From 8ee17f69b3d1fa1215fc66c9e0a1b87f1bcc13ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Vejpustek?= Date: Fri, 12 Feb 2021 12:12:20 +0100 Subject: [PATCH] refactor(core): move wait_random and rdi into separate file --- core/SConscript.bootloader | 1 + core/SConscript.bootloader_ci | 1 + core/SConscript.firmware | 4 +-- core/SConscript.prodtest | 1 + core/SConscript.unix | 1 + core/embed/firmware/main.c | 2 +- core/embed/trezorhal/common.c | 21 --------------- core/embed/trezorhal/common.h | 2 -- .../trezorhal/{rdi.c => random_delays.c} | 27 +++++++++++++++++-- .../trezorhal/{rdi.h => random_delays.h} | 6 +++-- core/embed/trezorhal/systick.c | 2 +- core/embed/trezorhal/usb.c | 2 +- core/embed/unix/common.h | 1 - core/embed/unix/random_delays.c | 22 +++++++++++++++ core/embed/unix/random_delays.h | 24 +++++++++++++++++ storage/storage.c | 1 + storage/tests/c/Makefile | 1 + storage/tests/c/common.c | 2 -- storage/tests/c/common.h | 2 -- storage/tests/c/random_delays.c | 22 +++++++++++++++ storage/tests/c/random_delays.h | 25 +++++++++++++++++ 21 files changed, 132 insertions(+), 38 deletions(-) rename core/embed/trezorhal/{rdi.c => random_delays.c} (90%) rename core/embed/trezorhal/{rdi.h => random_delays.h} (89%) create mode 100644 core/embed/unix/random_delays.c create mode 100644 core/embed/unix/random_delays.h create mode 100644 storage/tests/c/random_delays.c create mode 100644 storage/tests/c/random_delays.h diff --git a/core/SConscript.bootloader b/core/SConscript.bootloader index 7039fd4d8..4ca5236c2 100644 --- a/core/SConscript.bootloader +++ b/core/SConscript.bootloader @@ -94,6 +94,7 @@ SOURCE_TREZORHAL = [ 'embed/trezorhal/flash.c', 'embed/trezorhal/mini_printf.c', 'embed/trezorhal/mpu.c', + 'embed/trezorhal/random_delays.c', 'embed/trezorhal/rng.c', 'embed/trezorhal/stm32.c', 'embed/trezorhal/systick.c', diff --git a/core/SConscript.bootloader_ci b/core/SConscript.bootloader_ci index 4d96d9696..2be760bd4 100644 --- a/core/SConscript.bootloader_ci +++ b/core/SConscript.bootloader_ci @@ -94,6 +94,7 @@ SOURCE_TREZORHAL = [ 'embed/trezorhal/flash.c', 'embed/trezorhal/mini_printf.c', 'embed/trezorhal/mpu.c', + 'embed/trezorhal/random_delays.c', 'embed/trezorhal/rng.c', 'embed/trezorhal/stm32.c', 'embed/trezorhal/systick.c', diff --git a/core/SConscript.firmware b/core/SConscript.firmware index 2ff590f5d..6c5ccecd5 100644 --- a/core/SConscript.firmware +++ b/core/SConscript.firmware @@ -333,6 +333,7 @@ SOURCE_TREZORHAL = [ 'embed/trezorhal/flash.c', 'embed/trezorhal/mini_printf.c', 'embed/trezorhal/mpu.c', + 'embed/trezorhal/random_delays.c', 'embed/trezorhal/rng.c', 'embed/trezorhal/sbu.c', 'embed/trezorhal/sdcard.c', @@ -349,9 +350,6 @@ SOURCE_TREZORHAL = [ ] if FEATURE_FLAGS["RDI"]: - SOURCE_TREZORHAL += [ - 'embed/trezorhal/rdi.c', - ] CPPDEFINES_MOD += ['RDI'] if FEATURE_FLAGS["SYSTEM_VIEW"]: diff --git a/core/SConscript.prodtest b/core/SConscript.prodtest index adfa7d794..c92c3b685 100644 --- a/core/SConscript.prodtest +++ b/core/SConscript.prodtest @@ -70,6 +70,7 @@ SOURCE_TREZORHAL = [ 'embed/trezorhal/dma.c', 'embed/trezorhal/flash.c', 'embed/trezorhal/mini_printf.c', + 'embed/trezorhal/random_delays.c', 'embed/trezorhal/rng.c', 'embed/trezorhal/sbu.c', 'embed/trezorhal/sdcard.c', diff --git a/core/SConscript.unix b/core/SConscript.unix index 5f232631d..982dd94c9 100644 --- a/core/SConscript.unix +++ b/core/SConscript.unix @@ -305,6 +305,7 @@ SOURCE_UNIX = [ 'embed/unix/flash.c', 'embed/unix/main.c', 'embed/unix/profile.c', + 'embed/unix/random_delays.c', 'embed/unix/rng.c', 'embed/unix/sbu.c', 'embed/unix/sdcard.c', diff --git a/core/embed/firmware/main.c b/core/embed/firmware/main.c index 6be80e107..e10d165a9 100644 --- a/core/embed/firmware/main.c +++ b/core/embed/firmware/main.c @@ -41,7 +41,7 @@ #include "flash.h" #include "mpu.h" #ifdef RDI -#include "rdi.h" +#include "random_delays.h" #endif #ifdef SYSTEM_VIEW #include "systemview.h" diff --git a/core/embed/trezorhal/common.c b/core/embed/trezorhal/common.c index 916534173..72999854d 100644 --- a/core/embed/trezorhal/common.c +++ b/core/embed/trezorhal/common.c @@ -122,27 +122,6 @@ void __assert_func(const char *file, int line, const char *func, void hal_delay(uint32_t ms) { HAL_Delay(ms); } -/* - * Generates a delay of random length. Use this to protect sensitive code - * against fault injection. - */ -void wait_random(void) { - int wait = drbg_random32() & 0xff; - volatile int i = 0; - volatile int j = wait; - while (i < wait) { - if (i + j != wait) { - shutdown(); - } - ++i; - --j; - } - // Double-check loop completion. - if (i != wait || j != 0) { - shutdown(); - } -} - // reference RM0090 section 35.12.1 Figure 413 #define USB_OTG_HS_DATA_FIFO_RAM (USB_OTG_HS_PERIPH_BASE + 0x20000U) #define USB_OTG_HS_DATA_FIFO_SIZE (4096U) diff --git a/core/embed/trezorhal/common.h b/core/embed/trezorhal/common.h index f5cb32d0e..ab5cdaa12 100644 --- a/core/embed/trezorhal/common.h +++ b/core/embed/trezorhal/common.h @@ -66,8 +66,6 @@ error_shutdown(const char *line1, const char *line2, const char *line3, void hal_delay(uint32_t ms); -void wait_random(void); - void clear_otg_hs_memory(void); extern uint32_t __stack_chk_guard; diff --git a/core/embed/trezorhal/rdi.c b/core/embed/trezorhal/random_delays.c similarity index 90% rename from core/embed/trezorhal/rdi.c rename to core/embed/trezorhal/random_delays.c index 9f2d1348e..47d930fda 100644 --- a/core/embed/trezorhal/rdi.c +++ b/core/embed/trezorhal/random_delays.c @@ -34,7 +34,7 @@ https://link.springer.com/content/pdf/10.1007%2F3-540-44499-8_20.pdf https://link.springer.com/content/pdf/10.1007%2F978-3-540-72354-7_3.pdf */ -#include "rdi.h" +#include "random_delays.h" #include @@ -42,7 +42,9 @@ https://link.springer.com/content/pdf/10.1007%2F978-3-540-72354-7_3.pdf #include "common.h" #include "memzero.h" #include "rand.h" -#include "secbool.h" + +// from util.s +extern void shutdown(void); #define BUFFER_LENGTH 64 #define RESEED_INTERVAL 65536 @@ -141,3 +143,24 @@ void rdi_stop(void) { memzero(&drbg_ctx, sizeof(drbg_ctx)); } } + +/* + * Generates a delay of random length. Use this to protect sensitive code + * against fault injection. + */ +void wait_random(void) { + int wait = drbg_random32() & 0xff; + volatile int i = 0; + volatile int j = wait; + while (i < wait) { + if (i + j != wait) { + shutdown(); + } + ++i; + --j; + } + // Double-check loop completion. + if (i != wait || j != 0) { + shutdown(); + } +} diff --git a/core/embed/trezorhal/rdi.h b/core/embed/trezorhal/random_delays.h similarity index 89% rename from core/embed/trezorhal/rdi.h rename to core/embed/trezorhal/random_delays.h index 0b2da982c..b7a0ae1c3 100644 --- a/core/embed/trezorhal/rdi.h +++ b/core/embed/trezorhal/random_delays.h @@ -17,8 +17,8 @@ * along with this program. If not, see . */ -#ifndef __TREZORHAL_RDI_H__ -#define __TREZORHAL_RDI_H__ +#ifndef __TREZORHAL_RANDOM_DELAYS_H__ +#define __TREZORHAL_RANDOM_DELAYS_H__ #include @@ -26,4 +26,6 @@ void rdi_start(void); void rdi_stop(void); void rdi_refresh_session_delay(void); void rdi_handler(uint32_t uw_tick); + +void wait_random(void); #endif diff --git a/core/embed/trezorhal/systick.c b/core/embed/trezorhal/systick.c index 7b46aebc6..f4d56c62c 100644 --- a/core/embed/trezorhal/systick.c +++ b/core/embed/trezorhal/systick.c @@ -49,7 +49,7 @@ #include "systick.h" #ifdef RDI - #include "rdi.h" + #include "random_delays.h" #endif #include "systemview.h" diff --git a/core/embed/trezorhal/usb.c b/core/embed/trezorhal/usb.c index 