From ca33f49f94c284df273fa396a14eda6730dca25a Mon Sep 17 00:00:00 2001 From: Jeff Andersen Date: Fri, 21 Jul 2023 00:22:29 -0700 Subject: [PATCH] Do not write FMC or RT load addresses to DV slots. (#479) These are unnecessary and the slots could be used for other purposes. --- common/src/hand_off.rs | 14 +------ drivers/src/data_vault.rs | 42 +-------------------- fmc/README.md | 3 +- rom/dev/src/fht.rs | 1 - rom/dev/src/flow/cold_reset/fw_processor.rs | 4 -- rom/dev/src/flow/warm_reset.rs | 2 - rom/dev/src/lock.rs | 8 ---- 7 files changed, 5 insertions(+), 69 deletions(-) diff --git a/common/src/hand_off.rs b/common/src/hand_off.rs index a338c5dfe7..ed016e3fe6 100644 --- a/common/src/hand_off.rs +++ b/common/src/hand_off.rs @@ -208,9 +208,6 @@ pub struct FirmwareHandoffTable { /// May be NULL if there is no discrete module. pub fips_fw_load_addr_hdl: HandOffDataHandle, - /// Physical base address of Runtime FW Module in ICCM SRAM. - pub rt_fw_load_addr_hdl: HandOffDataHandle, - /// Entry point of Runtime FW Module in ICCM SRAM. pub rt_fw_entry_point_hdl: HandOffDataHandle, @@ -276,7 +273,7 @@ pub struct FirmwareHandoffTable { pub idev_dice_pub_key: Ecc384PubKey, /// Reserved for future use. - pub reserved: [u8; 132], + pub reserved: [u8; 136], } impl Default for FirmwareHandoffTable { @@ -287,7 +284,6 @@ impl Default for FirmwareHandoffTable { fht_minor_ver: 0, manifest_load_addr: FHT_INVALID_ADDRESS, fips_fw_load_addr_hdl: FHT_INVALID_HANDLE, - rt_fw_load_addr_hdl: FHT_INVALID_HANDLE, rt_fw_entry_point_hdl: FHT_INVALID_HANDLE, fmc_tci_dv_hdl: FHT_INVALID_HANDLE, fmc_cdi_kv_hdl: FHT_INVALID_HANDLE, @@ -303,7 +299,7 @@ impl Default for FirmwareHandoffTable { rt_svn_dv_hdl: FHT_INVALID_HANDLE, ldevid_tbs_size: 0, fmcalias_tbs_size: 0, - reserved: [0u8; 132], + reserved: [0u8; 136], ldevid_tbs_addr: 0, fmcalias_tbs_addr: 0, pcr_log_addr: 0, @@ -327,10 +323,6 @@ pub fn print_fht(fht: &FirmwareHandoffTable) { "FIPS FW Load Address: 0x{:08x}", fht.fips_fw_load_addr_hdl.0 ); - crate::cprintln!( - "Runtime FW Load Address: 0x{:08x}", - fht.rt_fw_load_addr_hdl.0 - ); crate::cprintln!( "Runtime FW Entry Point: 0x{:08x}", fht.rt_fw_entry_point_hdl.0 @@ -390,7 +382,6 @@ impl FirmwareHandoffTable { && self.fmc_pub_key_y_dv_hdl != FHT_INVALID_HANDLE && self.fmc_cert_sig_r_dv_hdl != FHT_INVALID_HANDLE && self.fmc_cert_sig_s_dv_hdl != FHT_INVALID_HANDLE - && self.rt_fw_load_addr_hdl != FHT_INVALID_HANDLE && self.rt_tci_dv_hdl != FHT_INVALID_HANDLE && self.rt_fw_entry_point_hdl != FHT_INVALID_HANDLE // This is for Gen1 POR. @@ -482,7 +473,6 @@ mod tests { && fht.fmc_pub_key_y_dv_hdl != FHT_INVALID_HANDLE && fht.fmc_cert_sig_r_dv_hdl != FHT_INVALID_HANDLE && fht.fmc_cert_sig_s_dv_hdl != FHT_INVALID_HANDLE - && fht.rt_fw_load_addr_hdl != FHT_INVALID_HANDLE && fht.rt_tci_dv_hdl != FHT_INVALID_HANDLE && fht.rt_fw_entry_point_hdl != FHT_INVALID_HANDLE // This is for Gen1 POR. diff --git a/drivers/src/data_vault.rs b/drivers/src/data_vault.rs index 93197aff70..3c2f0c649c 100644 --- a/drivers/src/data_vault.rs +++ b/drivers/src/data_vault.rs @@ -70,7 +70,7 @@ impl From for usize { #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum ColdResetEntry4 { FmcSvn = 0, - FmcLoadAddr = 1, + Reserved0 = 1, FmcEntryPoint = 2, VendorPubKeyIndex = 3, } @@ -80,7 +80,6 @@ impl TryFrom for ColdResetEntry4 { fn try_from(value: u8) -> Result { match value { 0 => Ok(Self::FmcSvn), - 1 => Ok(Self::FmcLoadAddr), 2 => Ok(Self::FmcEntryPoint), 3 => Ok(Self::VendorPubKeyIndex), _ => Err(()), @@ -132,7 +131,7 @@ impl From for usize { #[derive(Debug, Clone, Copy, PartialEq, Eq)] pub enum WarmResetEntry4 { RtSvn = 0, - RtLoadAddr = 1, + Reserved0 = 1, RtEntryPoint = 2, ManifestAddr = 3, } @@ -160,7 +159,6 @@ impl TryFrom for WarmResetEntry4 { fn try_from(original: u8) -> Result { match original { 0 => Ok(Self::RtSvn), - 1 => Ok(Self::RtLoadAddr), 2 => Ok(Self::RtEntryPoint), 3 => Ok(Self::ManifestAddr), _ => Err(()), @@ -333,24 +331,6 @@ impl DataVault { self.read_cold_reset_entry4(ColdResetEntry4::FmcSvn) } - /// Set the fmc load address. - /// - /// # Arguments - /// - /// * `load_addr` - fmc load address - pub fn set_fmc_load_addr(&mut self, load_addr: u32) { - self.write_lock_cold_reset_entry4(ColdResetEntry4::FmcLoadAddr, load_addr); - } - - /// Get the fmc load address. - /// - /// # Returns - /// - /// * fmc load address - pub fn fmc_load_addr(&self) -> u32 { - self.read_cold_reset_entry4(ColdResetEntry4::FmcLoadAddr) - } - /// Set the fmc entry point. /// /// # Arguments @@ -424,24 +404,6 @@ impl DataVault { self.read_warm_reset_entry4(WarmResetEntry4::RtSvn) } - /// Set the rt load address. - /// - /// # Arguments - /// - /// * `load_addr` - rt load address - pub fn set_rt_load_addr(&mut self, load_addr: u32) { - self.write_lock_warm_reset_entry4(WarmResetEntry4::RtLoadAddr, load_addr); - } - - /// Get the rt load address. - /// - /// # Returns - /// - /// * rt load address - pub fn rt_load_addr(&self) -> u32 { - self.read_warm_reset_entry4(WarmResetEntry4::RtLoadAddr) - } - /// Set the rt entry point. /// /// # Arguments diff --git a/fmc/README.md b/fmc/README.md index e02ab850e6..dd0148f905 100644 --- a/fmc/README.md +++ b/fmc/README.md @@ -117,7 +117,6 @@ fields may not be changed or removed). Table revisions with different Major Vers | fht_minor_ver | 2 | ROM, FMC | Minor version of FHT. Initially written by ROM but may be changed to a higher version by FMC. | | manifest_load_addr | 4 | ROM | Physical base address of Manifest in DCCM SRAM. | | fips_fw_load_addr_hdl | 4 | ROM | Handle of base address of FIPS Module in ROM or ICCM SRAM. May be 0xFF if there is no discrete module. | -| rt_fw_load_addr_hdl | 4 | ROM | Handle of load address of Runtime FW Module value in data vault.SRAM. | | rt_fw_entry_point_hdl | 4 | ROM | Handle of entry point of Runtime FW Module value in data vault. SRAM. | | fmc_tci_dv_hdl | 4 | ROM | Handle of FMC TCI value in the Data Vault. | | fmc_cdi_kv_hdl | 4 | ROM | Handle of FMC CDI value in the Key Vault. Value of 0xFF indicates not present. | @@ -140,7 +139,7 @@ fields may not be changed or removed). Table revisions with different Major Vers | rt_dice_pub_key | 96 | FMC | RT Alias DICE Public Key. | | rt_dice_sign | 96 | FMC | RT Alias DICE signature. | | idev_dice_pub_key | 96 | ROM | Initial Device ID Public Key. | -| reserved | 132 | | Reserved for future use. | +| reserved | 136 | | Reserved for future use. | *FHT is currently defined to be 512 bytes in length.