This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module ExampleRocketSystem( // @[:freechips.rocketchip.system.DefaultConfig.fir@214349.2] | |
input clock, // @[:freechips.rocketchip.system.DefaultConfig.fir@214350.4] | |
input reset, // @[:freechips.rocketchip.system.DefaultConfig.fir@214351.4] | |
output debug_clockeddmi_dmi_req_ready, // @[:freechips.rocketchip.system.DefaultConfig.fir@214353.4] | |
input debug_clockeddmi_dmi_req_valid, // @[:freechips.rocketchip.system.DefaultConfig.fir@214353.4] | |
input [6:0] debug_clockeddmi_dmi_req_bits_addr, // @[:freechips.rocketchip.system.DefaultConfig.fir@214353.4] | |
input [31:0] debug_clockeddmi_dmi_req_bits_data, // @[:freechips.rocketchip.system.DefaultConfig.fir@214353.4] | |
input [1:0] debug_clockeddmi_dmi_req_bits_op, // @[:freechips.rocketchip.system.DefaultConfig.fir@214353.4] | |
input debug_clockeddmi_dmi_resp_ready, // @[:freechips.rocketchip.system.DefaultConfig.fir@214353.4] | |
output debug_clockeddmi_dmi_resp_valid, // @[:freechips.rocketchip.system.DefaultCon |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OUTPUT_ARCH( "riscv" ) | |
ENTRY( reset_vector ) | |
SECTIONS | |
{ | |
/* Root of trust in a trusted ROM */ | |
. = 0x1000; | |
.rot : { | |
_start = .; | |
PROVIDE(reset_vector = .); | |
*(.bootloader.entry) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.global reset_vector | |
reset_vector: | |
# this resides at address 0x1000 | |
# 1. Set aside space in system memory for a software stack. | |
la sp, m_stack_ptr # Stack pointer for core 0 | |
csrr a0, mhartid # a0 <-- mhartid | |
# 2. All but hart 0 wait for a signal via IPI. Hart 0 proceeds, and will wake other harts. | |
bne a0, zero, .hart_non_zero # hart 0 | |
# 2. Erase DRAM (if applicable) | |
#ifdef ERASE_DRAM |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.global reset_vector | |
reset_vector: | |
la sp, m_stack_ptr # sp for hart 0 (to be adjusted for other harts) | |
csrr a0, mhartid # a0 <-- mhartid | |
# 2. All but hart 0 wait for a signal via IPI. Hart 0 proceeds, and will wake other harts. | |
bne a0, zero, .hart_non_zero # hart 0 | |
# 2. Erase DRAM (if applicable) | |
#ifdef ERASE_DRAM |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sha3_ctx_t hash_ctx; | |
uint8_t cert_hash[64]; | |
uint8_t cert_sig[64]; | |
extern uint8_t PK_T[32]; | |
// uint8_t S_H[64] has been previously computed | |
// uint8_t PK_S[32] has been previously computed | |
// uint8_t PK_T[32] has been previously retrieved | |
/* Hash the parts of the certificate into one message */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
uint8_t SK_T[64]; | |
uint8_t PK_S[32]; | |
uint8_t SK_S[64]; | |
sha3_ctx_t hash_ctx; | |
uint8_t seed[64]; | |
// uint8_t S_H[64] has been previously computed | |
/* Retrieve SK_T and prevent any subsequent | |
software from accessing it */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* The unique public key assigned by M | |
to one of the devices it has manufactured. */ | |
extern uint8_t PK_T[64]; | |
/* The manufacturer's cryptographic key pair | |
is extremely sensitive information. */ | |
extern uint8_t PK_M[32]; | |
extern uint8_t SK_M[64]; | |
/* The endorsement. */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <sha3/sha3.h> | |
/* Address of the base of S, at a location | |
specified by a linker script */ | |
extern const void* s_ptr; | |
/* Address of the size of S, at a location | |
specified by a linker script */ | |
extern const size_t* s_size; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
void get_sk_d(uint8_t[64] out_sk_d); | |
/* Accessor for the device key SKd populates the buffer out_sk_d with the key unless `hide_sk_t_until_reboot` has previously been invoked. */ | |
void hide_sk_d_until_reboot(); | |
/* Ensures that subsequent calls to `get_sk_d` do not yield any information about SKd until the system restarts. */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <ed25519/ed25519.h> | |
uint8_t pk[32]; | |
uint8_t sk[64]; | |
/* This seed is as valuable as the secret key! */ | |
uint8_t secret_entropy[64]; | |
/* NOTE: we assume some application-dependent source of trusted entropy */ | |
get_trusted_entropy(secret_entropy, 64); |
NewerOlder