├── Configs └── HRoT-zephyr.cfg ├── LICENSE ├── README.md ├── Trademark.md ├── build.cmd ├── build.sh ├── cerberus_patches ├── CMakeLists.txt ├── Kconfig ├── debug_log.h ├── i2c_filter.h ├── i2c_slave_common.h ├── logging_flash.c ├── logging_flash.h ├── rsah.patch └── zephyr │ ├── platform.c │ ├── platform.h │ ├── platform_compiler.c │ ├── platform_compiler.h │ ├── platform_config.h │ └── platform_io.h ├── governance.md ├── maintainers.md ├── oe-src ├── ApplicationLayer │ └── tektagon │ │ ├── CMakeLists.txt │ │ ├── README.md │ │ ├── VERSION │ │ ├── boards │ │ ├── ast1060_evb.conf │ │ └── ast1060_evb.overlay │ │ ├── dts │ │ └── bindings │ │ │ └── demo,gpio_basic_api.yaml │ │ ├── prj.conf │ │ ├── sample.yaml │ │ ├── src │ │ ├── I2c_Handler │ │ │ ├── BmcI2C_handler.c │ │ │ ├── BmcI2C_handler.h │ │ │ ├── PchI2C_handler.c │ │ │ └── PchI2c_handler.h │ │ ├── Smbus_mailbox │ │ │ ├── Smbus_mailbox.c │ │ │ └── Smbus_mailbox.h │ │ ├── StateMachineAction │ │ │ ├── StateMachineActions.c │ │ │ └── StateMachineActions.h │ │ ├── common │ │ │ └── pfm_headers.h │ │ ├── context_manager │ │ │ ├── context_manager.c │ │ │ └── context_manager.h │ │ ├── engineManager │ │ │ ├── engine_manager.c │ │ │ └── engine_manager.h │ │ ├── include │ │ │ ├── SmbusMailBoxCom.h │ │ │ └── definitions.h │ │ ├── keystore │ │ │ ├── KeystoreManager.c │ │ │ └── KeystoreManager.h │ │ ├── main.c │ │ ├── manifestProcessor │ │ │ ├── manifestProcessor.c │ │ │ └── manifestProcessor.h │ │ ├── pfr │ │ │ ├── pfr_common.c │ │ │ ├── pfr_common.h │ │ │ ├── pfr_recovery.c │ │ │ ├── pfr_recovery.h │ │ │ ├── pfr_ufm.c │ │ │ ├── pfr_ufm.h │ │ │ ├── pfr_update.c │ │ │ ├── pfr_update.h │ │ │ ├── pfr_util.c │ │ │ ├── pfr_util.h │ │ │ ├── pfr_verifcation.h │ │ │ └── pfr_verification.c │ │ └── state_machine │ │ │ ├── common_smc.h │ │ │ ├── state_machine.c │ │ │ └── state_machine.h │ │ └── zephyr_feature.yaml ├── Common.cmake ├── FunctionalBlocks │ ├── AmiSmbusInterface │ │ ├── AmiSmbusInterfaceSrcLib.c │ │ ├── AmiSmbusInterfaceSrcLib.h │ │ └── CMakeLists.txt │ ├── CMakeLists.txt │ ├── Common │ │ ├── CMakeLists.txt │ │ ├── Common.c │ │ └── Common.h │ ├── Kconfig │ ├── ManifestProcess │ │ ├── CMakeLists.txt │ │ ├── ManifestProcess.c │ │ ├── ManifestProcess.h │ │ └── PfmFlash │ │ │ ├── PfmFlash.c │ │ │ └── PfmFlash.h │ └── Pfr │ │ ├── CMakeLists.txt │ │ ├── cerberus │ │ ├── CMakeLists.txt │ │ ├── cerberus_pfr_authentication.c │ │ ├── cerberus_pfr_authentication.h │ │ ├── cerberus_pfr_common.c │ │ ├── cerberus_pfr_common.h │ │ ├── cerberus_pfr_definitions.h │ │ ├── cerberus_pfr_key_cancellation.c │ │ ├── cerberus_pfr_key_cancellation.h │ │ ├── cerberus_pfr_pbc.c │ │ ├── cerberus_pfr_pbc.h │ │ ├── cerberus_pfr_pfm_manifest.c │ │ ├── cerberus_pfr_pfm_manifest.h │ │ ├── cerberus_pfr_provision.c │ │ ├── cerberus_pfr_provision.h │ │ ├── cerberus_pfr_recovery.c │ │ ├── cerberus_pfr_recovery.h │ │ ├── cerberus_pfr_spi_filtering.c │ │ ├── cerberus_pfr_spi_filtering.h │ │ ├── cerberus_pfr_update.c │ │ ├── cerberus_pfr_update.h │ │ ├── cerberus_pfr_verification.c │ │ └── cerberus_pfr_verification.h │ │ └── intel_2.0 │ │ ├── CMakeLists.txt │ │ ├── intel_pfr_authentication.c │ │ ├── intel_pfr_authentication.h │ │ ├── intel_pfr_common.c │ │ ├── intel_pfr_common.h │ │ ├── intel_pfr_definitions.h │ │ ├── intel_pfr_key_cancellation.c │ │ ├── intel_pfr_key_cancellation.h │ │ ├── intel_pfr_pbc.c │ │ ├── intel_pfr_pbc.h │ │ ├── intel_pfr_pfm_manifest.c │ │ ├── intel_pfr_pfm_manifest.h │ │ ├── intel_pfr_provision.c │ │ ├── intel_pfr_provision.h │ │ ├── intel_pfr_recovery.c │ │ ├── intel_pfr_recovery.h │ │ ├── intel_pfr_spi_filtering.c │ │ ├── intel_pfr_spi_filtering.h │ │ ├── intel_pfr_update.c │ │ ├── intel_pfr_update.h │ │ ├── intel_pfr_verification.c │ │ └── intel_pfr_verification.h ├── HardwareAbstraction │ ├── CMakeLists.txt │ ├── Hal │ │ ├── CMakeLists.txt │ │ ├── CommonCrypto │ │ │ ├── CommonHash.c │ │ │ ├── CommonHash.h │ │ │ ├── CommonRsa.c │ │ │ └── CommonRsa.h │ │ ├── CommonFlash │ │ │ ├── CommonFlash.c │ │ │ ├── CommonFlash.h │ │ │ └── FlashMaster.c │ │ ├── CommonLogging │ │ │ ├── CommonLogging.c │ │ │ └── CommonLogging.h │ │ ├── Dice │ │ │ ├── Dice.c │ │ │ └── Dice.h │ │ ├── Gpio │ │ │ ├── Gpio.c │ │ │ └── Gpio.h │ │ ├── Hal.yaml │ │ ├── I2c │ │ │ ├── I2c.c │ │ │ ├── I2c.h │ │ │ └── I2cMaster.c │ │ ├── I2cFilter │ │ │ ├── I2cFilter.c │ │ │ └── I2cFilter.h │ │ ├── Interrupt │ │ │ ├── Interrupt.c │ │ │ └── Interrupt.h │ │ ├── Nvram │ │ │ ├── Nvram.c │ │ │ └── Nvram.h │ │ ├── Smbus │ │ │ ├── Smbus.c │ │ │ └── Smbus.h │ │ ├── SmbusFilter │ │ │ ├── SmbusFilter.c │ │ │ └── SmbusFilter.h │ │ ├── Spi │ │ │ ├── Spi.c │ │ │ └── Spi.h │ │ ├── SpiFilter │ │ │ ├── SpiFilter.c │ │ │ └── SpiFilter.h │ │ ├── Timer │ │ │ ├── Timer.c │ │ │ └── Timer.h │ │ └── Watchdog │ │ │ ├── Watchdog.c │ │ │ └── Watchdog.h │ ├── HardwareAbstraction.cmake │ ├── Kconfig │ ├── README_HardwareAbstraction.md │ └── smf │ │ ├── CMakeLists.txt │ │ ├── Kconfig │ │ ├── smf.c │ │ └── smf.h ├── Silicon │ ├── AST1060 │ │ ├── CMakeLists.txt │ │ ├── Kconfig │ │ ├── abr │ │ │ ├── abr_aspeed.c │ │ │ └── abr_aspeed.h │ │ ├── crypto │ │ │ ├── ecdsa_aspeed.c │ │ │ ├── ecdsa_aspeed.h │ │ │ ├── hash_aspeed.c │ │ │ ├── hash_aspeed.h │ │ │ ├── rsa_aspeed.c │ │ │ └── rsa_aspeed.h │ │ ├── flash │ │ │ ├── flash_aspeed.c │ │ │ └── flash_aspeed.h │ │ ├── gpio │ │ │ ├── gpio_aspeed.c │ │ │ └── gpio_aspeed.h │ │ ├── i2c │ │ │ ├── I2C_Slave_aspeed.c │ │ │ ├── I2C_Slave_aspeed.h │ │ │ ├── i2c_filter_aspeed.c │ │ │ └── i2c_filter_aspeed.h │ │ ├── otp │ │ │ ├── otp_aspeed.c │ │ │ └── otp_aspeed.h │ │ ├── spi_filter │ │ │ ├── spi_filter_aspeed.c │ │ │ └── spi_filter_aspeed.h │ │ └── watchdog │ │ │ ├── watchdog_aspeed.c │ │ │ └── watchdog_aspeed.h │ ├── CMakeLists.txt │ └── Kconfig ├── Testing │ ├── ActiveObject │ │ ├── ActiveObjectTest.c │ │ └── ActiveObjectTest.h │ ├── Application │ │ ├── ApplicationTest.c │ │ └── ApplicationTest.h │ ├── CMakeLists.txt │ ├── FunctionalBlocks │ │ ├── ManifestProcessTest.c │ │ └── ManifestProcessTest.h │ ├── HardwareAbstraction │ │ ├── HardwareAbstractionTest.c │ │ └── HardwareAbstractionTest.h │ ├── README.md │ └── Testing.yaml └── Wrapper │ ├── CMakeLists.txt │ ├── Kconfig │ ├── Tektagon-OE │ ├── CMakeLists.txt │ ├── Crypto │ │ ├── HashWrapper.c │ │ ├── HashWrapper.h │ │ ├── RsaWrapper.c │ │ ├── RsaWrapper.h │ │ ├── SignatureVerificationRsaWrapper.c │ │ └── SignatureVerificationRsaWrapper.h │ ├── Definition.h │ ├── Flash │ │ ├── FlashMasterWrapper.c │ │ ├── FlashWrapper.c │ │ └── FlashWrapper.h │ ├── I2c │ │ ├── I2cWrapper.c │ │ └── I2cWrapper.h │ ├── I2cFilter │ │ ├── I2cFilterWrapper.c │ │ └── I2cFilterWrapper.h │ ├── Kconfig │ ├── Logging │ │ ├── LoggingWrapper.c │ │ └── LoggingWrapper.h │ ├── ManifestProcess │ │ ├── ManifestWrapper.c │ │ ├── ManifestWrapper.h │ │ └── PfmFlashWrapper │ │ │ ├── PfmFlashWrapper.c │ │ │ └── PfmFlashWrapper.h │ ├── SpiFilter │ │ ├── SpiFilterWrapper.c │ │ └── SpiFilterWrapper.h │ └── WatchDog │ │ ├── WatchDog.c │ │ └── WatchDog.h │ ├── Wrapper.cmake │ └── Wrapper.yaml ├── west_init └── west.yml └── zephyr_patches ├── 10_CVE-2022-46392.patch ├── 1_PATCH_CVE-2021-3510.patch ├── 2_PATCH_CVE-2021-3625.patch ├── 3_CVE-2021-3835.patch ├── 4_CVE-2021-3861.patch ├── 5_PATCH_CVE-2022-0553.patch ├── 6_CVE-2022-1041.patch ├── 7_CVE-FIX-CVE-2022-1042.patch ├── 8_CVE-FIX-CVE-2022-1841.patch ├── 9_CVE-2022-2741.patch ├── CMakeLists.txt ├── Kconfig.zephyr ├── i2c_aspeed.c ├── pfr_aspeed.h └── pfr_ast1060.c /Configs/HRoT-zephyr.cfg: -------------------------------------------------------------------------------- 1 | Features: 2 | HRoT Features List: 3 | - feature: 4 | name: TEKTAGON_OE_ZEPHYR_BASE 5 | macro: ZEPHYR_SUPPORT 6 | description: Active object Support selection 7 | path: oe-src/ApplicationLayer/tektagon/zephyr_feature.yaml 8 | enable: true 9 | 10 | 11 | Configurations: 12 | - config: 13 | label: CC_Firmware Major Version 14 | macro: CC_FIRMWARE_ATTR_Major 15 | type: integer 16 | readonly: true 17 | value: 2 18 | value_length: 1 19 | - config: 20 | label: CC_Firmware Minor Version 21 | macro: CC_FIRMWARE_ATTR_Minor 22 | type: integer 23 | readonly: true 24 | value: 0 25 | value_length: 1 26 | -------------------------------------------------------------------------------- /Trademark.md: -------------------------------------------------------------------------------- 1 | ## **American Megatrends® International LLC** 2 | - American Megatrends® International LLC (AMI®) grants a limited usage of the Tektagon OpenEdition™ trademark for those using the source in this repository. 3 | - AMI® is not responsible for any damage incurred by organizations using this source code or trademark. 4 | - AMI® grants the usage of the Tektagon OpenEdition™ trademark allowing individuals or organizations using the source in this repository to claim their product is "Based on AMI® Tektagon OpenEdition™". 5 | - AMI® also allows the usage of "Tektagon-OE™" or "Tektagon OE™" as alternatives for "Tektagon OpenEdition™". All other usage of Tektagon OpenEdition™ and derivatives is specifically prohibited and those wishing to attain a more liberal usage of the Tektagon™ and/or Tektagon OpenEdition™ trademark can contact Marketing@ami.com for assistance. 