embed/trezorhal: collect HW entropy before MPU kicks in

2025-02-16 17:42:02 +00:00 · 2019-01-25 18:33:25 +01:00 · 2019-01-25 18:33:25 +01:00 · b754ee8cf6
commit b754ee8cf6
parent c0317e1aff
13 changed files with 41 additions and 194 deletions
--- a/SConscript.firmware
+++ b/SConscript.firmware
@ -280,7 +280,6 @@ SOURCE_TREZORHAL = [
    'embed/trezorhal/usbd_ctlreq.c',
    'embed/trezorhal/usbd_ioreq.c',
    'embed/trezorhal/util.s',
    'embed/trezorhal/utils.c',
    'embed/trezorhal/vectortable.s',
 ]
--- a/SConscript.unix
+++ b/SConscript.unix
@ -258,7 +258,6 @@ SOURCE_UNIX = [
    'embed/unix/sbu.c',
    'embed/unix/touch.c',
    'embed/unix/usb.c',
    'embed/unix/utils.c',
 ]
 SOURCE_QSTR = SOURCE_MOD + SOURCE_MICROPYTHON + SOURCE_UNIX
--- a/embed/extmod/modtrezorconfig/modtrezorconfig.c
+++ b/embed/extmod/modtrezorconfig/modtrezorconfig.c
@ -26,7 +26,7 @@
 #include "embed/extmod/trezorobj.h"
 #include "storage.h"
-#include "utils.h"
+#include "common.h"
 STATIC mp_obj_t ui_wait_callback = mp_const_none;
@ -42,16 +42,11 @@ STATIC void wrapped_ui_wait_callback(uint32_t wait, uint32_t progress) {
 ///     called from this module!
 ///     '''
 STATIC mp_obj_t mod_trezorconfig_init(size_t n_args, const mp_obj_t *args) {
    uint32_t salt[] = {
        utils_get_uid_word0(),
        utils_get_uid_word1(),
        utils_get_uid_word2()
    };
    if (n_args > 0) {
        ui_wait_callback = args[0];
-        storage_init(wrapped_ui_wait_callback, (const uint8_t*)salt, sizeof(salt));
+        storage_init(wrapped_ui_wait_callback, HW_ENTROPY_DATA, HW_ENTROPY_LEN);
    } else {
-        storage_init(NULL, (const uint8_t*)salt, sizeof(salt));
+        storage_init(NULL, HW_ENTROPY_DATA, HW_ENTROPY_LEN);
    }
    return mp_const_none;
 }
--- a/embed/firmware/main.c
+++ b/embed/firmware/main.c
@ -48,6 +48,8 @@ int main(void)
    HAL_Init();
 #endif
    collect_hw_entropy();
 #if TREZOR_MODEL == T
    // Enable MPU
    mpu_config();
--- a/embed/trezorhal/common.c
+++ b/embed/trezorhal/common.c
@ -19,10 +19,14 @@
 #include STM32_HAL_H
 #include <string.h>
 #include "common.h"
 #include "display.h"
 #include "rng.h"
 #include "stm32f4xx_ll_utils.h"
 void shutdown(void);
 #define COLOR_FATAL_ERROR RGB16(0x7F, 0x00, 0x00)
@ -80,3 +84,15 @@ void __attribute__((noreturn)) __stack_chk_fail(void)
 {
    ensure(secfalse, "Stack smashing detected");
 }
 uint8_t HW_ENTROPY_DATA[HW_ENTROPY_LEN];
 void collect_hw_entropy(void)
 {
    uint32_t w = LL_GetUID_Word0();
    memcpy(HW_ENTROPY_DATA, &w, 4);
    w = LL_GetUID_Word1();
    memcpy(HW_ENTROPY_DATA + 4, &w, 4);
    w = LL_GetUID_Word2();
    memcpy(HW_ENTROPY_DATA + 8, &w, 4);
 }
--- a/embed/trezorhal/common.h
+++ b/embed/trezorhal/common.h
@ -43,6 +43,10 @@ void clear_otg_hs_memory(void);
 extern uint32_t __stack_chk_guard;
 void collect_hw_entropy(void);
 #define HW_ENTROPY_LEN 12
 extern uint8_t HW_ENTROPY_DATA[HW_ENTROPY_LEN];
 // the following functions are defined in util.s
 void memset_reg(volatile void *start, volatile void *stop, uint32_t val);
--- a/embed/trezorhal/utils.c
+++ b/embed/trezorhal/utils.c
@ -1,62 +0,0 @@
 /*
 * This file is part of the TREZOR project, https://trezor.io/
 *
 * Copyright (c) SatoshiLabs
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "utils.h"
 #include STM32_HAL_H
 #include "stm32f4xx_ll_utils.h"
 /*
 * Returns the CPUID Base Register of the System Control Block.
