mpu branch megamerge

Author: cryptofreak317

.gitignore

@@ -1,54 +1,2 @@
-# .gitignore
-
-# Files generated by the build
-interface/**/*.pb.h
-interface/**/*.pb.c
-
-# Selected build objects
-*.o
-.sconsign*
-.gradle
-
-
-# IDE files
-.cproject
-.project
-.metadata/
-.idea
-
-# component libraries
-/build
-/bin
-
-# Misc
-tags
-
-# Compiled python scripts
-*.pyc
-
-# Emacs temporary files
-*~
-*\#
-
-# VIM temporary files
-*.swo
-*.swp
-
-# IAR generated files
-*.browse
-*.cout
-*.cspy.bat
-*.dbgdt
-*.dep
-*.dni
-*.jlink
-*.lst
-*.pbi
-*.pbd
-*.sfr
-*.sim
-*.tmp
-*.wsdt
-*.pbi
-*.cout
+.DS_Store
 

CMakeLists.txt

@@ -6,8 +6,8 @@ project(KeepKeyFirmware
 
         LANGUAGES C CXX ASM)
 
-set(BOOTLOADER_MAJOR_VERSION 1)
-set(BOOTLOADER_MINOR_VERSION 1)
+set(BOOTLOADER_MAJOR_VERSION 2)
+set(BOOTLOADER_MINOR_VERSION 0)
 set(BOOTLOADER_PATCH_VERSION 0)
 
 option(KK_EMULATOR "Build the emulator" OFF)

cmake/caches/device.cmake

@@ -62,6 +62,7 @@ set(CMAKE_CXX_FLAGS "${ARCH_FLAGS} -std=gnu++11 ${OPT_FLAGS} ${WARN_FLAGS} \
 
 set(CMAKE_ASM_FLAGS "-mcpu=cortex-m3 \
     -mthumb \
+    -x assembler-with-cpp \
     -gdwarf-2" CACHE STRING "")
 
 set(CMAKE_EXE_LINKER_FLAGS

include/keepkey/board/bl_mpu.h

@@ -0,0 +1,24 @@
+/*
+ *
+ *  * Copyright (C) 2018 KeepKey LLC
+ *
+ * This library is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef __BL_MPU_H__
+#define __BL_MPU_H__
+
+void bl_flash_erase_word(Allocation group);
+
+#endif

include/keepkey/board/check_bootloader.h

@@ -37,6 +37,8 @@ extern char bl_hash_v1_0_3_elf_unpatched[32];
 extern char bl_hash_v1_0_4_unpatched[32];
 
 extern char bl_hash_v1_1_0[32];
+extern char bl_hash_v2_0_0[32];
+
 
 typedef enum _BootloaderKind {
     BLK_UNKNOWN,
@@ -48,6 +50,7 @@ typedef enum _BootloaderKind {
     BLK_v1_0_3_elf,
     BLK_v1_0_4,
     BLK_v1_1_0,
+    BLK_v2_0_0
 } BootloaderKind;
 
 BootloaderKind get_bootloaderKind(void);

include/keepkey/board/keepkey_board.h

@@ -85,6 +85,7 @@ extern uintptr_t __stack_chk_guard;
 
 void board_reset(void);
 void board_init(void);
+void kk_board_init(void);
 
 void __stack_chk_fail(void) __attribute__((noreturn));
 uint32_t calc_crc32(const void *data, int word_len);

include/keepkey/board/keepkey_button.h

@@ -32,10 +32,31 @@ typedef void (*Handler)(void* context);
 
 /* === Functions =========================================================== */
 
+
+/** kk_keepkey_button_init() - Initialize push botton interrupt registers
+ * and variables
+ *
+ * INPUT
+ *     none
+ * OUTPUT
+ *     none
+ **/
+void kk_keepkey_button_init(void);
+
 void keepkey_button_init(void);
 void keepkey_button_set_on_press_handler( Handler handler, void* context);
 void keepkey_button_set_on_release_handler( Handler handler, void* context);
 bool keepkey_button_down(void);
 bool keepkey_button_up(void);
 
+/**
+ * buttonisr_usr() - user interrupt service routine for push button external interrupt
+ *
+ * INPUT
+ *     none
+ * OUTPUT
+ *     none
+ **/
+void buttonisr_usr(void);
+
 #endif

include/keepkey/board/keepkey_flash.h

@@ -20,6 +20,9 @@
 #ifndef KEEPKEY_FLASH_H
 #define KEEPKEY_FLASH_H
 
+
+#define MODEL_STR_SIZE  32
+
 /* === Includes ============================================================ */
 
