Google Git
Sign in
opensecura / 3p / lowrisc / opentitan / a711a6acfc3c9eee28fe3ac80ef9474bf429db44
commita711a6acfc3c9eee28fe3ac80ef9474bf429db44[log] [tgz]
authorSam Elliott <selliott@lowrisc.org>Thu Jul 23 12:27:32 2020 +0100
committerSam Elliott <sam@lenary.co.uk>Tue Jul 28 23:00:49 2020 +0100
tree3ecdbefe6c3caa462863a371bc7ad0725eccfb22
parenta07394dc003f7aae87beb8d1e983b5ec087e5266 [diff]
[mask rom] More Detailed Boot Pseudo-code

This is based off discussions we had in the meeting, and comments on the
previous PR (lowrisc/opentitan#2937), and a few private discussions.

The main change to the pseudo-code is the explicit handling of multiple
rom_ext manifests in a priority order (and the possibility of the boot
policy aborting boot of the primary rom_ext, but continuing with
subsequent rom_exts).

Another big change here is to document which parts of mask rom execution
can only happen after a ROM_EXT has been verified. Verifying this
signature is not the final thing the mask rom does.

Explicit stages have been added to cover:
- Enabling any software-enabled memory protection, which covers SRAM
  scrambling and if the software has to set up PMP regions (both of
  which are still open questions).
- Manufacturing boot-strapping process.

I have also tried to clarify how I see the split between the assembly
that cleans the device state and the C code which cleans the remaining
device state.

I have also done some markdown cleanups.

Signed-off-by: Sam Elliott <selliott@lowrisc.org>
1 file changed
tree: 3ecdbefe6c3caa462863a371bc7ad0725eccfb22
  1. .github/
  2. ci/
  3. doc/
  4. hw/
  5. site/
  6. sw/
  7. test/
  8. util/
  9. .clang-format
  10. .dockerignore
  11. .flake8
  12. .gitignore
  13. .style.yapf
  14. _index.md
  15. apt-requirements.txt
  16. azure-pipelines.yml
  17. check_tool_requirements.core
  18. CLA
  19. COMMITTERS
  20. CONTRIBUTING.md
  21. LICENSE
  22. meson.build
  23. meson_init.sh
  24. meson_options.txt
  25. python-requirements.txt
  26. README.md
  27. tool_requirements.py
  28. toolchain.txt
README.md

OpenTitan

OpenTitan logo

About the project

OpenTitan is an open source silicon Root of Trust (RoT) project. OpenTitan will make the silicon RoT design and implementation more transparent, trustworthy, and secure for enterprises, platform providers, and chip manufacturers. OpenTitan is administered by lowRISC CIC as a collaborative project to produce high quality, open IP for instantiation as a full-featured product. See the OpenTitan site and OpenTitan docs for more information about the project.

About this repository

This repository contains hardware, software and utilities written as part of the OpenTitan project. It is structured as monolithic repository, or “monorepo”, where all components live in one repository. It exists to enable collaboration across partners participating in the OpenTitan project.

Documentation

The project contains comprehensive documentation of all IPs and tools. You can access it online at docs.opentitan.org.

How to contribute

Have a look at CONTRIBUTING for guidelines on how to contribute code to this repository.

Licensing

Unless otherwise noted, everything in this repository is covered by the Apache License, Version 2.0 (see LICENSE for full text).