 */
 uint32_t utils_get_cpu_id()
 {
    return SCB->CPUID;
 }
 /*
 * Returns the size of the device flash memory expressed in kilobytes, e.g. 0x040 corresponds to 64 kB.
 */
 uint32_t utils_get_flash_size()
 {
    return LL_GetFlashSize();
 }
 /*
 * Returns word 0 of the unique device identifier.
 */
 uint32_t utils_get_uid_word0()
 {
    return LL_GetUID_Word0();
 }
 /*
 * Returns word 1 of the unique device identifier.
 */
 uint32_t utils_get_uid_word1()
 {
    return LL_GetUID_Word1();
 }
 /*
 * Returns word 2 of the unique device identifier.
 */
 uint32_t utils_get_uid_word2()
 {
    return LL_GetUID_Word2();
 }
--- a/embed/trezorhal/utils.h
+++ b/embed/trezorhal/utils.h
@ -1,31 +0,0 @@
 /*
 * This file is part of the TREZOR project, https://trezor.io/
 *
 * Copyright (c) SatoshiLabs
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #ifndef __TREZORHAL_UTILS_H__
 #define __TREZORHAL_UTILS_H__
 #include <stdint.h>
 uint32_t utils_get_cpu_id();
 uint32_t utils_get_flash_size();
 uint32_t utils_get_uid_word0();
 uint32_t utils_get_uid_word1();
 uint32_t utils_get_uid_word2();
 #endif
--- a/embed/unix/common.c
+++ b/embed/unix/common.c
@ -23,6 +23,7 @@
 #include "common.h"
 #include "display.h"
 #include "memzero.h"
 void __shutdown(void)
 {
@ -68,3 +69,10 @@ void hal_delay(uint32_t ms)
 {
    usleep(1000 * ms);
 }
 uint8_t HW_ENTROPY_DATA[HW_ENTROPY_LEN];
 void collect_hw_entropy(void)
 {
    memzero(HW_ENTROPY_DATA, HW_ENTROPY_LEN);
 }
--- a/embed/unix/common.h
+++ b/embed/unix/common.h
@ -39,4 +39,8 @@ void __attribute__((noreturn)) __fatal_error(const char *expr, const char *msg,
 void hal_delay(uint32_t ms);
 void collect_hw_entropy(void);
 #define HW_ENTROPY_LEN 12
 extern uint8_t HW_ENTROPY_DATA[HW_ENTROPY_LEN];
 #endif
--- a/embed/unix/main.c
+++ b/embed/unix/main.c
@ -50,6 +50,8 @@
 #include "input.h"
 #include "profile.h"
 #include "common.h"
 // Command line options, with their defaults
 STATIC bool compile_only = false;
 STATIC uint emit_opt = MP_EMIT_OPT_NONE;
@ -409,6 +411,8 @@ int main(int argc, char **argv) {
    // Through TREZOR_PROFILE you can set the directory for trezor.flash file.
    profile_init();
    collect_hw_entropy();
    #if MICROPY_PY_THREAD
    mp_thread_init();
    #endif
--- a/embed/unix/utils.c
+++ b/embed/unix/utils.c
@ -1,60 +0,0 @@
 /*
 * This file is part of the TREZOR project, https://trezor.io/
 *
 * Copyright (c) SatoshiLabs
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "utils.h"
 /*
 * Returns the CPUID Base Register of the System Control Block.
 */
 uint32_t utils_get_cpu_id()
 {
    return 0;
 }
 /*
 * Returns the size of the device flash memory expressed in kilobytes, e.g. 0x040 corresponds to 64 kB.
 */
 uint32_t utils_get_flash_size()
 {
    return 0;
 }
 /*
 * Returns word 0 of the unique device identifier.
 */
 uint32_t utils_get_uid_word0()
 {
    return 0;
 }
 /*
 * Returns word 1 of the unique device identifier.
 */
 uint32_t utils_get_uid_word1()
 {
    return 0;
 }
 /*
 * Returns word 2 of the unique device identifier.
 */
 uint32_t utils_get_uid_word2()
 {
    return 0;
 }
--- a/embed/unix/utils.h
+++ b/embed/unix/utils.h
@ -1,31 +0,0 @@
 /*
 * This file is part of the TREZOR project, https://trezor.io/
 *
 * Copyright (c) SatoshiLabs
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #ifndef __TREZORHAL_UTILS_H__
 #define __TREZORHAL_UTILS_H__
 #include <stdint.h>
 uint32_t utils_get_cpu_id();
 uint32_t utils_get_flash_size();
 uint32_t utils_get_uid_word0();
 uint32_t utils_get_uid_word1();
 uint32_t utils_get_uid_word2();
 #endif