6 | -------------------------------------------------------------------------------- /cerberus_patches/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # cmake_minimum_required(VERSION 3.13.1) 2 | 3 | include(../../Common.cmake) 4 | zephyr_interface_library_named(Cerberus) 5 | zephyr_library() 6 | 7 | set(TARGET_NAME Cerberus) 8 | 9 | include (${CMAKE_CURRENT_LIST_DIR}/Cerberus.cmake) 10 | target_include_directories( 11 | app 12 | PRIVATE 13 | ${HAL_CERBERUS_ROOT}/core 14 | ${HAL_CERBERUS_ROOT}/projects/zephyr 15 | ) 16 | set(CORE_DIR ${CERBERUS_ROOT}/core) 17 | set(PLATFORM_DIR ${CERBERUS_ROOT}/projects/zephyr) 18 | 19 | # Collect the Source Build Files 20 | # Exclude Testing Directory and files ending with _mbedtls.c 21 | set(EXCLUDE_DIR "/testing/") 22 | set(EXCLUDE_FILE "_mbedtls.c") 23 | file(GLOB_RECURSE CERBERUS_CORE_SOURCES "${CORE_DIR}/*.c") 24 | foreach (TMP_PATH ${CERBERUS_CORE_SOURCES}) 25 | string (FIND ${TMP_PATH} ${EXCLUDE_DIR} EXCLUDE_DIR_FOUND) 26 | if (NOT ${EXCLUDE_DIR_FOUND} EQUAL -1) 27 | list (REMOVE_ITEM CERBERUS_CORE_SOURCES ${TMP_PATH}) 28 | endif () 29 | 30 | string (FIND ${TMP_PATH} ${EXCLUDE_FILE} EXCLUDE_DIR_FOUND) 31 | 32 | if (NOT ${EXCLUDE_DIR_FOUND} EQUAL -1) 33 | list (REMOVE_ITEM CERBERUS_CORE_SOURCES ${TMP_PATH}) 34 | endif () 35 | endforeach(TMP_PATH) 36 | 37 | set(CERBERUS_CORE_INCLUDES ${CORE_DIR}) 38 | 39 | file(GLOB_RECURSE CERBERUS_PLATFORM_SOURCES "${PLATFORM_DIR}/*.c") 40 | set(CERBERUS_PLATFORM_INCLUDES ${PLATFORM_DIR}) 41 | 42 | get_filename_component(PARENT_DIR $ENV{ZEPHYR_BASE} DIRECTORY) 43 | 44 | find_package(Threads REQUIRED) 45 | 46 | zephyr_library_sources( 47 | ${CERBERUS_CORE_SOURCES} 48 | ${CERBERUS_PLATFORM_SOURCES} 49 | ) 50 | 51 | zephyr_library_include_directories( 52 | ${CERBERUS_CORE_INCLUDES} 53 | ${CERBERUS_ROOT}/project/zephyr 54 | ${CERBERUS_PLATFORM_INCLUDES} 55 | ${AMI_PORT_ROOT} 56 | ) 57 | zephyr_compile_options( 58 | -fno-builtin 59 | -fdata-sections 60 | -Wall 61 | -Wextra 62 | -Wno-sign-compare 63 | # -Werror 64 | # -Wno-unused-parameter 65 | # -Wno-implicit-function-declaration 66 | # -Wno-maybe-uninitialized 67 | # -Wno-incompatible-pointer-types 68 | # -Wno-int-conversion 69 | # -Wno-type-limits 70 | -g -ggdb3 71 | ) 72 | zephyr_compile_definitions( 73 | ENABLE_DEBUG_COMMANDS 74 | ECC_ENABLE_GENERATE_KEY_PAIR 75 | ECC_ENABLE_ECDH 76 | HASH_ENABLE_SHA256 77 | HASH_ENABLE_SHA384 78 | HASH_ENABLE_SHA1 79 | X509_ENABLE_CREATE_CERTIFICATES 80 | X509_ENABLE_AUTHENTICATION 81 | # CONFIG_ARM 82 | # CONFIG_SYS_CLOCK_HW_CYCLES_PER_SEC=200000000 83 | # CONFIG_SYS_CLOCK_TICKS_PER_SEC=10000 84 | # CONFIG_MP_NUM_CPUS=1 85 | # unix 86 | ) 87 | zephyr_library_link_libraries(Cerberus) 88 | -------------------------------------------------------------------------------- /cerberus_patches/Kconfig: -------------------------------------------------------------------------------- 1 | config CERBERUS 2 | bool "Enable tektagonoe Cerberus layer" 3 | help 4 | This option enables the Hierarchical FuncationalBlock -------------------------------------------------------------------------------- /cerberus_patches/i2c_filter.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef I2C_FILTER_INTERFACE_H_ 5 | #define I2C_FILTER_INTERFACE_H_ 6 | 7 | #include 8 | #include 9 | #include 10 | #include "status/rot_status.h" 11 | 12 | #if 0 13 | /** 14 | * Defines the device to an I2C filter 15 | */ 16 | struct i2c_filter_device_info { 17 | uint8_t device_id; 18 | uint8_t slave_addr; 19 | /** 20 | * white-list/allow-list data to pass through I2C filter . This should provided 256 bytes buffer to 21 | * decide which I2C slave offset should be allowed/blocked by filter. 22 | * 23 | * bit position as I2C slave offset data. ex. bit0 for offset 0x00 and bit32 for offset 0x20. 24 | * And bit value as 1'b1 to I2C slave offset data for that slave data will be allowed by 25 | * white-list/allow-list, otherwise will be blocked. 26 | */ 27 | void* whitelist_elements; 28 | }; 29 | 30 | /** 31 | * Defines the interface to an I2C filter 32 | */ 33 | struct i2c_filter_interface { 34 | 35 | struct i2c_filter_device_info filter; 36 | /** 37 | * Initializes the I2C filter. 38 | * 39 | * @param filter The I2C filter to initialization. 40 | * 41 | * @return 0 if the I2C filter was configured successfully or an error code. 42 | */ 43 | 44 | int (*init_filter) (struct i2c_filter_interface *filter); 45 | 46 | /** 47 | * Enable or disable the I2C filter. A disabled I2C filter will block all access from the host 48 | * to slave device. 49 | * 50 | * @param filter The I2C filter to update. 51 | * @param enable Flag indicating if the I2C filter should be enabled or disabled. 52 | * 53 | * @return 0 if the I2C filter was configured successfully or an error code. 54 | */ 55 | 56 | int (*enable_filter) (struct i2c_filter_interface *filter, bool enable); 57 | 58 | /** 59 | * Set the white-list/allow-list for the I2C filter. 60 | * 61 | * @param filter The I2C filter instance to use 62 | * @param index The white-list/allow-list index to update 63 | */ 64 | 65 | int (*set_filter) (struct i2c_filter_interface *filter, uint8_t index); 66 | }; 67 | 68 | #define I2C_FILTER_ERROR(code) ROT_ERROR (ROT_MODULE_I2C_FILTER, code) 69 | 70 | /** 71 | * Error codes that can be generated by an I2C master driver. 72 | */ 73 | enum { 74 | I2C_FILTER_INVALID_ARGUMENT = I2C_FILTER_ERROR (0x00), /**< Input parameter is null or not valid. */ 75 | I2C_FILTER_NO_MEMORY = I2C_FILTER_ERROR (0x01), /**< Memory allocation failed. */ 76 | I2C_FILTER_WRITE_REG_FAILED = I2C_FILTER_ERROR (0x02), /**< Could not write to a register. */ 77 | I2C_FILTER_READ_REG_FAILED = I2C_FILTER_ERROR (0x03), /**< Could not read from a register. */ 78 | I2C_FILTER_BUSY = I2C_FILTER_ERROR (0x04), /**< The I2C master is busy executing a transaction. */ 79 | I2C_FILTER_TIMEOUT = I2C_FILTER_ERROR (0x05), /**< The I2C transaction timed out. */ 80 | }; 81 | 82 | #endif 83 | 84 | #endif /* I2C_FILTER_INTERFACE_H_ */ 85 | -------------------------------------------------------------------------------- /cerberus_patches/i2c_slave_common.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef I2C_SLAVE_COMMON_H_ 5 | #define I2C_SLAVE_COMMON_H_ 6 | 7 | #include 8 | #include 9 | #include "status/rot_status.h" 10 | 11 | #if 0 12 | /** 13 | * Defines the interface to an I2C slave 14 | */ 15 | 16 | struct i2c_slave_interface { 17 | /** 18 | * Initial I2C device to slave device using provided interface 19 | * 20 | * @param i2c I2C slave interface to use 21 | * @param DevName I2C device name (EX:I2C_0 or I2C_1) 22 | * @param slave_addr I2C slave device address to setting 23 | * 24 | * @return Transfer status, 0 if success or an error code. 25 | */ 26 | int (*InitSlaveDev) (struct i2c_slave_interface *i2c, char *DevName, uint8_t slave_addr); 27 | }; 28 | 29 | #define I2C_SLAVE_ERROR(code) ROT_ERROR (ROT_MODULE_I2C_SLAVE, code) 30 | 31 | /** 32 | * Error codes that can be generated by an I2C slave driver. 33 | */ 34 | enum { 35 | I2C_SLAVE_INVALID_ARGUMENT = I2C_SLAVE_ERROR (0x00), /**< Input parameter is null or not valid. */ 36 | I2C_SLAVE_NO_MEMORY = I2C_SLAVE_ERROR (0x01), /**< Memory allocation failed. */ 37 | I2C_SLAVE_NO_DEVICE = I2C_SLAVE_ERROR (0x02), /**< Not found device */ 38 | }; 39 | 40 | #endif 41 | 42 | #endif /* I2C_SLAVE_COMMON_H_ */ 43 | -------------------------------------------------------------------------------- /cerberus_patches/logging_flash.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef LOGGING_FLASH_H_ 5 | #define LOGGING_FLASH_H_ 6 | 7 | #include 8 | #include 9 | #include "logging.h" 10 | #include "platform.h" 11 | #include "flash/flash_common.h" 12 | #include "flash/spi_flash.h" 13 | 14 | #define CERBERUS_PREVIOUS_VERSION 1 15 | /** 16 | * The number of flash sectors available to the log for storing entries. 17 | */ 18 | #if 0 19 | #define LOGGING_FLASH_AREA_LEN FLASH_BLOCK_SIZE 20 | #define LOGGING_FLASH_SECTORS (LOGGING_FLASH_AREA_LEN / FLASH_SECTOR_SIZE) 21 | #else 22 | #define LOGGING_FLASH_AREA_LEN (8 * 1024) //FLASH_SECTOR_SIZE // (4 * 1024) 23 | #define LOGGING_FLASH_SECTORS (LOGGING_FLASH_AREA_LEN / FLASH_SECTOR_SIZE) // (8 * 1024) / (4 * 1024) = 2 24 | #endif 25 | 26 | /** 27 | * A log that will persistently store entries on flash. 28 | */ 29 | struct logging_flash { 30 | struct logging base; /**< The base logging instance. */ 31 | struct spi_flash *flash; /**< The flash where log entries are stored. */ 32 | uint32_t base_addr; /**< The base address of the log data on flash. */ 33 | platform_mutex lock; /**< Synchronization for log accesses. */ 34 | uint8_t entry_buffer[FLASH_SECTOR_SIZE]; /**< Buffered entries waiting to be flushed. */ 35 | uint8_t *next_write; /**< The next write position in the entry buffer. */ 36 | int write_remain; /**< Remaining space in the entry buffer. */ 37 | bool terminated; /**< Entry buffer has been terminated. */ 38 | uint32_t next_entry_id; /**< Next ID to assign to a log entry. */ 39 | uint32_t flash_used[LOGGING_FLASH_SECTORS]; /**< Number of valid bytes stored in each sector. */ 40 | uint32_t next_addr; /**< Next flash address to write to. */ 41 | int log_start; /**< The sector that contains the first entries. */ 42 | }; 43 | 44 | 45 | int logging_flash_init (struct logging_flash *logging, struct spi_flash *flash, uint32_t base_addr); 46 | void logging_flash_release (struct logging_flash *logging); 47 | 48 | 49 | #endif /* LOGGING_FLASH_H_ */ 50 | -------------------------------------------------------------------------------- /cerberus_patches/rsah.patch: -------------------------------------------------------------------------------- 1 | diff --git a/oe-src/FunctionalBlocks/Cerberus/core/crypto/rsa.h b/oe-src/FunctionalBlocks/Cerberus/core/crypto/rsa.h 2 | index f79463f4..dc9348ad 100644 3 | --- a/oe-src/FunctionalBlocks/Cerberus/core/crypto/rsa.h 4 | +++ b/oe-src/FunctionalBlocks/Cerberus/core/crypto/rsa.h 5 | @@ -35,8 +35,9 @@ struct rsa_private_key { 6 | * Defines the information for an RSA public key. 7 | */ 8 | struct rsa_public_key { 9 | - uint8_t modulus[RSA_MAX_KEY_LENGTH]; /**< The RSA key pair modulus. */ 10 | - size_t mod_length; /**< The length of the modulus. */ 11 | + uint16_t mod_length; /**< The length of the modulus. */ 12 | + uint8_t modulus[RSA_KEY_LENGTH_2K]; /**< The RSA key pair modulus. */ 13 | + uint8_t exponent_length; //The RSA public exponent length 14 | uint32_t exponent; /**< The RSA public exponent. */ 15 | } __attribute__ ((__packed__)); 16 | 17 | -------------------------------------------------------------------------------- /cerberus_patches/zephyr/platform.