diff --git a/core/embed/bootloader/main.c b/core/embed/bootloader/main.c index 816ba9a53..17be369e6 100644 --- a/core/embed/bootloader/main.c +++ b/core/embed/bootloader/main.c @@ -411,20 +411,6 @@ int bootloader_main(void) { set_core_clock(CLOCK_180_MHZ); #endif -#ifdef STM32U5 - if (sectrue != flash_configure_sec_area_ob()) { -#ifdef STM32U5 - secret_bhk_regenerate(); -#endif - - const secbool r = - flash_area_erase_bulk(STORAGE_AREAS, STORAGE_AREAS_COUNT, NULL); - (void)r; - __disable_irq(); - HAL_NVIC_SystemReset(); - } -#endif - #ifdef USE_HASH_PROCESSOR hash_processor_init(); #endif diff --git a/core/embed/trezorhal/lowlevel.h b/core/embed/trezorhal/lowlevel.h index af207d6ae..49757aeac 100644 --- a/core/embed/trezorhal/lowlevel.h +++ b/core/embed/trezorhal/lowlevel.h @@ -27,7 +27,6 @@ void flash_lock_option_bytes(void); void flash_unlock_option_bytes(void); uint32_t flash_set_option_bytes(void); secbool flash_configure_option_bytes(void); -secbool flash_configure_sec_area_ob(void); void periph_init(void); secbool reset_flags_check(void); void reset_flags_reset(void); diff --git a/core/embed/trezorhal/stm32u5/lowlevel.c b/core/embed/trezorhal/stm32u5/lowlevel.c index 3a716c1a7..a7f6463b3 100644 --- a/core/embed/trezorhal/stm32u5/lowlevel.c +++ b/core/embed/trezorhal/stm32u5/lowlevel.c @@ -22,7 +22,6 @@ #include "lowlevel.h" #include "common.h" #include "flash.h" -#include "flash_otp.h" #include "model.h" #include TREZOR_BOARD @@ -70,6 +69,13 @@ #error Unknown MCU #endif +#define WRP_LOCKED_VALUE \ + ((WRP_DEFAULT_VALUE & \ + ~(FLASH_WRP1AR_UNLOCK_Msk | FLASH_WRP1AR_WRP1A_PSTRT_Msk | \ + FLASH_WRP1AR_WRP1A_PEND_Msk)) | \ + (WANT_WRP_PAGE_START << FLASH_WRP1AR_WRP1A_PSTRT_Pos) | \ + (WANT_WRP_PAGE_END << FLASH_WRP1AR_WRP1A_PEND_Pos)) + #define FLASH_OPTR_VALUE \ (FLASH_OPTR_TZEN | FLASH_OPTR_PA15_PUPEN | FLASH_OPTR_nBOOT0 | \ FLASH_OPTR_SRAM3_ECC | FLASH_OPTR_BKPRAM_ECC | FLASH_OPTR_DUALBANK | \ @@ -129,9 +135,7 @@ secbool flash_check_option_bytes(void) { } #if PRODUCTION - // TODO error this wont work, need to add default/reset values -#error this wont work, need to add default/reset values - if (FLASH->WRP1AR != (WANT_WRP_PAGE_START | (WANT_WRP_PAGE_END << 16))) { + if (FLASH->WRP1AR != WRP_LOCKED_VALUE) { return secfalse; } #else @@ -150,6 +154,19 @@ secbool flash_check_option_bytes(void) { return secfalse; } + if (FLASH->SECWM1R1 != FLASH_SECWM1R1_VALUE) { + return secfalse; + } + if (FLASH->SECWM1R2 != FLASH_SECWM1R2_VALUE) { + return secfalse; + } + if (FLASH->SECWM2R1 != FLASH_SECWM2R1_VALUE) { + return secfalse; + } + if (FLASH->SECWM2R2 != FLASH_SECWM2R2_VALUE) { + return secfalse; + } + return sectrue; } @@ -177,19 +194,27 @@ uint32_t flash_set_option_bytes(void) { flash_unlock_option_bytes(); flash_wait_and_clear_status_flags(); + FLASH->SECBOOTADD0R = FALSH_SECBOOTADD0R_VALUE; + + FLASH->SECWM1R1 = FLASH_SECWM1R1_VALUE; + FLASH->SECWM1R2 = FLASH_SECWM1R2_VALUE; + + FLASH->SECWM2R1 = FLASH_SECWM2R1_VALUE; + FLASH->SECWM2R2 = FLASH_SECWM2R2_VALUE; + +#if PRODUCTION + FLASH->WRP1AR = WRP_LOCKED_VALUE; +#else + FLASH->WRP1AR = WRP_DEFAULT_VALUE; +#endif + FLASH->WRP1BR = WRP_DEFAULT_VALUE; + FLASH->WRP2AR = WRP_DEFAULT_VALUE; + FLASH->WRP2BR = WRP_DEFAULT_VALUE; + FLASH->OPTR = FLASH_OPTR_VALUE; // WARNING: dev board safe unless you compile for // PRODUCTION or change this value!!! - FLASH->SECBOOTADD0R = FALSH_SECBOOTADD0R_VALUE; - -#if PRODUCTION - FLASH->WRP1AR = WANT_WRP_PAGE_START | (WANT_WRP_PAGE_END << 16); - FLASH->WRP1BR = 0xFF00FFFF; - FLASH->WRP2AR = 0xFF00FFFF; - FLASH->WRP2BR = 0xFF00FFFF; -#endif - FLASH_WaitForLastOperation(HAL_MAX_DELAY); FLASH->NSCR |= FLASH_NSCR_OPTSTRT; @@ -210,10 +235,8 @@ uint32_t flash_set_option_bytes(void) { } void check_oem_keys(void) { - ensure(((FLASH_S->NSSR & FLASH_NSSR_OEM1LOCK) == 0) * sectrue, - "OEM1 KEY SET"); - ensure(((FLASH_S->NSSR & FLASH_NSSR_OEM2LOCK) == 0) * sectrue, - "OEM2 KEY SET"); + ensure(((FLASH->NSSR & FLASH_NSSR_OEM1LOCK) == 0) * sectrue, "OEM1 KEY SET"); + ensure(((FLASH->NSSR & FLASH_NSSR_OEM2LOCK) == 0) * sectrue, "OEM2 KEY SET"); } secbool flash_configure_option_bytes(void) { @@ -230,73 +253,6 @@ secbool flash_configure_option_bytes(void) { return secfalse; // notify that we DID have to change the option bytes } -secbool flash_check_sec_area_ob(void) { - flash_wait_and_clear_status_flags(); - // check values stored in flash interface registers - - if (FLASH->SECWM1R1 != FLASH_SECWM1R1_VALUE) { - return secfalse; - } - if (FLASH->SECWM1R2 != FLASH_SECWM1R2_VALUE) { - return secfalse; - } - if (FLASH->SECWM2R1 != FLASH_SECWM2R1_VALUE) { - return secfalse; - } - if (FLASH->SECWM2R2 != FLASH_SECWM2R2_VALUE) { - return secfalse; - } - - return sectrue; -} - -uint32_t flash_set_sec_area_ob(void) { - if (flash_unlock_write() != sectrue) { - return 0; - } - flash_wait_and_clear_status_flags(); - flash_unlock_option_bytes(); - flash_wait_and_clear_status_flags(); - - FLASH->SECWM1R1 = FLASH_SECWM1R1_VALUE; - FLASH->SECWM1R2 = FLASH_SECWM1R2_VALUE; - - FLASH->SECWM2R1 = FLASH_SECWM2R1_VALUE; - FLASH->SECWM2R2 = FLASH_SECWM2R2_VALUE; - - FLASH_WaitForLastOperation(HAL_MAX_DELAY); - - FLASH->NSCR |= FLASH_NSCR_OPTSTRT; - uint32_t result = - flash_wait_and_clear_status_flags(); // wait until changes are committed - - FLASH_WaitForLastOperation(HAL_MAX_DELAY); - - FLASH->NSCR |= FLASH_NSCR_OBL_LAUNCH; // begin committing changes to flash - result = - flash_wait_and_clear_status_flags(); // wait until changes are committed - flash_lock_option_bytes(); - - if (flash_lock_write() != sectrue) { - return 0; - } - return result; -} - -secbool flash_configure_sec_area_ob(void) { - if (sectrue == flash_check_sec_area_ob()) { - return sectrue; // we DID NOT have to change the option bytes - } - - do { - flash_set_sec_area_ob(); - } while (sectrue != flash_check_sec_area_ob()); - - check_oem_keys(); - - return secfalse; // notify that we DID have to change the option bytes -} - void periph_init(void) { // STM32U5xx HAL library initialization: // - configure the Flash prefetch, instruction and data caches