Merge branch 'main-2.x' into ArthurHeymans/MlDsaDriver

chipsalliance · Nov 19, 2024 · 62b36a0 · 62b36a0
2 parents 85c0968 + 8724274
commit 62b36a0
Show file tree

Hide file tree

Showing 109 changed files with 3,680 additions and 1,477 deletions.
diff --git a/.github/workflows/versioned-full-build-test.yml b/.github/workflows/versioned-full-build-test.yml
@@ -0,0 +1,59 @@
+name: Versioned Build Test
+
+on:
+  workflow_dispatch:
+    inputs:
+      hw-version:
+        default: "latest"
+        type: string
+      rom-ref:
+        default: "main"
+        type: string
+      firmware-version:
+        default: "main"
+        type: string
+
+  pull_request:
+    inputs:
+      todo-remove-before-merging:
+        default: ""
+        type: string
+      hw-version:
+        default: "latest"
+        type: string
+      rom-ref:
+        default: "main"
+        type: string
+      firmware-version:
+        default: "main"
+        type: string
+
+jobs:
+  fpga-full-suite-etrng-log:
+    name: FPGA Suite (etrng, log)
+
+  fpga-full-suite-etrng-nolog:
+    name: FPGA Suite (etrng, nolog)
+
+  fpga-full-suite-itrng-log:
+    name: FPGA Suite (itrng, log)
+
+  fpga-full-suite-itrng-nolog:
+    name: FPGA Suite (itrng, nolog)
+
+  sw-emulator-full-suite-etrng-log:
+    name: sw-emulator Suite (etrng, log)
+
+  sw-emulator-full-suite-etrng-nolog:
+    name: sw-emulator Suite (etrng, nolog)
+
+  sw-emulator-full-suite-itrng-log:
+    name: sw-emulator Suite (itrng, log)
+
+  sw-emulator-full-suite-itrng-nolog:
+    name: sw-emulator Suite (itrng, nolog)
+
+  build-release:
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: write
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -171,7 +171,7 @@ sha3 = "0.10.8"
 smlang = "0.6.0"
 syn = "1.0.107"
 tinytemplate = "1.1"
-tock-registers = "0.8.1"
+tock-registers = { git = "https://github.com/tock/tock.git", rev = "b128ae817b86706c8c4e39d27fae5c54b98659f1" }
 toml = "0.7.0"
 ufmt = { git = "https://github.com/korran/ufmt.git", rev = "1d0743c1ffffc68bc05ca8eeb81c166192863f33", features = ["inline"] }
 uio = { version = "0.2.0" }

diff --git a/FROZEN_IMAGES.sha384sum b/FROZEN_IMAGES.sha384sum
@@ -1,3 +1,3 @@
 # WARNING: Do not update this file without the approval of the Caliptra TAC
-490c1adcb0f9d2d03335f5eba2c762daf0b7e502aba15d03f12d41b26d74a513d5092200aff516dc009d54579d349217  caliptra-rom-no-log.bin
-8ffd1577fa783e15b2a622a11575a5011286f933f2c4a5f267d45a04b93cf5ccd8af01715052b73bdfb5a86a6f2ccf64  caliptra-rom-with-log.bin
+129ee84ecdc1f80a9aab51883589b4eb80191bc726277fb31fab2bb2e99f54b3ad7dc80459914c9cd9749e5994614ccd  caliptra-rom-no-log.bin
+162eb324937462a1534406d43b9ba74b229d9347541f148eebc435f901e839e4c95af308f91b873f0bc67124cf35ecc1  caliptra-rom-with-log.bin
diff --git a/api/src/lib.rs b/api/src/lib.rs
@@ -13,6 +13,34 @@ pub use soc_mgr::SocManager;
 
 #[derive(Debug, Eq, PartialEq)]
 pub enum CaliptraApiError {
-    ReadBuffTooSmall,
+    UnableToSetPauser,
+    UnableToLockMailbox,
+    UnableToReadMailbox,
     BufferTooLargeForMailbox,
+    UnknownCommandStatus(u32),
+    MailboxTimeout,
+    MailboxCmdFailed(u32),
+    UnexpectedMailboxFsmStatus {
+        expected: u32,
+        actual: u32,
+    },
+    MailboxRespInvalidFipsStatus(u32),
+    MailboxRespInvalidChecksum {
+        expected: u32,
+        actual: u32,
+    },
+    MailboxRespTypeTooSmall,
+    MailboxReqTypeTooSmall,
+    MailboxNoResponseData,
+    MailboxUnexpectedResponseLen {
+        expected_min: u32,
+        expected_max: u32,
+        actual: u32,
+    },
+    UploadFirmwareUnexpectedResponse,
+    UploadMeasurementResponseError,
+    ReadBuffTooSmall,
+    FusesAlreadyIniitalized,
+    FuseDoneNotSet,
+    StashMeasurementFailed,
 }
diff --git a/api/src/mailbox.rs b/api/src/mailbox.rs
@@ -51,6 +51,9 @@ impl CommandId {
 
