boardloader: flash option bytes, production changes

7 years ago · 1737f17f43
parent 15bdc59b46
commit 1737f17f43
5 changed files with 108 additions and 52 deletions
--- a/embed/boardloader/lowlevel.c
+++ b/embed/boardloader/lowlevel.c
@ -1,53 +1,107 @@
 #include STM32_HAL_H

+#include "flash.h"
 #include "lowlevel.h"

-#define WANTED_WRP (OB_WRP_SECTOR_0 | OB_WRP_SECTOR_1 | OB_WRP_SECTOR_2)
-#define WANTED_RDP (OB_RDP_LEVEL_2)
+#pragma GCC optimize("no-stack-protector") // applies to all functions in this file

-void flash_set_option_bytes(void)
-{
-    FLASH_OBProgramInitTypeDef opts;
+#if PRODUCTION
+    #define WANT_RDP_LEVEL   (OB_RDP_LEVEL_2)
+    #define WANT_WRP_SECTORS (OB_WRP_SECTOR_0 | OB_WRP_SECTOR_1 | OB_WRP_SECTOR_2)
+#else
+    #define WANT_RDP_LEVEL   (OB_RDP_LEVEL_0)
+    #define WANT_WRP_SECTORS (0)
+#endif

-    HAL_FLASHEx_OBGetConfig(&opts);
+#define WANT_BOR_LEVEL (OB_BOR_LEVEL3)

-    opts.OptionType = 0;
+// reference RM0090 section 3.9.10; SPRMOD is 0 meaning PCROP disabled.; DB1M is 0 because we use 2MB dual-bank; BFB2 is 0 allowing boot from flash;
+#define FLASH_OPTCR_VALUE ( (((~WANT_WRP_SECTORS) << FLASH_OPTCR_nWRP_Pos) & FLASH_OPTCR_nWRP_Msk) | \
+                            (WANT_RDP_LEVEL << FLASH_OPTCR_RDP_Pos) | FLASH_OPTCR_nRST_STDBY | FLASH_OPTCR_nRST_STOP | FLASH_OPTCR_WDG_SW | WANT_BOR_LEVEL )

-    if (opts.WRPSector != WANTED_WRP) {
-        opts.OptionType |= OPTIONBYTE_WRP;
-        opts.WRPState = OB_WRPSTATE_ENABLE;
-        opts.WRPSector = WANTED_WRP;
-        opts.Banks = FLASH_BANK_1;
-    }
+// reference RM0090 section 3.7.1 table 16
+#define OPTION_BYTES_RDP_USER_VALUE  ((uint16_t) ((WANT_RDP_LEVEL << FLASH_OPTCR_RDP_Pos) | FLASH_OPTCR_nRST_STDBY | FLASH_OPTCR_nRST_STOP | FLASH_OPTCR_WDG_SW | WANT_BOR_LEVEL))
+#define OPTION_BYTES_BANK1_WRP_VALUE ((uint16_t) ((~WANT_WRP_SECTORS) & 0xFFFU))
+#define OPTION_BYTES_BANK2_WRP_VALUE ((uint16_t) 0xFFFU)

-    if (opts.RDPLevel != WANTED_RDP) {
-        opts.OptionType |= OPTIONBYTE_RDP;
-        opts.RDPLevel = WANTED_RDP;
-    }
+// reference RM0090 section 3.7.1 table 16. use 16 bit pointers because the top 48 bits are all reserved.
+#define OPTION_BYTES_RDP_USER  (*(volatile uint16_t * const) 0x1FFFC000U)
+#define OPTION_BYTES_BANK1_WRP (*(volatile uint16_t * const) 0x1FFFC008U)
+#define OPTION_BYTES_BANK2_WRP (*(volatile uint16_t * const) 0x1FFEC008U)
+
+uint32_t flash_wait_and_clear_status_flags(void)
+{
+    while(FLASH->SR & FLASH_SR_BSY); // wait for all previous flash operations to complete
+    const uint32_t result = FLASH->SR & FLASH_STATUS_ALL_FLAGS; // get the current status flags
+    FLASH->SR |= FLASH_STATUS_ALL_FLAGS; // clear all status flags
+    return result;
+}

