Google Git
Sign in
opensecura / 3p / lowrisc / opentitan / ab5c2ecf9c4e9cf55392d5a9e5c9a17f87a1b097
commitab5c2ecf9c4e9cf55392d5a9e5c9a17f87a1b097[log] [tgz]
authorJes B. Klinke <jbk@chromium.org>Wed Nov 24 13:56:01 2021 -0800
committercfrantz <frantzcj+github@gmail.com>Thu Dec 02 08:14:13 2021 -0800
tree3f999bfd96ed860f894b9c24256b7142f5adfe42
parentc1bd139dc158a06af943b4f93130a9ffeccc381e [diff]
[opentitantool] Fixes to bootstrap of legacy Titan

This newly added code has a few bugs.

1. A bug was introduced during review, when the code to set the
"final" flag on the last frame was move out of the loop.  The hash of
the block needs to be computed after the flag is set.  (This bug would
have been caught had I run the one and only unit test in this file.)

2. The above lead to the discovery that the existing logic (also in
primitive.rs) does not attempt to verify the ack of the very last
block, leading to the false claim of successful bootstrapping.

3. Further real-life testing revealed more shortcomings of the
existing logic.  Ordinarily, the bidirectional transaction is used
such that the boot rom will ack the previously transmitted frame, at
the same time as receiving the next one.  I.e. the Rust code will look
for ack of frame 3 while transmitting frame 4.  If an unrecognized
checksum is received, the code will go back and retransmit frame 3
repeatedly, until ack of frame 3 is received.  However, if the cause
of the original bad ack was not in the boot rom, but due to noise on
the CIDO line, then the bootrom may have successfully received frame
3, and possibly also frame 4.  If the latter is the case, the boot rom
(on H1Dx at least) will repeat the ack of block 4 while frame 3 is
being retransmitted.  This CL introduces code to recognize this case,
and others, rather than only looking for ack of the frame most
recently transmitted.

TEST=Repeatedly flashed H1Dx while manipulating CIDO capacitance

Signed-off-by: Jes B. Klinke <jbk@chromium.org>
1 file changed
tree: 3f999bfd96ed860f894b9c24256b7142f5adfe42
  1. .github/
  2. ci/
  3. doc/
  4. hw/
  5. rules/
  6. site/
  7. sw/
  8. test/
  9. third_party/
  10. util/
  11. .bazelignore
  12. .bazelrc
  13. .bazelversion
  14. .clang-format
  15. .dockerignore
  16. .flake8
  17. .gitignore
  18. .style.yapf
  19. .svlint.toml
  20. .svls.toml
  21. _index.md
  22. apt-requirements.txt
  23. azure-pipelines.yml
  24. BUILD
  25. check_tool_requirements.core
  26. CLA
  27. COMMITTERS
  28. CONTRIBUTING.md
  29. LICENSE
  30. meson.build
  31. meson_init.sh
  32. meson_options.txt
  33. python-requirements.txt
  34. README.md
  35. tool_requirements.py
  36. toolchain.txt
  37. topgen-reg-only.core
  38. topgen.core
  39. WORKSPACE
  40. yum-requirements.txt
README.md

OpenTitan

OpenTitan logo

About the project

OpenTitan is an open source silicon Root of Trust (RoT) project. OpenTitan will make the silicon RoT design and implementation more transparent, trustworthy, and secure for enterprises, platform providers, and chip manufacturers. OpenTitan is administered by lowRISC CIC as a collaborative project to produce high quality, open IP for instantiation as a full-featured product. See the OpenTitan site and OpenTitan docs for more information about the project.

About this repository

This repository contains hardware, software and utilities written as part of the OpenTitan project. It is structured as monolithic repository, or “monorepo”, where all components live in one repository. It exists to enable collaboration across partners participating in the OpenTitan project.

Documentation

The project contains comprehensive documentation of all IPs and tools. You can access it online at docs.opentitan.org.

How to contribute

Have a look at CONTRIBUTING and our documentation on project organization and processes for guidelines on how to contribute code to this repository.

Licensing

Unless otherwise noted, everything in this repository is covered by the Apache License, Version 2.0 (see LICENSE for full text).