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef ZEPHYR_PLATFORM_H_ 5 | #define ZEPHYR_PLATFORM_H_ 6 | 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include "zephyr.h" 14 | //#include "semphr.h" 15 | 16 | #define CERBERUS_PREVIOUS_VERSION 0x1 17 | 18 | //typedef void* SemaphoreHandle_t; 19 | typedef struct k_timer TimerHandle_t; 20 | typedef k_ticks_t TickType_t; 21 | 22 | #define pvPortMalloc malloc 23 | #define vPortFree free 24 | #define portMAX_DELAY ( k_ticks_t ) 0xffffffffUL 25 | 26 | /* FreeRTOS memory management. */ 27 | #define platform_malloc pvPortMalloc 28 | #define platform_free vPortFree 29 | 30 | void* platform_calloc (size_t nmemb, size_t size); 31 | void* platform_realloc (void *ptr, size_t size); 32 | 33 | /* FreeRTOS internet operations. */ 34 | uint32_t platform_htonl (uint32_t host_long); 35 | uint16_t platform_htons (uint16_t host_short); 36 | 37 | /* FreeRTOS sleep and system time. */ 38 | //#define platform_msleep(x) vTaskDelay (pdMS_TO_TICKS (x) + 1) 39 | #define platform_msleep(x) sleep (x + 1) 40 | 41 | typedef struct { 42 | TickType_t ticks; 43 | uint8_t wrap; 44 | } platform_clock; 45 | 46 | int platform_init_timeout (uint32_t msec, platform_clock *timeout); 47 | int platform_increase_timeout (uint32_t msec, platform_clock *timeout); 48 | int platform_init_current_tick (platform_clock *currtime); 49 | int platform_has_timeout_expired (platform_clock *timeout); 50 | uint64_t platform_get_time_since_boot (void); 51 | uint32_t platform_get_duration (const platform_clock *start, const platform_clock *end); 52 | 53 | /* Zephyr mutex. */ 54 | typedef struct k_sem platform_mutex; 55 | 56 | int platform_mutex_init (platform_mutex *mutex); 57 | int platform_mutex_free (platform_mutex *mutex); 58 | int platform_mutex_lock (platform_mutex *mutex); 59 | int platform_mutex_unlock (platform_mutex *mutex); 60 | 61 | /* FreeRTOS recursive mutex */ 62 | int platform_recursive_mutex_init (platform_mutex *mutex); 63 | int platform_recursive_mutex_free (platform_mutex *mutex); 64 | int platform_recursive_mutex_lock (platform_mutex *mutex); 65 | int platform_recursive_mutex_unlock (platform_mutex *mutex); 66 | 67 | /* FreeRTOS timer. */ 68 | typedef void (*timer_callback) (void *context); 69 | typedef struct { 70 | TimerHandle_t timer; 71 | struct k_sem disarm_lock; 72 | timer_callback callback; 73 | void *context; 74 | uint8_t disarm; 75 | } platform_timer; 76 | 77 | int platform_timer_create (platform_timer *timer, timer_callback callback, void *context); 78 | int platform_timer_arm_one_shot (platform_timer *timer, uint32_t ms_timeout); 79 | int platform_timer_disarm (platform_timer *timer); 80 | void platform_timer_delete (platform_timer *timer); 81 | #endif /* ZEPHYR_PLATFORM_H_ */ 82 | -------------------------------------------------------------------------------- /cerberus_patches/zephyr/platform_compiler.c: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #include 5 | #include 6 | #include 7 | #include "platform.h" 8 | 9 | 10 | /** 11 | * GCC implementation for the strdup function. 12 | * 13 | * @param s The string to duplicate. 14 | * 15 | * @return The newly allocated copy of the string or null. 16 | */ 17 | char* strdup (const char *s) 18 | { 19 | char *str = NULL; 20 | 21 | if (s != NULL) { 22 | str = platform_malloc (strlen (s) + 1); 23 | if (str != NULL) { 24 | strcpy (str, s); 25 | } 26 | } 27 | 28 | return str; 29 | } 30 | -------------------------------------------------------------------------------- /cerberus_patches/zephyr/platform_compiler.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef PLATFORM_COMPILER_H_ 5 | #define PLATFORM_COMPILER_H_ 6 | 7 | #include 8 | 9 | 10 | /* GCC string operations. */ 11 | char* strdup (const char *s); 12 | 13 | #endif /* PLATFORM_COMPILER_H_ */ 14 | -------------------------------------------------------------------------------- /cerberus_patches/zephyr/platform_config.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef PLATFORM_CONFIG_H_ 5 | #define PLATFORM_CONFIG_H_ 6 | 7 | 8 | #endif /* PLATFORM_CONFIG_H_ */ 9 | -------------------------------------------------------------------------------- /cerberus_patches/zephyr/platform_io.h: -------------------------------------------------------------------------------- 1 | // Copyright (c) Microsoft Corporation. All rights reserved. 2 | // Licensed under the MIT license. 3 | 4 | #ifndef PLATFORM_IO_H_ 5 | #define PLATFORM_IO_H_ 6 | 7 | #include 8 | 9 | #define platform_printf printf 10 | #define NEWLINE "\n" 11 | 12 | #endif /* PLATFORM_IO_H_ */ 13 | -------------------------------------------------------------------------------- /maintainers.md: -------------------------------------------------------------------------------- 1 | How to use this list: 2 | Find the most specific section entry (described below) that matches where 3 | your change lives and add the reviewers (R) and maintainers (M) as 4 | reviewers. You can use the same method to track down who knows a particular 5 | code base best. 6 | 7 | Your change/query may span multiple entries; that is okay. 8 | 9 | If you do not find an entry that describes your request at all, someone 10 | forgot to update this list; please at least file an issue or send an email 11 | to a maintainer, but preferably you should just update this document. 12 | 13 | Description of section entries: 14 | 15 | Section entries are structured according to the following scheme: 16 | 17 | X: NAME 18 | X: ... 19 | . 20 | . 21 | . 22 | 23 | Where REPO_NAME is the name of the repository within the OpenBMC GitHub 24 | organization; FILE_PATH is a file path within the repository, possibly with 25 | wildcards; X is a tag of one of the following types: 26 | 27 | M: Denotes maintainer; has fields NAME ; 28 | if omitted from an entry, assume one of the maintainers from the 29 | MAINTAINERS entry. 30 | R: Denotes reviewer; has fields NAME ; 31 | these people are to be added as reviewers for a change matching the repo 32 | path. 33 | F: Denotes forked from an external repository; has fields URL. 34 | 35 | Line comments are to be denoted "# SOME COMMENT" (typical shell style 36 | comment); it is important to follow the correct syntax and semantics as we 37 | may want to use automated tools with this file in the future. 38 | 39 | A change cannot be added to an OpenBMC repository without a MAINTAINER's 40 | approval; thus, a MAINTAINER should always be listed as a reviewer. 41 | 42 | START OF MAINTAINERS LIST 43 | ------------------------- 44 | 45 | M: Presanna Raman 46 | M: Sing-u Byers 47 | M: Zach Bobroff 48 | M: Vignesh Kumar S 49 | 50 | NOTE: 51 | Some of the directories won’t have maintainers because it comes from the openBMC repo. in those cases, a maintainer or reviewer will be identified IF code is 52 | changed in the AMI openBMC repo. -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: Apache-2.0 2 | 3 | cmake_minimum_required(VERSION 3.13.1) 4 | 5 | include($ENV{ZEPHYR_BASE}/Common.cmake) 6 | 7 | find_package(Zephyr HINTS $ENV{ZEPHYR_BASE}) 8 | project(tektagon-oe) 9 | 10 | set(TEKTAGON_ROOT ${CMAKE_CURRENT_LIST_DIR}) 11 | 12 | FILE(GLOB_RECURSE app_sources src/*.c) 13 | target_sources(app PRIVATE ${app_sources}) 14 | set(CERBERUS_ROOT $ENV{ZEPHYR_BASE}/FunctionalBlocks/Cerberus) 15 | 16 | #message(STATUS "Printing app_sources - ${app_sources}") 17 | 18 | target_include_directories( 19 | app 20 | PRIVATE 21 | $ENV{ZEPHYR_BASE}/FunctionalBlocks/Common 22 | $ENV{ZEPHYR_BASE}/FunctionalBlocks/ManifestProcessor 23 | $ENV{ZEPHYR_BASE}/FunctionalBlocks/Pfr 24 | ${CERBERUS_ROOT}/core 25 | ${CERBERUS_ROOT}/projects/zephyr 26 | $ENV{ZEPHYR_BASE}/Wrapper/Tektagon-OE 27 | $ENV{ZEPHYR_BASE}/Silicon/AST1060 28 | ${TEKTAGON_ROOT}/src 29 | ${TEKTAGON_ROOT}/src/state_machine 30 | ${AMI_PORT_ROOT} 31 | $ENV{ZEPHYR_BASE} 32 | $ENV{ZEPHYR_BASE}/HardwareAbstraction/smf 33 | $ENV{ZEPHYR_BASE}/HardwareAbstraction/Hal 34 | ) 35 | 36 | target_compile_options( 37 | app 38 | PRIVATE 39 | -fno-builtin 40 | -fdata-sections 41 | -Wall 42 | -Wextra 43 | # -Werror 44 | -Wno-unused-parameter 45 | -g -ggdb3 46 | ) 47 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/README.md: -------------------------------------------------------------------------------- 1 | # tektagon application layer 2 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/VERSION: -------------------------------------------------------------------------------- 1 | Version:1.1.00 2 | Tag:Tektagon_OE_1_1_00 -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/boards/ast1060_evb.conf: -------------------------------------------------------------------------------- 1 | CONFIG_GPIO_ASPEED_SGPIOM=y 2 | CONFIG_GPIO_ASPEED=y 3 | CONFIG_SPI_ASPEED=y 4 | CONFIG_SPI_MONITOR_ASPEED=y 5 | CONFIG_SPI_MONITOR_SHELL_ASPEED=y 6 | CONFIG_SPI_NOR_ADDR_MODE_FALLBACK_DISABLED=y 7 | CONFIG_PFR_SHELL_ASPEED=y 8 | CONFIG_I2C_ASPEED=y 9 | CONFIG_I2C_PFR=y 10 | CONFIG_I2C_PFR_INIT_PRIORITY=60 11 | CONFIG_I2C_PFR_FILTER=y 12 | CONFIG_SHELL_ARGC_MAX=70 13 | CONFIG_WATCHDOG=y 14 | CONFIG_WDT_ASPEED=y 15 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/dts/bindings/demo,gpio_basic_api.