 #include <stddef.h>

include/keepkey/board/memory.h

@@ -20,33 +20,35 @@
 #ifndef MEMORY_H
 #define MEMORY_H
 
+//#include <libopencm3/cm3/mpu.h>
 #include "trezor/crypto/sha2.h"
 
 #include <stddef.h>
 #include <stdbool.h>
 #include <inttypes.h>
 
+
 /*
 
  flash memory layout:
  --------------------
-   name    |          range          |  size   |     function     | permissions
------------+-------------------------+---------+------------------+-------------
- Sector  0 | 0x08000000 - 0x08003FFF |  16 KiB | bootstrap code   | Read
- Sector  1 | 0x08004000 - 0x08007FFF |  16 KiB | storage/config   | Read  Write
------------+-------------------------+---------+------------------+-------------
- Sector  2 | 0x08008000 - 0x0800BFFF |  16 KiB | storage/config   | Read  Write
- Sector  3 | 0x0800C000 - 0x0800FFFF |  16 KiB | storage/config   | Read  Write
------------+-------------------------+---------+------------------+-------------
- Sector  4 | 0x08010000 - 0x0801FFFF |  64 KiB | empty            | Read  Write
- Sector  5 | 0x08020000 - 0x0803FFFF | 128 KiB | bootloader code  | Read
- Sector  6 | 0x08040000 - 0x0805FFFF | 128 KiB | bootloader code  | Read
- Sector  7 | 0x08060000 - 0x0807FFFF | 128 KiB | application code | Read  Write
-===========+=========================+============================+=============
- Sector  8 | 0x08080000 - 0x0809FFFF | 128 KiB | application code | Read  Write
- Sector  9 | 0x080A0000 - 0x080BFFFF | 128 KiB | application code | Read  Write
- Sector 10 | 0x080C0000 - 0x080DFFFF | 128 KiB | application code | Read  Write
- Sector 11 | 0x080E0000 - 0x080FFFFF | 128 KiB | application code | Read  Write
+   name    |          range          |  size   |     function     |   MPU Protection
+-----------+-------------------------+---------+------------------+----------------------
+ Sector  0 | 0x08000000 - 0x08003FFF |  16 KiB | bootstrap code   |  signature dependent
+ Sector  1 | 0x08004000 - 0x08007FFF |  16 KiB | storage/config   |     full access
+-----------+-------------------------+---------+------------------+----------------------
+ Sector  2 | 0x08008000 - 0x0800BFFF |  16 KiB | storage/config   |     full access
+ Sector  3 | 0x0800C000 - 0x0800FFFF |  16 KiB | storage/config   |     full access
+-----------+-------------------------+---------+------------------+----------------------
+ Sector  4 | 0x08010000 - 0x0801FFFF |  64 KiB | empty            |     full access
+ Sector  5 | 0x08020000 - 0x0803FFFF | 128 KiB | bootloader code  |  signature dependent
+ Sector  6 | 0x08040000 - 0x0805FFFF | 128 KiB | bootloader code  |  signature dependent
+ Sector  7 | 0x08060000 - 0x0807FFFF | 128 KiB | application code |     full access
+===========+=========================+============================+======================
+ Sector  8 | 0x08080000 - 0x0809FFFF | 128 KiB | application code |     full access
+ Sector  9 | 0x080A0000 - 0x080BFFFF | 128 KiB | application code |     full access
+ Sector 10 | 0x080C0000 - 0x080DFFFF | 128 KiB | application code |     full access
+ Sector 11 | 0x080E0000 - 0x080FFFFF | 128 KiB | application code |     full access
 
  Application metadata area:
  -------------------------
@@ -68,6 +70,10 @@
 
  */
 
+/* === Defines ============================================================= */
+
+
+
 #ifdef EMULATOR
 extern uint8_t *emulator_flash_base;
 #define FLASH_PTR(x)		(emulator_flash_base + (x - FLASH_ORIGIN))
@@ -92,6 +98,10 @@ extern uint8_t *emulator_flash_base;
 #define BLDR_FLASH_SECT_LEN     0x20000
 #define APP_FLASH_SECT_LEN      0x20000
 
+#define BSTRP_FLASH_SECT_START  0x08000000
+#define BLDR_FLASH_SECT_START   0x08020000
+
+
 /* meta info */
 #define META_MAGIC_STR          "KPKY"
 
@@ -130,16 +140,19 @@ extern uint8_t *emulator_flash_base;
 #define FLASH_META_SIG2         (FLASH_META_SIG1        + sizeof(((app_meta_td *)NULL)->sig1))
 #define FLASH_META_SIG3         (FLASH_META_SIG2        + sizeof(((app_meta_td *)NULL)->sig2))
 