-    if (opts.OptionType == 0) {
-        return; // protections are configured
+secbool flash_check_option_bytes(void)
+{
+    flash_wait_and_clear_status_flags();
+    // check values stored in flash interface registers
+    if ((FLASH->OPTCR & ~3) != FLASH_OPTCR_VALUE) { // ignore bits 0 and 1 because they are control bits
+        return secfalse;
+    }
+    if (FLASH->OPTCR1 != FLASH_OPTCR1_nWRP) {
+        return secfalse;
+    }
+    // check values stored in flash memory
+    if ((OPTION_BYTES_RDP_USER & ~3) != OPTION_BYTES_RDP_USER_VALUE) { // bits 0 and 1 are unused
+        return secfalse;
    }
+    if ((OPTION_BYTES_BANK1_WRP & 0xCFFFU) != OPTION_BYTES_BANK1_WRP_VALUE) { // bits 12 and 13 are unused
+        return secfalse;
+    }
+    if ((OPTION_BYTES_BANK2_WRP & 0xFFFU) != OPTION_BYTES_BANK2_WRP_VALUE) { // bits 12, 13, 14, and 15 are unused
+        return secfalse;
+    }
+    return sectrue;
+}

-    // attempt to lock down the boardloader sectors
-    HAL_FLASH_Unlock();
-    HAL_FLASH_OB_Unlock();
-    HAL_FLASHEx_OBProgram(&opts);
-    HAL_FLASH_OB_Launch();
-    HAL_FLASH_OB_Lock();
-    HAL_FLASH_Lock();
+void flash_lock_option_bytes(void)
+{
+    FLASH->OPTCR |= FLASH_OPTCR_OPTLOCK; // lock the option bytes
 }

-#define FLASH_OPTION_BYTES_1 (*(const uint64_t *)0x1FFFC000)
-#define FLASH_OPTION_BYTES_2 (*(const uint64_t *)0x1FFFC008)
+void flash_unlock_option_bytes(void)
+{
+    if ((FLASH->OPTCR & FLASH_OPTCR_OPTLOCK) == 0) {
+        return; // already unlocked
+    }
+    // reference RM0090 section 3.7.2
+    // write the special sequence to unlock
+    FLASH->OPTKEYR = FLASH_OPT_KEY1;
+    FLASH->OPTKEYR = FLASH_OPT_KEY2;
+    while (FLASH->OPTCR & FLASH_OPTCR_OPTLOCK); // wait until the flash option control register is unlocked
+}

-secbool flash_check_option_bytes(void)
+uint32_t flash_set_option_bytes(void)
 {
-    //                         RDP level 2                   WRP for sectors 0, 1 and 2         flash option control register matches
-    if (((FLASH_OPTION_BYTES_1 & 0xFFEC) == 0xCCEC) && ((FLASH_OPTION_BYTES_2 & 0x0FFF) == 0x0FF8) && (FLASH->OPTCR == 0x0FF8CCED)) {
-        return sectrue;
+    // reference RM0090 section 3.7.2
+    flash_wait_and_clear_status_flags();
+    flash_unlock_option_bytes();
+    flash_wait_and_clear_status_flags();
+    FLASH->OPTCR1 = FLASH_OPTCR1_nWRP; // no write protection on any sectors in bank 2
+    FLASH->OPTCR = FLASH_OPTCR_VALUE; // WARNING: dev board safe unless you compile for PRODUCTION or change this value!!!
+    FLASH->OPTCR |= FLASH_OPTCR_OPTSTRT; // begin committing changes to flash
+    const uint32_t result = flash_wait_and_clear_status_flags(); // wait until changes are committed
+    flash_lock_option_bytes();
+    return result;
+}
+
+secbool flash_configure_option_bytes(void)
+{
+    if (sectrue == flash_check_option_bytes()) {
+        return sectrue; // we DID NOT have to change the option bytes
    }
-    return secfalse;
+
+    do {
+        flash_set_option_bytes();
+    } while(sectrue != flash_check_option_bytes());
+
+    return secfalse; // notify that we DID have to change the option bytes
 }

 void periph_init(void)
@ -80,7 +134,6 @@ void periph_init(void)

 secbool reset_flags_init(void)
 {
-/*
 #if PRODUCTION
    // this is effective enough that it makes development painful, so only use it for production.
    // check the reset flags to assure that we arrive here due to a regular full power-on event,
@ -89,7 +142,6 @@ secbool reset_flags_init(void)
        return secfalse;
    }
 #endif
-*/

