1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

feat(core): use confidential section for confidential and sensitive data

[no changelog]
This commit is contained in:
tychovrahe 2024-03-03 22:19:12 +01:00 committed by TychoVrahe
parent 535a052df4
commit ed6aa48726
35 changed files with 128 additions and 127 deletions

View File

@ -168,7 +168,7 @@ program_bin = env.Command(
target='boardloader.bin', target='boardloader.bin',
source=program_elf, source=program_elf,
action=[ action=[
'$OBJCOPY -O binary -j .vector_table -j .text -j .data -j .rodata -j .capabilities -j .sensitive $SOURCE $TARGET', '$OBJCOPY -O binary -j .vector_table -j .text -j .data -j .rodata -j .capabilities -j .confidential $SOURCE $TARGET',
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
], ],
) )

View File

@ -274,7 +274,7 @@ program_bin = env.Command(
target='bootloader.bin', target='bootloader.bin',
source=program_elf, source=program_elf,
action=[ action=[
'$OBJCOPY -O binary -j .header -j .flash -j .data -j .sensitive $SOURCE $TARGET', '$OBJCOPY -O binary -j .header -j .flash -j .data -j .confidential $SOURCE $TARGET',
'$HEADERTOOL $TARGET ' + ('-D' if not PRODUCTION else ''), '$HEADERTOOL $TARGET ' + ('-D' if not PRODUCTION else ''),
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
], ) ], )

View File

@ -214,7 +214,7 @@ program_bin = env.Command(
target='bootloader.bin', target='bootloader.bin',
source=program_elf, source=program_elf,
action=[ action=[
'$OBJCOPY -O binary -j .header -j .flash -j .data -j .sensitive $SOURCE $TARGET', '$OBJCOPY -O binary -j .header -j .flash -j .data -j .confidential $SOURCE $TARGET',
'$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''), '$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''),
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
], ) ], )

View File

@ -158,7 +158,7 @@ tools.add_font('DEMIBOLD', FONT_DEMIBOLD, CPPDEFINES_MOD, SOURCE_MOD)
tools.add_font('MONO', FONT_MONO, CPPDEFINES_MOD, SOURCE_MOD) tools.add_font('MONO', FONT_MONO, CPPDEFINES_MOD, SOURCE_MOD)
tools.add_font('BIG', FONT_BIG, CPPDEFINES_MOD, SOURCE_MOD) tools.add_font('BIG', FONT_BIG, CPPDEFINES_MOD, SOURCE_MOD)
env = Environment(ENV=os.environ, CFLAGS='%s -DPRODUCTION=%s' % (ARGUMENTS.get('CFLAGS', ''), ARGUMENTS.get('PRODUCTION', '0'))) env = Environment(ENV=os.environ, CFLAGS='%s -DCONFIDENTIAL= -DPRODUCTION=%s' % (ARGUMENTS.get('CFLAGS', ''), ARGUMENTS.get('PRODUCTION', '0')))
env.Replace( env.Replace(
CP='cp', CP='cp',

View File

@ -865,14 +865,14 @@ BINARY_NAME += ".bin"
if TREZOR_MODEL in ('1'): if TREZOR_MODEL in ('1'):
action_bin=[ action_bin=[
'$OBJCOPY -O binary -j .header -j .flash -j .data -j .sensitive $SOURCE $TARGET', '$OBJCOPY -O binary -j .header -j .flash -j .data -j .confidential $SOURCE $TARGET',
'../legacy/bootloader/firmware_sign.py -f $TARGET', '../legacy/bootloader/firmware_sign.py -f $TARGET',
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
] ]
else: else:
if 'STM32F427xx' in CPPDEFINES_HAL or 'STM32F429xx' in CPPDEFINES_HAL: if 'STM32F427xx' in CPPDEFINES_HAL or 'STM32F429xx' in CPPDEFINES_HAL:
action_bin=[ action_bin=[
'$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .sensitive --pad-to 0x08100000 $SOURCE ${TARGET}.p1', '$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .confidential --pad-to 0x08100000 $SOURCE ${TARGET}.p1',
'$OBJCOPY -O binary -j .flash2 $SOURCE ${TARGET}.p2', '$OBJCOPY -O binary -j .flash2 $SOURCE ${TARGET}.p2',
'$CAT ${TARGET}.p1 ${TARGET}.p2 > $TARGET', '$CAT ${TARGET}.p1 ${TARGET}.p2 > $TARGET',
'$HEADERTOOL -h $TARGET ' + ('-D' if not PRODUCTION else ''), '$HEADERTOOL -h $TARGET ' + ('-D' if not PRODUCTION else ''),
@ -881,7 +881,7 @@ else:
] ]
elif 'STM32U5A9xx' in CPPDEFINES_HAL or 'STM32U585xx' in CPPDEFINES_HAL: elif 'STM32U5A9xx' in CPPDEFINES_HAL or 'STM32U585xx' in CPPDEFINES_HAL:
action_bin=[ action_bin=[
'$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .sensitive $SOURCE ${TARGET}', '$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .confidential $SOURCE ${TARGET}',
'$HEADERTOOL -h $TARGET ' + ('-D' if not PRODUCTION else ''), '$HEADERTOOL -h $TARGET ' + ('-D' if not PRODUCTION else ''),
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
] ]