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (c) 2019 Nordic Semiconductor ASA 3 | # Copyright (c) 2021 ASPEED Technology Inc. 4 | # 5 | # SPDX-License-Identifier: Apache-2.0 6 | # 7 | 8 | description: | 9 | This binding provides resources required to build and run the 10 | samples/ast1060_evb/demo in Zephyr. 11 | 12 | compatible: "demo,gpio_basic_api" 13 | 14 | properties: 15 | out-gpios: 16 | type: phandle-array 17 | required: false 18 | description: | 19 | Identity of a GPIO that will be configured as an output. This 20 | must be on the same device as in-gpios, and physically 21 | connected to in-gpios. 22 | 23 | in-gpios: 24 | type: phandle-array 25 | required: false 26 | description: | 27 | Identity of a GPIO that will be configured as an input. This 28 | must be on the same device as out-gpios,and physically 29 | connected to out-gpios. 30 | 31 | bmc-rst-ind-in-gpios: 32 | type: phandle-array 33 | required: false 34 | description: | 35 | Detect or monitor BMC reset indicator. 36 | 37 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/prj.conf: -------------------------------------------------------------------------------- 1 | CONFIG_GPIO=y 2 | CONFIG_SPI=y 3 | CONFIG_I2C=y 4 | CONFIG_THREAD_RUNTIME_STATS=y 5 | CONFIG_GPIO_SHELL=y 6 | CONFIG_I2C_SLAVE=y 7 | CONFIG_I2C_EEPROM_SLAVE=y 8 | CONFIG_FLASH=y 9 | CONFIG_SPI_NOR_MULTI_DEV=y 10 | CONFIG_FLASH_SHELL=y 11 | CONFIG_HEAP_MEM_POOL_SIZE=16384 12 | CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=147456 13 | CONFIG_REBOOT=y 14 | CONFIG_POSIX_CLOCK=y 15 | CONFIG_STACK_SENTINEL=y 16 | CONFIG_LOG=y 17 | CONFIG_LOG_BACKEND_UART=y 18 | CONFIG_SHELL=y 19 | CONFIG_SHELL_BACKEND_SERIAL_INIT_PRIORITY=99 20 | CONFIG_PFR_FLOW_CTRL_AST1060=y 21 | CONFIG_CRYPTO=y 22 | CONFIG_CRYPTO_ASPEED=y 23 | CONFIG_RSA_ASPEED=y 24 | CONFIG_MAIN_STACK_SIZE=16384 25 | CONFIG_SMF=y 26 | CONFIG_SMF_ANCESTOR_SUPPORT=y 27 | CONFIG_FLASH_MAP=y 28 | CONFIG_ECDSA_ASPEED=y 29 | CONFIG_MBEDTLS=y 30 | CONFIG_MBEDTLS_BUILTIN=y 31 | CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y 32 | CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED=y 33 | CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y 34 | CONFIG_MBEDTLS_ENABLE_HEAP=y 35 | CONFIG_MBEDTLS_HEAP_SIZE=16384 36 | CONFIG_SHELL_STACK_SIZE=4096 37 | CONFIG_AST1060=y 38 | CONFIG_TEKTAGONOE=y 39 | CONFIG_CERBERUS=y 40 | CONFIG_INTEL_PFR_SUPPORT=y 41 | CONFIG_MBEDTLS_ECP_NIST_OPTIM=y 42 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/sample.yaml: -------------------------------------------------------------------------------- 1 | sample: 2 | name: Aspeed full function demo sample 3 | tests: 4 | sample.board.ast1060_evb: 5 | platform_allow: ast1060_evb 6 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/I2c_Handler/BmcI2C_handler.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/I2c_Handler/PchI2c_handler.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/common/pfm_headers.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * common.h 11 | * 12 | * Created on: Dec 22, 2021 13 | * Author: presannar 14 | */ 15 | 16 | #ifndef ZEPHYR_TEKTAGON_SRC_COMMON_PFM_HEADER_H_ 17 | #define ZEPHYR_TEKTAGON_SRC_COMMON_PFM_HEADER_H_ 18 | 19 | #include 20 | 21 | struct manifest_flash_device { 22 | uint8_t blank; 23 | uint8_t fw_count; 24 | uint16_t reserved; 25 | }; 26 | 27 | struct manifest_fw_element_header { 28 | uint8_t version_count; 29 | uint8_t fw_id_length; 30 | uint8_t fw_flags; 31 | uint8_t reserved; 32 | }; 33 | 34 | struct manifest_fw_elements { 35 | struct manifest_fw_element_header header; 36 | char *platformid; 37 | uint8_t alignment; 38 | }; 39 | 40 | struct allowable_fw_header { 41 | uint8_t image_count; 42 | uint8_t rw_count; 43 | uint8_t version_length; 44 | uint8_t reserved; 45 | }; 46 | 47 | struct allowable_fw { 48 | struct allowable_fw_header header; 49 | uint32_t version_address; 50 | uint8_t version_id[6]; 51 | uint16_t alignment; 52 | }; 53 | 54 | struct allowable_rw_region { 55 | uint8_t flag; 56 | uint8_t reserved[3]; 57 | uint32_t start_address; 58 | uint32_t end_address; 59 | }; 60 | 61 | struct signature_firmware_region { 62 | uint8_t hash_type; 63 | uint8_t region_count; 64 | uint8_t flag; 65 | uint8_t reserved; 66 | uint8_t signature[256]; 67 | char public_key[450]; // need to discuss 68 | uint8_t start_address[4]; 69 | uint8_t end_address[4]; 70 | }; 71 | 72 | struct recovery_image_header { 73 | uint16_t header_length; 74 | uint16_t format; 75 | uint8_t magic_num[4]; 76 | uint8_t version_id[32]; 77 | uint8_t image_length[4]; 78 | uint8_t sig_length[4]; 79 | }; 80 | 81 | struct recovery_image { 82 | uint16_t header_length; 83 | uint16_t format; 84 | uint8_t magic_num[4]; 85 | uint8_t address[4]; 86 | uint8_t image_length[4]; 87 | }; 88 | 89 | #endif /* ZEPHYR_TEKTAGON_SRC_COMMON_PFM_HEADER_H_ */ 90 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/context_manager/context_manager.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * engines.h 11 | * 12 | * Author: presannar 13 | */ 14 | 15 | #ifndef CONTEXT_MANAGER_H_ 16 | #define CONTEXT_MANAGER_H_ 17 | 18 | #include 19 | #include 20 | #include "firmware/app_context.h" 21 | 22 | 23 | struct Context_Manager { 24 | uint8_t status; 25 | uint16_t update_on_reset : 1; 26 | uint16_t cpld_update : 1; 27 | uint16_t pch_update : 1; 28 | uint16_t pch_update_active : 1; 29 | uint16_t pch_update_recovery : 1; 30 | uint16_t bmc_update : 1; 31 | uint16_t bmc_update_active : 1; 32 | uint16_t bmc_update_recovery : 1; 33 | uint16_t bmc_2_pch_update : 1; 34 | uint16_t bmc_2_pch_update_active : 1; 35 | uint16_t bmc_2_pch_update_recovery : 1; 36 | uint16_t platform_decommissionined : 1; 37 | uint16_t platform_provisioned : 1; 38 | }; 39 | 40 | int app_context_init(struct app_context *context); 41 | struct app_context *getappcontextInstance(void); 42 | static int save_cpld_context(struct app_context *context); 43 | #endif // #ifndef CONTEXT_MANAGER_H_ 44 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/engineManager/engine_manager.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * engines.h 11 | * 12 | * Created on: Dec 10, 2021 13 | * Author: presannar 14 | */ 15 | 16 | #ifndef ZEPHYR_TEKTAGON_SRC_INCLUDE_ENGINES_H_ 17 | #define ZEPHYR_TEKTAGON_SRC_INCLUDE_ENGINES_H_ 18 | 19 | #include 20 | 21 | 22 | struct engine_instances { 23 | struct aes_engine *aesEngine; 24 | struct base64_engine *base64Engine; 25 | struct ecc_engine *eccEngine; 26 | struct flash *flashDevice; 27 | struct flash_master *flashMaster; /**< Flash master for the PFM flash. */ 28 | struct flash_engine_wrapper *flashEngineWrapper; 29 | struct hash_engine *hashEngine; 30 | struct keystore *keyStore; 31 | struct manifest *manifestHandler; 32 | struct pfm_flash *pfmFlash; 33 | struct rng_engine *rngEngine; 34 | struct rsa_engine *rsaEngine; 35 | struct signature_verification *verification; /**< PFM signature verification. */ 36 | struct spi_flash *spiFlash; /**< Flash where the PFM is stored. */ 37 | struct spi_flash_wrapper *spiEngineWrapper; 38 | struct x509_engine *x509Engine; 39 | }; 40 | int signature_verification_init(struct signature_verification *verification); 41 | int initializeEngines(void); 42 | 43 | #endif /* ZEPHYR_TEKTAGON_SRC_INCLUDE_ENGINES_H_ */ 44 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/include/definitions.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * definitions.h 11 | * 12 | * Created on: Dec 15, 2021 13 | * Author: presannar 14 | */ 15 | 16 | #ifndef ZEPHYR_TEKTAGON_SRC_INCLUDE_DEFINITIONS_H_ 17 | #define ZEPHYR_TEKTAGON_SRC_INCLUDE_DEFINITIONS_H_ 18 | 19 | #include 20 | 21 | #define SPI_FLASH_SIZE 0x1000000 22 | #define PFM_FLASH_MANIFEST_ADDRESS 0x7c00000 23 | #define RECOVERY_IMAGE_BASE_ADDRESS 0x03E00000 24 | #define CPLD_RELEASE_VERSION 1 25 | #define HASH_ENGINE_NAME wrapper 26 | #define SMBUS_MAILBOX_SUPPORT 1 27 | 28 | #define HASH_ENGINE_INIT_FUNC_DEF(name) hash_ ## name ## _init 29 | #define HASH_ENGINE_INIT_FUNC(name) HASH_ENGINE_INIT_FUNC_DEF(name) 30 | #define HASH_ENGINE_INIT HASH_ENGINE_INIT_FUNC(HASH_ENGINE_NAME) 31 | 32 | #ifdef CONFIG_DEBUG 33 | #define DEBUG_PRINTF printk 34 | #else 35 | #define DEBUG_PRINTF(...) 36 | #endif 37 | 38 | enum { 39 | DEBUG_LOG_TEKTAGON_MAIN = 0x20, 40 | }; 41 | 42 | /** 43 | * Logging messages for command handling. 