From a52d470fdaa057ec2b750f74e383e65c558d8fee Mon Sep 17 00:00:00 2001 From: Jeff Andersen Date: Sat, 2 Nov 2024 00:07:32 -0400 Subject: [PATCH] Deprecate FMC SVN from build tooling and firmware. There are no functional changes in this commit. - The reported FMC SVN is now accurately renamed to be the cold-boot firmware SVN. - As the ROM now ignores the FMC SVN in images, build tooling longer allows populating the FMC image's SVN. --- api/src/mailbox.rs | 6 +- api/src/soc_mgr.rs | 6 +- api/types/src/lib.rs | 6 +- builder/src/lib.rs | 16 ++--- common/src/verifier.rs | 6 +- drivers/src/data_vault.rs | 54 ++++++++-------- drivers/src/fuse_bank.rs | 23 ++----- drivers/src/fuse_log.rs | 12 ++-- drivers/src/hand_off.rs | 12 ++-- error/src/lib.rs | 13 ++-- fmc/Makefile | 3 +- fmc/README.md | 14 ++--- fmc/src/flow/rt_alias.rs | 4 +- fmc/src/hand_off.rs | 6 +- .../c-binding/examples/api/caliptra_api.c | 4 +- .../c-binding/examples/api/caliptra_api.h | 3 +- hw-model/types/src/lib.rs | 3 +- image/app/src/create/mod.rs | 15 ++--- image/app/src/main.rs | 7 +-- image/elf/src/lib.rs | 23 +------ image/gen/src/generator.rs | 15 +++-- image/gen/src/lib.rs | 5 +- image/verify/src/lib.rs | 6 +- image/verify/src/verifier.rs | 16 ++--- libcaliptra/inc/caliptra_types.h | 9 ++- libcaliptra/src/caliptra_api.c | 4 +- rom/dev/Makefile | 3 +- rom/dev/README.md | 10 +-- rom/dev/doc/error-attribution.md | 8 +-- rom/dev/doc/test-coverage/test-coverage.md | 6 +- rom/dev/src/flow/cold_reset/fmc_alias.rs | 6 +- rom/dev/src/flow/cold_reset/fw_processor.rs | 20 +++--- rom/dev/src/flow/fake.rs | 4 +- rom/dev/src/flow/update_reset.rs | 6 +- rom/dev/src/pcr.rs | 2 +- .../test_fmcalias_derivation.rs | 63 +++++++++---------- .../test_image_validation.rs | 17 ++--- .../rom_integration_tests/test_warm_reset.rs | 9 +-- runtime/README.md | 6 +- runtime/src/handoff.rs | 24 +++---- runtime/src/info.rs | 12 ++-- .../runtime_integration_tests/test_info.rs | 31 +++++---- .../test_pauser_privilege_levels.rs | 11 +--- .../test_warm_reset.rs | 8 +-- test/src/derive.rs | 12 ++-- .../fake_collateral_boot_test.rs | 10 ++- .../caliptra_integration_tests/jtag_test.rs | 5 +- .../caliptra_integration_tests/smoke_test.rs | 13 ++-- .../caliptra_integration_tests/warm_reset.rs | 18 ++---- test/tests/fips_test_suite/README.md | 2 +- test/tests/fips_test_suite/fw_load.rs | 17 +++-- x509/build/cert.rs | 6 +- x509/build/fmc_alias_cert_tbs.rs | 24 +++---- x509/build/rt_alias_cert_tbs.rs | 12 ++-- x509/src/fmc_alias_cert.rs | 22 +++---- x509/src/rt_alias_cert.rs | 8 +-- 56 files changed, 303 insertions(+), 383 deletions(-) diff --git a/api/src/mailbox.rs b/api/src/mailbox.rs index 6800c630eb..e67ac1ac61 100644 --- a/api/src/mailbox.rs +++ b/api/src/mailbox.rs @@ -776,9 +776,9 @@ impl Response for FipsVersionResp {} pub struct FwInfoResp { pub hdr: MailboxRespHeader, pub pl0_pauser: u32, - pub runtime_svn: u32, - pub min_runtime_svn: u32, - pub fmc_manifest_svn: u32, + pub fw_svn: u32, + pub min_fw_svn: u32, + pub cold_boot_fw_svn: u32, pub attestation_disabled: u32, pub rom_revision: [u8; 20], pub fmc_revision: [u8; 20], diff --git a/api/src/soc_mgr.rs b/api/src/soc_mgr.rs index 29cf550bba..533579d67e 100644 --- a/api/src/soc_mgr.rs +++ b/api/src/soc_mgr.rs @@ -139,10 +139,8 @@ pub trait SocManager { self.soc_ifc() .cptra_owner_pk_hash() .write(&fuses.owner_pk_hash); - self.soc_ifc() - .fuse_fmc_key_manifest_svn() - .write(|_| fuses.fmc_key_manifest_svn); - self.soc_ifc().fuse_runtime_svn().write(&fuses.runtime_svn); + self.soc_ifc().fuse_fmc_key_manifest_svn().write(|_| 0); // deprecated fuse. + self.soc_ifc().fuse_runtime_svn().write(&fuses.fw_svn); self.soc_ifc() .fuse_anti_rollback_disable() .write(|w| w.dis(fuses.anti_rollback_disable)); diff --git a/api/types/src/lib.rs b/api/types/src/lib.rs index 7d6fb712df..3dc2e57db1 100644 --- a/api/types/src/lib.rs +++ b/api/types/src/lib.rs @@ -159,8 +159,7 @@ pub struct Fuses { pub key_manifest_pk_hash: [u32; 12], pub key_manifest_pk_hash_mask: U4, pub owner_pk_hash: [u32; 12], - pub fmc_key_manifest_svn: u32, - pub runtime_svn: [u32; 4], + pub fw_svn: [u32; 4], pub anti_rollback_disable: bool, pub idevid_cert_attr: [u32; 24], pub idevid_manuf_hsm_id: [u32; 4], @@ -177,8 +176,7 @@ impl Default for Fuses { key_manifest_pk_hash: Default::default(), key_manifest_pk_hash_mask: Default::default(), owner_pk_hash: Default::default(), - fmc_key_manifest_svn: Default::default(), - runtime_svn: Default::default(), + fw_svn: Default::default(), anti_rollback_disable: Default::default(), idevid_cert_attr: Default::default(), idevid_manuf_hsm_id: Default::default(), diff --git a/builder/src/lib.rs b/builder/src/lib.rs index cd3f1d4ef1..d290a66afc 100644 --- a/builder/src/lib.rs +++ b/builder/src/lib.rs @@ -455,9 +455,8 @@ pub fn elf_size(elf_bytes: &[u8]) -> io::Result { #[derive(Clone)] pub struct ImageOptions { pub fmc_version: u16, - pub fmc_svn: u32, pub app_version: u32, - pub app_svn: u32, + pub fw_svn: u32, pub vendor_config: ImageGeneratorVendorConfig, pub owner_config: Option, pub pqc_key_type: FwVerificationPqcKeyType, @@ -466,9 +465,8 @@ impl Default for ImageOptions { fn default() -> Self { Self { fmc_version: Default::default(), - fmc_svn: Default::default(), app_version: Default::default(), - app_svn: Default::default(), + fw_svn: Default::default(), vendor_config: caliptra_image_fake_keys::VENDOR_CONFIG_KEY_0, owner_config: Some(caliptra_image_fake_keys::OWNER_CONFIG), pqc_key_type: FwVerificationPqcKeyType::LMS, @@ -485,13 +483,9 @@ pub fn build_and_sign_image( let app_elf = build_firmware_elf(app)?; let gen = ImageGenerator::new(Crypto::default()); let image = gen.generate(&ImageGeneratorConfig { - fmc: ElfExecutable::new( - &fmc_elf, - opts.fmc_version as u32, - opts.fmc_svn, - image_revision()?, - )?, - runtime: ElfExecutable::new(&app_elf, opts.app_version, opts.app_svn, image_revision()?)?, + fmc: ElfExecutable::new(&fmc_elf, opts.fmc_version as u32, image_revision()?)?, + runtime: ElfExecutable::new(&app_elf, opts.app_version, image_revision()?)?, + fw_svn: opts.fw_svn, vendor_config: opts.vendor_config, owner_config: opts.owner_config, pqc_key_type: opts.pqc_key_type, diff --git a/common/src/verifier.rs b/common/src/verifier.rs index 108060fc1b..30853b51f7 100644 --- a/common/src/verifier.rs +++ b/common/src/verifier.rs @@ -172,9 +172,9 @@ impl<'a, 'b> ImageVerificationEnv for &mut FirmwareImageVerificationEnv<'a, 'b> self.data_vault.fmc_tci().into() } - // Get Runtime fuse SVN - fn runtime_fuse_svn(&self) -> u32 { - self.soc_ifc.fuse_bank().runtime_fuse_svn() + // Get firmware fuse SVN + fn fw_fuse_svn(&self) -> u32 { + self.soc_ifc.fuse_bank().fw_fuse_svn() } fn iccm_range(&self) -> Range { diff --git a/drivers/src/data_vault.rs b/drivers/src/data_vault.rs index 613bca4245..008268285f 100644 --- a/drivers/src/data_vault.rs +++ b/drivers/src/data_vault.rs @@ -29,7 +29,7 @@ pub struct ColdResetEntries { fmc_mldsa_pk: Mldsa87PubKey, fmc_tci: Array4x12, owner_pk_hash: Array4x12, - fmc_svn: u32, + cold_boot_fw_svn: u32, rom_cold_boot_status: u32, fmc_entry_point: u32, vendor_ecc_pk_index: u32, @@ -40,10 +40,10 @@ pub struct ColdResetEntries { #[derive(FromBytes, AsBytes, Zeroize, Default)] pub struct WarmResetEntries { rt_tci: Array4x12, - rt_svn: u32, + fw_svn: u32, rt_entry_point: u32, manifest_addr: u32, - rt_min_svn: u32, + fw_min_svn: u32, rom_update_reset_status: u32, } @@ -168,22 +168,22 @@ impl DataVault { self.cold_reset_entries.owner_pk_hash } - /// Set the fmc security version number. + /// Set the cold-boot firmware security version number. /// /// # Arguments - /// * `svn` - fmc security version number + /// * `svn` - firmware security version number /// - pub fn set_fmc_svn(&mut self, svn: u32) { - self.cold_reset_entries.fmc_svn = svn; + pub fn set_cold_boot_fw_svn(&mut self, svn: u32) { + self.cold_reset_entries.cold_boot_fw_svn = svn; } - /// Get the fmc security version number. + /// Get the cold-boot firmware security version number. /// /// # Returns - /// * fmc security version number + /// * cold-boot firmware security version number /// - pub fn fmc_svn(&self) -> u32 { - self.cold_reset_entries.fmc_svn + pub fn cold_boot_fw_svn(&self) -> u32 { + self.cold_reset_entries.cold_boot_fw_svn } /// Set the fmc entry point. @@ -294,40 +294,40 @@ impl DataVault { self.warm_reset_entries.rt_tci } - /// Set the rt security version number. + /// Set the fw security version number. /// /// # Arguments - /// * `svn` - rt security version number + /// * `svn` - fw security version number /// - pub fn set_rt_svn(&mut self, svn: u32) { - self.warm_reset_entries.rt_svn = svn; + pub fn set_fw_svn(&mut self, svn: u32) { + self.warm_reset_entries.fw_svn = svn; } - /// Get the rt security version number. + /// Get the fw security version number. /// /// # Returns - /// * rt security version number + /// * fw security version number /// - pub fn rt_svn(&self) -> u32 { - self.warm_reset_entries.rt_svn + pub fn fw_svn(&self) -> u32 { + self.warm_reset_entries.fw_svn } - /// Set the rt minimum security version number. + /// Set the fw minimum security version number. /// /// # Arguments - /// * `svn` - rt minimum security version number + /// * `svn` - fw minimum security version number /// - pub fn set_rt_min_svn(&mut self, svn: u32) { - self.warm_reset_entries.rt_min_svn = svn; + pub fn set_fw_min_svn(&mut self, svn: u32) { + self.warm_reset_entries.fw_min_svn = svn; } - /// Get the rt minimum security version number. + /// Get the fw minimum security version number. /// /// # Returns - /// * rt minimum security version number + /// * fw minimum security version number /// - pub fn rt_min_svn(&self) -> u32 { - self.warm_reset_entries.rt_min_svn + pub fn fw_min_svn(&self) -> u32 { + self.warm_reset_entries.fw_min_svn } /// Set the rt entry. diff --git a/drivers/src/fuse_bank.rs b/drivers/src/fuse_bank.rs index 44f7ae8642..3ba085ab8c 100644 --- a/drivers/src/fuse_bank.rs +++ b/drivers/src/fuse_bank.rs @@ -271,32 +271,17 @@ impl FuseBank<'_> { soc_ifc_regs.fuse_anti_rollback_disable().read().dis() } - /// Get the fmc fuse security version number. + /// Get the firmware fuse security version number. /// /// # Arguments /// * None /// /// # Returns - /// fmc security version number + /// firmware security version number /// - pub fn fmc_fuse_svn(&self) -> u32 { - let soc_ifc_regs = self.soc_ifc.regs(); - 32 - soc_ifc_regs - .fuse_fmc_key_manifest_svn() - .read() - .leading_zeros() - } - - /// Get the runtime fuse security version number. - /// - /// # Arguments - /// * None - /// - /// # Returns - /// runtime security version number - /// - pub fn runtime_fuse_svn(&self) -> u32 { + pub fn fw_fuse_svn(&self) -> u32 { let soc_ifc_regs = self.soc_ifc.regs(); + // The legacy name of this register is `fuse_runtime_svn` first_set_msbit(&soc_ifc_regs.fuse_runtime_svn().read()) } diff --git a/drivers/src/fuse_log.rs b/drivers/src/fuse_log.rs index 4b5f17b4ce..dc0a6ef476 100644 --- a/drivers/src/fuse_log.rs +++ b/drivers/src/fuse_log.rs @@ -21,13 +21,13 @@ pub enum FuseLogEntryId { Invalid = 0, VendorEccPubKeyIndex = 1, // 4 bytes (From Manifest) VendorEccPubKeyRevocation = 2, // 4 bytes (From Fuse) - ManifestFmcSvn = 3, // 4 bytes + ColdBootFwSvn = 3, // 4 bytes ManifestReserved0 = 4, // 4 bytes #[deprecated] _DeprecatedFuseFmcSvn = 5, // 4 bytes - ManifestRtSvn = 6, // 4 bytes + ManifestFwSvn = 6, // 4 bytes ManifestReserved1 = 7, // 4 bytes - FuseRtSvn = 8, // 4 bytes + FuseFwSvn = 8, // 4 bytes VendorPqcPubKeyIndex = 9, // 4 bytes (From Manifest) VendorPqcPubKeyRevocation = 10, // 4 bytes (From Fuse) } @@ -38,12 +38,12 @@ impl From for FuseLogEntryId { match id { 1 => FuseLogEntryId::VendorEccPubKeyIndex, 2 => FuseLogEntryId::VendorEccPubKeyRevocation, - 3 => FuseLogEntryId::ManifestFmcSvn, + 3 => FuseLogEntryId::ColdBootFwSvn, 4 => FuseLogEntryId::ManifestReserved0, 5 => FuseLogEntryId::_DeprecatedFuseFmcSvn, - 6 => FuseLogEntryId::ManifestRtSvn, + 6 => FuseLogEntryId::ManifestFwSvn, 7 => FuseLogEntryId::ManifestReserved1, - 8 => FuseLogEntryId::FuseRtSvn, + 8 => FuseLogEntryId::FuseFwSvn, 9 => FuseLogEntryId::VendorPqcPubKeyIndex, 10 => FuseLogEntryId::VendorPqcPubKeyRevocation, _ => FuseLogEntryId::Invalid, diff --git a/drivers/src/hand_off.rs b/drivers/src/hand_off.rs index 7be38b65ac..ea28546c07 100644 --- a/drivers/src/hand_off.rs +++ b/drivers/src/hand_off.rs @@ -200,11 +200,11 @@ pub struct FirmwareHandoffTable { /// RtAlias TBS Size. pub rtalias_tbs_size: u16, - /// Maximum value RT FW SVN can take. - pub rt_hash_chain_max_svn: u16, + /// Maximum value FW SVN can take. + pub fw_hash_chain_max_svn: u16, - /// Index of RT hash chain value in the Key Vault. - pub rt_hash_chain_kv_hdl: HandOffDataHandle, + /// Index of FW hash chain value in the Key Vault. + pub fw_hash_chain_kv_hdl: HandOffDataHandle, /// Reserved for future use. pub reserved: [u8; FHT_RESERVED_SIZE], @@ -237,8 +237,8 @@ impl Default for FirmwareHandoffTable { idev_dice_mldsa_pub_key_load_addr: 0, rom_info_addr: RomAddr::new(FHT_INVALID_ADDRESS), rtalias_tbs_size: 0, - rt_hash_chain_max_svn: 0, - rt_hash_chain_kv_hdl: HandOffDataHandle(0), + fw_hash_chain_max_svn: 0, + fw_hash_chain_kv_hdl: HandOffDataHandle(0), reserved: [0u8; FHT_RESERVED_SIZE], } } diff --git a/error/src/lib.rs b/error/src/lib.rs index 0f73e1851f..7759185ae5 100644 --- a/error/src/lib.rs +++ b/error/src/lib.rs @@ -229,10 +229,10 @@ impl CaliptraError { CaliptraError::new_const(0x000b002a); pub const IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED: CaliptraError = CaliptraError::new_const(0x000b002b); - pub const IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED: CaliptraError = + pub const IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED: CaliptraError = CaliptraError::new_const(0x000b002c); - // 0x000b002d was IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_MIN_SUPPORTED - pub const IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE: CaliptraError = + // 0x000b002d was IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_MIN_SUPPORTED + pub const IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE: CaliptraError = CaliptraError::new_const(0x000b002e); pub const IMAGE_VERIFIER_ERR_IMAGE_LEN_MORE_THAN_BUNDLE_SIZE: CaliptraError = CaliptraError::new_const(0x000b002f); @@ -434,10 +434,11 @@ impl CaliptraError { CaliptraError::new_const(0x000E002A); pub const RUNTIME_CMD_BUSY_DURING_WARM_RESET: CaliptraError = CaliptraError::new_const(0x000E002B); - pub const RUNTIME_RT_SVN_HANDOFF_FAILED: CaliptraError = CaliptraError::new_const(0x000E002C); - pub const RUNTIME_RT_MIN_SVN_HANDOFF_FAILED: CaliptraError = + pub const RUNTIME_FW_SVN_HANDOFF_FAILED: CaliptraError = CaliptraError::new_const(0x000E002C); + pub const RUNTIME_FW_MIN_SVN_HANDOFF_FAILED: CaliptraError = CaliptraError::new_const(0x000E002D); - pub const RUNTIME_FMC_SVN_HANDOFF_FAILED: CaliptraError = CaliptraError::new_const(0x000E002E); + pub const RUNTIME_COLD_BOOT_FW_SVN_HANDOFF_FAILED: CaliptraError = + CaliptraError::new_const(0x000E002E); pub const RUNTIME_CONTEXT_HAS_TAG_VALIDATION_FAILED: CaliptraError = CaliptraError::new_const(0x000E002F); pub const RUNTIME_LDEV_ID_CERT_TOO_BIG: CaliptraError = CaliptraError::new_const(0x000E0030); diff --git a/fmc/Makefile b/fmc/Makefile index 2b8c27fbee..760b936edb 100644 --- a/fmc/Makefile +++ b/fmc/Makefile @@ -73,12 +73,11 @@ build-fw-image: gen-certs build-emu build-test-rt --pqc-pk-idx 3 \ --fmc $(TARGET_DIR)/caliptra-fmc \ --fmc-version 0 \ - --fmc-svn 0 \ --fmc-rev $(GIT_REV) \ --rt $(TARGET_DIR)/caliptra-runtime \ --rt-version 0 \ - --rt-svn 0 \ --rt-rev $(GIT_REV) \ + --fw-svn 0 \ --out $(TARGET_DIR)/caliptra-rom-test-fw \ bloat: build diff --git a/fmc/README.md b/fmc/README.md index 1b98c1fd17..e8230c4faa 100644 --- a/fmc/README.md +++ b/fmc/README.md @@ -306,14 +306,14 @@ This field provides the size of the *To Be Signed* portion of the Runtime Alias This field provides the size of the *To Be Signed* portion of the Runtime Alias MLDSA certificate. -### rt_hash_chain_max_svn +### fw_hash_chain_max_svn -This field informs firmware of the maximum RT SVN, which value was used -to determine the length of RT FW's hash chain. +This field informs firmware of the maximum FW SVN, which value was used +to determine the length of FW's hash chain. -### rt_hash_chain_kv_hdl +### fw_hash_chain_kv_hdl -This field provides the Handle into the Key Vault where RT's hash chain is stored. +This field provides the Handle into the Key Vault where FW's hash chain is stored. ### reserved @@ -380,7 +380,7 @@ The following list of steps are to be performed by FMC on each boot when ROM jum | 🔒Alias FMC Cert Signature S | | 🔒Alias FMC Cert MLDSA Signature | | 🔒FMC Digest | -| 🔒FMC SVN | +| 🔒FW SVN | | 🔒Owner PK Hash | | 🔒Manufacturer Public Key Index | @@ -482,7 +482,7 @@ sequenceDiagram | 🔒Alias FMC Cert ECDSA Signature S | | 🔒Alias FMC Cert MLDSA Signature | | 🔒FMC Digest | -| 🔒FMC SVN | +| 🔒FW SVN | | 🔒Owner PK Hash | | 🔒Manufacturer Public Key Index | diff --git a/fmc/src/flow/rt_alias.rs b/fmc/src/flow/rt_alias.rs index 816316b2b7..b3f2227475 100644 --- a/fmc/src/flow/rt_alias.rs +++ b/fmc/src/flow/rt_alias.rs @@ -281,7 +281,7 @@ impl RtAliasLayer { let serial_number = &X509::cert_sn(env, pub_key)?; let rt_tci: [u8; 48] = HandOff::rt_tci(env).into(); - let rt_svn = HandOff::rt_svn(env) as u8; + let fw_svn = HandOff::fw_svn(env) as u8; // Certificate `To Be Signed` Parameters let params = RtAliasCertTbsParams { @@ -295,7 +295,7 @@ impl RtAliasLayer { public_key: &pub_key.to_der(), not_before, not_after, - tcb_info_rt_svn: &rt_svn.to_be_bytes(), + tcb_info_fw_svn: &fw_svn.to_be_bytes(), tcb_info_rt_tci: &rt_tci, // Are there any fields missing? }; diff --git a/fmc/src/hand_off.rs b/fmc/src/hand_off.rs index 8e56298805..3c29cebd98 100644 --- a/fmc/src/hand_off.rs +++ b/fmc/src/hand_off.rs @@ -120,9 +120,9 @@ impl HandOff { env.persistent_data.get().data_vault.rt_tci() } - /// Retrieve runtime SVN. - pub fn rt_svn(env: &FmcEnv) -> u32 { - env.persistent_data.get().data_vault.rt_svn() + /// Retrieve firmware SVN. + pub fn fw_svn(env: &FmcEnv) -> u32 { + env.persistent_data.get().data_vault.fw_svn() } /// Store runtime Dice Signature diff --git a/hw-model/c-binding/examples/api/caliptra_api.c b/hw-model/c-binding/examples/api/caliptra_api.c index a0eaafdd56..3fb1d994ea 100644 --- a/hw-model/c-binding/examples/api/caliptra_api.c +++ b/hw-model/c-binding/examples/api/caliptra_api.c @@ -24,8 +24,8 @@ int caliptra_init_fuses(struct caliptra_model *model, struct caliptra_fuses *fus caliptra_fuse_array_write(model, GENERIC_AND_FUSE_REG_FUSE_KEY_MANIFEST_PK_HASH_0, fuses->key_manifest_pk_hash, CALIPTRA_ARRAY_SIZE(fuses->key_manifest_pk_hash)); caliptra_fuse_write(model, GENERIC_AND_FUSE_REG_FUSE_KEY_MANIFEST_PK_HASH_MASK_0, fuses->key_manifest_pk_hash_mask); caliptra_fuse_array_write(model, GENERIC_AND_FUSE_REG_CPTRA_OWNER_PK_HASH_0, fuses->owner_pk_hash, CALIPTRA_ARRAY_SIZE(fuses->owner_pk_hash)); - caliptra_fuse_write(model, GENERIC_AND_FUSE_REG_FUSE_FMC_KEY_MANIFEST_SVN, fuses->fmc_key_manifest_svn); - caliptra_fuse_array_write(model, GENERIC_AND_FUSE_REG_FUSE_FMC_KEY_MANIFEST_SVN, fuses->runtime_svn, CALIPTRA_ARRAY_SIZE(fuses->runtime_svn)); + caliptra_fuse_write(model, GENERIC_AND_FUSE_REG_FUSE_FMC_KEY_MANIFEST_SVN, 0); // FMC SVN deprecated + caliptra_fuse_array_write(model, GENERIC_AND_FUSE_REG_FUSE_RUNTIME_SVN_0, fuses->firmware_svn, CALIPTRA_ARRAY_SIZE(fuses->firmware_svn)); caliptra_fuse_write(model, GENERIC_AND_FUSE_REG_FUSE_ANTI_ROLLBACK_DISABLE, (uint32_t)fuses->anti_rollback_disable); caliptra_fuse_array_write(model, GENERIC_AND_FUSE_REG_FUSE_IDEVID_CERT_ATTR_0, fuses->idevid_cert_attr, CALIPTRA_ARRAY_SIZE(fuses->idevid_cert_attr)); caliptra_fuse_array_write(model, GENERIC_AND_FUSE_REG_FUSE_IDEVID_MANUF_HSM_ID_0, fuses->idevid_manuf_hsm_id, CALIPTRA_ARRAY_SIZE(fuses->idevid_manuf_hsm_id)); diff --git a/hw-model/c-binding/examples/api/caliptra_api.h b/hw-model/c-binding/examples/api/caliptra_api.h index 1ba241183f..51d22b184e 100644 --- a/hw-model/c-binding/examples/api/caliptra_api.h +++ b/hw-model/c-binding/examples/api/caliptra_api.h @@ -19,8 +19,7 @@ struct caliptra_fuses { uint32_t key_manifest_pk_hash_mask : 4; uint32_t rsvd : 28; uint32_t owner_pk_hash[12]; - uint32_t fmc_key_manifest_svn; - uint32_t runtime_svn[4]; + uint32_t firmware_svn[4]; bool anti_rollback_disable; uint32_t idevid_cert_attr[24]; uint32_t idevid_manuf_hsm_id[4]; diff --git a/hw-model/types/src/lib.rs b/hw-model/types/src/lib.rs index b290bb6af0..bc90f62530 100644 --- a/hw-model/types/src/lib.rs +++ b/hw-model/types/src/lib.rs @@ -121,8 +121,7 @@ impl std::fmt::Debug for FusesWrapper { &self.0.key_manifest_pk_hash_mask, ) .field("owner_pk_hash", &HexSlice(&self.0.owner_pk_hash)) - .field("fmc_key_manifest_svn", &self.0.fmc_key_manifest_svn) - .field("runtime_svn", &HexSlice(&self.0.runtime_svn)) + .field("firmware_svn", &HexSlice(&self.0.fw_svn)) .field("anti_rollback_disable", &self.0.anti_rollback_disable) .field("idevid_cert_attr", &HexSlice(&self.0.idevid_cert_attr)) .field( diff --git a/image/app/src/create/mod.rs b/image/app/src/create/mod.rs index f16947b619..458906cb83 100644 --- a/image/app/src/create/mod.rs +++ b/image/app/src/create/mod.rs @@ -90,10 +90,6 @@ pub(crate) fn run_cmd(args: &ArgMatches) -> anyhow::Result<()> { .get_one::("fmc-version") .with_context(|| "fmc-version arg not specified")?; - let fmc_svn: &u32 = args - .get_one::("fmc-svn") - .with_context(|| "fmc-svn arg not specified")?; - let fmc_rev: &String = args .get_one::("fmc-rev") .with_context(|| "fmc-rev arg not specified")?; @@ -106,14 +102,14 @@ pub(crate) fn run_cmd(args: &ArgMatches) -> anyhow::Result<()> { .get_one::("rt-version") .with_context(|| "rt-version arg not specified")?; - let runtime_svn: &u32 = args - .get_one::("rt-svn") - .with_context(|| "rt-svn arg not specified")?; - let runtime_rev: &String = args .get_one::("rt-rev") .with_context(|| "rt-rev arg not specified")?; + let fw_svn: &u32 = args + .get_one::("fw-svn") + .with_context(|| "fw-svn arg not specified")?; + let ecc_key_idx: &u32 = args .get_one::("ecc-pk-idx") .with_context(|| "ecc-pk-idx arg not specified")?; @@ -158,7 +154,6 @@ pub(crate) fn run_cmd(args: &ArgMatches) -> anyhow::Result<()> { let fmc = ElfExecutable::open( fmc_path, *fmc_version, - *fmc_svn, fmc_rev[..IMAGE_REVISION_BYTE_SIZE].try_into()?, )?; @@ -166,7 +161,6 @@ pub(crate) fn run_cmd(args: &ArgMatches) -> anyhow::Result<()> { let runtime = ElfExecutable::open( runtime_path, *runtime_version, - *runtime_svn, runtime_rev[..IMAGE_REVISION_BYTE_SIZE].try_into()?, )?; @@ -200,6 +194,7 @@ pub(crate) fn run_cmd(args: &ArgMatches) -> anyhow::Result<()> { )?, fmc, runtime, + fw_svn: *fw_svn, }; let gen = ImageGenerator::new(Crypto::default()); diff --git a/image/app/src/main.rs b/image/app/src/main.rs index 768f840205..2d26a7f326 100644 --- a/image/app/src/main.rs +++ b/image/app/src/main.rs @@ -56,11 +56,6 @@ fn main() { .required(true) .value_parser(value_parser!(u32)), ) - .arg( - arg!(--"fmc-svn" "FMC Security Version Number") - .required(true) - .value_parser(value_parser!(u32)), - ) .arg( arg!(--"rt" "Runtime ELF binary") .required(true) @@ -77,7 +72,7 @@ fn main() { .value_parser(value_parser!(u32)), ) .arg( - arg!(--"rt-svn" "Runtime Security Version Number") + arg!(--"fw-svn" "Firmware Security Version Number") .required(true) .value_parser(value_parser!(u32)), ) diff --git a/image/elf/src/lib.rs b/image/elf/src/lib.rs index 0dfb64b83d..ef4db31c02 100644 --- a/image/elf/src/lib.rs +++ b/image/elf/src/lib.rs @@ -24,7 +24,6 @@ use std::path::PathBuf; #[derive(Default)] pub struct ElfExecutable { version: u32, - svn: u32, rev: ImageRevision, load_addr: u32, entry_point: u32, @@ -50,22 +49,12 @@ fn load_into_image( } impl ElfExecutable { - pub fn open( - path: &PathBuf, - version: u32, - svn: u32, - rev: ImageRevision, - ) -> anyhow::Result { + pub fn open(path: &PathBuf, version: u32, rev: ImageRevision) -> anyhow::Result { let file_data = std::fs::read(path).with_context(|| "Failed to read file")?; - ElfExecutable::new(&file_data, version, svn, rev) + ElfExecutable::new(&file_data, version, rev) } /// Create new instance of `ElfExecutable`. - pub fn new( - elf_bytes: &[u8], - version: u32, - svn: u32, - rev: ImageRevision, - ) -> anyhow::Result { + pub fn new(elf_bytes: &[u8], version: u32, rev: ImageRevision) -> anyhow::Result { let mut content = vec![]; let elf_file = ElfBytes::::minimal_parse(elf_bytes) @@ -99,7 +88,6 @@ impl ElfExecutable { Ok(Self { version, - svn, rev, load_addr, entry_point, @@ -114,11 +102,6 @@ impl ImageGeneratorExecutable for ElfExecutable { self.version } - /// Executable Security Version Number - fn svn(&self) -> u32 { - self.svn - } - /// Executable Revision fn rev(&self) -> &ImageRevision { &self.rev diff --git a/image/gen/src/generator.rs b/image/gen/src/generator.rs index 69115e4aaf..c3a083d869 100644 --- a/image/gen/src/generator.rs +++ b/image/gen/src/generator.rs @@ -61,12 +61,12 @@ impl ImageGenerator { // Create FMC TOC & Content let id = ImageTocEntryId::Fmc; let offset = IMAGE_MANIFEST_BYTE_SIZE as u32; - let (fmc_toc, fmc) = self.gen_image(&config.fmc, id, offset)?; + let (fmc_toc, fmc) = self.gen_image(config, id, offset)?; // Create Runtime TOC & Content let id = ImageTocEntryId::Runtime; let offset = offset + fmc_toc.size; - let (runtime_toc, runtime) = self.gen_image(&config.runtime, id, offset)?; + let (runtime_toc, runtime) = self.gen_image(config, id, offset)?; // Check if fmc and runtime image load address ranges don't overlap. if fmc_toc.overlaps(&runtime_toc) { @@ -408,13 +408,20 @@ impl ImageGenerator { /// Generate image fn gen_image( &self, - image: &E, + config: &ImageGeneratorConfig, id: ImageTocEntryId, offset: u32, ) -> anyhow::Result<(ImageTocEntry, Vec)> where E: ImageGeneratorExecutable, { + // The firmware SVN is placed in the RT FW TOC entry. The FMC TOC entry's SVN is left as zero. + + let (image, svn) = match id { + ImageTocEntryId::Fmc => (&config.fmc, 0_u32), + ImageTocEntryId::Runtime => (&config.runtime, config.fw_svn), + }; + let r#type = ImageTocEntryType::Executable; let digest = self.crypto.sha384_digest(image.content())?; @@ -423,7 +430,7 @@ impl ImageGenerator { r#type: r#type.into(), revision: *image.rev(), version: image.version(), - svn: image.svn(), + svn, reserved: 0, load_addr: image.load_addr(), entry_point: image.entry_point(), diff --git a/image/gen/src/lib.rs b/image/gen/src/lib.rs index 50c567669d..e1bcfcdbcb 100644 --- a/image/gen/src/lib.rs +++ b/image/gen/src/lib.rs @@ -24,9 +24,6 @@ pub trait ImageGeneratorExecutable { /// Executable Version Number fn version(&self) -> u32; - /// Executable Security Version Number - fn svn(&self) -> u32; - /// Executable Revision fn rev(&self) -> &ImageRevision; @@ -151,4 +148,6 @@ where pub fmc: T, pub runtime: T, + + pub fw_svn: u32, } diff --git a/image/verify/src/lib.rs b/image/verify/src/lib.rs index 15d470a568..ce6d103c5a 100644 --- a/image/verify/src/lib.rs +++ b/image/verify/src/lib.rs @@ -21,7 +21,7 @@ use core::ops::Range; pub use verifier::ImageVerifier; -pub const MAX_RUNTIME_SVN: u32 = 128; +pub const MAX_FIRMWARE_SVN: u32 = 128; /// Image Verifification Executable Info #[derive(Default, Debug)] @@ -161,8 +161,8 @@ pub trait ImageVerificationEnv { // Save the fmc digest in the data vault on cold boot fn get_fmc_digest_dv(&self) -> ImageDigest384; - // Get Runtime fuse SVN - fn runtime_fuse_svn(&self) -> u32; + // Get FW SVN fuse value + fn fw_fuse_svn(&self) -> u32; // ICCM Range fn iccm_range(&self) -> Range; diff --git a/image/verify/src/verifier.rs b/image/verify/src/verifier.rs index a992ef0482..641581b95d 100644 --- a/image/verify/src/verifier.rs +++ b/image/verify/src/verifier.rs @@ -153,7 +153,7 @@ impl ImageVerifier { fw_log_info: FirmwareSvnLogInfo { manifest_svn: fw_svn, reserved: 0, - fuse_svn: self.env.runtime_fuse_svn(), + fuse_svn: self.env.fw_fuse_svn(), }, }, pqc_verify_config: manifest.pqc_key_type.into(), @@ -166,14 +166,14 @@ impl ImageVerifier { /// or equal to the fuse SVN. fn verify_svn(&mut self, fw_svn: u32) -> CaliptraResult<()> { if self.svn_check_required() { - if fw_svn > MAX_RUNTIME_SVN { - Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED)?; + if fw_svn > MAX_FIRMWARE_SVN { + Err(CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED)?; } - if cfi_launder(fw_svn) < self.env.runtime_fuse_svn() { - Err(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE)?; + if cfi_launder(fw_svn) < self.env.fw_fuse_svn() { + Err(CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE)?; } else { - cfi_assert_ge(fw_svn, self.env.runtime_fuse_svn()); + cfi_assert_ge(fw_svn, self.env.fw_fuse_svn()); } } Ok(()) @@ -189,7 +189,7 @@ impl ImageVerifier { 0_u32 } else { cfi_assert!(!self.env.anti_rollback_disable()); - self.env.runtime_fuse_svn() + self.env.fw_fuse_svn() } } @@ -2327,7 +2327,7 @@ mod tests { self.fmc_digest } - fn runtime_fuse_svn(&self) -> u32 { + fn fw_fuse_svn(&self) -> u32 { 0 } diff --git a/libcaliptra/inc/caliptra_types.h b/libcaliptra/inc/caliptra_types.h index 3e6d33470e..304dcb5f8e 100644 --- a/libcaliptra/inc/caliptra_types.h +++ b/libcaliptra/inc/caliptra_types.h @@ -32,8 +32,7 @@ struct caliptra_fuses { uint32_t key_manifest_pk_hash_mask : 4; uint32_t rsvd : 28; uint32_t owner_pk_hash[12]; - uint32_t fmc_key_manifest_svn; - uint32_t runtime_svn[4]; + uint32_t fw_svn[4]; bool anti_rollback_disable; uint32_t idevid_cert_attr[24]; uint32_t idevid_manuf_hsm_id[4]; @@ -133,9 +132,9 @@ struct caliptra_stash_measurement_resp { struct caliptra_fw_info_resp { struct caliptra_resp_header hdr; uint32_t pl0_pauser; - uint32_t runtime_svn; - uint32_t min_runtime_svn; - uint32_t fmc_manifest_svn; + uint32_t firmware_svn; + uint32_t min_firmware_svn; + uint32_t cold_boot_fw_svn; uint32_t attestation_disabled; uint8_t rom_revision[20]; uint8_t fmc_revision[20]; diff --git a/libcaliptra/src/caliptra_api.c b/libcaliptra/src/caliptra_api.c index 04a292c3e2..bb4d4e3da8 100644 --- a/libcaliptra/src/caliptra_api.c +++ b/libcaliptra/src/caliptra_api.c @@ -280,8 +280,8 @@ int caliptra_init_fuses(const struct caliptra_fuses *fuses) caliptra_fuse_array_write(GENERIC_AND_FUSE_REG_FUSE_KEY_MANIFEST_PK_HASH_0, fuses->key_manifest_pk_hash, CALIPTRA_ARRAY_SIZE(fuses->key_manifest_pk_hash)); caliptra_generic_and_fuse_write(GENERIC_AND_FUSE_REG_FUSE_KEY_MANIFEST_PK_HASH_MASK_0, fuses->key_manifest_pk_hash_mask); caliptra_fuse_array_write(GENERIC_AND_FUSE_REG_CPTRA_OWNER_PK_HASH_0, fuses->owner_pk_hash, CALIPTRA_ARRAY_SIZE(fuses->owner_pk_hash)); - caliptra_generic_and_fuse_write(GENERIC_AND_FUSE_REG_FUSE_FMC_KEY_MANIFEST_SVN, fuses->fmc_key_manifest_svn); - caliptra_fuse_array_write(GENERIC_AND_FUSE_REG_FUSE_RUNTIME_SVN_0, fuses->runtime_svn, CALIPTRA_ARRAY_SIZE(fuses->runtime_svn)); + caliptra_generic_and_fuse_write(GENERIC_AND_FUSE_REG_FUSE_FMC_KEY_MANIFEST_SVN, 0); // Deprecated fuse. + caliptra_fuse_array_write(GENERIC_AND_FUSE_REG_FUSE_RUNTIME_SVN_0, fuses->fw_svn, CALIPTRA_ARRAY_SIZE(fuses->fw_svn)); caliptra_generic_and_fuse_write(GENERIC_AND_FUSE_REG_FUSE_ANTI_ROLLBACK_DISABLE, (uint32_t)fuses->anti_rollback_disable); caliptra_fuse_array_write(GENERIC_AND_FUSE_REG_FUSE_IDEVID_CERT_ATTR_0, fuses->idevid_cert_attr, CALIPTRA_ARRAY_SIZE(fuses->idevid_cert_attr)); caliptra_fuse_array_write(GENERIC_AND_FUSE_REG_FUSE_IDEVID_MANUF_HSM_ID_0, fuses->idevid_manuf_hsm_id, CALIPTRA_ARRAY_SIZE(fuses->idevid_manuf_hsm_id)); diff --git a/rom/dev/Makefile b/rom/dev/Makefile index 9294ddfca3..701918e4cb 100644 --- a/rom/dev/Makefile +++ b/rom/dev/Makefile @@ -74,12 +74,11 @@ build-fw-image: gen-certs build-test-fmc build-test-rt --pqc-pk-idx 3 \ --fmc $(TARGET_DIR)/caliptra-rom-test-fmc \ --fmc-version 0 \ - --fmc-svn 0 \ --fmc-rev $(GIT_REV) \ --rt $(TARGET_DIR)/caliptra-rom-test-rt \ --rt-version 0 \ - --rt-svn 0 \ --rt-rev $(GIT_REV) \ + --fw-svn 0 \ --out $(TARGET_DIR)/caliptra-rom-test-fw \ bloat: build diff --git a/rom/dev/README.md b/rom/dev/README.md index c201a77218..7c2dcb7186 100644 --- a/rom/dev/README.md +++ b/rom/dev/README.md @@ -62,8 +62,8 @@ Following are the main FUSE & Architectural Registers used by the Caliptra ROM f | FUSE_LMS_REVOCATION | 32 | Manufacturer LMS Public Key Revocation Mask | | FUSE_MLDSA_REVOCATION | 32 | Manufacturer MLDSA Public Key Revocation Mask | | FUSE_OWNER_PK_HASH | 384 | Owner ECC and LMS or MLDSA Public Key Hash | -| FUSE_RUNTIME_SVN | 128 | Runtime Security Version Number | -| FUSE_ANTI_ROLLBACK_DISABLE | 1 | Disable SVN checking for FMC & Runtime when bit is set | +| FUSE_FIRMARE_SVN | 128 | Firmware Security Version Number | +| FUSE_ANTI_ROLLBACK_DISABLE | 1 | Disable SVN checking for firmware when bit is set | | FUSE_IDEVID_CERT_ATTR | 768 | FUSE containing information for generating IDEVID CSR
