espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-03 12:44:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

System/Memprot: fixed voltage glitching detection logic

Browse Source 
When the application is being debugged it should check the call result (esp_cpu_in_ocd_debug_mode())
is not given volt.glitch attack - so the result is triple-checked by ESP_FAULT_ASSERT macro. In case
the check fails, the system is reset immediately

IDF-4014
This commit is contained in:
Martin Vychodil
2021-10-04 19:25:32 +02:00
parent 3a925002a7
commit 7689a801d4
2 changed files with 102 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
components/esp32c3/memprot.c
View File

@@ -26,6 +26,8 @@
#include "esp32c3/memprot.h" #include "esp32c3/memprot.h"
#include "riscv/interrupt.h" #include "riscv/interrupt.h"
#include "esp32c3/rom/ets_sys.h" #include "esp32c3/rom/ets_sys.h"
#include "esp_fault.h"
#include "soc/cpu.h"
extern int _iram_text_end; extern int _iram_text_end;
@@ -469,6 +471,10 @@ void esp_memprot_set_prot(bool invoke_panic_handler, bool lock_feature, uint32_t
void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void *split_addr, uint32_t *mem_type_mask) void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void *split_addr, uint32_t *mem_type_mask)
{ {
//if being debugged check we are not glitched and dont enable Memprot
if (esp_cpu_in_ocd_debug_mode()) {
ESP_FAULT_ASSERT(esp_cpu_in_ocd_debug_mode());
} else {
uint32_t required_mem_prot = mem_type_mask == NULL ? (uint32_t) MEMPROT_ALL : *mem_type_mask; uint32_t required_mem_prot = mem_type_mask == NULL ? (uint32_t) MEMPROT_ALL : *mem_type_mask;
bool use_iram0 = required_mem_prot & MEMPROT_IRAM0_SRAM; bool use_iram0 = required_mem_prot & MEMPROT_IRAM0_SRAM;
bool use_dram0 = required_mem_prot & MEMPROT_DRAM0_SRAM; bool use_dram0 = required_mem_prot & MEMPROT_DRAM0_SRAM;
@@ -500,8 +506,10 @@ void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void
esp_memprot_set_split_line(MEMPROT_IRAM0_LINE_1_SPLITLINE, line_addr); esp_memprot_set_split_line(MEMPROT_IRAM0_LINE_1_SPLITLINE, line_addr);
esp_memprot_set_split_line(MEMPROT_IRAM0_LINE_0_SPLITLINE, line_addr); esp_memprot_set_split_line(MEMPROT_IRAM0_LINE_0_SPLITLINE, line_addr);
esp_memprot_set_split_line(MEMPROT_IRAM0_DRAM0_SPLITLINE, line_addr); esp_memprot_set_split_line(MEMPROT_IRAM0_DRAM0_SPLITLINE, line_addr);
esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_0_SPLITLINE, (void *)(MAP_IRAM_TO_DRAM((uint32_t)line_addr))); esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_0_SPLITLINE,
esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_1_SPLITLINE, (void *)(MAP_IRAM_TO_DRAM((uint32_t)line_addr))); (void *) (MAP_IRAM_TO_DRAM((uint32_t) line_addr)));
esp_memprot_set_split_line(MEMPROT_DRAM0_DMA_LINE_1_SPLITLINE,
(void *) (MAP_IRAM_TO_DRAM((uint32_t) line_addr)));
//set permissions //set permissions
if (required_mem_prot & MEMPROT_IRAM0_SRAM) { if (required_mem_prot & MEMPROT_IRAM0_SRAM) {
@@ -540,6 +548,7 @@ void esp_memprot_set_prot_int(bool invoke_panic_handler, bool lock_feature, void
} }
} }
} }
}
uint32_t esp_memprot_get_dram_status_reg_1() uint32_t esp_memprot_get_dram_status_reg_1()
{ {

12
components/esp32s2/memprot.c
View File

@@ -30,7 +30,6 @@ static const char *TAG = "memprot";
#include "hal/memprot_ll.h" #include "hal/memprot_ll.h"
#include "hal/memprot_peri_ll.h" #include "hal/memprot_peri_ll.h"
#include "esp_fault.h" #include "esp_fault.h"
#include "soc/cpu.h" #include "soc/cpu.h"
extern int _iram_text_end; extern int _iram_text_end;
@@ -650,6 +649,11 @@ void esp_memprot_set_prot_peri2(mem_type_prot_t mem_type, uint32_t *split_addr,
void esp_memprot_set_prot(bool invoke_panic_handler, bool lock_feature, uint32_t *mem_type_mask) void esp_memprot_set_prot(bool invoke_panic_handler, bool lock_feature, uint32_t *mem_type_mask)
{ {
//if being debugged check we are not glitched and dont enable Memprot
if (esp_cpu_in_ocd_debug_mode()) {
ESP_FAULT_ASSERT(esp_cpu_in_ocd_debug_mode());
} else {
//any IRAM0/DRAM0 enable/disable call applies to all memory modules connected //any IRAM0/DRAM0 enable/disable call applies to all memory modules connected
uint32_t required_mem_prot = mem_type_mask == NULL ? (uint32_t)MEMPROT_ALL : *mem_type_mask; uint32_t required_mem_prot = mem_type_mask == NULL ? (uint32_t)MEMPROT_ALL : *mem_type_mask;
bool use_iram0 = required_mem_prot & MEMPROT_IRAM0_SRAM || required_mem_prot & MEMPROT_IRAM0_RTCFAST; bool use_iram0 = required_mem_prot & MEMPROT_IRAM0_SRAM || required_mem_prot & MEMPROT_IRAM0_RTCFAST;
@@ -671,12 +675,6 @@ void esp_memprot_set_prot(bool invoke_panic_handler, bool lock_feature, uint32_t
esp_memprot_intr_ena(MEMPROT_PERI2_RTCSLOW_0, false); esp_memprot_intr_ena(MEMPROT_PERI2_RTCSLOW_0, false);
} }
//connect to intr. matrix if not being debugged
if (!esp_cpu_in_ocd_debug_mode()) {
ESP_FAULT_ASSERT(!esp_cpu_in_ocd_debug_mode());
//initialize for specific buses (any memory type does the job)
if (invoke_panic_handler) { if (invoke_panic_handler) {
if (use_iram0) { if (use_iram0) {
esp_memprot_intr_init(MEMPROT_IRAM0_SRAM); esp_memprot_intr_init(MEMPROT_IRAM0_SRAM);