* diff --git a/rom/dev/src/fht.rs b/rom/dev/src/fht.rs index c8d9724153..dfeba4a447 100644 --- a/rom/dev/src/fht.rs +++ b/rom/dev/src/fht.rs @@ -142,7 +142,6 @@ pub fn make_fht(env: &RomEnv) -> FirmwareHandoffTable { fht_minor_ver: FHT_MINOR_VERSION, manifest_load_addr: env.data_vault.manifest_addr(), fips_fw_load_addr_hdl: FHT_INVALID_HANDLE, - rt_fw_load_addr_hdl: FhtDataStore::rt_fw_entry_point(), rt_fw_entry_point_hdl: FhtDataStore::rt_fw_entry_point(), fmc_cdi_kv_hdl: FhtDataStore::fmc_cdi_store(), fmc_priv_key_kv_hdl: FhtDataStore::fmc_priv_key_store(), diff --git a/rom/dev/src/flow/cold_reset/fw_processor.rs b/rom/dev/src/flow/cold_reset/fw_processor.rs index b11348a8a4..9960d4e714 100644 --- a/rom/dev/src/flow/cold_reset/fw_processor.rs +++ b/rom/dev/src/flow/cold_reset/fw_processor.rs @@ -301,8 +301,6 @@ impl FirmwareProcessor { data_vault.write_cold_reset_entry4(ColdResetEntry4::FmcSvn, info.fmc.svn); - data_vault.write_cold_reset_entry4(ColdResetEntry4::FmcLoadAddr, info.fmc.load_addr); - data_vault.write_cold_reset_entry4(ColdResetEntry4::FmcEntryPoint, info.fmc.entry_point); data_vault.write_cold_reset_entry48( @@ -319,8 +317,6 @@ impl FirmwareProcessor { data_vault.write_warm_reset_entry4(WarmResetEntry4::RtSvn, info.runtime.svn); - data_vault.write_warm_reset_entry4(WarmResetEntry4::RtLoadAddr, info.runtime.load_addr); - data_vault.write_warm_reset_entry4(WarmResetEntry4::RtEntryPoint, info.runtime.entry_point); // TODO: Need a better way to get the Manifest address diff --git a/rom/dev/src/flow/warm_reset.rs b/rom/dev/src/flow/warm_reset.rs index 2ddfa3f187..9495828e6b 100644 --- a/rom/dev/src/flow/warm_reset.rs +++ b/rom/dev/src/flow/warm_reset.rs @@ -72,8 +72,6 @@ impl WarmResetFlow { data_vault.write_warm_reset_entry4(WarmResetEntry4::RtSvn, manifest.runtime.svn); - data_vault.write_warm_reset_entry4(WarmResetEntry4::RtLoadAddr, manifest.runtime.load_addr); - data_vault .write_warm_reset_entry4(WarmResetEntry4::RtEntryPoint, manifest.runtime.entry_point); diff --git a/rom/dev/src/lock.rs b/rom/dev/src/lock.rs index d975db5703..fbf6920357 100644 --- a/rom/dev/src/lock.rs +++ b/rom/dev/src/lock.rs @@ -57,10 +57,6 @@ fn lock_cold_reset_reg(env: &mut RomEnv) { env.data_vault .lock_cold_reset_entry4(ColdResetEntry4::FmcSvn); - // Lock the FMC load address in data vault until next cold reset - env.data_vault - .lock_cold_reset_entry4(ColdResetEntry4::FmcLoadAddr); - // Lock the FMC entry point in data vault until next cold reset env.data_vault .lock_cold_reset_entry4(ColdResetEntry4::FmcEntryPoint); @@ -88,10 +84,6 @@ fn lock_common_reg_set(env: &mut RomEnv) { env.data_vault .lock_warm_reset_entry4(WarmResetEntry4::RtSvn); - // Lock the Runtime load address in data vault until next reset - env.data_vault - .lock_warm_reset_entry4(WarmResetEntry4::RtLoadAddr); - // Lock the Runtime entry point in data vault until next reset env.data_vault .lock_warm_reset_entry4(WarmResetEntry4::RtEntryPoint);