**Word 0:bits[0-2]**: ECDSA X509 Key Id Algorithm (3 bits) 0: SHA1, 1: SHA256, 2: SHA384, 3: SHA512, 4: Fuse
**Word 0:bits[3-5]**: MLDSA X509 Key Id Algorithm (3 bits) 0: SHA1, 1: SHA256, 2: SHA384, 3: SHA512, 4: Fuse
**Word 1,2,3,4,5**: ECDSA Subject Key Id
**Word 6,7,8,9,10**: MLDSA Subject Key Id
**Words 11,12**: Unique Endpoint ID
**Words 13,14,15,16**: Manufacturer Serial Number | | MANUF_DEBUG_UNLOCK_TOKEN | 128 | Secret value for manufacturing debug unlock authorization | @@ -834,8 +834,8 @@ Alias FMC Layer includes the measurement of the FMC and other security states. T - **Warm Reset unlockable values:** These values are unlocked on a Warm or Cold Reset: - RT TCI - - RT SVN - RT Entry Point + - FW SVN - Manifest Addr - ROM Update Reset Status @@ -862,8 +862,8 @@ ROM locks the following entities to prevent any updates: - **Warm Reset unlockable values:** - RT TCI - - RT SVN - RT Entry Point + - FW SVN - Manifest Addr - ROM Update Reset Status @@ -939,7 +939,7 @@ The following are the pre-conditions that should be satisfied: - fuse_lms_revocation : This is the bitmask of the LMS keys which are revoked. - fuse_mldsa_revocation : This is the bitmask of the MLDSA keys which are revoked. - fuse_owner_pk_hash : The hash of the owner public keys in preamble. - - fuse_runtime_svn : Used in RT validation to make sure that the runtime image's version number is good. + - fuse_firmware_svn : Used in FW validation to make sure that the firmware image's SVN is good. - The SOC has written the data to the mailbox. - The SOC has written the data length in the DLEN mailbox register. - The SOC has put the FW_DOWNLOAD command in the command register. diff --git a/rom/dev/doc/error-attribution.md b/rom/dev/doc/error-attribution.md index c871f3509b..d393d5a90b 100644 --- a/rom/dev/doc/error-attribution.md +++ b/rom/dev/doc/error-attribution.md @@ -95,8 +95,8 @@ Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_INVALID Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_UNALIGNED | 0x000b0029 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_INVALID | 0x000b002a Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED | 0x000b002b -Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b002c -Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE | 0x000b002e +Verifier Library | IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b002c +Verifier Library | IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE | 0x000b002e Verifier Library | IMAGE_VERIFIER_ERR_IMAGE_LEN_MORE_THAN_BUNDLE_SIZE | 0x000b002f Verifier Library | IMAGE_VERIFIER_ERR_VENDOR_LMS_PUB_KEY_INDEX_MISMATCH | 0x000b0030 Verifier Library | IMAGE_VERIFIER_ERR_VENDOR_LMS_VERIFY_FAILURE | 0x000b0031 @@ -211,8 +211,8 @@ Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_INVALID Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_LOAD_ADDR_UNALIGNED | 0x000b0029 Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_INVALID | 0x000b002a Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED | 0x000b002b -Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b002c -Verifier Library | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE | 0x000b002e +Verifier Library | IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED | 0x000b002c +Verifier Library | IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE | 0x000b002e Verifier Library | IMAGE_VERIFIER_ERR_IMAGE_LEN_MORE_THAN_BUNDLE_SIZE | 0x000b002f Verifier Library | IMAGE_VERIFIER_ERR_VENDOR_LMS_PUB_KEY_INDEX_MISMATCH | 0x000b0030 Verifier Library | IMAGE_VERIFIER_ERR_VENDOR_LMS_VERIFY_FAILURE | 0x000b0031 diff --git a/rom/dev/doc/test-coverage/test-coverage.md b/rom/dev/doc/test-coverage/test-coverage.md index 8733faf9fe..afee83e8c0 100644 --- a/rom/dev/doc/test-coverage/test-coverage.md +++ b/rom/dev/doc/test-coverage/test-coverage.md @@ -46,8 +46,8 @@ Test Scenario| Test Name | ROM Error Code Check if RT entry point is within ICCM range | **test_runtime_invalid_entry_point_before_iccm** | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_INVALID Check if RT entry point is within ICCM range | **test_runtime_invalid_entry_point_after_iccm** | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_INVALID Check if RT entry point is DWORD aligned | **test_runtime_entry_point_unaligned** | IMAGE_VERIFIER_ERR_RUNTIME_ENTRY_POINT_UNALIGNED - Check if RT SVN is greater than max (128) | **test_runtime_svn_greater_than_max** | IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED - Check if RT SVN is less than fuse svn | **test_runtime_svn_less_than_fuse_svn** | IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE + Check if FW SVN is greater than max (128) | **test_firmware_svn_greater_than_max** | IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED + Check if FW SVN is less than fuse svn | **test_firmware_svn_less_than_fuse_svn** | IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE Generates the LDEVID and FMC Alias certificates |**cert_test** | N/A Check if the owner and vendor cert validty dates are present in FMC Alias cert | **cert_test_with_custom_dates** | N/A @@ -70,7 +70,7 @@ Check if firmware is zero-sized | **test_zero_firmware_size** | FW_PROC_INVALID_ Check if firmware is not more than max. size (128K) | **test_firmware_gt_max_size** | FW_PROC_INVALID_IMAGE_SIZE Check if PCR log entries are correctly logged to DCCM | **test_pcr_log** | N/A Check PCR log entries - No Onwer Public Key Hash in fuse_owner_pk_hash | **test_pcr_log_no_owner_key_digest_fuse** | N/A -Check PCR log entries - FMC Fuse SVN set in fuse_fmc_key_manifest_svn | **test_pcr_log_fmc_fuse_svn** | N/A +Check PCR log entries - FW Fuse SVN set in fuse_fw_manifest_svn | **test_pcr_log_fw_fuse_svn** | N/A Check PCR log entries across Update Reset | **test_pcr_log_across_update_reset** | N/A Check if Fuse log entries are correctly logged to DCCM | **test_fuse_log** | N/A diff --git a/rom/dev/src/flow/cold_reset/fmc_alias.rs b/rom/dev/src/flow/cold_reset/fmc_alias.rs index a076e0c211..e266795128 100644 --- a/rom/dev/src/flow/cold_reset/fmc_alias.rs +++ b/rom/dev/src/flow/cold_reset/fmc_alias.rs @@ -200,7 +200,7 @@ impl FmcAliasLayer { let flags = Self::make_flags(env.soc_ifc.lifecycle(), env.soc_ifc.debug_locked()); - let svn = data_vault.fmc_svn() as u8; + let svn = data_vault.cold_boot_fw_svn() as u8; let fuse_svn = fw_proc_info.effective_fuse_svn as u8; let mut fuse_info_digest = Array4x12::default(); @@ -232,8 +232,8 @@ impl FmcAliasLayer { tcb_info_fmc_tci: &(&data_vault.fmc_tci()).into(), tcb_info_device_info_hash: &fuse_info_digest.into(), tcb_info_flags: &flags, - tcb_info_fmc_svn: &svn.to_be_bytes(), - tcb_info_fmc_svn_fuses: &fuse_svn.to_be_bytes(), + tcb_info_fw_svn: &svn.to_be_bytes(), + tcb_info_fw_svn_fuses: &fuse_svn.to_be_bytes(), not_before: &fw_proc_info.fmc_cert_valid_not_before.value, not_after: &fw_proc_info.fmc_cert_valid_not_after.value, }; diff --git a/rom/dev/src/flow/cold_reset/fw_processor.rs b/rom/dev/src/flow/cold_reset/fw_processor.rs index d7490927dc..a8d168b0c6 100644 --- a/rom/dev/src/flow/cold_reset/fw_processor.rs +++ b/rom/dev/src/flow/cold_reset/fw_processor.rs @@ -443,10 +443,10 @@ impl FirmwareProcessor { .as_bytes(), )?; - // Log ManifestFmcSvn + // Log cold-boot FW SVN log_fuse_data( log, - FuseLogEntryId::ManifestFmcSvn, + FuseLogEntryId::ColdBootFwSvn, log_info.fw_log_info.manifest_svn.as_bytes(), )?; @@ -457,7 +457,7 @@ impl FirmwareProcessor { log_info.fw_log_info.reserved.as_bytes(), )?; - // Log DeprecatedFuseFmcSvn (which is now the same as FuseRtSvn) + // Log DeprecatedFuseFmcSvn (which is now the same as FuseFwSvn) #[allow(deprecated)] log_fuse_data( log, @@ -465,10 +465,10 @@ impl FirmwareProcessor { log_info.fw_log_info.fuse_svn.as_bytes(), )?; - // Log ManifestRtSvn + // Log ManifestFwSvn log_fuse_data( log, - FuseLogEntryId::ManifestRtSvn, + FuseLogEntryId::ManifestFwSvn, log_info.fw_log_info.manifest_svn.as_bytes(), )?; @@ -479,10 +479,10 @@ impl FirmwareProcessor { log_info.fw_log_info.reserved.as_bytes(), )?; - // Log FuseRtSvn + // Log FuseFwSvn log_fuse_data( log, - FuseLogEntryId::FuseRtSvn, + FuseLogEntryId::FuseFwSvn, log_info.fw_log_info.fuse_svn.as_bytes(), )?; @@ -559,14 +559,14 @@ impl FirmwareProcessor { let manifest_address = &persistent_data.get().manifest1 as *const _ as u32; let data_vault = &mut persistent_data.get_mut().data_vault; data_vault.set_fmc_tci(&info.fmc.digest.into()); - data_vault.set_fmc_svn(info.fw_svn); + data_vault.set_cold_boot_fw_svn(info.fw_svn); data_vault.set_fmc_entry_point(info.fmc.entry_point); data_vault.set_owner_pk_hash(&info.owner_pub_keys_digest.into()); data_vault.set_vendor_ecc_pk_index(info.vendor_ecc_pub_key_idx); data_vault.set_vendor_pqc_pk_index(info.vendor_pqc_pub_key_idx); data_vault.set_rt_tci(&info.runtime.digest.into()); - data_vault.set_rt_svn(info.fw_svn); - data_vault.set_rt_min_svn(info.fw_svn); + data_vault.set_fw_svn(info.fw_svn); + data_vault.set_fw_min_svn(info.fw_svn); data_vault.set_rt_entry_point(info.runtime.entry_point); data_vault.set_manifest_addr(manifest_address); diff --git a/rom/dev/src/flow/fake.rs b/rom/dev/src/flow/fake.rs index 55da4c4a01..e29ca15b63 100644 --- a/rom/dev/src/flow/fake.rs +++ b/rom/dev/src/flow/fake.rs @@ -390,8 +390,8 @@ impl<'a, 'b> ImageVerificationEnv for &mut FakeRomImageVerificationEnv<'a, 'b> { } // Get Fuse FW Manifest SVN - fn runtime_fuse_svn(&self) -> u32 { - self.soc_ifc.fuse_bank().runtime_fuse_svn() + fn fw_fuse_svn(&self) -> u32 { + self.soc_ifc.fuse_bank().fw_fuse_svn() } fn iccm_range(&self) -> Range { diff --git a/rom/dev/src/flow/update_reset.rs b/rom/dev/src/flow/update_reset.rs