View File

@ -232,7 +232,7 @@ program_bin = env.Command(
target='prodtest.bin', target='prodtest.bin',
source=program_elf, source=program_elf,
action=[ action=[
'$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .sensitive $SOURCE $TARGET', '$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .confidential $SOURCE $TARGET',
'$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''), '$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''),
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
], ) ], )

View File

@ -190,7 +190,7 @@ program_bin = env.Command(
target='reflash.bin', target='reflash.bin',
source=program_elf, source=program_elf,
action=[ action=[
'$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .sensitive $SOURCE $TARGET', '$OBJCOPY -O binary -j .vendorheader -j .header -j .flash -j .data -j .confidential $SOURCE $TARGET',
'$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''), '$HEADERTOOL $TARGET ' + ('-D' if ARGUMENTS.get('PRODUCTION', '0') == '0' else ''),
'$CP $TARGET ' + BINARY_NAME, '$CP $TARGET ' + BINARY_NAME,
], ) ], )

View File

@ -450,7 +450,7 @@ if PYOPT == '0' or not FROZEN:
else: else:
STATIC="" STATIC=""
env = Environment(ENV=os.environ, CFLAGS='%s -DPYOPT=%s -DBITCOIN_ONLY=%s %s' % (ARGUMENTS.get('CFLAGS', ''), PYOPT, BITCOIN_ONLY, STATIC)) env = Environment(ENV=os.environ, CFLAGS='%s -DCONFIDENTIAL= -DPYOPT=%s -DBITCOIN_ONLY=%s %s' % (ARGUMENTS.get('CFLAGS', ''), PYOPT, BITCOIN_ONLY, STATIC))
if TREZOR_MODEL in ('T', 'T3T1'): if TREZOR_MODEL in ('T', 'T3T1'):

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -83,8 +83,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(8) { .confidential : ALIGN(8) {
*(.sensitive*); *(.confidential*);
. = ALIGN(4); . = ALIGN(4);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -83,8 +83,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(8) { .confidential : ALIGN(8) {
*(.sensitive*); *(.confidential*);
. = ALIGN(4); . = ALIGN(4);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,7 +23,7 @@ reset_handler:
bl rng_read bl rng_read
mov r4, r0 // save TRNG output in r4 mov r4, r0 // save TRNG output in r4
// wipe memory to remove any possible vestiges of sensitive data // wipe memory to remove any possible vestiges of confidential data
fill_ram: fill_ram:
@ -88,10 +88,10 @@ clear_ram:
ldr r2, =data_size // size in bytes ldr r2, =data_size // size in bytes
bl memcpy bl memcpy
// copy sensitive data in from flash // copy confidential data in from flash
ldr r0, =sensitive_vma // dst addr ldr r0, =confidential_vma // dst addr
ldr r1, =sensitive_lma // src addr ldr r1, =confidential_lma // src addr
ldr r2, =sensitive_size // size in bytes ldr r2, =confidential_size // size in bytes
bl memcpy bl memcpy
// setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value // setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value

View File

@ -87,8 +87,8 @@ typedef enum {
void failed_jump_to_firmware(void); void failed_jump_to_firmware(void);
SENSITIVE volatile secbool dont_optimize_out_true = sectrue; CONFIDENTIAL volatile secbool dont_optimize_out_true = sectrue;
SENSITIVE volatile void (*firmware_jump_fn)(void) = failed_jump_to_firmware; CONFIDENTIAL volatile void (*firmware_jump_fn)(void) = failed_jump_to_firmware;
static void usb_init_all(secbool usb21_landing) { static void usb_init_all(secbool usb21_landing) {
usb_dev_info_t dev_info = { usb_dev_info_t dev_info = {

