePermsSet(enable);
+}
+
 void flash_ctrl_exec_set(uint32_t exec_val) {
   MockFlashCtrl::Instance().ExecSet(exec_val);
 }