index d819f62163..85081a8224 100644 --- a/rom/dev/src/flow/update_reset.rs +++ b/rom/dev/src/flow/update_reset.rs @@ -219,11 +219,11 @@ impl UpdateResetFlow { fn populate_data_vault(data_vault: &mut DataVault, info: &ImageVerificationInfo) { data_vault.set_rt_tci(&info.runtime.digest.into()); - let cur_min_svn = data_vault.rt_min_svn(); + let cur_min_svn = data_vault.fw_min_svn(); let new_min_svn = core::cmp::min(cur_min_svn, info.fw_svn); - data_vault.set_rt_svn(info.fw_svn); - data_vault.set_rt_min_svn(new_min_svn); + data_vault.set_fw_svn(info.fw_svn); + data_vault.set_fw_min_svn(new_min_svn); data_vault.set_rt_entry_point(info.runtime.entry_point); report_boot_status(UpdateResetPopulateDataVaultComplete.into()); diff --git a/rom/dev/src/pcr.rs b/rom/dev/src/pcr.rs index e7a63fecc8..7732c35801 100644 --- a/rom/dev/src/pcr.rs +++ b/rom/dev/src/pcr.rs @@ -89,7 +89,7 @@ pub(crate) fn extend_pcrs( soc_ifc.debug_locked() as u8, soc_ifc.fuse_bank().anti_rollback_disable() as u8, data_vault.vendor_ecc_pk_index() as u8, - data_vault.fmc_svn() as u8, + data_vault.cold_boot_fw_svn() as u8, info.effective_fuse_svn as u8, data_vault.vendor_pqc_pk_index() as u8, info.pqc_verify_config as u8, diff --git a/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs b/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs index fe7293460b..10667ece1b 100644 --- a/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs +++ b/rom/dev/tests/rom_integration_tests/test_fmcalias_derivation.rs @@ -158,11 +158,10 @@ fn test_pcr_log() { ) .unwrap(); - const FMC_SVN: u32 = 1; + const FW_SVN: u32 = 1; let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, - fmc_svn: FMC_SVN, - app_svn: FMC_SVN, + fw_svn: FW_SVN, ..Default::default() }; let image_bundle = caliptra_builder::build_and_sign_image( @@ -199,7 +198,7 @@ fn test_pcr_log() { debug_locked as u8, anti_rollback_disable as u8, VENDOR_CONFIG_KEY_1.ecc_key_idx as u8, - FMC_SVN as u8, + FW_SVN as u8, 0_u8, VENDOR_CONFIG_KEY_1.pqc_key_idx as u8, RomPqcVerifyConfig::EcdsaAndLms as u8, @@ -318,7 +317,7 @@ fn test_pcr_log_no_owner_key_digest_fuse() { } #[test] -fn test_pcr_log_fmc_fuse_svn() { +fn test_pcr_log_fw_fuse_svn() { let gen = ImageGenerator::new(Crypto::default()); let image_bundle = helpers::build_image_bundle(ImageOptions::default()); @@ -330,15 +329,15 @@ fn test_pcr_log_fmc_fuse_svn() { .owner_pubkey_digest(&image_bundle.manifest.preamble) .unwrap(); - const FMC_SVN: u32 = 3; - const FMC_FUSE_SVN: u32 = 2; + const FW_SVN: u32 = 3; + const FW_FUSE_SVN: u32 = 2; let fuses = Fuses { anti_rollback_disable: false, key_manifest_pk_hash: vendor_pubkey_digest, owner_pk_hash: owner_pubkey_digest, - fmc_key_manifest_svn: FMC_FUSE_SVN, - runtime_svn: [0x3, 0, 0, 0], // TODO: add tooling to make this more ergonomic. + // TODO: add tooling to compute a fuse array from a given SVN value. + fw_svn: [0x3, 0, 0, 0], // Value of FW_FUSE_SVN ..Default::default() }; let rom = caliptra_builder::build_firmware_rom(firmware::rom_from_env()).unwrap(); @@ -357,8 +356,7 @@ fn test_pcr_log_fmc_fuse_svn() { let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, - fmc_svn: FMC_SVN, - app_svn: FMC_SVN, + fw_svn: FW_SVN, ..Default::default() }; let image_bundle = caliptra_builder::build_and_sign_image( @@ -395,8 +393,8 @@ fn test_pcr_log_fmc_fuse_svn() { debug_locked as u8, anti_rollback_disable as u8, VENDOR_CONFIG_KEY_1.ecc_key_idx as u8, - FMC_SVN as u8, - FMC_FUSE_SVN as u8, + FW_SVN as u8, + FW_FUSE_SVN as u8, VENDOR_CONFIG_KEY_1.pqc_key_idx as u8, RomPqcVerifyConfig::EcdsaAndLms as u8, true as u8, @@ -473,13 +471,11 @@ fn test_pcr_log_across_update_reset() { .owner_pubkey_digest(&image_bundle.manifest.preamble) .unwrap(); - const FMC_SVN: u32 = 2; - const FMC_FUSE_SVN: u32 = 1; + const FW_SVN: u32 = 2; let fuses = Fuses { anti_rollback_disable: false, - fmc_key_manifest_svn: FMC_FUSE_SVN, - runtime_svn: [1, 0, 0, 0], + fw_svn: [1, 0, 0, 0], key_manifest_pk_hash: vendor_pubkey_digest, owner_pk_hash: owner_pubkey_digest, ..Default::default() @@ -500,8 +496,7 @@ fn test_pcr_log_across_update_reset() { let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, - fmc_svn: FMC_SVN, - app_svn: FMC_SVN, + fw_svn: FW_SVN, ..Default::default() }; let image_bundle = caliptra_builder::build_and_sign_image( @@ -577,12 +572,12 @@ fn test_pcr_log_across_update_reset() { #[test] #[allow(deprecated)] fn test_fuse_log() { - const FMC_SVN: u32 = 4; + const FW_SVN: u32 = 4; + const FW_FUSE_SVN: u32 = 3; let fuses = Fuses { anti_rollback_disable: true, - fmc_key_manifest_svn: 0x0F, // Value of FMC_SVN - runtime_svn: [0xF, 0, 0, 0], // Value of RT_SVN + fw_svn: [0x7, 0, 0, 0], // Value of FW_FUSE_SVN ..Default::default() }; @@ -603,12 +598,12 @@ fn test_fuse_log() { let image_options = ImageOptions { vendor_config: VENDOR_CONFIG_KEY_1, owner_config: Some(OWNER_CONFIG), - fmc_svn: FMC_SVN, fmc_version: 0, - app_svn: FMC_SVN, app_version: 0, pqc_key_type: FwVerificationPqcKeyType::LMS, + fw_svn: FW_SVN, }; + let image_bundle = caliptra_builder::build_and_sign_image(&TEST_FMC_WITH_UART, &APP_WITH_UART, image_options) .unwrap(); @@ -643,15 +638,15 @@ fn test_fuse_log() { ); assert_eq!(fuse_log_entry.log_data[0], 0,); - // Validate the ManifestFmcSvn + // Validate the ColdBootFwSvn fuse_log_entry_offset += core::mem::size_of::(); let fuse_log_entry = FuseLogEntry::read_from_prefix(fuse_entry_arr[fuse_log_entry_offset..].as_bytes()).unwrap(); assert_eq!( fuse_log_entry.entry_id, - FuseLogEntryId::ManifestFmcSvn as u32 + FuseLogEntryId::ColdBootFwSvn as u32 ); - assert_eq!(fuse_log_entry.log_data[0], FMC_SVN); + assert_eq!(fuse_log_entry.log_data[0], FW_SVN); // Validate the ManifestReserved0 fuse_log_entry_offset += core::mem::size_of::(); @@ -671,17 +666,17 @@ fn test_fuse_log() { fuse_log_entry.entry_id, FuseLogEntryId::_DeprecatedFuseFmcSvn as u32 ); - assert_eq!(fuse_log_entry.log_data[0], FMC_SVN); + assert_eq!(fuse_log_entry.log_data[0], FW_FUSE_SVN); - // Validate the ManifestRtSvn + // Validate the ManifestFwSvn fuse_log_entry_offset += core::mem::size_of::(); let fuse_log_entry = FuseLogEntry::read_from_prefix(fuse_entry_arr[fuse_log_entry_offset..].as_bytes()).unwrap(); assert_eq!( fuse_log_entry.entry_id, - FuseLogEntryId::ManifestRtSvn as u32 + FuseLogEntryId::ManifestFwSvn as u32 ); - assert_eq!(fuse_log_entry.log_data[0], FMC_SVN); + assert_eq!(fuse_log_entry.log_data[0], FW_SVN); // Validate the ManifestReserved1 fuse_log_entry_offset += core::mem::size_of::(); @@ -693,12 +688,12 @@ fn test_fuse_log() { ); assert_eq!(fuse_log_entry.log_data[0], 0); - // Validate the FuseRtSvn + // Validate the FuseFwSvn fuse_log_entry_offset += core::mem::size_of::(); let fuse_log_entry = FuseLogEntry::read_from_prefix(fuse_entry_arr[fuse_log_entry_offset..].as_bytes()).unwrap(); - assert_eq!(fuse_log_entry.entry_id, FuseLogEntryId::FuseRtSvn as u32); - assert_eq!(fuse_log_entry.log_data[0], FMC_SVN); + assert_eq!(fuse_log_entry.entry_id, FuseLogEntryId::FuseFwSvn as u32); + assert_eq!(fuse_log_entry.log_data[0], FW_FUSE_SVN); // Validate the VendorPqcPubKeyIndex fuse_log_entry_offset += core::mem::size_of::(); diff --git a/rom/dev/tests/rom_integration_tests/test_image_validation.rs b/rom/dev/tests/rom_integration_tests/test_image_validation.rs index 93e581c0ee..87360ac4f1 100644 --- a/rom/dev/tests/rom_integration_tests/test_image_validation.rs +++ b/rom/dev/tests/rom_integration_tests/test_image_validation.rs @@ -1552,7 +1552,7 @@ fn test_runtime_entry_point_unaligned() { } #[test] -fn test_runtime_svn_greater_than_max() { +fn test_firmware_svn_greater_than_max() { let gen = ImageGenerator::new(Crypto::default()); let image_bundle = helpers::build_image_bundle(ImageOptions::default()); let vendor_pubkey_digest = gen @@ -1566,14 +1566,14 @@ fn test_runtime_svn_greater_than_max() { ..Default::default() }; let image_options = ImageOptions { - app_svn: caliptra_image_verify::MAX_RUNTIME_SVN + 1, + fw_svn: caliptra_image_verify::MAX_FIRMWARE_SVN + 1, ..Default::default() }; let (mut hw, image_bundle) = helpers::build_hw_model_and_image_bundle(fuses, image_options); assert_eq!( ModelError::MailboxCmdFailed( - CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED.into() + CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED.into() ), hw.upload_firmware(&image_bundle.to_bytes().unwrap()) .unwrap_err() @@ -1586,7 +1586,7 @@ fn test_runtime_svn_greater_than_max() { } #[test] -fn test_runtime_svn_less_than_fuse_svn() { +fn test_firmware_svn_less_than_fuse_svn() { let gen = ImageGenerator::new(Crypto::default()); let image_bundle = helpers::build_image_bundle(ImageOptions::default()); let vendor_pubkey_digest = gen @@ -1598,25 +1598,25 @@ fn test_runtime_svn_less_than_fuse_svn() { life_cycle: DeviceLifecycle::Manufacturing, anti_rollback_disable: false, key_manifest_pk_hash: vendor_pubkey_digest, - runtime_svn: fuse_svn, + fw_svn: fuse_svn, ..Default::default() }; let image_options = ImageOptions { - app_svn: 62, + fw_svn: 62, ..Default::default() }; let (mut hw, image_bundle) = helpers::build_hw_model_and_image_bundle(fuses, image_options); assert_eq!( ModelError::MailboxCmdFailed( - CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE.into() + CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE.into() ), hw.upload_firmware(&image_bundle.to_bytes().unwrap()) .unwrap_err() ); assert_eq!( hw.soc_ifc().cptra_fw_error_fatal().read(), - u32::from(CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE) + u32::from(CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE) ); assert_eq!