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
SECTIONS { SECTIONS {
.header : ALIGN(4) { .header : ALIGN(4) {
@ -84,8 +84,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
SECTIONS { SECTIONS {
.header : ALIGN(4) { .header : ALIGN(4) {
@ -84,8 +84,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -43,10 +43,10 @@ reset_handler:
ldr r2, =data_size // size in bytes ldr r2, =data_size // size in bytes
bl memcpy bl memcpy
// copy sensitive data in from flash // copy confidential data in from flash
ldr r0, =sensitive_vma // dst addr ldr r0, =confidential_vma // dst addr
ldr r1, =sensitive_lma // src addr ldr r1, =confidential_lma // src addr
ldr r2, =sensitive_size // size in bytes ldr r2, =confidential_size // size in bytes
bl memcpy bl memcpy
// setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value // setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
SECTIONS { SECTIONS {
.header : ALIGN(4) { .header : ALIGN(4) {
@ -84,8 +84,8 @@ SECTIONS {
. = 16K; /* Exactly 16K allocated for stack. Overflow causes Usage fault. */ . = 16K; /* Exactly 16K allocated for stack. Overflow causes Usage fault. */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
SECTIONS { SECTIONS {
.header : ALIGN(4) { .header : ALIGN(4) {
@ -84,8 +84,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -43,10 +43,10 @@ reset_handler:
ldr r2, =data_size // size in bytes ldr r2, =data_size // size in bytes
bl memcpy bl memcpy
// copy sensitive data in from flash // copy confidential data in from flash
ldr r0, =sensitive_vma // dst addr ldr r0, =confidential_vma // dst addr
ldr r1, =sensitive_lma // src addr ldr r1, =confidential_lma // src addr
ldr r2, =sensitive_size // size in bytes ldr r2, =confidential_size // size in bytes
bl memcpy bl memcpy
// setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value // setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
_flash_start = ORIGIN(FLASH); _flash_start = ORIGIN(FLASH);
_flash_end = ORIGIN(FLASH) + LENGTH(FLASH); _flash_end = ORIGIN(FLASH) + LENGTH(FLASH);
_heap_start = ADDR(.heap); _heap_start = ADDR(.heap);
@ -100,8 +100,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
_flash_start = ORIGIN(FLASH); _flash_start = ORIGIN(FLASH);
_flash_end = ORIGIN(FLASH) + LENGTH(FLASH); _flash_end = ORIGIN(FLASH) + LENGTH(FLASH);
_heap_start = ADDR(.heap); _heap_start = ADDR(.heap);
@ -82,6 +82,7 @@ SECTIONS {
} }
.bss : ALIGN(4) { .bss : ALIGN(4) {
*(.no_dma_buffers*);
*(.bss*); *(.bss*);
. = ALIGN(4); . = ALIGN(4);
} >SRAM1 } >SRAM1
@ -95,8 +96,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -47,10 +47,10 @@ reset_handler:
ldr r2, =data_size // size in bytes ldr r2, =data_size // size in bytes
bl memcpy bl memcpy
// copy sensitive data in from flash // copy confidential data in from flash
ldr r0, =sensitive_vma // dst addr ldr r0, =confidential_vma // dst addr
ldr r1, =sensitive_lma // src addr ldr r1, =confidential_lma // src addr
ldr r2, =sensitive_size // size in bytes ldr r2, =confidential_size // size in bytes
bl memcpy bl memcpy
// setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value // setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value

