Skip to content

TK1-24.03 Bellatrix

Latest
Latest
Compare
Choose a tag to compare
@dehanj dehanj released this 26 Mar 13:16
· 62 commits to main since this release
TK1-24.03
This tag was signed with the committer’s verified signature.
dehanj Daniel Jobson
GPG key ID: 3707A9DBF4BB8F1A
Learn about vigilant mode.
1c90b1a
This commit was signed with the committer’s verified signature.
mchack-work Michael Cardell Widerkrantz
GPG key ID: D3DB3DDF57E704E5
Learn about vigilant mode.

TK1-24.03

This is an official release of the "Bellatrix" version of the Tillitis' TKey. This version is ready for general use.

Using OCI image ghcr.io/tillitis/tkey-builder:4, built from ../contrib/Dockerfile, and the generic ../hw/application_fpga/data/uds.hex and ../hw/application_fpga/data/udi.hex, a clean build should generate the following digest:

321924aa3b26507f2a02325750e63c83b306c7831f8e2c87e8d198cecf8cc1c1  application_fpga.bin

FPGA

  • Security Monitor now prevents access to RAM outside of the physical memory. If it detects an access outside of the RAM address space, it will halt the CPU.
  • CPU Monitor changes name to Security monitor, which CPU Monitor is a part of. Prepare for more functions in the future.
  • Support incremental builds for the bitstream, when changing UDS/UDI between builds. Requires tkey-builder:3 or higher.
  • Update Verilog linter to Verilog-2005 and fixed warnings.
  • Complete testbenches and add 9 tests for the FPGA cores.

Firmware

  • Protect zeroisation against compiler optimisation by using secure_wipe(), fixing a memset() that was removed during compilation.
  • Make memeq() function side channel silent.
  • Change memory constants to defines instead of an enum, to be compatible with ISO C.
  • Deprecate TK1_MMIO_TK1_RAM_ASLR and introduce TK1_MMIO_TK1_RAM_ADDR_RAND instead to distinguish from OS-level
    ASLR.
  • Use pedantic warnings while building firmware and fixed warnings.
  • Use clang-tidy in CI.
  • Fix warnings from splint.

TP1

  • New plastic clip o and update of BOM.
  • Build TP1 firmware in CI.

CH552

  • Fixed a bug where a byte of data could in some rare circumstances be dropped, causing a client app to hang.
  • General clean-up of code, translated all comments to English.

TK1

  • New injection moulded plastic case

tkey-builder

  • Updated to version 3. Bumping Ubuntu to 23.10, Yosys to 0.36 and nextpnr to 0.6.
  • Updated to version 4. Bumping pico-sdk to 1.5.1, adding clang-tidy and splint.

Docs

  • Fixing broken links, cleaning up docs and READMEs.
  • Clarify warm boot attack mitigations and scope for Bellatrix in threat model.

For full change log see

Assets 4
Loading