( @@ -1839,6 +1839,7 @@ fn update_header(image_bundle: &mut ImageBundle) { vendor_config: opts.vendor_config, owner_config: opts.owner_config, pqc_key_type: FwVerificationPqcKeyType::LMS, + fw_svn: 0, }; let gen = ImageGenerator::new(Crypto::default()); diff --git a/rom/dev/tests/rom_integration_tests/test_warm_reset.rs b/rom/dev/tests/rom_integration_tests/test_warm_reset.rs index 4bb3bd715b..b294ef5a17 100644 --- a/rom/dev/tests/rom_integration_tests/test_warm_reset.rs +++ b/rom/dev/tests/rom_integration_tests/test_warm_reset.rs @@ -24,8 +24,7 @@ fn test_warm_reset_success() { &FMC_WITH_UART, &APP_WITH_UART, ImageOptions { - fmc_svn: 9, - app_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -43,8 +42,7 @@ fn test_warm_reset_success() { fuses: Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -62,8 +60,7 @@ fn test_warm_reset_success() { hw.warm_reset_flow(&Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }); diff --git a/runtime/README.md b/runtime/README.md index 2b3dd9c944..e7401d679f 100644 --- a/runtime/README.md +++ b/runtime/README.md @@ -768,9 +768,9 @@ Command Code: `0x494E_464F` ("INFO") | chksum | u32 | Checksum over other input arguments, computed by the caller. Little endian. | fips\_status | u32 | Indicates if the command is FIPS approved or an error. | pl0_pauser | u32 | PAUSER with PL0 privileges (from image header). -| runtime_svn | u32 | Runtime SVN. -| min_runtime_svn | u32 | Min Runtime SVN. -| fmc_manifest_svn | u32 | FMC SVN. +| firmware_svn | u32 | Firmware SVN. +| min_firmware_svn | u32 | Min Firmware SVN. +| cold_boot_fw_svn | u32 | Cold-boot Firmware SVN. | attestation_disabled | u32 | State of attestation disable. | rom_revision | u8[20] | Revision (Git commit ID) of ROM build. | fmc_revision | u8[20] | Revision (Git commit ID) of FMC build. diff --git a/runtime/src/handoff.rs b/runtime/src/handoff.rs index 465b7fc92c..5af9f23b34 100644 --- a/runtime/src/handoff.rs +++ b/runtime/src/handoff.rs @@ -29,24 +29,24 @@ impl RtHandoff<'_> { } } - /// Retrieve runtime SVN. - pub fn rt_svn(&self) -> u32 { - self.data_vault.rt_svn() + /// Retrieve firmware SVN. + pub fn fw_svn(&self) -> u32 { + self.data_vault.fw_svn() } - /// Retrieve runtime minimum SVN. - pub fn rt_min_svn(&self) -> u32 { - self.data_vault.rt_min_svn() + /// Retrieve firmware minimum SVN. + pub fn fw_min_svn(&self) -> u32 { + self.data_vault.fw_min_svn() } - /// Retrieve FMC SVN. - pub fn fmc_svn(&self) -> u32 { - self.data_vault.fmc_svn() + /// Retrieve cold-boot firmware SVN. + pub fn cold_boot_fw_svn(&self) -> u32 { + self.data_vault.cold_boot_fw_svn() } - /// Retrieve the RT FW hash chain. - pub fn rt_hash_chain(&self) -> CaliptraResult { - self.read_as_kv(self.fht.rt_hash_chain_kv_hdl.try_into()?) + /// Retrieve the FW hash chain. + pub fn fw_hash_chain(&self) -> CaliptraResult { + self.read_as_kv(self.fht.fw_hash_chain_kv_hdl.try_into()?) .map_err(|_| CaliptraError::RUNTIME_HASH_CHAIN_HANDOFF_FAILED) } } diff --git a/runtime/src/info.rs b/runtime/src/info.rs index 029447a6ec..1c61188bc0 100644 --- a/runtime/src/info.rs +++ b/runtime/src/info.rs @@ -28,17 +28,17 @@ impl FwInfoCmd { fht: &pdata.fht, }; - let runtime_svn = handoff.rt_svn(); - let min_runtime_svn = handoff.rt_min_svn(); - let fmc_manifest_svn = handoff.fmc_svn(); + let fw_svn = handoff.fw_svn(); + let min_fw_svn = handoff.fw_min_svn(); + let cold_boot_fw_svn = handoff.cold_boot_fw_svn(); let rom_info = handoff.fht.rom_info_addr.get()?; Ok(MailboxResp::FwInfo(FwInfoResp { hdr: MailboxRespHeader::default(), pl0_pauser: pdata.manifest1.header.pl0_pauser, - runtime_svn, - min_runtime_svn, - fmc_manifest_svn, + fw_svn, + min_fw_svn, + cold_boot_fw_svn, attestation_disabled: pdata.attestation_disabled.get().into(), rom_revision: rom_info.revision, fmc_revision: pdata.manifest1.fmc.revision, diff --git a/runtime/tests/runtime_integration_tests/test_info.rs b/runtime/tests/runtime_integration_tests/test_info.rs index 07745a793c..27f929f6f3 100644 --- a/runtime/tests/runtime_integration_tests/test_info.rs +++ b/runtime/tests/runtime_integration_tests/test_info.rs @@ -43,10 +43,9 @@ fn test_fw_info() { image_opts.vendor_config.pl0_pauser = Some(0x1); image_opts.fmc_version = 0xaaaa; image_opts.app_version = 0xbbbbbbbb; - image_opts.fmc_svn = 5; let mut image_opts10 = image_opts.clone(); - image_opts10.app_svn = 10; + image_opts10.fw_svn = 10; // Cannot use run_rt_test since we need the rom and image to verify info let rom = caliptra_builder::rom_for_fw_integration_tests().unwrap(); @@ -107,9 +106,9 @@ fn test_fw_info() { let info = get_fwinfo(&mut model); // Verify FW info assert_eq!(info.pl0_pauser, 0x1); - assert_eq!(info.fmc_manifest_svn, 10); - assert_eq!(info.runtime_svn, 10); - assert_eq!(info.min_runtime_svn, 10); + assert_eq!(info.cold_boot_fw_svn, 10); + assert_eq!(info.fw_svn, 10); + assert_eq!(info.min_fw_svn, 10); // Verify revision (Commit ID) and digest of each component assert_eq!(info.rom_revision, rom_info.revision); assert_eq!(info.fmc_revision, image.manifest.fmc.revision); @@ -120,7 +119,7 @@ fn test_fw_info() { // Make image with newer SVN. let mut image_opts20 = image_opts.clone(); - image_opts20.app_svn = 20; + image_opts20.fw_svn = 20; let image20 = caliptra_builder::build_and_sign_image(&FMC_WITH_UART, &APP_WITH_UART, image_opts20) @@ -132,13 +131,13 @@ fn test_fw_info() { update_to(&mut model, &image20); let info = get_fwinfo(&mut model); - assert_eq!(info.runtime_svn, 20); - assert_eq!(info.min_runtime_svn, 10); - assert_eq!(info.fmc_manifest_svn, 10); + assert_eq!(info.fw_svn, 20); + assert_eq!(info.min_fw_svn, 10); + assert_eq!(info.cold_boot_fw_svn, 10); // Make image with older SVN. let mut image_opts5 = image_opts; - image_opts5.app_svn = 5; + image_opts5.fw_svn = 5; let image5 = caliptra_builder::build_and_sign_image(&FMC_WITH_UART, &APP_WITH_UART, image_opts5) @@ -148,16 +147,16 @@ fn test_fw_info() { update_to(&mut model, &image5); let info = get_fwinfo(&mut model); - assert_eq!(info.runtime_svn, 5); - assert_eq!(info.min_runtime_svn, 5); - assert_eq!(info.fmc_manifest_svn, 10); + assert_eq!(info.fw_svn, 5); + assert_eq!(info.min_fw_svn, 5); + assert_eq!(info.cold_boot_fw_svn, 10); // Go back to SVN 20 update_to(&mut model, &image20); let info = get_fwinfo(&mut model); - assert_eq!(info.runtime_svn, 20); - assert_eq!(info.min_runtime_svn, 5); - assert_eq!(info.fmc_manifest_svn, 10); + assert_eq!(info.fw_svn, 20); + assert_eq!(info.min_fw_svn, 5); + assert_eq!(info.cold_boot_fw_svn, 10); } #[test] diff --git a/runtime/tests/runtime_integration_tests/test_pauser_privilege_levels.rs b/runtime/tests/runtime_integration_tests/test_pauser_privilege_levels.rs index 07c0772e83..e8ac313882 100644 --- a/runtime/tests/runtime_integration_tests/test_pauser_privilege_levels.rs +++ b/runtime/tests/runtime_integration_tests/test_pauser_privilege_levels.rs @@ -567,17 +567,12 @@ fn test_pl0_unset_in_header() { fmc: ElfExecutable::new( &fmc_elf, opts.fmc_version as u32, - opts.fmc_svn, - *b"~~~~~NO_GIT_REVISION", - ) - .unwrap(), - runtime: ElfExecutable::new( - &app_elf, - opts.app_version, - opts.app_svn, *b"~~~~~NO_GIT_REVISION", ) .unwrap(), + runtime: ElfExecutable::new(&app_elf, opts.app_version, *b"~~~~~NO_GIT_REVISION") + .unwrap(), + fw_svn: opts.fw_svn, vendor_config: opts.vendor_config, owner_config: opts.owner_config, pqc_key_type: FwVerificationPqcKeyType::LMS, diff --git a/runtime/tests/runtime_integration_tests/test_warm_reset.rs b/runtime/tests/runtime_integration_tests/test_warm_reset.rs index 5f99c5a813..6ff911f24e 100644 --- a/runtime/tests/runtime_integration_tests/test_warm_reset.rs +++ b/runtime/tests/runtime_integration_tests/test_warm_reset.rs @@ -22,7 +22,7 @@ fn test_rt_journey_pcr_validation() { &FMC_WITH_UART, &firmware::runtime_tests::MBOX, ImageOptions { - fmc_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -40,7 +40,6 @@ fn test_rt_journey_pcr_validation() { fuses: Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -61,7 +60,6 @@ fn test_rt_journey_pcr_validation() { model.warm_reset_flow(&Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, ..Default::default() }); @@ -85,7 +83,7 @@ fn test_mbox_busy_during_warm_reset() { &FMC_WITH_UART, &APP_WITH_UART, ImageOptions { - fmc_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -103,7 +101,6 @@ fn test_mbox_busy_during_warm_reset() { fuses: Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -124,7 +121,6 @@ fn test_mbox_busy_during_warm_reset() { model.warm_reset_flow(&Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, ..Default::default() }); diff --git a/test/src/derive.rs b/test/src/derive.rs index 2722133d5a..1f96dbe411 100644 --- a/test/src/derive.rs +++ b/test/src/derive.rs @@ -307,8 +307,8 @@ pub struct Pcr0Input { pub owner_pub_key_hash_from_fuses: bool, pub ecc_vendor_pub_key_index: u32, pub fmc_digest: [u32; 12], - pub fmc_svn: u32, - pub fmc_fuse_svn: u32, + pub cold_boot_fw_svn: u32, + pub fw_fuse_svn: u32, pub lms_vendor_pub_key_index: u32, pub rom_verify_config: u32, } @@ -330,8 +330,8 @@ impl Pcr0 { input.security_state.debug_locked() as u8, input.fuse_anti_rollback_disable as u8, input.ecc_vendor_pub_key_index as u8, - input.fmc_svn as u8, - input.fmc_fuse_svn as u8, + input.cold_boot_fw_svn as u8, + input.fw_fuse_svn as u8, input.lms_vendor_pub_key_index as u8, input.rom_verify_config as u8, input.owner_pub_key_hash_from_fuses as u8, @@ -374,8 +374,8 @@ fn test_derive_pcr0() { 0xe44ea855, 0x9fcf4063, 0xd3110a9a, 0xd60579db, 0xe03e6dd7, 0x4556cd98, 0xb2b941f5, 0x1bb5034b, 0x587eea1f, 0xfcdd0e0f, 0x8e88d406, 0x3327a3fe, ], - fmc_svn: 5, - fmc_fuse_svn: 2, + cold_boot_fw_svn: 5, + fw_fuse_svn: 2, lms_vendor_pub_key_index: u32::MAX, rom_verify_config: 1, // RomVerifyConfig::EcdsaAndLms }); diff --git a/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs b/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs index 9215367530..8ea1d96ab7 100755 --- a/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs +++ b/test/tests/caliptra_integration_tests/fake_collateral_boot_test.rs @@ -52,8 +52,7 @@ fn fake_boot_test() { &FMC_FAKE_WITH_UART, &APP_WITH_UART, ImageOptions { - fmc_svn: 9, - app_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -70,8 +69,7 @@ fn fake_boot_test() { fuses: Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -250,9 +248,9 @@ fn fake_boot_test() { owner_pub_key_from_fuses: true, ecc_vendor_pub_key_index: image.manifest.preamble.vendor_ecc_pub_key_idx, fmc_digest: FMC_CANNED_DIGEST, - fmc_svn: image.manifest.fmc.svn, + fw_svn: image.manifest.fmc.svn, // This is from the SVN in the fuses (7 bits set) - fmc_fuse_svn: 7, + fw_fuse_svn: 7, lms_vendor_pub_key_index: u32::MAX, rom_verify_config: 0, // RomVerifyConfig::EcdsaOnly }), diff --git a/test/tests/caliptra_integration_tests/jtag_test.rs b/test/tests/caliptra_integration_tests/jtag_test.rs index 5b40aa04d4..bd4286dd6d 100644 --- a/test/tests/caliptra_integration_tests/jtag_test.rs +++ b/test/tests/caliptra_integration_tests/jtag_test.rs @@ -81,8 +81,7 @@ fn gdb_test() { &firmware::FMC_WITH_UART, &firmware::APP_WITH_UART, ImageOptions { - fmc_svn: 9, - app_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -93,7 +92,7 @@ fn gdb_test() { let fuses = Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, + fw_svn: [0x7F, 0, 0, 0], ..Default::default() }; let mut hw = caliptra_hw_model::new( diff --git a/test/tests/caliptra_integration_tests/smoke_test.rs b/test/tests/caliptra_integration_tests/smoke_test.rs index 643042fb49..fb25642a4a 100644 --- a/test/tests/caliptra_integration_tests/smoke_test.rs +++ b/test/tests/caliptra_integration_tests/smoke_test.rs @@ -177,8 +177,7 @@ fn smoke_test() { &firmware::FMC_WITH_UART, &firmware::APP_WITH_UART, ImageOptions { - fmc_svn: 9, - app_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -191,8 +190,7 @@ fn smoke_test() { let fuses = Fuses { key_manifest_pk_hash: vendor_pk_desc_hash_words, owner_pk_hash: owner_pk_hash_words, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }; let mut hw = caliptra_hw_model::new( @@ -348,9 +346,9 @@ fn smoke_test() { owner_pub_key_hash_from_fuses: true, ecc_vendor_pub_key_index: image.manifest.preamble.vendor_ecc_pub_key_idx, fmc_digest: image.manifest.fmc.digest, - fmc_svn: image.manifest.fmc.svn, + cold_boot_fw_svn: image.manifest.runtime.svn, // This is from the SVN in the fuses (7 bits set) - fmc_fuse_svn: 7, + fw_fuse_svn: 7, lms_vendor_pub_key_index: image.manifest.header.vendor_pqc_pub_key_idx, rom_verify_config: 1, // RomVerifyConfig::EcdsaAndLms }), @@ -589,9 +587,8 @@ fn smoke_test() { &firmware::APP, ImageOptions { fmc_version: 1, - fmc_svn: 10, - app_svn: 10, app_version: 2, + fw_svn: 10, ..Default::default() }, ) diff --git a/test/tests/caliptra_integration_tests/warm_reset.rs b/test/tests/caliptra_integration_tests/warm_reset.rs index a5135005d8..8344636541 100644 --- a/test/tests/caliptra_integration_tests/warm_reset.rs +++ b/test/tests/caliptra_integration_tests/warm_reset.rs @@ -21,8 +21,7 @@ fn warm_reset_basic() { &FMC_WITH_UART, &APP_WITH_UART, ImageOptions { - fmc_svn: 9, - app_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -40,8 +39,7 @@ fn warm_reset_basic() { fuses: Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: Some(&image.to_bytes().unwrap()), @@ -59,8 +57,7 @@ fn warm_reset_basic() { hw.warm_reset_flow(&Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }); @@ -81,8 +78,7 @@ fn warm_reset_during_fw_load() { &FMC_WITH_UART, &APP_WITH_UART, ImageOptions { - fmc_svn: 9, - app_svn: 9, + fw_svn: 9, ..Default::default() }, ) @@ -100,8 +96,7 @@ fn warm_reset_during_fw_load() { fuses: Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }, fw_image: None, @@ -130,8 +125,7 @@ fn warm_reset_during_fw_load() { hw.warm_reset_flow(&Fuses { key_manifest_pk_hash: vendor_pk_desc_hash, owner_pk_hash, - fmc_key_manifest_svn: 0b1111111, - runtime_svn: [0x7F, 0, 0, 0], // Equals 7 + fw_svn: [0x7F, 0, 0, 0], // Equals 7 ..Default::default() }); diff --git a/test/tests/fips_test_suite/README.md b/test/tests/fips_test_suite/README.md index 414ee0ffa8..dd101f7540 100755 --- a/test/tests/fips_test_suite/README.md +++ b/test/tests/fips_test_suite/README.md @@ -72,7 +72,7 @@ Test hooks are needed to meet the following FIPS 140-3 test requirements: | kat_sha1_digest_failure_rom
kat_sha1_digest_mismatch_rom
kat_sha256_digest_failure_rom
kat_sha256_digest_mismatch_rom
kat_sha384_digest_failure_rom
kat_sha384_digest_mismatch_rom
kat_sha2_512_384acc_digest_start_op_failure_rom
kat_sha2_512_384acc_digest_failure_rom
kat_sha2_512_384acc_digest_mismatch_rom
kat_ecc384_signature_generate_failure_rom
kat_ecc384_signature_verify_failure_rom
kat_hmac384_failure_rom
kat_hmac384_tag_mismatch_rom
kat_lms_digest_mismatch_rom | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Enable the hook for triggering an error with the SHA1 KAT
Verify the correct error is returned
Verify we cannot utilize the associated functionality by proving we can't issues commands
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify crypto operations using the engine can be performed | | kat_sha1_digest_failure_rt
kat_sha1_digest_mismatch_rt
kat_sha256_digest_failure_rt
kat_sha256_digest_mismatch_rt
kat_sha384_digest_failure_rt
kat_sha384_digest_mismatch_rt
kat_sha2_512_384acc_digest_start_op_failure_rt
kat_sha2_512_384acc_digest_failure_rt
kat_sha2_512_384acc_digest_mismatch_rt
kat_ecc384_signature_generate_failure_rt
kat_ecc384_signature_verify_failure_rt
kat_hmac384_failure_rt
kat_hmac384_tag_mismatch_rt
kat_lms_digest_mismatch_rt | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Boot to runtime
Enable the hook for triggering an error with the KAT
Issue self test command
Verify the correct error is returned
Verify we cannot utilize the associated functionality by proving we can't issues commands
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify crypto operations using the engine can be performed | | integrity_check_failure_rom | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Corrupt ROM integrity check hash
Verify the correct error is returned
Verify we cannot issue commands
Verify an undocumented attempt to clear the error fails
(Cannot clear this error without changing ROM which would invlove recreating the whole platform with a new ROM and therefore isn't really a continuation of this test) | -| fw_load_error_manifest_marker_mismatch
fw_load_error_manifest_size_mismatch
fw_load_error_vendor_pub_key_digest_invalid
fw_load_error_vendor_pub_key_digest_failure
fw_load_error_vendor_pub_key_digest_mismatch
fw_load_error_owner_pub_key_digest_failure
fw_load_error_owner_pub_key_digest_mismatch
fw_load_error_vendor_ecc_pub_key_index_out_of_bounds
fw_load_error_vendor_ecc_pub_key_revoked
fw_load_error_header_digest_failure
fw_load_error_vendor_ecc_verify_failure
fw_load_error_vendor_ecc_signature_invalid
fw_load_error_vendor_ecc_pub_key_index_mismatch
fw_load_error_owner_ecc_verify_failure
fw_load_error_owner_ecc_signature_invalid
fw_load_error_toc_entry_count_invalid
fw_load_error_toc_digest_failure
fw_load_error_toc_digest_mismatch
fw_load_error_fmc_digest_failure
fw_load_error_fmc_digest_mismatch
fw_load_error_runtime_digest_failure
fw_load_error_runtime_digest_mismatch
fw_load_error_fmc_runtime_overlap
fw_load_error_fmc_runtime_incorrect_order
fw_load_error_owner_ecc_pub_key_invalid_arg
fw_load_error_owner_ecc_signature_invalid_arg
fw_load_error_vendor_pub_key_digest_invalid_arg
fw_load_error_vendor_ecc_signature_invalid_arg
fw_load_error_update_reset_owner_digest_failure
fw_load_error_update_reset_vendor_ecc_pub_key_idx_mismatch
fw_load_error_update_reset_fmc_digest_mismatch
fw_load_error_fmc_load_addr_invalid
fw_load_error_fmc_load_addr_unaligned
fw_load_error_fmc_entry_point_invalid
fw_load_error_fmc_entry_point_unaligned
fw_load_error_runtime_load_addr_invalid
fw_load_error_runtime_load_addr_unaligned
fw_load_error_runtime_entry_point_invalid
fw_load_error_runtime_entry_point_unaligned
fw_load_error_runtime_svn_greater_than_max_supported
fw_load_error_runtime_svn_less_than_fuse
fw_load_error_image_len_more_than_bundle_size
fw_load_error_vendor_lms_pub_key_index_mismatch
fw_load_error_vendor_lms_verify_failure
fw_load_error_vendor_lms_pub_key_index_out_of_bounds
fw_load_error_vendor_lms_signature_invalid
fw_load_error_fmc_runtime_load_addr_overlap
fw_load_error_owner_lms_verify_failure
fw_load_error_owner_lms_signature_invalid
fw_load_error_vendor_lms_pub_key_revoked
fw_load_error_fmc_size_zero
fw_load_error_runtime_size_zero
fw_load_error_update_reset_vendor_lms_pub_key_idx_mismatch
fw_load_error_fmc_load_address_image_size_arithmetic_overflow
fw_load_error_runtime_load_address_image_size_arithmetic_overflow
fw_load_error_toc_entry_range_arithmetic_overflow | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Make change related to error in fw bundle or fuses
Attempt to load the FW
Verify the correct error is returned
Verify we cannot utilize RT FW by sending a message
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify we can utilize RT FW by sending a message
NOTE: This isn't a specific crypto engine but this still counts as a self test, some of the requirements are tailored toward crypto engines. | +| fw_load_error_manifest_marker_mismatch
fw_load_error_manifest_size_mismatch
fw_load_error_vendor_pub_key_digest_invalid
fw_load_error_vendor_pub_key_digest_failure
fw_load_error_vendor_pub_key_digest_mismatch
fw_load_error_owner_pub_key_digest_failure
fw_load_error_owner_pub_key_digest_mismatch
fw_load_error_vendor_ecc_pub_key_index_out_of_bounds
fw_load_error_vendor_ecc_pub_key_revoked
fw_load_error_header_digest_failure
fw_load_error_vendor_ecc_verify_failure
fw_load_error_vendor_ecc_signature_invalid
fw_load_error_vendor_ecc_pub_key_index_mismatch
fw_load_error_owner_ecc_verify_failure
fw_load_error_owner_ecc_signature_invalid
fw_load_error_toc_entry_count_invalid
fw_load_error_toc_digest_failure
fw_load_error_toc_digest_mismatch
fw_load_error_fmc_digest_failure
fw_load_error_fmc_digest_mismatch
fw_load_error_runtime_digest_failure
fw_load_error_runtime_digest_mismatch
fw_load_error_fmc_runtime_overlap
fw_load_error_fmc_runtime_incorrect_order
fw_load_error_owner_ecc_pub_key_invalid_arg
fw_load_error_owner_ecc_signature_invalid_arg
fw_load_error_vendor_pub_key_digest_invalid_arg
fw_load_error_vendor_ecc_signature_invalid_arg
fw_load_error_update_reset_owner_digest_failure
fw_load_error_update_reset_vendor_ecc_pub_key_idx_mismatch
fw_load_error_update_reset_fmc_digest_mismatch
fw_load_error_fmc_load_addr_invalid
fw_load_error_fmc_load_addr_unaligned
fw_load_error_fmc_entry_point_invalid
fw_load_error_fmc_entry_point_unaligned
fw_load_error_runtime_load_addr_invalid
fw_load_error_runtime_load_addr_unaligned
fw_load_error_runtime_entry_point_invalid
fw_load_error_runtime_entry_point_unaligned
fw_load_error_firmware_svn_greater_than_max_supported
fw_load_error_firmware_svn_less_than_fuse
fw_load_error_image_len_more_than_bundle_size
fw_load_error_vendor_lms_pub_key_index_mismatch
fw_load_error_vendor_lms_verify_failure
fw_load_error_vendor_lms_pub_key_index_out_of_bounds
fw_load_error_vendor_lms_signature_invalid
fw_load_error_fmc_runtime_load_addr_overlap
fw_load_error_owner_lms_verify_failure
fw_load_error_owner_lms_signature_invalid
fw_load_error_vendor_lms_pub_key_revoked
fw_load_error_fmc_size_zero
fw_load_error_runtime_size_zero
fw_load_error_update_reset_vendor_lms_pub_key_idx_mismatch
fw_load_error_fmc_load_address_image_size_arithmetic_overflow
fw_load_error_runtime_load_address_image_size_arithmetic_overflow
fw_load_error_toc_entry_range_arithmetic_overflow | TE10.07.03
TE10.08.03
TE10.09.03
TE10.10.01
TE10.10.02 | Make change related to error in fw bundle or fuses
Attempt to load the FW
Verify the correct error is returned
Verify we cannot utilize RT FW by sending a message
Verify an undocumented attempt to clear the error fails
Clear the error with an approved method - restart Caliptra
Verify we can utilize RT FW by sending a message
NOTE: This isn't a specific crypto engine but this still counts as a self test, some of the requirements are tailored toward crypto engines. | | key_pair_consistency_error | TE10.35.04 | Enable hook to corrupt key pair during generation
Trigger the keypair generation (Just boot and allow DICE flow to start?)