View File

@ -3,7 +3,7 @@
ENTRY(reset_handler) ENTRY(reset_handler)
MEMORY { MEMORY {
FLASH (rx) : ORIGIN = 0x0C050000, LENGTH = 3648K FLASH (rx) : ORIGIN = 0x0C050000, LENGTH = 1664K
SRAM1 (wal) : ORIGIN = 0x30000000, LENGTH = 192K - 0x100 SRAM1 (wal) : ORIGIN = 0x30000000, LENGTH = 192K - 0x100
BOOT_ARGS (wal) : ORIGIN = 0x3002FF00, LENGTH = 0x100 BOOT_ARGS (wal) : ORIGIN = 0x3002FF00, LENGTH = 0x100
SRAM2 (wal) : ORIGIN = 0x30030000, LENGTH = 64K SRAM2 (wal) : ORIGIN = 0x30030000, LENGTH = 64K
@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -44,7 +44,8 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
/* reserve 256 bytes for bootloader arguments */ /* reserve 256 bytes for bootloader arguments */
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
_flash_start = ORIGIN(FLASH); _flash_start = ORIGIN(FLASH);
_flash_end = ORIGIN(FLASH) + LENGTH(FLASH); _flash_end = ORIGIN(FLASH) + LENGTH(FLASH);
_heap_start = ADDR(.heap); _heap_start = ADDR(.heap);
@ -99,8 +100,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -44,7 +44,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
/* reserve 256 bytes for bootloader arguments */ /* reserve 256 bytes for bootloader arguments */
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
_flash_start = ORIGIN(FLASH); _flash_start = ORIGIN(FLASH);
_flash_end = ORIGIN(FLASH) + LENGTH(FLASH); _flash_end = ORIGIN(FLASH) + LENGTH(FLASH);
_heap_start = ADDR(.heap); _heap_start = ADDR(.heap);
@ -99,8 +99,8 @@ SECTIONS {
. = 16K; /* Overflow causes UsageFault */ . = 16K; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -47,10 +47,10 @@ reset_handler:
ldr r2, =data_size // size in bytes ldr r2, =data_size // size in bytes
bl memcpy bl memcpy
// copy sensitive data in from flash // copy confidential data in from flash
ldr r0, =sensitive_vma // dst addr ldr r0, =confidential_vma // dst addr
ldr r1, =sensitive_lma // src addr ldr r1, =confidential_lma // src addr
ldr r2, =sensitive_size // size in bytes ldr r2, =confidential_size // size in bytes
bl memcpy bl memcpy
// setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value // setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
_flash_start = ORIGIN(FLASH); _flash_start = ORIGIN(FLASH);
_flash_end = ORIGIN(FLASH) + LENGTH(FLASH); _flash_end = ORIGIN(FLASH) + LENGTH(FLASH);
_heap_start = ADDR(.heap); _heap_start = ADDR(.heap);
@ -100,8 +100,8 @@ SECTIONS {
. = 16K + 0x100; /* Overflow causes UsageFault */ . = 16K + 0x100; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -23,9 +23,9 @@ data_vma = ADDR(.data);
data_size = SIZEOF(.data); data_size = SIZEOF(.data);
/* used by the startup code to populate variables used by the C code */ /* used by the startup code to populate variables used by the C code */
sensitive_lma = LOADADDR(.sensitive); confidential_lma = LOADADDR(.confidential);
sensitive_vma = ADDR(.sensitive); confidential_vma = ADDR(.confidential);
sensitive_size = SIZEOF(.sensitive); confidential_size = SIZEOF(.confidential);
/* used by the startup code to wipe memory */ /* used by the startup code to wipe memory */
sram1_start = ORIGIN(SRAM1); sram1_start = ORIGIN(SRAM1);
@ -45,7 +45,7 @@ sram6_end = ORIGIN(SRAM6) + LENGTH(SRAM6);
boot_args_start = ORIGIN(BOOT_ARGS); boot_args_start = ORIGIN(BOOT_ARGS);
boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS); boot_args_end = ORIGIN(BOOT_ARGS) + LENGTH(BOOT_ARGS);
_codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.sensitive); _codelen = SIZEOF(.flash) + SIZEOF(.data) + SIZEOF(.confidential);
_flash_start = ORIGIN(FLASH); _flash_start = ORIGIN(FLASH);
_flash_end = ORIGIN(FLASH) + LENGTH(FLASH); _flash_end = ORIGIN(FLASH) + LENGTH(FLASH);
_heap_start = ADDR(.heap); _heap_start = ADDR(.heap);
@ -100,8 +100,8 @@ SECTIONS {
. = 16K + 0x100; /* Overflow causes UsageFault */ . = 16K + 0x100; /* Overflow causes UsageFault */
} >SRAM2 } >SRAM2
.sensitive : ALIGN(512) { .confidential : ALIGN(512) {
*(.sensitive*); *(.confidential*);
. = ALIGN(512); . = ALIGN(512);
} >SRAM2 AT>FLASH } >SRAM2 AT>FLASH

