feat(hal/spi_flash_encrypted): Enable pseudo rounds function during XTS-AES operations

2024-09-30 18:39:35 +05:30
parent a2d6be9976
commit fba8ab89da
10 changed files with 109 additions and 4 deletions
--- a/components/hal/esp32c5/include/hal/spi_flash_encrypted_ll.h
+++ b/components/hal/esp32c5/include/hal/spi_flash_encrypted_ll.h
@@ -146,6 +146,29 @@ static inline bool spi_flash_encrypt_ll_check(uint32_t address, uint32_t length)
    return ((address % length) == 0) ? true : false;
 }

+/**
+ * @brief Enable the pseudo-round function during XTS-AES operations
+ *
+ * @param mode set the mode for pseudo rounds, zero to disable, with increasing security upto three.
+ * @param base basic number of pseudo rounds, zero if disable
+ * @param increment increment number of pseudo rounds, zero if disable
+ * @param key_rng_cnt update frequency of the pseudo-key, zero if disable
+ */
+static inline void spi_flash_encrypt_ll_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt)
+{
+    REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_MODE_PSEUDO, mode);
+
+    if (mode) {
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, base);
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, increment);
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_RNG_CNT, key_rng_cnt);
+    } else {
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, 0);
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, 0);
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_RNG_CNT, 0);
+    }
+}
+
 #ifdef __cplusplus
 }
 #endif
--- a/components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h
+++ b/components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h
@@ -146,6 +146,29 @@ static inline bool spi_flash_encrypt_ll_check(uint32_t address, uint32_t length)
    return ((address % length) == 0) ? true : false;
 }

+/**
+ * @brief Enable the pseudo-round function during XTS-AES operations
+ *
+ * @param mode set the mode for pseudo rounds, zero to disable, with increasing security upto three.
+ * @param base basic number of pseudo rounds, zero if disable
+ * @param increment increment number of pseudo rounds, zero if disable
+ * @param key_rng_cnt update frequency of the pseudo-key, zero if disable
+ */
+static inline void spi_flash_encrypt_ll_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt)
+{
+    (void) key_rng_cnt;
+
+    REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_MODE_PSEUDO, mode);
+
+    if (mode) {
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, base);
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, increment);
+    } else {
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, 0);
+        REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, 0);
+    }
+}
+
 #ifdef __cplusplus
 }
 #endif
--- a/components/hal/include/hal/spi_flash_encrypt_hal.h
+++ b/components/hal/include/hal/spi_flash_encrypt_hal.h
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -13,11 +13,35 @@
 // The HAL layer for SPI Flash Encryption

 #include "hal/spi_flash_encrypted_ll.h"
+#include "soc/soc_caps.h"

 #ifdef __cplusplus
 extern "C" {
 #endif

+#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+/**
+ * @brief Default pseudo rounds configs of the XTS-AES accelerator
+ */
+typedef enum {
+    ESP_XTS_AES_PSEUDO_ROUNDS_DISABLE = 0,
+    ESP_XTS_AES_PSEUDO_ROUNDS_LOW,
+    ESP_XTS_AES_PSEUDO_ROUNDS_MEDIUM,
+    ESP_XTS_AES_PSEUDO_ROUNDS_HIGH,
+} esp_xts_aes_psuedo_rounds_state_t;
+
+/* The total number of pseudo-rounds randomly inserted in an XTS-AES operation are controlled by
+ * configuring the PSEUDO_MODE, PSEUDO_BASE, PSEUDO_INC parameters.
+ * Users can also set the frequency of random key updates by configuring the PSEUDO_RNG_CNT.
+ * Here, we would be using some pre-decided values for these parameters corresponding to the security needed.
+ * For more information regarding these parameters please refer the TRM.
+ */
+#define XTS_AES_PSEUDO_ROUNDS_BASE      4
+#define XTS_AES_PSEUDO_ROUNDS_INC       2
+#define XTS_AES_PSEUDO_ROUNDS_RNG_CNT   7
+
+#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */
+
 /**
 * @brief Enable the flash encryption
 */
@@ -57,6 +81,18 @@ void spi_flash_encryption_hal_destroy(void);
 */
 bool spi_flash_encryption_hal_check(uint32_t address, uint32_t length);

