1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-29 19:08:12 +00:00

refactor(core): get rid of STM32U5 in platform indep code

[no changelog]
This commit is contained in:
cepetr 2024-10-31 17:05:44 +01:00
parent d38c2e1790
commit 789d4f3e7f
13 changed files with 56 additions and 39 deletions

View File

@ -19,7 +19,6 @@
#include <string.h> #include <string.h>
#include STM32_HAL_H
#include TREZOR_BOARD #include TREZOR_BOARD
#include "board_capabilities.h" #include "board_capabilities.h"
#include "bootutils.h" #include "bootutils.h"
@ -63,13 +62,10 @@
#include "model.h" #include "model.h"
#include "monoctr.h" #include "monoctr.h"
#include "option_bytes.h" #include "option_bytes.h"
#include "tamper.h"
#include "trustzone.h" #include "trustzone.h"
#include "version.h" #include "version.h"
#ifdef STM32U5
#include "tamper.h"
#endif
const uint8_t BOARDLOADER_KEY_M = 2; const uint8_t BOARDLOADER_KEY_M = 2;
const uint8_t BOARDLOADER_KEY_N = 3; const uint8_t BOARDLOADER_KEY_N = 3;
static const uint8_t * const BOARDLOADER_KEYS[] = { static const uint8_t * const BOARDLOADER_KEYS[] = {
@ -251,7 +247,7 @@ int main(void) {
return 2; return 2;
} }
#ifdef STM32U5 #ifdef USE_TAMPER
tamper_init(); tamper_init();
#endif #endif

View File

@ -65,9 +65,6 @@
#ifdef USE_HASH_PROCESSOR #ifdef USE_HASH_PROCESSOR
#include "hash_processor.h" #include "hash_processor.h"
#endif #endif
#ifdef STM32U5
#include "irq.h"
#endif
#include "model.h" #include "model.h"
#include "usb.h" #include "usb.h"
@ -85,7 +82,6 @@
#include "emulator.h" #include "emulator.h"
#else #else
#include "compiler_traits.h" #include "compiler_traits.h"
#include STM32_HAL_H
#endif #endif
#define USB_IFACE_NUM 0 #define USB_IFACE_NUM 0
@ -346,7 +342,7 @@ void real_jump_to_firmware(void) {
jump_to(IMAGE_CODE_ALIGN(FIRMWARE_START + vhdr.hdrlen + IMAGE_HEADER_SIZE)); jump_to(IMAGE_CODE_ALIGN(FIRMWARE_START + vhdr.hdrlen + IMAGE_HEADER_SIZE));
} }
#ifdef STM32U5 #ifdef USE_RESET_TO_BOOT
__attribute__((noreturn)) void jump_to_fw_through_reset(void) { __attribute__((noreturn)) void jump_to_fw_through_reset(void) {
display_fade(display_backlight(-1), 0, 200); display_fade(display_backlight(-1), 0, 200);
@ -558,7 +554,7 @@ int bootloader_main(void) {
} else { } else {
screen = SCREEN_WELCOME; screen = SCREEN_WELCOME;
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
secret_bhk_regenerate(); secret_bhk_regenerate();
#endif #endif
ensure(erase_storage(NULL), NULL); ensure(erase_storage(NULL), NULL);
@ -613,7 +609,7 @@ int bootloader_main(void) {
screen = SCREEN_INTRO; screen = SCREEN_INTRO;
} }
if (ui_result == 0x11223344) { // reboot if (ui_result == 0x11223344) { // reboot
#ifndef STM32U5 #ifndef USE_HASH_PROCESSOR
ui_screen_boot_stage_1(true); ui_screen_boot_stage_1(true);
#endif #endif
continue_to_firmware = firmware_present; continue_to_firmware = firmware_present;
@ -666,7 +662,7 @@ int bootloader_main(void) {
// erase storage if we saw flips randomly flip, most likely due to // erase storage if we saw flips randomly flip, most likely due to
// glitch // glitch
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
secret_bhk_regenerate(); secret_bhk_regenerate();
#endif #endif
ensure(erase_storage(NULL), NULL); ensure(erase_storage(NULL), NULL);
@ -675,7 +671,7 @@ int bootloader_main(void) {
(continue_to_firmware == continue_to_firmware_backup), (continue_to_firmware == continue_to_firmware_backup),
NULL); NULL);
if (sectrue == continue_to_firmware) { if (sectrue == continue_to_firmware) {
#ifdef STM32U5 #ifdef USE_RESET_TO_BOOT
firmware_jump_fn = jump_to_fw_through_reset; firmware_jump_fn = jump_to_fw_through_reset;
#else #else
ui_screen_boot_stage_1(true); ui_screen_boot_stage_1(true);
@ -689,7 +685,7 @@ int bootloader_main(void) {
ensure(dont_optimize_out_true * (firmware_present == firmware_present_backup), ensure(dont_optimize_out_true * (firmware_present == firmware_present_backup),
NULL); NULL);
#ifdef STM32U5 #ifdef USE_RESET_TO_BOOT
if (sectrue == firmware_present && if (sectrue == firmware_present &&
firmware_jump_fn != jump_to_fw_through_reset) { firmware_jump_fn != jump_to_fw_through_reset) {
firmware_jump_fn = real_jump_to_firmware; firmware_jump_fn = real_jump_to_firmware;