     // The authorize and stash command.
     pub const AUTHORIZE_AND_STASH: Self = Self(0x4154_5348); // "ATSH"
+
+    // The get IDevID CSR command.
+    pub const GET_IDEV_CSR: Self = Self(0x4944_4352); // "IDCR"
 }
 
 impl From<u32> for CommandId {
@@ -151,6 +154,7 @@ pub enum MailboxResp {
     QuotePcrs(QuotePcrsResp),
     CertifyKeyExtended(CertifyKeyExtendedResp),
     AuthorizeAndStash(AuthorizeAndStashResp),
+    GetIdevCsr(GetIdevCsrResp),
 }
 
 impl MailboxResp {
@@ -171,6 +175,7 @@ impl MailboxResp {
             MailboxResp::QuotePcrs(resp) => Ok(resp.as_bytes()),
             MailboxResp::CertifyKeyExtended(resp) => Ok(resp.as_bytes()),
             MailboxResp::AuthorizeAndStash(resp) => Ok(resp.as_bytes()),
+            MailboxResp::GetIdevCsr(resp) => Ok(resp.as_bytes()),
         }
     }
 
@@ -191,6 +196,7 @@ impl MailboxResp {
             MailboxResp::QuotePcrs(resp) => Ok(resp.as_bytes_mut()),
             MailboxResp::CertifyKeyExtended(resp) => Ok(resp.as_bytes_mut()),
             MailboxResp::AuthorizeAndStash(resp) => Ok(resp.as_bytes_mut()),
+            MailboxResp::GetIdevCsr(resp) => Ok(resp.as_bytes_mut()),
         }
     }
 
@@ -458,6 +464,7 @@ pub struct GetIdevInfoResp {
 pub struct GetLdevCertReq {
     header: MailboxReqHeader,
 }
+
 impl Request for GetLdevCertReq {
     const ID: CommandId = CommandId::GET_LDEV_CERT;
     type Resp = GetLdevCertResp;
@@ -948,7 +955,7 @@ pub struct SetAuthManifestReq {
     pub manifest: [u8; SetAuthManifestReq::MAX_MAN_SIZE],
 }
 impl SetAuthManifestReq {
-    pub const MAX_MAN_SIZE: usize = 8192;
+    pub const MAX_MAN_SIZE: usize = 14 * 1024;
 
     pub fn as_bytes_partial(&self) -> CaliptraResult<&[u8]> {
         if self.manifest_size as usize > Self::MAX_MAN_SIZE {
@@ -976,6 +983,40 @@ impl Default for SetAuthManifestReq {
     }
 }
 
+// GET_IDEVID_CSR
+#[repr(C)]
+#[derive(Default, Debug, AsBytes, FromBytes, PartialEq, Eq)]
+pub struct GetIdevCsrReq {
+    pub hdr: MailboxReqHeader,
+}
+
+impl Request for GetIdevCsrReq {
+    const ID: CommandId = CommandId::GET_IDEV_CSR;
+    type Resp = GetIdevCsrResp;
+}
+
+#[repr(C)]
+#[derive(Debug, AsBytes, FromBytes, PartialEq, Eq)]
+pub struct GetIdevCsrResp {
+    pub hdr: MailboxRespHeader,
+    pub data_size: u32,
+    pub data: [u8; Self::DATA_MAX_SIZE],
+}
+impl GetIdevCsrResp {
+    pub const DATA_MAX_SIZE: usize = 512;
+}
+impl ResponseVarSize for GetIdevCsrResp {}
+
+impl Default for GetIdevCsrResp {
+    fn default() -> Self {
+        Self {
+            hdr: MailboxRespHeader::default(),
+            data_size: 0,
+            data: [0u8; Self::DATA_MAX_SIZE],
+        }
+    }
+}
+
 #[repr(u32)]
 #[derive(Debug, PartialEq, Eq)]
 pub enum ImageHashSource {
@@ -1051,9 +1092,26 @@ pub struct AuthorizeAndStashResp {
 }
 impl Response for AuthorizeAndStashResp {}
 
+/// Retrieves dlen bytes  from the mailbox.
+pub fn mbox_read_response(
+    mbox: mbox::RegisterBlock<impl MmioMut>,
+    buf: &mut [u8],
+) -> Result<&[u8], CaliptraApiError> {
+    let dlen_bytes = mbox.dlen().read() as usize;
+
+    // Buffer must be big enough to store dlen bytes.
+    let buf = buf
+        .get_mut(..dlen_bytes)
+        .ok_or(CaliptraApiError::ReadBuffTooSmall)?;
+
+    mbox_read_fifo(mbox, buf)?;
+
+    Ok(buf)
+}
+
 pub fn mbox_read_fifo(
     mbox: mbox::RegisterBlock<impl MmioMut>,
-    mut buf: &mut [u8],
+    buf: &mut [u8],
 ) -> core::result::Result<(), CaliptraApiError> {
     use zerocopy::Unalign;
 
@@ -1065,9 +1123,9 @@ pub fn mbox_read_fifo(
 
     let dlen_bytes = mbox.dlen().read() as usize;
 
-    if dlen_bytes < buf.len() {
-        buf = &mut buf[..dlen_bytes];
-    }
+    let buf = buf
+        .get_mut(..dlen_bytes)
+        .ok_or(CaliptraApiError::UnableToReadMailbox)?;
 
     let len_words = buf.len() / size_of::<u32>();
     let (mut buf_words, suffix) = LayoutVerified::new_slice_unaligned_from_prefix(buf, len_words)