7c9519c75..a2038cdbf 100644 --- a/core/embed/trezorhal/usb.c +++ b/core/embed/trezorhal/usb.c @@ -21,7 +21,7 @@ #include "usb.h" #include "common.h" -#include "rdi.h" +#include "random_delays.h" #include "usbd_core.h" #define USB_MAX_CONFIG_DESC_SIZE 256 diff --git a/core/embed/unix/common.h b/core/embed/unix/common.h index 961a065f4..071df5733 100644 --- a/core/embed/unix/common.h +++ b/core/embed/unix/common.h @@ -56,7 +56,6 @@ error_shutdown(const char *line1, const char *line2, const char *line3, : __fatal_error(#expr, msg, __FILE__, __LINE__, __func__)) void hal_delay(uint32_t ms); -void wait_random(void); void collect_hw_entropy(void); #define HW_ENTROPY_LEN (12 + 32) diff --git a/core/embed/unix/random_delays.c b/core/embed/unix/random_delays.c new file mode 100644 index 000000000..eafc3dbbd --- /dev/null +++ b/core/embed/unix/random_delays.c @@ -0,0 +1,22 @@ +/* + * This file is part of the Trezor project, https://trezor.io/ + * + * Copyright (c) SatoshiLabs + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include "random_delays.h" + +void wait_random(void) {} diff --git a/core/embed/unix/random_delays.h b/core/embed/unix/random_delays.h new file mode 100644 index 000000000..ee7b8bef5 --- /dev/null +++ b/core/embed/unix/random_delays.h @@ -0,0 +1,24 @@ +/* + * This file is part of the Trezor project, https://trezor.io/ + * + * Copyright (c) SatoshiLabs + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#ifndef __TREZORHAL_RANDOM_DELAYS_H__ +#define __TREZORHAL_RANDOM_DELAYS_H__ + +void wait_random(void); +#endif diff --git a/storage/storage.c b/storage/storage.c index 10431f25e..80e5040eb 100644 --- a/storage/storage.c +++ b/storage/storage.c @@ -27,6 +27,7 @@ #include "norcow.h" #include "pbkdf2.h" #include "rand.h" +#include "random_delays.h" #include "sha2.h" #include "storage.h" diff --git a/storage/tests/c/Makefile b/storage/tests/c/Makefile index bc0a675be..78330ccc8 100644 --- a/storage/tests/c/Makefile +++ b/storage/tests/c/Makefile @@ -6,6 +6,7 @@ BASE = ../../../ SRC = storage/tests/c/flash.c SRC += storage/tests/c/common.c +SRC += storage/tests/c/random_delays.c SRC += storage/storage.c SRC += storage/norcow.c SRC += crypto/pbkdf2.c diff --git a/storage/tests/c/common.c b/storage/tests/c/common.c index 9345bc718..252b1bbfe 100644 --- a/storage/tests/c/common.c +++ b/storage/tests/c/common.c @@ -23,8 +23,6 @@ #include "common.h" -void wait_random(void) {} - void __shutdown(void) { printf("SHUTDOWN\n"); exit(3); diff --git a/storage/tests/c/common.h b/storage/tests/c/common.h index 728b6e64e..b24d9ebfe 100644 --- a/storage/tests/c/common.h +++ b/storage/tests/c/common.h @@ -22,8 +22,6 @@ #include "secbool.h" -void wait_random(void); - void __fatal_error(const char *expr, const char *msg, const char *file, int line, const char *func); void error_shutdown(const char *line1, const char *line2, const char *line3, diff --git a/storage/tests/c/random_delays.c b/storage/tests/c/random_delays.c new file mode 100644 index 000000000..eafc3dbbd --- /dev/null +++ b/storage/tests/c/random_delays.c @@ -0,0 +1,22 @@ +/* + * This file is part of the Trezor project, https://trezor.io/ + * + * Copyright (c) SatoshiLabs + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#include "random_delays.h" + +void wait_random(void) {} diff --git a/storage/tests/c/random_delays.h b/storage/tests/c/random_delays.h new file mode 100644 index 000000000..adb99049d --- /dev/null +++ b/storage/tests/c/random_delays.h @@ -0,0 +1,25 @@ +/* + * This file is part of the Trezor project, https://trezor.io/ + * + * Copyright (c) SatoshiLabs + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +#ifndef __TREZORHAL_RANDOM_DELAYS_H__ +#define __TREZORHAL_RANDOM_DELAYS_H__ + +void wait_random(void); + +#endif