44 | * 45 | */ 46 | /*enum { 47 | 48 | };*/ 49 | 50 | struct pfmInfo { 51 | // TBD Fix Void* to point to the correct structure 52 | void *hash; /**< Hashing engine for validation. */ 53 | struct pfm_flash *pfmFlash; /**< PFM instance under test. */ 54 | struct signature_verification *sigVerification; /**< PFM signature verification. */ 55 | struct flash_master *flashMaster; /**< Flash master for the PFM flash. */ 56 | struct spi_flash *spiFlash; /**< Flash where the PFM is stored. */ 57 | uint32_t address; /**< Base address of the PFM. */ 58 | uint8_t signature[256]; /**< Buffer for the manifest signature. */ 59 | uint8_t platform_id[256]; /**< Cache for the platform ID. */ 60 | }; 61 | 62 | #endif /* ZEPHYR_TEKTAGON_SRC_INCLUDE_DEFINITIONS_H_ */ 63 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/keystore/KeystoreManager.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Keystore Handling functions 10 | */ 11 | 12 | #ifndef KEYSTOREMANAGER_H_ 13 | #define KEYSTOREMANAGER_H_ 14 | 15 | #include "keystore/keystore.h" 16 | #include "crypto/rsa.h" 17 | 18 | #define KeyStoreHdrLen sizeof(struct Keystore_Header) 19 | #define KeyStoreKeyMaxLen (KEY_MAX_LENGTH + KeyStoreHdrLen) 20 | #define KeySectionSize 0x1000 // key secton size ,4K 21 | #define FLASH_DEVICE_SIZE 0x1000000 // device size supported 22 | #define KeyStoreOffset_0 0x00 // KeyStore memory offset 23 | #define KEY_MAX_LENGTH 256 24 | #define KEY_MAX_NUMBER 128 25 | #define KeyStoreOffset_200 0x200 26 | 27 | struct Keystore_Manager { 28 | struct keystore base; 29 | }; 30 | 31 | struct Keystore_Header 32 | { 33 | uint8_t key_id; 34 | uint16_t key_length; 35 | }__attribute__((packed)); 36 | 37 | struct Keystore_Package 38 | { 39 | struct Keystore_Header keysotre_hdr; 40 | uint8_t key_buffer[KEY_MAX_LENGTH]; 41 | }; 42 | 43 | 44 | 45 | int keystoreManager_init (struct Keystore_Manager *key_store); 46 | int keystore_get_key_id(struct keystore *store, uint8_t *key, int *key_id, int *last_key_id); 47 | int keystore_get_root_key(struct rsa_public_key *pub_key); 48 | int keystore_save_root_key(struct rsa_public_key *pub_key); 49 | #endif 50 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/main.c: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #include 10 | #include "state_machine.h" 11 | #include "common_smc.h" 12 | #include 13 | #include "include/SmbusMailBoxCom.h" 14 | #include "Smbus_mailbox/Smbus_mailbox.h" 15 | #include "pfr/pfr_common.h" 16 | #include 17 | #include 18 | 19 | #ifdef CONFIG_INTEL_PFR_SUPPORT 20 | #include "intel_2.0/intel_pfr_verification.h" 21 | #include "intel_2.0/intel_pfr_provision.h" 22 | #include "intel_2.0/intel_pfr_definitions.h" 23 | #include "intel_2.0/intel_pfr_pfm_manifest.h" 24 | #endif 25 | #ifdef CONFIG_CERBERUS_PFR_SUPPORT 26 | #include "cerberus/cerberus_pfr_verification.h" 27 | #include "cerberus/cerberus_pfr_provision.h" 28 | #include "cerberus/cerberus_pfr_definitions.h" 29 | #include "cerberus/cerberus_pfr_pfm_manifest.h" 30 | #endif 31 | 32 | #define DEBUG_HALT() { \ 33 | volatile int halt = 1; \ 34 | while (halt) \ 35 | { \ 36 | __asm__ volatile("nop"); \ 37 | } \ 38 | } 39 | 40 | void main(void) 41 | { 42 | int status = 0; 43 | 44 | printk("\r\n *** Tektagon OE version 1.1.00 ***\r\n"); 45 | // DEBUG_HALT(); 46 | status = initializeEngines(); 47 | status = initializeManifestProcessor(); 48 | DebugInit();//State Machine log saving 49 | 50 | BMCBootHold(); 51 | PCHBootHold(); 52 | 53 | #if SMBUS_MAILBOX_SUPPORT 54 | InitializeSmbusMailbox(); 55 | SetPlatformState(ENTER_T_MINUS_1); 56 | #endif 57 | 58 | StartHrotStateMachine(); 59 | } 60 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/manifestProcessor/manifestProcessor.c: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * manifestProcessor.c 11 | * 12 | * Created on: Dec 15, 2021 13 | * Author: presannar 14 | */ 15 | #include 16 | 17 | #include "include/definitions.h" 18 | #include "manifestProcessor.h" 19 | #include 20 | #include "firmware/app_image.h" 21 | 22 | int initializeManifestProcessor(void) 23 | { 24 | int status = 0; 25 | 26 | status = ManifestFlashInitialize(getManifestFlashInstance(), getFlashDeviceInstance(), PFM_FLASH_MANIFEST_ADDRESS, PFM_V2_MAGIC_NUM); 27 | if (status) 28 | return status; 29 | 30 | init_pfr_manifest(); 31 | // status = pfm_manager_flash_init(getPfmManagerFlashInstance(), getPfmFlashInstance(), getPfmFlashInstance(), 32 | // getHostStateManagerInstance(), get_hash_engine_instance(), getSignatureVerificationInstance()); 33 | 34 | return status; 35 | } 36 | 37 | void uninitializeManifestProcessor(void) 38 | { 39 | manifest_flash_release(getManifestFlashInstance()); 40 | } 41 | 42 | int processPfmFlashManifest(void) 43 | { 44 | int status = 0; 45 | uint8_t *hashStorage = getNewHashStorage(); 46 | struct manifest_flash *manifest_flash = getManifestFlashInstance(); 47 | 48 | // printk("Manifest Verification\n"); 49 | status = ManifestFlashVerify(manifest_flash, get_hash_engine_instance(), 50 | getSignatureVerificationInstance(), hashStorage, hashStorageLength); 51 | 52 | if (true == manifest_flash->manifest_valid) { 53 | printk("Manifest Verificaation Successful\n"); 54 | 55 | status = perform_image_verification(); 56 | } 57 | 58 | return status; 59 | } 60 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/manifestProcessor/manifestProcessor.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * manifestProcessor.h 11 | * 12 | * Created on: Dec 15, 2021 13 | * Author: presannar 14 | */ 15 | 16 | #ifndef ZEPHYR_TEKTAGON_SRC_MANIFESTPROCESSOR_MANIFESTPROCESSOR_H_ 17 | #define ZEPHYR_TEKTAGON_SRC_MANIFESTPROCESSOR_MANIFESTPROCESSOR_H_ 18 | 19 | #include 20 | 21 | int initializeManifestProcessor(void); 22 | int processPfmFlashManifest(void); 23 | 24 | #endif /* ZEPHYR_TEKTAGON_SRC_MANIFESTPROCESSOR_MANIFESTPROCESSOR_H_ */ 25 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_recovery.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef PFR_RECOVERY_H_ 10 | #define PFR_RECOVERY_H_ 11 | 12 | 13 | #endif /*PFR_RECOVERY_H_*/ -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_ufm.c: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #include "CommonFlash/CommonFlash.h" 10 | #include "state_machine/common_smc.h" 11 | #include "Definition.h" 12 | #ifdef CONFIG_INTEL_PFR_SUPPORT 13 | #include "intel_2.0/intel_pfr_definitions.h" 14 | #endif 15 | #ifdef CONFIG_CERBERUS_PFR_SUPPORT 16 | #include "cerberus/cerberus_pfr_definitions.h" 17 | #endif 18 | int get_cpld_status(uint8_t *data, uint32_t data_length){ 19 | 20 | int status; 21 | struct SpiEngine *spi_flash = getSpiEngineWrapper(); 22 | spi_flash->spi.device_id[0] = ROT_INTERNAL_STATE; //Internal UFM SPI 23 | status = spi_flash->spi.base.read(&spi_flash->spi,0,data,data_length); 24 | 25 | return Success; 26 | } 27 | 28 | int set_cpld_status(uint8_t *data,uint32_t data_length){ 29 | 30 | int status; 31 | struct SpiEngine *spi_flash = getSpiEngineWrapper(); 32 | spi_flash->spi.device_id[0] = ROT_INTERNAL_STATE; //Internal UFM SPI 33 | status = pfr_spi_erase_4k(ROT_INTERNAL_STATE, 0); 34 | status = spi_flash->spi.base.write(&spi_flash->spi,0,data,data_length); 35 | 36 | return Success; 37 | } 38 | 39 | int ufm_read(uint32_t ufm_id, uint32_t offset, uint8_t *data, uint32_t data_length){ 40 | 41 | if(ufm_id == PROVISION_UFM) 42 | return get_provision_data_in_flash(offset, data, data_length); 43 | else if (ufm_id == UPDATE_STATUS_UFM) 44 | return get_cpld_status(data, data_length); 45 | else 46 | return Failure; 47 | 48 | return Success; 49 | } 50 | 51 | int ufm_write(uint32_t ufm_id, uint32_t offset, uint8_t *data, uint32_t data_length){ 52 | 53 | if(ufm_id == PROVISION_UFM) 54 | return set_provision_data_in_flash(offset, data, data_length); 55 | else if (ufm_id == UPDATE_STATUS_UFM) 56 | return set_cpld_status(data, data_length); 57 | else 58 | return Failure; 59 | 60 | return Success; 61 | 62 | } 63 | 64 | int ufm_erase(uint32_t ufm_id){ 65 | if(ufm_id == PROVISION_UFM) 66 | return pfr_spi_erase_4k(ROT_INTERNAL_INTEL_STATE, 0); 67 | else if(ufm_id == UPDATE_STATUS_UFM) 68 | return pfr_spi_erase_4k(ROT_INTERNAL_STATE, 0); 69 | else 70 | return Failure; 71 | 72 | return Success; 73 | } 74 | 75 | 76 | 77 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_ufm.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef PFR_UFM_H 10 | #define PFR_UFM_H 11 | 12 | int ufm_read(uint32_t ufm_id, uint32_t offset, uint8_t *data, uint32_t data_length); 13 | int ufm_write(uint32_t ufm_id, uint32_t offset, uint8_t *data, uint32_t data_length); 14 | 15 | #endif /*PFR_UFM_H*/ -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_update.c: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #include 10 | #include "pfr_ufm.h" 11 | #include "state_machine/common_smc.h" 12 | #include "include/SmbusMailBoxCom.h" 13 | #include 14 | #include 15 | #include "pfr_common.h" 16 | #ifdef CONFIG_INTEL_PFR_SUPPORT 17 | #include "intel_2.0/intel_pfr_definitions.h" 18 | #include "intel_2.0/intel_pfr_provision.h" 19 | #endif 20 | #ifdef CONFIG_CERBERUS_PFR_SUPPORT 21 | #include "cerberus/cerberus_pfr_definitions.h" 22 | #include "cerberus/cerberus_pfr_provision.h" 23 | #endif 24 | 25 | #undef DEBUG_PRINTF 26 | #if PF_UPDATE_DEBUG 27 | #define DEBUG_PRINTF printk 28 | #else 29 | #define DEBUG_PRINTF(...) 30 | #endif 31 | 32 | int handle_update_image_action(int image_type, void* EventContext) 33 | { 34 | CPLD_STATUS cpld_update_status; 35 | int status; 36 | 37 | status = ufm_read(UPDATE_STATUS_UFM, UPDATE_STATUS_ADDRESS, (uint8_t *)&cpld_update_status, sizeof(CPLD_STATUS)); 38 | if (status != Success) 39 | return status; 40 | 41 | BMCBootHold(); 42 | PCHBootHold(); 43 | 44 | 45 | #if SMBUS_MAILBOX_SUPPORT 46 | SetPlatformState(image_type == BMC_TYPE? BMC_FW_UPDATE : (PCH_TYPE ? PCH_FW_UPDATE : CPLD_FW_UPDATE)); 47 | if (image_type != CPLD_FW_UPDATE) { 48 | SetLastPanicReason(lastPanicReason(image_type)); 49 | IncPanicEventCount(); 50 | } 51 | #endif 52 | 53 | status = update_firmware_image(image_type, EventContext); 54 | if(status != Success) 55 | return Failure; 56 | 57 | return Success; 58 | } 59 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_update.