    RCC->CSR |= RCC_CSR_RMVF; // clear the reset flags

--- a/embed/boardloader/lowlevel.h
+++ b/embed/boardloader/lowlevel.h
@ -1,11 +1,15 @@
-#ifndef __BOARDLOADER_LOWLEVEL_H__
-#define __BOARDLOADER_LOWLEVEL_H__
+#ifndef BOARDLOADER_LOWLEVEL_H
+#define BOARDLOADER_LOWLEVEL_H

 #include "secbool.h"

-void flash_set_option_bytes(void);
+uint32_t flash_wait_and_clear_status_flags(void);
 secbool flash_check_option_bytes(void);
+void flash_lock_option_bytes(void);
+void flash_unlock_option_bytes(void);
+uint32_t flash_set_option_bytes(void);
+secbool flash_configure_option_bytes(void);
 void periph_init(void);
 secbool reset_flags_init(void);

-#endif
+#endif // BOARDLOADER_LOWLEVEL_H
--- a/embed/boardloader/main.c
+++ b/embed/boardloader/main.c
@ -146,23 +146,22 @@ static secbool copy_sdcard(void)

 int main(void)
 {
-    periph_init(); // need the systick timer running before the production flash (and many other HAL) operations
-
    if (sectrue != reset_flags_init()) {
        return 1;
    }

-#if PRODUCTION
-    flash_set_option_bytes();
-    if (sectrue != flash_check_option_bytes()) {
-        uint8_t sectors[] = {
+    // need the systick timer running before many HAL operations.
+    // want the PVD enabled before flash operations too.
+    periph_init();
+
+    if (sectrue != flash_configure_option_bytes()) {
+        const uint8_t sectors[] = {
            FLASH_SECTOR_STORAGE_1,
            FLASH_SECTOR_STORAGE_2,
        };
        flash_erase_sectors(sectors, 2, NULL);
        return 2;
    }
-#endif

    clear_otg_hs_memory();

--- a/embed/trezorhal/flash.c
+++ b/embed/trezorhal/flash.c
@ -36,7 +36,7 @@ const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = {
 secbool flash_unlock(void)
 {
    HAL_FLASH_Unlock();
-    __HAL_FLASH_CLEAR_FLAG(FLASH_FLAG_EOP | FLASH_FLAG_OPERR | FLASH_FLAG_WRPERR | FLASH_FLAG_PGAERR | FLASH_FLAG_PGPERR | FLASH_FLAG_PGSERR);
+    FLASH->SR |= FLASH_STATUS_ALL_FLAGS; // clear all status flags
    return sectrue;
 }

--- a/embed/trezorhal/flash.h
+++ b/embed/trezorhal/flash.h
@ -1,5 +1,5 @@
-#ifndef __TREZORHAL_FLASH_H__
-#define __TREZORHAL_FLASH_H__
+#ifndef TREZORHAL_FLASH_H
+#define TREZORHAL_FLASH_H

 #include <stdint.h>
 #include "secbool.h"
@ -40,9 +40,10 @@

 #define FLASH_SECTOR_COUNT 24

-extern const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1];
+// note: FLASH_SR_RDERR is STM32F42xxx and STM32F43xxx specific (STM32F427) (reference RM0090 section 3.7.5)
+#define FLASH_STATUS_ALL_FLAGS (FLASH_SR_RDERR | FLASH_SR_PGSERR | FLASH_SR_PGPERR | FLASH_SR_PGAERR | FLASH_SR_WRPERR | FLASH_SR_SOP | FLASH_SR_EOP)

-void flash_set_option_bytes(void);
+extern const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1];

 secbool flash_unlock(void);
 secbool flash_lock(void);
@ -59,4 +60,4 @@ secbool flash_otp_write(uint8_t block, uint8_t offset, const uint8_t *data, uint
 secbool flash_otp_lock(uint8_t block);
 secbool flash_otp_is_locked(uint8_t block);

-#endif
+#endif // TREZORHAL_FLASH_H