+
 #define META_MAGIC_SIZE         (sizeof(((app_meta_td *)NULL)->magic))
 
-#define FLASH_APP_START         (FLASH_META_START + FLASH_META_DESC_LEN)     //0x0806_0100 - 0x080F_FFFF
+#define FLASH_APP_START         (FLASH_META_START + FLASH_META_DESC_LEN)     //0x0806_0200 - 0x080F_FFFF
 #define FLASH_APP_LEN           (FLASH_END - FLASH_APP_START)
 
 #define SIG_FLAG                (*( uint8_t const *)FLASH_META_FLAGS)
 
 /* Misc Info. */
-#define FLASH_BOOTSTRAP_SECTOR_FIRST 0
-#define FLASH_BOOTSTRAP_SECTOR_LAST  0
+#define FLASH_BOOTSTRAP_SECTOR 0
+
+#define FLASH_BOOTSTRAP_SECTOR_FIRST   0
+#define FLASH_BOOTSTRAP_SECTOR_LAST    0
 
 #define FLASH_STORAGE_SECTOR_FIRST   1
 #define FLASH_STORAGE_SECTOR_LAST    3
@@ -209,6 +222,8 @@ static const FlashSector flash_sector_map[] =
     { -1, 0,          0,        FLASH_INVALID}
 };
 
+void mpu_config(int);
+
 void memory_protect(void);
 
 /// Enable writing. This exercises a bug in the STM32F2 that allows writing to
@@ -228,4 +243,11 @@ const char *memory_firmware_hash_str(char digest[SHA256_DIGEST_STRING_LENGTH]);
 int memory_storage_hash(uint8_t *hash, Allocation storage_location);
 bool find_active_storage(Allocation *storage_location);
 
+
+extern void * _timerusr_isr;
+extern void * _buttonusr_isr;
+extern void * _mmhusr_isr;
+
+
+
 #endif

include/keepkey/board/mpudefs.h

@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2018 KeepKey
+ *
+ * This library is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef MPUDEFS_H
+#define MPUDEFS_H
+
+
+// MPU
+#define MPU_RASR_SIZE_512B  (0x08UL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_1KB   (0x09UL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_2KB   (0x0AUL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_4KB   (0x0BUL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_8KB   (0x0CUL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_16KB  (0x0DUL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_32KB  (0x0EUL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_64KB  (0x0FUL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_128KB (0x10UL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_256KB (0x11UL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_512KB (0x12UL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_1MB   (0x13UL << MPU_RASR_SIZE_LSB)
+#define MPU_RASR_SIZE_512MB (0x1CUL << MPU_RASR_SIZE_LSB)
+
+// http://infocenter.arm.com/help/topic/com.arm.doc.dui0552a/BABDJJGF.html
+#define MPU_RASR_ATTR_FLASH  (MPU_RASR_ATTR_C)
+#define MPU_RASR_ATTR_SRAM   (MPU_RASR_ATTR_C | MPU_RASR_ATTR_S)
+#define MPU_RASR_ATTR_PERIPH (MPU_RASR_ATTR_B | MPU_RASR_ATTR_S)
+
+// subregion disable bits
+#define MPU_RASR_DIS_SUB_8  (0b10000000UL << 8)
+
+#define FLASH_BASE      (0x08000000U)
+#define SRAM_BASE       (0x20000000U)
+#define BLPROTECT_BASE  (0x2001F800U)
+
+
+#endif

include/keepkey/board/pubkeys.h

@@ -23,10 +23,12 @@
 #include <inttypes.h>
 
 #define PUBKEYS 5
+#define EXP_PUBKEYS 5
 #define PUBKEY_LENGTH 65
 #define SIGNATURES 3
 
 #define SIG_OK      0x5A3CA5C3
+#define KEY_EXPIRED 0x00000001
 #define SIG_FAIL    0x00000000
 
 static const uint8_t pubkey[PUBKEYS][PUBKEY_LENGTH] =
@@ -78,4 +80,6 @@ static const uint8_t pubkey[PUBKEYS][PUBKEY_LENGTH] =
     }
 };
 
+extern volatile const uint8_t valid_pubkey[PUBKEYS];
+
 #endif

include/keepkey/bootloader/signatures.h include/keepkey/board/signatures.h

@@ -20,6 +20,11 @@
 #ifndef SIGNATURES_H
 #define SIGNATURES_H
 
+/// Checks firmware signatures
+///
+///  \returns SIG_OK if signatures are correct
+///  \returns KEY_EXPIRED if an expired signature was detected
+///  \returns SIG_FAIL for unrecognized signature
 int signatures_ok(void);
 
 #endif