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef PFR_UPDATE_H_ 10 | #define PFR_UPDATE_H_ 11 | 12 | extern int pfr_update_image(int image_type, void *AoData, void *EventContext); 13 | 14 | #endif /*PFR_UPDATE_H_*/ -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_util.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef PFR_UTIL_H 10 | #define PFR_UTIL_H 11 | 12 | #include 13 | 14 | int pfr_spi_read(unsigned int device_id,unsigned int address, 15 | unsigned int data_length, unsigned char *data); 16 | 17 | int pfr_spi_write(unsigned int device_id,unsigned int address, 18 | unsigned int data_length, unsigned char *data); 19 | 20 | int pfr_spi_page_read_write(unsigned int device_id, uint32_t *source_address,uint32_t *target_address); 21 | 22 | int pfr_spi_erase_4k(unsigned int device_id,unsigned int address); 23 | 24 | int esb_ecdsa_verify(struct pfr_manifest *manifest, unsigned int digest[], unsigned char pub_key[], 25 | unsigned char signature[], unsigned char *auth_pass); 26 | 27 | int get_buffer_hash(struct pfr_manifest *manifest,uint8_t *data_buffer, uint8_t length, unsigned char *hash_out); 28 | 29 | int get_hash(struct manifest *manifest, struct hash_engine *hash_engine, uint8_t *hash_out, 30 | size_t hash_length); 31 | 32 | void print_buffer(uint8_t *string,uint8_t *buffer, uint32_t length); 33 | 34 | int compare_buffer(uint8_t *buffer1, uint8_t *buffer2, uint32_t length); 35 | 36 | void reverse_byte_array(uint8_t *data_buffer, uint32_t length); 37 | 38 | int verify_signature(struct signature_verification *verification, const uint8_t *digest, 39 | size_t length, const uint8_t *signature, size_t sig_length); 40 | 41 | int pfr_cpld_update_reboot (void); 42 | 43 | #endif /*PFR_UTIL_H*/ 44 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_verifcation.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef PFR_VERIFICATION_H 10 | #define PFR_VERIFICATION_H 11 | 12 | // Add Active and Recovery verifcation 13 | // Read address from UFM for active 14 | // Set AoData 15 | int authentication_image(void *AoData, void *EventContext); 16 | 17 | // -- Active Region 18 | int ActivePfmVerification(unsigned int ImageType,unsigned int ReadAddress); 19 | int PfmSpiRegionVerification(unsigned int ImageId, unsigned int FlashSelect); 20 | 21 | // -- Recovery Region 22 | int RecoveryRegionVerification(int ImageType); 23 | 24 | #endif /* PFR_VERIFICATION_H */ -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/pfr/pfr_verification.c: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | 10 | #include "StateMachineAction/StateMachineActions.h" 11 | #include "state_machine/common_smc.h" 12 | #include "flash/flash_aspeed.h" 13 | #include "Smbus_mailbox/Smbus_mailbox.h" 14 | #include "pfr/pfr_common.h" 15 | 16 | #include "pfr_util.h" 17 | 18 | #ifdef CONFIG_INTEL_PFR_SUPPORT 19 | #include "intel_2.0/intel_pfr_authentication.h" 20 | #include "intel_2.0/intel_pfr_definitions.h" 21 | #endif 22 | #ifdef CONFIG_CERBERUS_PFR_SUPPORT 23 | #include "cerberus/cerberus_pfr_authentication.h" 24 | #include "cerberus/cerberus_pfr_definitions.h" 25 | #endif 26 | 27 | 28 | #undef DEBUG_PRINTF 29 | #if PFR_AUTHENTICATION_DEBUG 30 | #define DEBUG_PRINTF printk 31 | #else 32 | #define DEBUG_PRINTF(...) 33 | #endif 34 | 35 | int authentication_image(void *AoData, void *EventContext){ 36 | 37 | int status = 0; 38 | AO_DATA *ActiveObjectData = (AO_DATA *) AoData; 39 | EVENT_CONTEXT *EventData = (EVENT_CONTEXT *) EventContext; 40 | 41 | // init_pfr_manifest(); 42 | struct pfr_manifest *pfr_manifest = get_pfr_manifest(); 43 | 44 | pfr_manifest->state = VERIFY; 45 | 46 | if(EventData->image == BMC_EVENT){ 47 | //BMC SPI 48 | DEBUG_PRINTF("Image Type: BMC \r\n"); 49 | pfr_manifest->image_type = BMC_TYPE; 50 | 51 | }else{ 52 | //PCH SPI 53 | DEBUG_PRINTF("Image Type: PCH \r\n"); 54 | pfr_manifest->image_type = PCH_TYPE; 55 | } 56 | 57 | if(EventData->operation == VERIFY_BACKUP){ 58 | status = pfr_manifest->recovery_base->verify(pfr_manifest, pfr_manifest->hash, pfr_manifest->verification->base, pfr_manifest->pfr_hash->hash_out, pfr_manifest->pfr_hash->length, pfr_manifest->recovery_pfm); 59 | }else if(EventData->operation == VERIFY_ACTIVE){ 60 | status = pfr_manifest->active_image_base->verify(pfr_manifest); 61 | } 62 | 63 | return status; 64 | } 65 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/state_machine/common_smc.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef COMMON_SMC_H 10 | #define COMMON_SMC_H 11 | 12 | /* List of HRoT states */ 13 | enum HRoT_state { IDLE, INITIALIZE, I2C, VERIFY, RECOVERY, UPDATE, LOCKDOWN }; 14 | 15 | typedef enum { 16 | Success, 17 | Failure, 18 | ManifestCorruption, 19 | VerifyRecovery, 20 | VerifyActive, 21 | UnSupported, 22 | Decommission_Success, 23 | Lockdown 24 | } Verification_Status; 25 | 26 | enum _hrot_event { 27 | BMC_EVENT = 1, 28 | PCH_EVENT, 29 | I2C_EVENT 30 | }; 31 | 32 | #endif // #ifndef COMMON_SMC_H 33 | -------------------------------------------------------------------------------- /oe-src/ApplicationLayer/tektagon/src/state_machine/state_machine.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef ZEPHYR_STATE_MACHINE_H 10 | #define ZEPHYR_STATE_MACHINE_H 11 | 12 | #include <../../HardwareAbstraction/smf/smf.h> 13 | #include "common_smc.h" 14 | 15 | struct _smc_fifo_event { 16 | void *fifo_reserved; 17 | int new_event_state; 18 | void *new_sm_static_data; 19 | void *new_event_ctx; 20 | }; 21 | 22 | struct hrot_smc_context { 23 | struct smf_ctx ctx; 24 | /* All User Defined Data Follows */ 25 | void *sm_static_data; 26 | void *event_ctx; 27 | }; 28 | 29 | int StartHrotStateMachine(void); 30 | int post_smc_action(int new_state, void *static_data, void *event); 31 | int execute_next_smc_action(int new_state, void *static_data, void *event_ctx); 32 | 33 | void PublishInitialEvents(void); 34 | 35 | #endif // #ifndef ZEPHYR_STATE_MACHINE_H 36 | -------------------------------------------------------------------------------- /oe-src/Common.cmake: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | # Module Name: 9 | # 10 | # CMakeLists.txt 11 | # 12 | # Abstract: 13 | # 14 | # CMake script for Cerberus 15 | # 16 | # -- 17 | 18 | set(COMMON_CMAKE_ROOT ${CMAKE_CURRENT_LIST_DIR}/cmake) 19 | set(COMMON_ROOT ${CMAKE_CURRENT_LIST_DIR}) 20 | set(CERBERUS_ROOT ${CMAKE_CURRENT_LIST_DIR}/FunctionalBlocks/Cerberus) 21 | set(APPLICATION_SOURCE_INC ${CMAKE_CURRENT_LIST_DIR}/ApplicationLayer/tektagon/src ) 22 | set(ZEPHYR_PRESENCE 1) 23 | 24 | #include (${COMMON_CMAKE_ROOT}/extensions.cmake) 25 | 26 | function(CommonDummyFunction) 27 | message(STATUS "Dummy") 28 | endfunction() 29 | 30 | function(CommonInterfaceNamed Name) 31 | if(${ZEPHYR_PRESENCE}) 32 | zephyr_interface_library_named(${Name}) 33 | endif() 34 | endfunction() 35 | 36 | function(CommonWrapperLibrarySources) 37 | if(${ZEPHYR_PRESENCE}) 38 | zephyr_library_sources(${ARGN}) 39 | endif() 40 | endfunction() 41 | 42 | function(CommonLibraryLinkLibraries Item) 43 | if(${ZEPHYR_PRESENCE}) 44 | zephyr_library_link_libraries(${Item}) 45 | else() 46 | CommonDummyFunction() 47 | endif() 48 | endfunction() 49 | 50 | function(CommonCoreCompileOptions Item) 51 | if(${ZEPHYR_PRESENCE}) 52 | zephyr_compile_options(${ARGN}) 53 | else() 54 | target_compile_options(${Item} PUBLIC ${ARGN}) 55 | endif() 56 | endfunction() 57 | 58 | function(CommonCoreCompileDefinitions) 59 | if(${ZEPHYR_PRESENCE}) 60 | zephyr_compile_definitions(${ARGN}) 61 | else() 62 | CommonDummyFunction() 63 | endif() 64 | endfunction() 65 | 66 | function(CommonCore_Library Value ${ARGN}) 67 | if(NOT ${Value}) 68 | add_library( 69 | ${Value} 70 | OBJECT 71 | ${ARGN} 72 | ) 73 | endif() 74 | endfunction() 75 | 76 | function(CommonCoreLibraryIncludeDirectories) 77 | if(${ZEPHYR_PRESENCE}) 78 | zephyr_library_include_directories(${ARGN}) 79 | else() 80 | target_include_directories(${Value} PUBLIC ${ARGN}) 81 | endif() 82 | endfunction() 83 | 84 | function(CommonCore_Link_Libraries) 85 | if(${ZEPHYR_PRESENCE}) 86 | CommonDummyFunction() 87 | else() 88 | target_link_libraries(InterfaceValue PUBLIC ${ARGV}) 89 | endif() 90 | endfunction() 91 | 92 | macro(CommonWrapperLibrary) 93 | zephyr_library(${ARGV}) 94 | endmacro() -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/AmiSmbusInterface/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | # SPDX-License-Identifier: Apache-2.0 9 | 10 | include(../../Common.cmake) 11 | 12 | CommonInterfaceNamed(AmiSmbusInterface) 13 | CommonWrapperLibrary() 14 | 15 | CommonWrapperLibrarySources( 16 | AmiSmbusInterfaceSrcLib.c 17 | ) 18 | 19 | CommonCoreLibraryIncludeDirectories(cerberus_pfr 20 | ${CMAKE_CURRENT_SOURCE_DIR} 21 | ${APPLICATION_SOURCE_INC} 22 | ${COMMON_ROOT} 23 | ${CERBERUS_ROOT}/projects/zephyr 24 | ${COMMON_ROOT}/HardwareAbstraction/Hal/ 25 | ${COMMON_ROOT}/FunctionalBlocks/Common 26 | ${CERBERUS_ROOT}/core 27 | ${COMMON_ROOT}/Wrapper/Tektagon-OE 28 | ${APPLICATION_SOURCE_INC}/state_machine 29 | ${COMMON_ROOT}/Silicon/AST1060 30 | ${COMMON_ROOT}/HardwareAbstraction/smf 31 | ${COMMON_ROOT}/ApplicationLayer/tektagon/src 32 | ${COMMON_ROOT}/ApplicationLayer/tektagon/src/state_machine 33 | ) 34 | 35 | CommonLibraryLinkLibraries(AmiSmbusInterface) 36 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | 9 | if(${ZEPHYR_PRESENCE}) 10 | add_subdirectory_ifdef(CONFIG_CERBERUS Cerberus) 11 | add_subdirectory(ManifestProcess) 12 | add_subdirectory(Common) 13 | add_subdirectory(Pfr) 14 | add_subdirectory(AmiSmbusInterface) 15 | else() 16 | add_subdirectory(Cerberus) 17 | #add_subdirectory(Common) 18 | endif() 19 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Common/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | 9 | include (../../Common.cmake) 10 | 11 | CommonInterfaceNamed(common) 12 | CommonWrapperLibrary() 13 | 14 | CommonWrapperLibrarySources( 15 | ${COMMON_ROOT}/FunctionalBlocks/Common/Common.c 16 | ) 17 | 18 | CommonCoreLibraryIncludeDirectories( 19 | ${COMMON_ROOT} 20 | ${CERBERUS_ROOT}/projects/zephyr 21 | ${COMMON_ROOT}/HardwareAbstraction/Hal 22 | ${COMMON_ROOT}/FunctionalBlocks/Common 23 | ${CERBERUS_ROOT}/core 24 | ${COMMON_ROOT}/Wrapper/Tektagon-OE 25 | ${APPLICATION_SOURCE_INC}/state_machine 26 | ) 27 | 28 | CommonLibraryLinkLibraries(common) 29 | 30 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Common/Common.