View File

@ -47,10 +47,10 @@ reset_handler:
ldr r2, =data_size // size in bytes ldr r2, =data_size // size in bytes
bl memcpy bl memcpy
// copy sensitive data in from flash // copy confidential data in from flash
ldr r0, =sensitive_vma // dst addr ldr r0, =confidential_vma // dst addr
ldr r1, =sensitive_lma // src addr ldr r1, =confidential_lma // src addr
ldr r2, =sensitive_size // size in bytes ldr r2, =confidential_size // size in bytes
bl memcpy bl memcpy
// setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value // setup the stack protector (see build script "-fstack-protector-all") with an unpredictable value

View File

@ -23,8 +23,6 @@
#include STM32_HAL_H #include STM32_HAL_H
#include <stdint.h> #include <stdint.h>
#define SENSITIVE
typedef enum { typedef enum {
CLOCK_180_MHZ = 0, CLOCK_180_MHZ = 0,
CLOCK_168_MHZ = 1, CLOCK_168_MHZ = 1,

View File

@ -23,8 +23,6 @@
#include STM32_HAL_H #include STM32_HAL_H
#include <stdint.h> #include <stdint.h>
#define SENSITIVE __attribute__((section(".sensitive")))
#define FLASH_QUADWORD_WORDS (4) #define FLASH_QUADWORD_WORDS (4)
#define FLASH_QUADWORD_SIZE (FLASH_QUADWORD_WORDS * sizeof(uint32_t)) #define FLASH_QUADWORD_SIZE (FLASH_QUADWORD_WORDS * sizeof(uint32_t))

View File

@ -1,4 +1,2 @@
#define SENSITIVE
void emulator_poll_events(void); void emulator_poll_events(void);

View File

@ -6,6 +6,7 @@ def stm32f4_common_files(env, defines, sources, paths):
("STM32_HAL_H", '"<stm32f4xx.h>"'), ("STM32_HAL_H", '"<stm32f4xx.h>"'),
("FLASH_BLOCK_WORDS", "1"), ("FLASH_BLOCK_WORDS", "1"),
("FLASH_BIT_ACCESS", "1"), ("FLASH_BIT_ACCESS", "1"),
("CONFIDENTIAL", ""),
] ]
paths += [ paths += [
@ -76,6 +77,7 @@ def stm32f4_common_files(env, defines, sources, paths):
"-DSTM32F4;" "-DSTM32F4;"
"-DFLASH_BLOCK_WORDS=1;" "-DFLASH_BLOCK_WORDS=1;"
"-DFLASH_BIT_ACCESS=1;" "-DFLASH_BIT_ACCESS=1;"
"-DCONFIDENTIAL;"
) )
env.get("ENV")["SUFFIX"] = "stm32f4" env.get("ENV")["SUFFIX"] = "stm32f4"

View File

@ -5,6 +5,7 @@ def stm32u5_common_files(env, defines, sources, paths):
defines += [ defines += [
("STM32_HAL_H", '"<stm32u5xx.h>"'), ("STM32_HAL_H", '"<stm32u5xx.h>"'),
("FLASH_BLOCK_WORDS", "4"), ("FLASH_BLOCK_WORDS", "4"),
("CONFIDENTIAL", "'__attribute__((section(\".confidential\")))'"),
] ]
paths += [ paths += [
@ -89,6 +90,7 @@ def stm32u5_common_files(env, defines, sources, paths):
"-DSTM32_HAL_H=<stm32u5xx.h>;" "-DSTM32_HAL_H=<stm32u5xx.h>;"
"-DSTM32U5;" "-DSTM32U5;"
"-DFLASH_BLOCK_WORDS=4;" "-DFLASH_BLOCK_WORDS=4;"
"-DCONFIDENTIAL;"
) )
env.get("ENV")["SUFFIX"] = "stm32u5" env.get("ENV")["SUFFIX"] = "stm32u5"

View File

@ -52,11 +52,11 @@
*/ */
// Buffer for update bytes function, used to avoid writing partial blocks // Buffer for update bytes function, used to avoid writing partial blocks
static flash_block_t norcow_write_buffer = {0}; CONFIDENTIAL static flash_block_t norcow_write_buffer = {0};
// Tracks how much data is in the buffer, not yet flashed // Tracks how much data is in the buffer, not yet flashed
static uint16_t norcow_write_buffer_filled = 0; CONFIDENTIAL static uint16_t norcow_write_buffer_filled = 0;
// Key of the item being updated, -1 if no update is in progress // Key of the item being updated, -1 if no update is in progress
static int32_t norcow_write_buffer_key = -1; CONFIDENTIAL static int32_t norcow_write_buffer_key = -1;
/* /*
* Writes data to given sector, starting from offset * Writes data to given sector, starting from offset

