Serializing fence implementation and test

Co-authored-by: Seppe Vanderhallen <seppe.vanderhallen@hotmail.com>
proteus-core · Jan 1, 2025 · d48439e · d48439e
1 parent 46534bf
commit d48439e
Show file tree

Hide file tree

Showing 11 changed files with 217 additions and 2 deletions.
diff --git a/src/main/scala/riscv/Core.scala b/src/main/scala/riscv/Core.scala
@@ -269,7 +269,8 @@ object createDynamicPipeline {
         new TrapHandler(pipeline.retirementStage),
         new MachineMode(pipeline.intAlu1),
         new Interrupts(pipeline.retirementStage),
-        new Timers
+        new Timers,
+        new Fence
       ) ++ extraPlugins
     )
 

diff --git a/src/main/scala/riscv/DynamicPipeline.scala b/src/main/scala/riscv/DynamicPipeline.scala
@@ -61,6 +61,7 @@ trait DynamicPipeline extends Pipeline {
 
       service[BranchTargetPredictorService].predictedPc(stage)
       service[JumpService].jumpRequested(stage)
+      service[FenceService].isFence(stage)
     }
 
     // HACK make sure that all pipeline regs are routed through *all* exe stages.

diff --git a/src/main/scala/riscv/RiscV.scala b/src/main/scala/riscv/RiscV.scala
@@ -63,6 +63,8 @@ object Opcodes {
   val DIVU = M"0000001----------101-----0110011"
   val REM = M"0000001----------110-----0110011"
   val REMU = M"0000001----------111-----0110011"
+
+  val FENCE = M"0000-------------000-----0001111"
 }
 
 case class Extension(char: Char) {

diff --git a/src/main/scala/riscv/Services.scala b/src/main/scala/riscv/Services.scala
@@ -442,3 +442,7 @@ trait FormalService {
 trait Resettable {
   def pipelineReset(): Unit
 }
+
+trait FenceService {
+  def isFence(stage: Stage): Bool
+}
diff --git a/src/main/scala/riscv/plugins/Fence.scala b/src/main/scala/riscv/plugins/Fence.scala
@@ -0,0 +1,36 @@
+package riscv.plugins
+
+import riscv._
+import spinal.core._
+
+class Fence extends Plugin[DynamicPipeline] with FenceService {
+
+  object Data {
+    object FENCE extends PipelineData(Bool())
+  }
+
+  override def setup(): Unit = {
+    val issuer = pipeline.service[IssueService]
+    issuer.setDestinations(Opcodes.FENCE, pipeline.rsStages.toSet)
+
+    pipeline.service[DecoderService].configure { config =>
+      config.addDefault(
+        Map(
+          Data.FENCE -> False
+        )
+      )
+
+      config.addDecoding(
+        Opcodes.FENCE,
+        InstructionType.I,
+        Map(
+          Data.FENCE -> True
+        )
+      )
+    }
+  }
+
+  override def isFence(stage: Stage): Bool = {
+    stage.output(Data.FENCE)
+  }
+}
diff --git a/src/main/scala/riscv/plugins/scheduling/dynamic/ReorderBuffer.scala b/src/main/scala/riscv/plugins/scheduling/dynamic/ReorderBuffer.scala
@@ -58,7 +58,10 @@ class ReorderBuffer(
   private val isFullNext = Bool()
   private val isFull = RegNext(isFullNext).init(False)
   private val willRetire = False
-  val isAvailable = !isFull || willRetire
+
+  private val fenceDetectedNext = Bool()
+  private val fenceDetected = RegNext(fenceDetectedNext).init(False)
+  val isAvailable = (!isFull || willRetire) && !fenceDetectedNext
 
   val pushInCycle = Bool()
   pushInCycle := False
@@ -69,6 +72,7 @@ class ReorderBuffer(
     oldestIndex.clear()
     newestIndex.clear()
     isFull := False
+    fenceDetected := False
   }
 
   private def byte2WordAddress(address: UInt) = {
@@ -138,6 +142,10 @@ class ReorderBuffer(
       .operationOutput(issueStage)
     pipeline.service[LsuService].addressValidOfBundle(pushedEntry.registerMap) := False
 
+    when(pipeline.service[FenceService].isFence(issueStage)) {
+      fenceDetected := True
+    }
+
     val rs1 = Flow(UInt(5 bits))
     val rs2 = Flow(UInt(5 bits))
 
@@ -242,6 +250,7 @@ class ReorderBuffer(
 
   def build(): Unit = {
     isFullNext := isFull
+    fenceDetectedNext := fenceDetected
     val oldestEntry = robEntries(oldestIndex.value)
     val updatedOldestIndex = UInt(indexBits)
     updatedOldestIndex := oldestIndex.value
@@ -251,6 +260,10 @@ class ReorderBuffer(
     ret.arbitration.isValid := False
     ret.arbitration.isStalled := False
 