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef COMMON_COMMON_H_ 10 | #define COMMON_COMMON_H_ 11 | 12 | #define CERBERUS_PREVIOUS_VERSION 0x1 13 | /* Cerberus Includes*/ 14 | #include 15 | 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | 24 | #include 25 | #include 26 | 27 | #include 28 | #include 29 | #include 30 | 31 | #include "CommonFlash/CommonFlash.h" 32 | #include "SpiFilter/SpiFilter.h" 33 | 34 | #include 35 | 36 | #include 37 | #include 38 | #include 39 | 40 | #include 41 | 42 | #define hashStorageLength 256 43 | 44 | struct flash *getFlashDeviceInstance(void); 45 | struct flash_master *getFlashMasterInstance(void); 46 | struct hash_engine *get_hash_engine_instance(void); 47 | struct host_state_manager *getHostStateManagerInstance(void); 48 | struct pfm_flash *getPfmFlashInstance(void); 49 | struct signature_verification *getSignatureVerificationInstance(void); 50 | struct spi_flash *getSpiFlashInstance(void); 51 | struct rsa_engine *getRsaEngineInstance(void); 52 | struct i2c_slave_interface *getI2CSlaveEngineInstance(void); 53 | struct SpiFilterEngine *getSpiFilterEngineWrapper(void); 54 | 55 | #endif /* COMMON_COMMON_H_ */ 56 | 57 | #define MAX_BIOS_BOOT_TIME 300 58 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Kconfig: -------------------------------------------------------------------------------- 1 | source "FunctionalBlocks/Cerberus/Kconfig" -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/ManifestProcess/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | 9 | include (../../Common.cmake) 10 | 11 | CommonInterfaceNamed(ManifestProcess) 12 | CommonWrapperLibrary() 13 | 14 | CommonWrapperLibrarySources( 15 | ${COMMON_ROOT}/FunctionalBlocks/ManifestProcess/ManifestProcess.c 16 | ${COMMON_ROOT}/FunctionalBlocks/ManifestProcess/PfmFlash/PfmFlash.c 17 | ) 18 | 19 | CommonCoreLibraryIncludeDirectories( 20 | ${COMMON_ROOT} 21 | ${COMMON_ROOT}/ApplicationLayer/tektagon/src/common 22 | ${COMMON_ROOT}/FunctionalBlocks/ManifestProcess 23 | ${COMMON_ROOT}/FunctionalBlocks/ManifestProcess/PfmFlash 24 | ${COMMON_ROOT}/ApplicationLayer/tektagon/src/include 25 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/core 26 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/core/manifest 27 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/core/manifest/pfm 28 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/projects/zephyr 29 | ${COMMON_ROOT}/Wrapper/Tektagon-OE/crypto 30 | ) 31 | 32 | CommonLibraryLinkLibraries(ManifestProcess) 33 | 34 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/ManifestProcess/ManifestProcess.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * manifestProcessor.h 11 | * 12 | */ 13 | 14 | #ifndef MANIFEST_PROCESS_H_ 15 | #define MANIFEST_PROCESS_H_ 16 | 17 | #include "manifest.h" 18 | #include "manifest_flash.h" 19 | #include "firmware/app_image.h" 20 | 21 | int ManifestFlashVerify (struct manifest_flash *manifest, struct hash_engine *hash, 22 | struct signature_verification *verification, uint8_t *hash_out, size_t hash_length); 23 | 24 | int ManifestFlashInitialize (struct manifest_flash *manifest, struct flash *flash, uint32_t base_addr, uint16_t magic_num); 25 | 26 | #endif /* MANIFEST_PROCESS_H_ */ 27 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/ManifestProcess/PfmFlash/PfmFlash.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Pfm Handling functions 10 | */ 11 | 12 | #ifndef PFM_FLASH_H_ 13 | #define PFM_FLASH_H_ 14 | 15 | #include "pfm.h" 16 | #include "pfm_flash.h" 17 | #include "flash/flash_util.h" 18 | #include "manifest/manifest_flash.h" 19 | 20 | int PfmFlashInit (struct pfm_flash *pfm, struct flash *flash, struct hash_engine *hash, 21 | uint32_t base_addr, uint8_t *signature_cache, size_t max_signature, uint8_t *platform_id_cache, 22 | size_t max_platform_id); 23 | 24 | #endif /* PFM_FLASH_H_ */ 25 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | add_subdirectory_ifdef(CONFIG_INTEL_PFR_SUPPORT intel_2.0) 2 | add_subdirectory_ifdef(CONFIG_CERBERUS_PFR_SUPPORT cerberus) -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | # SPDX-License-Identifier: Apache-2.0 9 | 10 | include(../../../Common.cmake) 11 | 12 | CommonInterfaceNamed(cerberus_pfr) 13 | CommonWrapperLibrary() 14 | 15 | file(GLOB_RECURSE CERBERUS_PFR_SOURCES "${CMAKE_CURRENT_SOURCE_DIR}/*.c") 16 | 17 | CommonWrapperLibrarySources( 18 | ${CERBERUS_PFR_SOURCES} 19 | ) 20 | 21 | CommonCoreLibraryIncludeDirectories(cerberus_pfr 22 | ${CMAKE_CURRENT_SOURCE_DIR} 23 | ${APPLICATION_SOURCE_INC} 24 | ${COMMON_ROOT} 25 | ${CERBERUS_ROOT}/projects/zephyr 26 | ${COMMON_ROOT}/HardwareAbstraction/Hal/ 27 | ${COMMON_ROOT}/FunctionalBlocks/Common 28 | ${CERBERUS_ROOT}/core 29 | ${COMMON_ROOT}/Wrapper/Tektagon-OE 30 | ${APPLICATION_SOURCE_INC}/state_machine 31 | ${COMMON_ROOT}/Silicon/AST1060 32 | ${COMMON_ROOT}/HardwareAbstraction/smf 33 | ${COMMON_ROOT}/ApplicationLayer/tektagon/src 34 | ${COMMON_ROOT}/ApplicationLayer/tektagon/src/state_machine 35 | ) 36 | 37 | 38 | CommonLibraryLinkLibraries(cerberus_pfr) 39 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_authentication.c: -------------------------------------------------------------------------------- 1 | #if CONFIG_CERBERUS_PFR_SUPPORT 2 | //***********************************************************************// 3 | //* *// 4 | //* Copyright © 2022 AMI *// 5 | //* *// 6 | //* All rights reserved. Subject to AMI licensing agreement. *// 7 | //* *// 8 | //***********************************************************************// 9 | 10 | #include "pfr/pfr_common.h" 11 | #include "Smbus_mailbox/Smbus_mailbox.h" 12 | #include 13 | #include "cerberus_pfr_definitions.h" 14 | #include "cerberus_pfr_verification.h" 15 | #include "cerberus_pfr_provision.h" 16 | #include "cerberus_pfr_key_cancellation.h" 17 | 18 | #if PF_STATUS_DEBUG 19 | #ifndef DEBUG_PRINTF 20 | #define DEBUG_PRINTF printk 21 | #endif 22 | #else 23 | #ifndef DEBUG_PRINTF 24 | #define DEBUG_PRINTF(...) 25 | #endif 26 | #endif 27 | 28 | int cerberus_auth_pfr_recovery_verify(struct pfr_manifest *manifest) 29 | { 30 | return Success; 31 | } 32 | 33 | int cerberus_auth_pfr_active_verify(struct pfr_manifest *manifest) 34 | { 35 | printk("Active Region Verify ... \n"); 36 | int status = 0; 37 | //manifest->address = PFM_FLASH_MANIFEST_ADDRESS; 38 | if (manifest->image_type == BMC_TYPE){ 39 | get_provision_data_in_flash(BMC_ACTIVE_PFM_OFFSET, (uint8_t *)&manifest->address, sizeof(manifest->address)); 40 | manifest->flash_id = BMC_FLASH_ID; 41 | }else{ 42 | get_provision_data_in_flash(PCH_ACTIVE_PFM_OFFSET, (uint8_t *)&manifest->address, sizeof(manifest->address)); 43 | manifest->flash_id = PCH_FLASH_ID; 44 | } 45 | 46 | status = manifest->base->verify(manifest,manifest->hash,manifest->verification->base, manifest->pfr_hash->hash_out, manifest->pfr_hash->length); 47 | 48 | if(status != Success){ 49 | DEBUG_PRINTF("Verify active pfm failed\r\n"); 50 | SetMajorErrorCode(manifest->image_type == BMC_TYPE ? BMC_AUTH_FAIL : PCH_AUTH_FAIL); 51 | return Failure; 52 | } 53 | status = cerberus_verify_regions(manifest); 54 | if(status != Success){ 55 | SetMajorErrorCode(manifest->image_type == BMC_TYPE ? BMC_AUTH_FAIL : PCH_AUTH_FAIL); 56 | DEBUG_PRINTF("Verify active spi failed\r\n"); 57 | return Failure; 58 | } 59 | if (manifest->image_type == BMC_TYPE) { 60 | DEBUG_PRINTF("Authticate BMC "); 61 | } else { 62 | DEBUG_PRINTF("Authticate PCH "); 63 | } 64 | DEBUG_PRINTF("Active Region verification success\r\n"); 65 | return Success; 66 | } 67 | 68 | #endif //CONFIG_CERBERUS_PFR_SUPPORT 69 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_authentication.