View File

@ -137,18 +137,18 @@ const uint8_t WIPE_CODE_EMPTY[] = {0, 0, 0, 0};
// The uint32 representation of an empty wipe code used in storage version 2. // The uint32 representation of an empty wipe code used in storage version 2.
#define V2_WIPE_CODE_EMPTY 0 #define V2_WIPE_CODE_EMPTY 0
static secbool initialized = secfalse; CONFIDENTIAL static secbool initialized = secfalse;
static secbool unlocked = secfalse; CONFIDENTIAL static secbool unlocked = secfalse;
static PIN_UI_WAIT_CALLBACK ui_callback = NULL; static PIN_UI_WAIT_CALLBACK ui_callback = NULL;
static uint32_t ui_total = 0; static uint32_t ui_total = 0;
static uint32_t ui_rem = 0; static uint32_t ui_rem = 0;
static enum storage_ui_message_t ui_message = NO_MSG; static enum storage_ui_message_t ui_message = NO_MSG;
static uint8_t cached_keys[KEYS_SIZE] = {0}; CONFIDENTIAL static uint8_t cached_keys[KEYS_SIZE] = {0};
static uint8_t *const cached_dek = cached_keys; CONFIDENTIAL static uint8_t *const cached_dek = cached_keys;
static uint8_t *const cached_sak = cached_keys + DEK_SIZE; CONFIDENTIAL static uint8_t *const cached_sak = cached_keys + DEK_SIZE;
static uint8_t authentication_sum[SHA256_DIGEST_LENGTH] = {0}; CONFIDENTIAL uint8_t authentication_sum[SHA256_DIGEST_LENGTH] = {0};
static uint8_t hardware_salt[HARDWARE_SALT_SIZE] = {0}; CONFIDENTIAL static uint8_t hardware_salt[HARDWARE_SALT_SIZE] = {0};
static uint32_t norcow_active_version = 0; CONFIDENTIAL static uint32_t norcow_active_version = 0;
static const uint8_t TRUE_BYTE = 0x01; static const uint8_t TRUE_BYTE = 0x01;
static const uint8_t FALSE_BYTE = 0x00; static const uint8_t FALSE_BYTE = 0x00;
static const uint32_t TRUE_WORD = 0xC35A69A5; static const uint32_t TRUE_WORD = 0xC35A69A5;
@ -1336,7 +1336,7 @@ void storage_wipe(void) {
static void __handle_fault(const char *msg, const char *file, int line, static void __handle_fault(const char *msg, const char *file, int line,
const char *func) { const char *func) {
static secbool in_progress = secfalse; CONFIDENTIAL static secbool in_progress = secfalse;
// If fault handling is already in progress, then we are probably facing a // If fault handling is already in progress, then we are probably facing a
// fault injection attack, so wipe. // fault injection attack, so wipe.
@ -1420,7 +1420,7 @@ static uint32_t pin_to_int(const uint8_t *pin, size_t pin_len) {
// Legacy conversion of wipe code from the uint32 scheme that was used prior to // Legacy conversion of wipe code from the uint32 scheme that was used prior to
// storage version 3. // storage version 3.
static char *int_to_wipe_code(uint32_t val) { static char *int_to_wipe_code(uint32_t val) {
static char wipe_code[V0_MAX_PIN_LEN + 1] = {0}; CONFIDENTIAL static char wipe_code[V0_MAX_PIN_LEN + 1] = {0};
size_t pos = sizeof(wipe_code) - 1; size_t pos = sizeof(wipe_code) - 1;
wipe_code[pos] = '\0'; wipe_code[pos] = '\0';

View File

@ -5,6 +5,7 @@ CFLAGS += -fPIC
CFALGS += -fsanitize=address,undefined CFALGS += -fsanitize=address,undefined
CFLAGS += -DTREZOR_MODEL_T CFLAGS += -DTREZOR_MODEL_T
CFLAGS += -DUSE_INSECURE_PRNG CFLAGS += -DUSE_INSECURE_PRNG
CFLAGS += -DCONFIDENTIAL=""
LIBS = LIBS =
INC = -I ../../../crypto -I ../.. -I . INC = -I ../../../crypto -I ../.. -I .