+#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+/**
+ * @brief Enable the pseudo-round function during XTS-AES operations
+ *
+ * @param mode set the mode for pseudo rounds, zero to disable, with increasing security upto three.
+ * @param base basic number of pseudo rounds, zero if disable
+ * @param increment increment number of pseudo rounds, zero if disable
+ * @param key_rng_cnt update frequency of the pseudo-key, zero if disable
+ */
+void spi_flash_encryption_hal_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt);
+#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */
+
 #ifdef __cplusplus
 }
 #endif
--- a/components/hal/include/hal/spi_flash_types.h
+++ b/components/hal/include/hal/spi_flash_types.h
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2010-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2010-2024 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -48,7 +48,7 @@ typedef enum esp_flash_speed_s {
    ESP_FLASH_26MHZ = 26,    ///< The flash runs under 26MHz
    ESP_FLASH_40MHZ = 40,    ///< The flash runs under 40MHz
    ESP_FLASH_80MHZ = 80,    ///< The flash runs under 80MHz
-    ESP_FLASH_120MHZ = 120,   ///< The flash runs under 120MHz, 120MHZ can only be used by main flash after timing tuning in system. Do not use this directely in any API.
+    ESP_FLASH_120MHZ = 120,   ///< The flash runs under 120MHz, 120MHZ can only be used by main flash after timing tuning in system. Do not use this directly in any API.
    ESP_FLASH_SPEED_MAX, ///< The maximum frequency supported by the host is ``ESP_FLASH_SPEED_MAX-1``.
 } esp_flash_speed_t __attribute__((deprecated));

--- a/components/hal/spi_flash_encrypt_hal_iram.c
+++ b/components/hal/spi_flash_encrypt_hal_iram.c
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -7,6 +7,7 @@
 // This part is put in iram.

 #include "hal/spi_flash_encrypted_ll.h"
+#include "soc/soc_caps.h"

 void spi_flash_encryption_hal_enable(void)
 {
@@ -49,3 +50,10 @@ bool spi_flash_encryption_hal_check(uint32_t address, uint32_t length)
 {
    return spi_flash_encrypt_ll_check(address, length);
 }
+
+#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+void spi_flash_encryption_hal_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt)
+{
+    spi_flash_encrypt_ll_enable_pseudo_rounds(mode, base, increment, key_rng_cnt);
+}
+#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */
--- a/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in
@@ -1251,6 +1251,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES_128
    bool
    default y

+config SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+    bool
+    default y
+
 config SOC_APM_CTRL_FILTER_SUPPORTED
    bool
    default y
--- a/components/soc/esp32c5/include/soc/soc_caps.h
+++ b/components/soc/esp32c5/include/soc/soc_caps.h
@@ -522,6 +522,7 @@
 #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX   (64)
 #define SOC_FLASH_ENCRYPTION_XTS_AES        1
 #define SOC_FLASH_ENCRYPTION_XTS_AES_128    1
+#define SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND  1

 /*-------------------------- APM CAPS-----------------------------------------*/
 #define SOC_APM_CTRL_FILTER_SUPPORTED   1 /*!< Support for APM control filter */
--- a/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in
@@ -943,6 +943,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES_128
    bool
    default y

+config SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+    bool
+    default y
+
 config SOC_APM_CTRL_FILTER_SUPPORTED
    bool
    default y
--- a/components/soc/esp32c61/include/soc/soc_caps.h
+++ b/components/soc/esp32c61/include/soc/soc_caps.h
@@ -390,6 +390,7 @@
 #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX   (64)
 #define SOC_FLASH_ENCRYPTION_XTS_AES        1
 #define SOC_FLASH_ENCRYPTION_XTS_AES_128    1
+#define SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND  1

 /*-------------------------- APM CAPS ----------------------------------------*/
 #define SOC_APM_CTRL_FILTER_SUPPORTED   1 /*!< Support for APM control filter */
--- a/components/spi_flash/spi_flash_chip_generic.c
+++ b/components/spi_flash/spi_flash_chip_generic.c
@@ -527,6 +527,11 @@ esp_err_t spi_flash_chip_generic_write_encrypted(esp_flash_t *chip, const void *

    const uint8_t *data_bytes = (const uint8_t *)buffer;
    esp_flash_encryption->flash_encryption_enable();
+
+#if SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
+    spi_flash_encryption_hal_enable_pseudo_rounds(ESP_XTS_AES_PSEUDO_ROUNDS_LOW, XTS_AES_PSEUDO_ROUNDS_BASE, XTS_AES_PSEUDO_ROUNDS_INC, XTS_AES_PSEUDO_ROUNDS_RNG_CNT);
+#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */
+
    while (length > 0) {
        int block_size;
        /* Write the largest block if possible */