View File

@ -720,7 +720,7 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size,
// if firmware is not upgrade, erase storage // if firmware is not upgrade, erase storage
if (sectrue != should_keep_seed) { if (sectrue != should_keep_seed) {
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
secret_bhk_regenerate(); secret_bhk_regenerate();
#endif #endif
ensure(erase_storage(NULL), NULL); ensure(erase_storage(NULL), NULL);

View File

@ -17,8 +17,6 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#include STM32_HAL_H
#include <string.h> #include <string.h>
#include "applet.h" #include "applet.h"
@ -73,7 +71,7 @@ static void optiga_log_hex(const char *prefix, const uint8_t *data,
#endif #endif
void drivers_init() { void drivers_init() {
#ifdef STM32U5 #ifdef USE_TAMPER
tamper_init(); tamper_init();
#endif #endif
@ -101,7 +99,7 @@ void drivers_init() {
display_init(DISPLAY_JUMP_BEHAVIOR); display_init(DISPLAY_JUMP_BEHAVIOR);
#ifdef STM32U5 #ifdef USE_OEM_KEYS_CHECK
check_oem_keys(); check_oem_keys();
#endif #endif
@ -109,7 +107,7 @@ void drivers_init() {
unit_properties_init(); unit_properties_init();
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
secure_aes_init(); secure_aes_init();
#endif #endif

View File

@ -65,8 +65,11 @@
#include "memzero.h" #include "memzero.h"
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
#include "secure_aes.h" #include "secure_aes.h"
#endif
#ifdef STM32U5
#include "stm32u5xx_ll_utils.h" #include "stm32u5xx_ll_utils.h"
#else #else
#include "stm32f4xx_ll_utils.h" #include "stm32f4xx_ll_utils.h"
@ -820,7 +823,7 @@ int main(void) {
display_init(DISPLAY_JUMP_BEHAVIOR); display_init(DISPLAY_JUMP_BEHAVIOR);
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
secure_aes_init(); secure_aes_init();
#endif #endif
#ifdef USE_HASH_PROCESSOR #ifdef USE_HASH_PROCESSOR

View File

@ -33,10 +33,9 @@
#include "secret.h" #include "secret.h"
#include "sha2.h" #include "sha2.h"
#include STM32_HAL_H
#include TREZOR_BOARD #include TREZOR_BOARD
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
#include "secure_aes.h" #include "secure_aes.h"
#endif #endif

View File

@ -26,11 +26,7 @@
#include "flash_ll.h" #include "flash_ll.h"
#include "secbool.h" #include "secbool.h"
#ifndef TREZOR_EMULATOR #ifdef USE_FLASH_BURST
#include STM32_HAL_H
#endif
#ifdef STM32U5
#define FLASH_QUADWORD_WORDS (4) #define FLASH_QUADWORD_WORDS (4)
#define FLASH_QUADWORD_SIZE (FLASH_QUADWORD_WORDS * sizeof(uint32_t)) #define FLASH_QUADWORD_SIZE (FLASH_QUADWORD_WORDS * sizeof(uint32_t))

View File

@ -17,6 +17,10 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#ifndef TREZOR_EMULATOR
#include STM32_HAL_H
#endif
#include "flash.h" #include "flash.h"
#include "layout_helpers.h" #include "layout_helpers.h"
#include "model.h" #include "model.h"

View File

@ -17,6 +17,10 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>. * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
#ifndef TREZOR_EMULATOR
#include STM32_HAL_H
#endif
#include "flash.h" #include "flash.h"
#include "layout_helpers.h" #include "layout_helpers.h"
#include "model.h" #include "model.h"