+    when(pipeline.service[FenceService].isFence(ret)) {
+      fenceDetectedNext := False
+    }
+
     for (register <- retirementRegisters.keys) {
       ret.input(register) := oldestEntry.registerMap.element(register)
     }

diff --git a/tests/fence-test/.gitignore b/tests/fence-test/.gitignore
@@ -0,0 +1,2 @@
+*.bin
+*_stripped.s
diff --git a/tests/fence-test/Makefile b/tests/fence-test/Makefile
@@ -0,0 +1,9 @@
+%.elf: %.s
+	riscv32-unknown-elf-gcc -mabi=ilp32 -march=rv32im_zicsr -c -o $@ $<
+	riscv32-unknown-elf-gcc -mabi=ilp32 -march=rv32im_zicsr -ffreestanding -nostdlib -T ../tests.ld -o $@ $<
+
+%.ihex: %.elf
+	riscv32-unknown-elf-objcopy -O ihex $< $@
+
+%.bin: %.elf
+	riscv32-unknown-elf-objcopy -O binary $< $@
diff --git a/tests/fence-test/eval.py b/tests/fence-test/eval.py
@@ -0,0 +1,50 @@
+#!/usr/bin/env python3
+
+import vcdvcd
+import subprocess
+import os
+
+
+def evaluate():
+    vcd = vcdvcd.VCDVCD("sim.vcd", [])
+    addresses = vcd["TOP.Core.pipeline.dbus_cmd_payload_address[31:0]"]
+
+    violation = False
+
+    for (_, val) in addresses.tv:
+        addr = int(val, 2)
+        if str(hex(addr)) == "0xdead0":
+            violation = True
+
+    return violation
+
+proteus_bin = os.path.join(os.path.abspath(os.path.dirname(__file__)), '../../sim/build/sim')
+
+test_cases = [
+    "secret-before-branch",
+    "secret-after-branch",
+]
+
+for case in test_cases:
+    print(f"TEST {case}:")
+    # run test case with secure variant
+    subprocess.call(
+        ["make", f"{case}.bin"])
+    subprocess.call([f"{proteus_bin}", f"{case}.bin"])
+    print("SECURE VARIANT:  ", end='\t')
+    print("🗲 Secret leaked!" if evaluate() else "✔ Secret did not leak!")
+
+    # run test case with insecure variant:
+    # 1. remove fence instructions from code
+    with open(f"{case}.s") as source:
+        lines = source.readlines()
+        stripped = [
+            line for line in lines if not line.strip().startswith("fence") and not line.strip().startswith("sfence")]
+        with open(f"{case}_stripped.s", 'w') as stripped_file:
+            stripped_file.writelines(stripped)
+
+    subprocess.call(["make", f"{case}_stripped.bin"])
+    subprocess.call([f"{proteus_bin}", f"{case}_stripped.bin"])
+    print("INSECURE VARIANT:", end='\t')
+    print("🗲 Secret leaked!" if evaluate() else "✔ Secret did not leak!")
+    print()
diff --git a/tests/fence-test/secret-after-branch.s b/tests/fence-test/secret-after-branch.s
@@ -0,0 +1,48 @@
+.globl _start
+.data
+	public_value: .word 0
+	.space 1024  # padding to avoid caching
+	public_address: .word 0
+	.space 1024  # padding to avoid caching
+	secret: .word 0xDEAD0
+
+.text
+_start:
+
+setup:
+	# public_address = &public_value;
+
+	fence
+
+	la t0, public_value
+	la t1, public_address
+	sw t0, (t1)
+
+	la t6, secret
+
+condition:
+	# t0 = *public_address
+	# t0 = *t0
+	# if (t0 == 0) { goto finish; }
+
+	la t0, public_address
+	lw t0, (t0)
+	lw t0, (t0)
+	beqz t0, finish
+
+	# ----- BEGIN TRANSIENT BLOCK -----
+
+	# t6 = *secret;
+	lw t6, (t6)
+
+	fence
+
+	# leak(t6);
+	lw zero, (t6)
+
+	# ----- END TRANSIENT BLOCK -----
+
+finish:
+	lui ra,0x10000
+	li sp,4
+	sb sp,0(ra)
diff --git a/tests/fence-test/secret-before-branch.s b/tests/fence-test/secret-before-branch.s
@@ -0,0 +1,49 @@
+.globl _start
+.data
+	public_value: .word 0
+	.space 1024  # padding to avoid caching
+	public_address: .word 0
+	.space 1024  # padding to avoid caching
+	secret: .word 0xDEAD0
+
+.text
+_start:
+
+setup:
+	# public_address = &public_value;
+
+	la t0, public_value
+	la t1, public_address
+	sw t0, (t1)
+
+	nop
+	nop
+
+	# t6 = *secret  // load secret architecturally
+	lw t6, secret
+
+condition:
+	# t0 = *public_address
+	# t0 = *t0
+	# if (t0 == 0) { goto finish; }
+
+	la t0, public_address
+	lw t0, (t0)
+	lw t0, (t0)
+	beqz t0, finish
+
+	# ----- BEGIN TRANSIENT BLOCK -----
+
+	fence
+
+	# leak(t6);
+
+	lw zero, (t6)
+
+	# ----- END TRANSIENT BLOCK -----
+
+finish:
+	lui ra,0x10000
+	li sp,4
+	sb sp,0(ra)
+