9. Flash driver for TPM stack

[BeataZdunczyk]

Nonvolatile storage is an integral part of TPM. It allows for saving user- or vendor-defined data inside TPM, potentially with protection based on state of TPM (PCR values, authorization sessions). With NVRAM implemented, additional tests can be performed.

Milestones:

• flash driver for chosen board (if not available yet or has limited support)
• integration of the TPM stack with flash driver
• test suite: NV memory (persistent objects and data, vendor certificates)
• test suite: attestation and authorization (quote, authorization sessions)
• test suite: use in real-world scenario (Fobnail)
• review and update existing documentation, add entry to changelog

[arturkow2]

Dasharo/twpm-firmware#8 brings basic support for flash. However, due to recurring problems with general stability of SoC I'm unable to finish it. So far I've done basic tests (reading single blocks) and flash worked.

To solve the issue I tried 2 things: reducing sys_clk frequency to allow to enable more CPU features - notably PMP (Physical Memory Protection) extension to allow to detect any memory corruption and undefined behaviour as early as possible. Currently nextpnr freezes when crossing ~54% utilization of LUTs as nextpnr is unable to meet timing requirements. Current frequency (50 MHz) is the minimum required by LiteDRAM, this is also the frequency used by LiteDRAM Wishbone port. When lowered, DRAM does not work. I tried running CPU at 25 MHz and crossing clock domains between CPU wishbone and LiteDRAM user port to no effect - bootloader not starting, broken JTAG.

Another thing I tried was building the SoC with Lattice Diamond to see whether different toolchain will solve the problem, however I ran into more issues:

• LiteDRAM controller is not working properly, causing CPU to get stuck in BootROM (no uart output - this requires DRAM, CPU must be accessed through JTAG)
• Dasharo/TwPM_toplevel@1097e84 broke Diamond - linking issues, I've been using older revision. The reason for Diamond crashing is currently unknown.

As of today, Diamond suddenly stopped working - synthesis is broken for both Synplify and LSE:

Return Code: 11
Run Time:00h:00m:01s
Error: At line 119 while processing "twpm_orangecrab_synplify.tcl"
11
TCL script complete: "twpm_orangecrab_synplify.tcl"
TCL script had errors: "twpm_orangecrab_synplify.tcl"
exit status=9
exit status=9
Save changes for project:
/home/akowalski/projekty/twpm/twpm_ecp5/TwPM_toplevel/build/fpga/orangecrab/proj_1.prj
batch mode default:no
Synthesis exit by 9.

No more output is generated as synthesis tool is newer run. The only thing I can think of are host (Fedora 39) updates, however container (containerized version of TwPM SDK, which used to work) are affected.