Verify the correct error for key pair inconsistency is generated | | fw_load_blank_pub_keys
fw_load_blank_pub_key_hashes | TE10.37.09 | Clear the public keys/hashes from the FW image
Start the FW load
Verify the correct error is returned | | fips_self_test_rom
fips_self_test_rt | TE10.53.02 | Execute FIPS self test command
Verify the output is correct and the self tests pass | diff --git a/test/tests/fips_test_suite/fw_load.rs b/test/tests/fips_test_suite/fw_load.rs index 6de7a4b63c..8d4f6b3b9b 100755 --- a/test/tests/fips_test_suite/fw_load.rs +++ b/test/tests/fips_test_suite/fw_load.rs @@ -49,6 +49,7 @@ fn update_manifest(image_bundle: &mut ImageBundle, hdr_digest: HdrDigest, toc_di vendor_config: opts.vendor_config, owner_config: opts.owner_config, pqc_key_type: FwVerificationPqcKeyType::LMS, + ..Default::default() }; let gen = ImageGenerator::new(Crypto::default()); @@ -867,10 +868,10 @@ fn fw_load_error_runtime_entry_point_unaligned() { } #[test] -fn fw_load_error_runtime_svn_greater_than_max_supported() { +fn fw_load_error_firmware_svn_greater_than_max_supported() { // Generate image let image_options = ImageOptions { - app_svn: caliptra_image_verify::MAX_RUNTIME_SVN + 1, + fw_svn: caliptra_image_verify::MAX_FIRMWARE_SVN + 1, ..Default::default() }; let fw_image = build_fw_image(image_options); @@ -890,17 +891,15 @@ fn fw_load_error_runtime_svn_greater_than_max_supported() { fw_load_error_flow( Some(fw_image), Some(fuses), - CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_GREATER_THAN_MAX_SUPPORTED.into(), + CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_GREATER_THAN_MAX_SUPPORTED.into(), ); } -// IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_MIN_SUPPORTED is defined but never used in the code (svn is a u32) - #[test] -fn fw_load_error_runtime_svn_less_than_fuse() { +fn fw_load_error_firmware_svn_less_than_fuse() { // Generate image let image_options = ImageOptions { - app_svn: 62, + fw_svn: 62, ..Default::default() }; let fw_image = build_fw_image(image_options); @@ -914,14 +913,14 @@ fn fw_load_error_runtime_svn_less_than_fuse() { life_cycle: DeviceLifecycle::Manufacturing, anti_rollback_disable: false, key_manifest_pk_hash: vendor_pubkey_digest, - runtime_svn: [0xffff_ffff, 0x7fff_ffff, 0, 0], // fuse svn = 63 + fw_svn: [0xffff_ffff, 0x7fff_ffff, 0, 0], // fuse svn = 63 ..Default::default() }; fw_load_error_flow( Some(fw_image), Some(fuses), - CaliptraError::IMAGE_VERIFIER_ERR_RUNTIME_SVN_LESS_THAN_FUSE.into(), + CaliptraError::IMAGE_VERIFIER_ERR_FIRMWARE_SVN_LESS_THAN_FUSE.into(), ); } diff --git a/x509/build/cert.rs b/x509/build/cert.rs index 3ad2afd090..d89d8093b9 100644 --- a/x509/build/cert.rs +++ b/x509/build/cert.rs @@ -112,13 +112,13 @@ impl CertTemplateBuilder { }); self.params.push(CertTemplateParam { - tbs_param: TbsParam::new("tcb_info_fmc_svn", 0, std::mem::size_of_val(&svn)), + tbs_param: TbsParam::new("tcb_info_fw_svn", 0, std::mem::size_of_val(&svn)), needle: svn.to_be_bytes().to_vec(), }); self.params.push(CertTemplateParam { tbs_param: TbsParam::new( - "tcb_info_fmc_svn_fuses", + "tcb_info_fw_svn_fuses", 0, std::mem::size_of_val(&svn_fuses), ), @@ -143,7 +143,7 @@ impl CertTemplateBuilder { .unwrap(); self.params.push(CertTemplateParam { - tbs_param: TbsParam::new("tcb_info_rt_svn", 0, std::mem::size_of_val(&svn)), + tbs_param: TbsParam::new("tcb_info_fw_svn", 0, std::mem::size_of_val(&svn)), needle: svn.to_be_bytes().to_vec(), }); diff --git a/x509/build/fmc_alias_cert_tbs.rs b/x509/build/fmc_alias_cert_tbs.rs index f8c623efe6..f30599cc56 100644 --- a/x509/build/fmc_alias_cert_tbs.rs +++ b/x509/build/fmc_alias_cert_tbs.rs @@ -20,8 +20,8 @@ pub struct FmcAliasCertTbsParams<'a> { pub not_before: &'a [u8; 15usize], pub not_after: &'a [u8; 15usize], pub tcb_info_flags: &'a [u8; 4usize], - pub tcb_info_fmc_svn: &'a [u8; 1usize], - pub tcb_info_fmc_svn_fuses: &'a [u8; 1usize], + pub tcb_info_fw_svn: &'a [u8; 1usize], + pub tcb_info_fw_svn_fuses: &'a [u8; 1usize], } impl<'a> FmcAliasCertTbsParams<'a> { pub const PUBLIC_KEY_LEN: usize = 97usize; @@ -36,8 +36,8 @@ impl<'a> FmcAliasCertTbsParams<'a> { pub const NOT_BEFORE_LEN: usize = 15usize; pub const NOT_AFTER_LEN: usize = 15usize; pub const TCB_INFO_FLAGS_LEN: usize = 4usize; - pub const TCB_INFO_FMC_SVN_LEN: usize = 1usize; - pub const TCB_INFO_FMC_SVN_FUSES_LEN: usize = 1usize; + pub const TCB_INFO_FW_SVN_LEN: usize = 1usize; + pub const TCB_INFO_FW_SVN_FUSES_LEN: usize = 1usize; } pub struct FmcAliasCertTbs { tbs: [u8; Self::TBS_TEMPLATE_LEN], @@ -55,8 +55,8 @@ impl FmcAliasCertTbs { const NOT_BEFORE_OFFSET: usize = 154usize; const NOT_AFTER_OFFSET: usize = 171usize; const TCB_INFO_FLAGS_OFFSET: usize = 584usize; - const TCB_INFO_FMC_SVN_OFFSET: usize = 613usize; - const TCB_INFO_FMC_SVN_FUSES_OFFSET: usize = 515usize; + const TCB_INFO_FW_SVN_OFFSET: usize = 613usize; + const TCB_INFO_FW_SVN_FUSES_OFFSET: usize = 515usize; const PUBLIC_KEY_LEN: usize = 97usize; const SUBJECT_SN_LEN: usize = 64usize; const ISSUER_SN_LEN: usize = 64usize; @@ -69,8 +69,8 @@ impl FmcAliasCertTbs { const NOT_BEFORE_LEN: usize = 15usize; const NOT_AFTER_LEN: usize = 15usize; const TCB_INFO_FLAGS_LEN: usize = 4usize; - const TCB_INFO_FMC_SVN_LEN: usize = 1usize; - const TCB_INFO_FMC_SVN_FUSES_LEN: usize = 1usize; + const TCB_INFO_FW_SVN_LEN: usize = 1usize; + const TCB_INFO_FW_SVN_FUSES_LEN: usize = 1usize; pub const TBS_TEMPLATE_LEN: usize = 753usize; const TBS_TEMPLATE: [u8; Self::TBS_TEMPLATE_LEN] = [ 48u8, 130u8, 2u8, 237u8, 160u8, 3u8, 2u8, 1u8, 2u8, 2u8, 20u8, 95u8, 95u8, 95u8, 95u8, @@ -193,13 +193,13 @@ impl FmcAliasCertTbs { &mut self.tbs, params.tcb_info_flags, ); - apply_slice::<{ Self::TCB_INFO_FMC_SVN_OFFSET }, { Self::TCB_INFO_FMC_SVN_LEN }>( + apply_slice::<{ Self::TCB_INFO_FW_SVN_OFFSET }, { Self::TCB_INFO_FW_SVN_LEN }>( &mut self.tbs, - params.tcb_info_fmc_svn, + params.tcb_info_fw_svn, ); - apply_slice::<{ Self::TCB_INFO_FMC_SVN_FUSES_OFFSET }, { Self::TCB_INFO_FMC_SVN_FUSES_LEN }>( + apply_slice::<{ Self::TCB_INFO_FW_SVN_FUSES_OFFSET }, { Self::TCB_INFO_FW_SVN_FUSES_LEN }>( &mut self.tbs, - params.tcb_info_fmc_svn_fuses, + params.tcb_info_fw_svn_fuses, ); } } diff --git a/x509/build/rt_alias_cert_tbs.rs b/x509/build/rt_alias_cert_tbs.rs index fb13855784..1612d1c729 100644 --- a/x509/build/rt_alias_cert_tbs.rs +++ b/x509/build/rt_alias_cert_tbs.rs @@ -18,7 +18,7 @@ pub struct RtAliasCertTbsParams<'a> { pub ueid: &'a [u8; 17usize], pub not_before: &'a [u8; 15usize], pub not_after: &'a [u8; 15usize], - pub tcb_info_rt_svn: &'a [u8; 1usize], + pub tcb_info_fw_svn: &'a [u8; 1usize], } impl<'a> RtAliasCertTbsParams<'a> { pub const PUBLIC_KEY_LEN: usize = 97usize; @@ -31,7 +31,7 @@ impl<'a> RtAliasCertTbsParams<'a> { pub const UEID_LEN: usize = 17usize; pub const NOT_BEFORE_LEN: usize = 15usize; pub const NOT_AFTER_LEN: usize = 15usize; - pub const TCB_INFO_RT_SVN_LEN: usize = 1usize; + pub const TCB_INFO_FW_SVN_LEN: usize = 1usize; } pub struct RtAliasCertTbs { tbs: [u8; Self::TBS_TEMPLATE_LEN], @@ -47,7 +47,7 @@ impl RtAliasCertTbs { const UEID_OFFSET: usize = 476usize; const NOT_BEFORE_OFFSET: usize = 157usize; const NOT_AFTER_OFFSET: usize = 174usize; - const TCB_INFO_RT_SVN_OFFSET: usize = 510usize; + const TCB_INFO_FW_SVN_OFFSET: usize = 510usize; const PUBLIC_KEY_LEN: usize = 97usize; const SUBJECT_SN_LEN: usize = 64usize; const ISSUER_SN_LEN: usize = 64usize; @@ -58,7 +58,7 @@ impl RtAliasCertTbs { const UEID_LEN: usize = 17usize; const NOT_BEFORE_LEN: usize = 15usize; const NOT_AFTER_LEN: usize = 15usize; - const TCB_INFO_RT_SVN_LEN: usize = 1usize; + const TCB_INFO_FW_SVN_LEN: usize = 1usize; pub const TBS_TEMPLATE_LEN: usize = 649usize; const TBS_TEMPLATE: [u8; Self::TBS_TEMPLATE_LEN] = [ 48u8, 130u8, 2u8, 133u8, 160u8, 3u8, 2u8, 1u8, 2u8, 2u8, 20u8, 95u8, 95u8, 95u8, 95u8, @@ -167,9 +167,9 @@ impl RtAliasCertTbs { &mut self.tbs, params.not_after, ); - apply_slice::<{ Self::TCB_INFO_RT_SVN_OFFSET }, { Self::TCB_INFO_RT_SVN_LEN }>( + apply_slice::<{ Self::TCB_INFO_FW_SVN_OFFSET }, { Self::TCB_INFO_FW_SVN_LEN }>( &mut self.tbs, - params.tcb_info_rt_svn, + params.tcb_info_fw_svn, ); } } diff --git a/x509/src/fmc_alias_cert.rs b/x509/src/fmc_alias_cert.rs index 417f33cba5..89b3032dca 100644 --- a/x509/src/fmc_alias_cert.rs +++ b/x509/src/fmc_alias_cert.rs @@ -39,8 +39,8 @@ mod tests { const TEST_FMC_HASH: &[u8] = &[0xEFu8; FmcAliasCertTbsParams::TCB_INFO_FMC_TCI_LEN]; const TEST_UEID: &[u8] = &[0xABu8; FmcAliasCertTbsParams::UEID_LEN]; const TEST_TCB_INFO_FLAGS: &[u8] = &[0xB0, 0xB1, 0xB2, 0xB3]; - const TEST_TCB_INFO_FMC_SVN: &[u8] = &[0xB7]; - const TEST_TCB_INFO_FMC_SVN_FUSES: &[u8] = &[0xB8]; + const TEST_TCB_INFO_FW_SVN: &[u8] = &[0xB7]; + const TEST_TCB_INFO_FW_SVN_FUSES: &[u8] = &[0xB8]; fn make_test_cert(subject_key: &Ecc384AsymKey, issuer_key: &Ecc384AsymKey) -> FmcAliasCertTbs { let params = FmcAliasCertTbsParams { @@ -64,8 +64,8 @@ mod tests { tcb_info_flags: TEST_TCB_INFO_FLAGS.try_into().unwrap(), tcb_info_device_info_hash: &TEST_DEVICE_INFO_HASH.try_into().unwrap(), tcb_info_fmc_tci: &TEST_FMC_HASH.try_into().unwrap(), - tcb_info_fmc_svn: &TEST_TCB_INFO_FMC_SVN.try_into().unwrap(), - tcb_info_fmc_svn_fuses: &TEST_TCB_INFO_FMC_SVN_FUSES.try_into().unwrap(), + tcb_info_fw_svn: &TEST_TCB_INFO_FW_SVN.try_into().unwrap(), + tcb_info_fw_svn_fuses: &TEST_TCB_INFO_FW_SVN_FUSES.try_into().unwrap(), not_before: &NotBefore::default().value, not_after: &NotAfter::default().value, }; @@ -136,15 +136,15 @@ mod tests { TEST_FMC_HASH, ); assert_eq!( - &cert.tbs()[FmcAliasCertTbs::TCB_INFO_FMC_SVN_OFFSET - ..FmcAliasCertTbs::TCB_INFO_FMC_SVN_OFFSET + FmcAliasCertTbs::TCB_INFO_FMC_SVN_LEN], - TEST_TCB_INFO_FMC_SVN, + &cert.tbs()[FmcAliasCertTbs::TCB_INFO_FW_SVN_OFFSET + ..FmcAliasCertTbs::TCB_INFO_FW_SVN_OFFSET + FmcAliasCertTbs::TCB_INFO_FW_SVN_LEN], + TEST_TCB_INFO_FW_SVN, ); assert_eq!( - &cert.tbs()[FmcAliasCertTbs::TCB_INFO_FMC_SVN_FUSES_OFFSET - ..FmcAliasCertTbs::TCB_INFO_FMC_SVN_FUSES_OFFSET - + FmcAliasCertTbs::TCB_INFO_FMC_SVN_FUSES_LEN], - TEST_TCB_INFO_FMC_SVN_FUSES, + &cert.tbs()[FmcAliasCertTbs::TCB_INFO_FW_SVN_FUSES_OFFSET + ..FmcAliasCertTbs::TCB_INFO_FW_SVN_FUSES_OFFSET + + FmcAliasCertTbs::TCB_INFO_FW_SVN_FUSES_LEN], + TEST_TCB_INFO_FW_SVN_FUSES, ); let ecdsa_sig = crate::Ecdsa384Signature { diff --git a/x509/src/rt_alias_cert.rs b/x509/src/rt_alias_cert.rs index 675a76bf7a..f4c54923ed 100644 --- a/x509/src/rt_alias_cert.rs +++ b/x509/src/rt_alias_cert.rs @@ -57,7 +57,7 @@ mod tests { issuer_key.sha1(), ) .unwrap(), - tcb_info_rt_svn: &[0xE3], + tcb_info_fw_svn: &[0xE3], tcb_info_rt_tci: &[0xEFu8; RtAliasCertTbsParams::TCB_INFO_RT_TCI_LEN], not_before: &NotBefore::default().value, not_after: &NotAfter::default().value, @@ -105,9 +105,9 @@ mod tests { params.authority_key_id, ); assert_eq!( - &cert.tbs()[RtAliasCertTbs::TCB_INFO_RT_SVN_OFFSET - ..RtAliasCertTbs::TCB_INFO_RT_SVN_OFFSET + RtAliasCertTbs::TCB_INFO_RT_SVN_LEN], - params.tcb_info_rt_svn, + &cert.tbs()[RtAliasCertTbs::TCB_INFO_FW_SVN_OFFSET + ..RtAliasCertTbs::TCB_INFO_FW_SVN_OFFSET + RtAliasCertTbs::TCB_INFO_FW_SVN_LEN], + params.tcb_info_fw_svn, ); assert_eq!( &cert.tbs()[RtAliasCertTbs::TCB_INFO_RT_TCI_OFFSET