View File

@ -96,7 +96,14 @@ def configure(
features_available.append("xframebuffer") features_available.append("xframebuffer")
features_available.append("display_rgba8888") features_available.append("display_rgba8888")
defines += ["USE_HASH_PROCESSOR=1"] defines += [
"USE_HASH_PROCESSOR=1",
"USE_STORAGE_HW_KEY=1",
"USE_TAMPER=1",
"USE_FLASH_BURST=1",
"USE_OEM_KEYS_CHECK=1",
"USE_RESET_TO_BOOT=1",
]
env.get("ENV")["LINKER_SCRIPT"] = linker_script env.get("ENV")["LINKER_SCRIPT"] = linker_script

View File

@ -86,8 +86,15 @@ def configure(
sources += ["vendor/stm32u5xx_hal_driver/Src/stm32u5xx_hal_tim.c"] sources += ["vendor/stm32u5xx_hal_driver/Src/stm32u5xx_hal_tim.c"]
defines += ["USE_CONSUMPTION_MASK=1"] defines += ["USE_CONSUMPTION_MASK=1"]
defines += ["USE_HASH_PROCESSOR=1"] defines += [
defines += ["USE_PVD=1"] "USE_HASH_PROCESSOR=1",
"USE_STORAGE_HW_KEY=1",
"USE_TAMPER=1",
"USE_FLASH_BURST=1",
"USE_RESET_TO_BOOT=1",
"USE_OEM_KEYS_CHECK=1",
"USE_PVD=1",
]
env.get("ENV")["TREZOR_BOARD"] = board env.get("ENV")["TREZOR_BOARD"] = board
env.get("ENV")["MCU_TYPE"] = mcu env.get("ENV")["MCU_TYPE"] = mcu

View File

@ -132,8 +132,15 @@ def configure(
features_available.append("optiga") features_available.append("optiga")
defines += ["USE_OPTIGA=1"] defines += ["USE_OPTIGA=1"]
defines += ["USE_HASH_PROCESSOR=1"] defines += [
defines += ["USE_PVD=1"] "USE_HASH_PROCESSOR=1",
"USE_STORAGE_HW_KEY=1",
"USE_TAMPER=1",
"USE_FLASH_BURST=1",
"USE_RESET_TO_BOOT=1",
"USE_OEM_KEYS_CHECK=1",
"USE_PVD=1",
]
env.get("ENV")["TREZOR_BOARD"] = board env.get("ENV")["TREZOR_BOARD"] = board
env.get("ENV")["MCU_TYPE"] = mcu env.get("ENV")["MCU_TYPE"] = mcu

View File

@ -37,7 +37,7 @@
#include "optiga.h" #include "optiga.h"
#endif #endif
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
#include "secure_aes.h" #include "secure_aes.h"
#endif #endif
@ -553,7 +553,7 @@ static void derive_kek_v4(const uint8_t *pin, size_t pin_len,
ui_progress(); ui_progress();
} }
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
uint8_t pre_kek[SHA256_DIGEST_LENGTH] = {0}; uint8_t pre_kek[SHA256_DIGEST_LENGTH] = {0};
pbkdf2_hmac_sha256_Final(&ctx, pre_kek); pbkdf2_hmac_sha256_Final(&ctx, pre_kek);
ensure(secure_aes_ecb_encrypt_hw(pre_kek, SHA256_DIGEST_LENGTH, kek, ensure(secure_aes_ecb_encrypt_hw(pre_kek, SHA256_DIGEST_LENGTH, kek,
@ -611,7 +611,7 @@ static void stretch_pin(const uint8_t *pin, size_t pin_len,
pbkdf2_hmac_sha256_Update(&ctx, PIN_ITER_COUNT / 10); pbkdf2_hmac_sha256_Update(&ctx, PIN_ITER_COUNT / 10);
ui_progress(); ui_progress();
} }
#ifdef STM32U5 #ifdef USE_STORAGE_HWKEY
uint8_t stretched_pin_tmp[SHA256_DIGEST_LENGTH] = {0}; uint8_t stretched_pin_tmp[SHA256_DIGEST_LENGTH] = {0};
pbkdf2_hmac_sha256_Final(&ctx, stretched_pin_tmp); pbkdf2_hmac_sha256_Final(&ctx, stretched_pin_tmp);
ensure(secure_aes_ecb_encrypt_hw(stretched_pin_tmp, SHA256_DIGEST_LENGTH, ensure(secure_aes_ecb_encrypt_hw(stretched_pin_tmp, SHA256_DIGEST_LENGTH,