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef CERBERUS_PFR_AUTHENTICATION_H_ 10 | #define CERBERUS_PFR_AUTHENTICATION_H_ 11 | 12 | #if CONFIG_CERBERUS_PFR_SUPPORT 13 | #include "pfr/pfr_common.h" 14 | 15 | int cerberus_auth_pfr_active_verify(struct pfr_manifest *manifest); 16 | int cerberus_auth_pfr_recovery_verify(struct pfr_manifest *manifest); 17 | #endif CONFIG_CERBERUS_PFR_SUPPORT 18 | #endif /*CERBERUS_PFR_AUTHENTICATION_H_*/ 19 | 20 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_common.h: -------------------------------------------------------------------------------- 1 | #ifndef CERBERUS_PFR_COMMON_H_ 2 | #define CERBERUS_PFR_COMMON_H_ 3 | 4 | #if CONFIG_CERBERUS_PFR_SUPPORT 5 | #include "pfr/pfr_common.h" 6 | int get_rsa_public_key(uint8_t flash_id, uint32_t address, struct rsa_public_key *public_key); 7 | void init_lib_pfr_manifest(struct pfr_manifest *pfr_manifest, 8 | struct manifest *manifest, 9 | struct hash_engine *hash, 10 | struct pfr_signature_verification *verification, 11 | struct spi_flash *flash, 12 | struct pfr_keystore *keystore, 13 | struct pfr_authentication *pfr_authentication, 14 | struct pfr_hash *pfr_hash, 15 | struct recovery_image *recovery_base, 16 | struct pfm_manager *recovery_pfm, 17 | struct pfr_firmware_image *update_fw, 18 | struct active_image *active_image); 19 | 20 | int init_pfr_signature(struct verifcation *verification, struct pfr_pubkey *pubkey); 21 | 22 | #endif 23 | 24 | #endif 25 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_key_cancellation.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef CERBERUS_PFR_KEY_CANCELLATION_H_ 10 | #define CERBERUS_PFR_KEY_CANCELLATION_H_ 11 | 12 | #if CONFIG_CERBERUS_PFR_SUPPORT 13 | 14 | int cerberus_validate_key_cancellation_flag(struct pfr_manifest *manifest); 15 | int cerberus_verify_csk_key_id(struct pfr_manifest *manifest, uint32_t key_id); 16 | int cerberus_cancel_csk_key_id(struct pfr_manifest *manifest, uint32_t key_id); 17 | 18 | #endif 19 | #endif /*INTEL_PFR_KEY_CANCELLATION_H_*/ 20 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_pbc.c: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #include 10 | #include "state_machine/common_smc.h" 11 | #include "cerberus_pfr_definitions.h" 12 | 13 | 14 | #if PF_UPDATE_DEBUG 15 | #define DEBUG_PRINTF printk 16 | #else 17 | #define DEBUG_PRINTF(...) 18 | #endif 19 | 20 | 21 | /** 22 | Function Used to Verify whether the compression Tag value is Matched or Not 23 | 24 | @Param uint32_t * Pointer to Compression Tag 25 | @Param uint32_t Read Address 26 | @Param uint32_t Total size need to read 27 | 28 | @retval int Return Status 29 | **/ 30 | int cerberus_is_compression_tag_matched(uint32_t image_type, uint32_t *compression_tag, uint32_t read_address, uint32_t AreaSize) 31 | { 32 | return Success; 33 | } 34 | 35 | /** 36 | * Function Used to Erase the Active Area based on the BitMap. 37 | * @param - N - Size 38 | * @param - ActiveMapAddress - Location od the Bitmap. 39 | * @return - Success or Failure 40 | */ 41 | /** 42 | Function Used to Erase the Active Area based on the BitMap 43 | 44 | @Param uint32_t Size 45 | @Param uint32_t Active Bit Map Address 46 | 47 | @retval int Return Status 48 | **/ 49 | int cerberus_decompression_erasing(uint32_t image_type, uint32_t N, uint32_t active_map_address) 50 | { 51 | return Success; 52 | } 53 | 54 | 55 | /** 56 | Function Used to Write the Compressed Data based on the Bit Map 57 | 58 | @Param uint32_t Size 59 | @Param uint32_t Compression Tag 60 | @Param uint32_t Compression Map Address 61 | 62 | @retval int Return Status 63 | **/ 64 | int cerberus_decompression_write(uint32_t image_type, uint32_t N, uint32_t compression_tag, uint32_t compression_map_address) 65 | { 66 | return Success; 67 | } 68 | 69 | /** 70 | Function Used to Decompress The Compressed Capsule bin 71 | 72 | @Param uint32_t Read Address 73 | @Param uint32_t Total size need to Decompress 74 | 75 | @retval int Return Status 76 | **/ 77 | int cerberus_capsule_decompression(uint32_t image_type, uint32_t read_address, uint32_t area_size) 78 | { 79 | DEBUG_PRINTF("Decompression completed\r\n"); 80 | return Success; 81 | } 82 | 83 | 84 | 85 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_pbc.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef CERBERUS_PFR_PBC_H_ 10 | #define CERBERUS_PFR_PBC_H_ 11 | 12 | int cerberus_capsule_decompression(int image_type, uint32_t read_address, uint32_t area_size); 13 | 14 | #endif /*CERBERUS_PFR_PBC_H_*/ 15 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_recovery.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef CERBERUS_PFR_RECOVERY_H_ 10 | #define CERBERUS_PFR_RECOVERY_H_ 11 | #define DUAL_SPI 0 12 | 13 | #include 14 | #include "manifest/pfm/pfm_manager.h" 15 | 16 | struct recovery_header{ 17 | uint16_t header_length; 18 | uint16_t format; 19 | uint32_t magic_number; 20 | uint8_t version_id[32]; 21 | uint32_t image_length; 22 | uint32_t sign_length; 23 | }; 24 | 25 | struct recovery_section{ 26 | uint16_t header_length; 27 | uint16_t format; 28 | uint32_t magic_number; 29 | uint32_t start_addr; 30 | uint32_t section_length; 31 | }; 32 | 33 | int pfr_recovery_verify(struct recovery_image *image, struct hash_engine *hash, 34 | struct signature_verification *verification, uint8_t *hash_out, size_t hash_length, 35 | struct pfm_manager *pfm); 36 | 37 | #endif 38 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_spi_filtering.h: -------------------------------------------------------------------------------- 1 | #ifndef CERBERUS_PFR_SPI_FILTERING_H_ 2 | #define CERBERUS_PFR_SPI_FILTERING_H_ 3 | 4 | void init_SPI_RW_region(int spi_device_id); 5 | 6 | #endif /*CERBERUS_PFR_SPI_FILTERING_H_*/ 7 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/cerberus/cerberus_pfr_update.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef CERBERUS_PFR_UPDATE_H_ 10 | #define CERBERUS_PFR_UPDATE_H_ 11 | 12 | #include 13 | 14 | int cerberus_pfr_update_verify(struct firmware_image *fw, struct hash_engine *hash, struct rsa_engine *rsa); 15 | 16 | #endif /*INTEL_PFR_UPDATE_H_*/ 17 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | # SPDX-License-Identifier: Apache-2.0 9 | 10 | include(../../../Common.cmake) 11 | 12 | CommonInterfaceNamed(intel_2.0) 13 | CommonWrapperLibrary() 14 | 15 | 16 | file(GLOB_RECURSE INTEL_2_0_SOURCES "${CMAKE_CURRENT_SOURCE_DIR}/*.c") 17 | 18 | CommonWrapperLibrarySources(${INTEL_2_0_SOURCES} ) 19 | 20 | CommonCoreLibraryIncludeDirectories(intel_2.0 21 | ${CMAKE_CURRENT_SOURCE_DIR} 22 | ${APPLICATION_SOURCE_INC} 23 | ${COMMON_ROOT} 24 | ${CERBERUS_ROOT}/projects/zephyr 25 | ${COMMON_ROOT}/HardwareAbstraction/Hal/ 26 | ${COMMON_ROOT}/FunctionalBlocks/Common 27 | ${CERBERUS_ROOT}/core 28 | ${COMMON_ROOT}/Wrapper/Tektagon-OE 29 | ${APPLICATION_SOURCE_INC}/state_machine 30 | ${COMMON_ROOT}/Silicon/AST1060 31 | ${COMMON_ROOT}/HardwareAbstraction/Smf 32 | ) 33 | 34 | CommonLibraryLinkLibraries(intel_2.0) 35 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_authentication.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef INTEL_PFR_AUTHENTICATION_H_ 10 | #define INTEL_PFR_AUTHENTICATION_H_ 11 | 12 | int pfr_active_verify(struct pfr_manifest *manifest); 13 | 14 | #endif /*INTEL_PFR_AUTHENTICATION_H_*/ 15 | 16 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_common.h: -------------------------------------------------------------------------------- 1 | #ifndef INTEL_PFR_COMMON_H_ 2 | #define INTEL_PFR_COMMON_H_ 3 | 4 | #if CONFIG_INTEL_PFR_SUPPORT 5 | #include "pfr/pfr_common.h" 6 | void init_lib_pfr_manifest(struct pfr_manifest *pfr_manifest, 7 | struct manifest *manifest, 8 | struct hash_engine *hash, 9 | struct pfr_signature_verification *verification, 10 | struct spi_flash *flash, 11 | struct pfr_keystore *keystore, 12 | struct pfr_authentication *pfr_authentication, 13 | struct pfr_hash *pfr_hash, 14 | struct recovery_image *recovery_base, 15 | struct pfm_manager *recovery_pfm, 16 | struct pfr_firmware_image *update_fw, 17 | struct active_image *active_image); 18 | 19 | int init_pfr_keystore(struct keystore *keystore, struct key_cancellation_flag *kc_flag); 20 | int init_pfr_signature(struct signature_verification *verification, struct pfr_pubkey *pubkey); 21 | void init_pfr_firmware_image(struct pfr_firmware_image *update_fw, struct firmware_image *update_base); 22 | #endif 23 | 24 | #endif -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_key_cancellation.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef INTEL_PFR_KEY_CANCELLATION_H_ 10 | #define INTEL_PFR_KEY_CANCELLATION_H_ 11 | 12 | 13 | int validate_key_cancellation_flag(struct pfr_manifest *manifest); 14 | int verify_csk_key_id(struct pfr_manifest *manifest, uint32_t key_id); 15 | int cancel_csk_key_id(struct pfr_manifest *manifest, uint32_t key_id); 16 | 17 | #endif /*INTEL_PFR_KEY_CANCELLATION_H_*/ 18 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_pbc.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef INTEL_PFR_PBC_H_ 10 | #define INTEL_PFR_PBC_H_ 11 | 12 | int capsule_decompression(int image_type, uint32_t read_address,uint32_t area_size); 13 | 14 | #endif /*INTEL_PFR_PBC_H_*/ -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_provision.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef INTEL_PFR_PROVISION_H_ 10 | #define INTEL_PFR_PROVISION_H_ 11 | 12 | #include 13 | // #include "intel_pfr_verification.h" 14 | // #include "pfr/pfr_common.h" 15 | 16 | extern int g_provision_data; 17 | 18 | enum 19 | { 20 | UFM_STATUS, 21 | ROOT_KEY_HASH = 0x004, 22 | PCH_ACTIVE_PFM_OFFSET = 0x024, 23 | PCH_RECOVERY_REGION_OFFSET = 0x028, 24 | PCH_STAGING_REGION_OFFSET = 0x02c, 25 | BMC_ACTIVE_PFM_OFFSET = 0x030, 26 | BMC_RECOVERY_REGION_OFFSET = 0x034, 27 | BMC_STAGING_REGION_OFFSET = 0x038, 28 | PIT_PASSWORD = 0x03c, 29 | PIT_PCH_FW_HASH = 0x044, 30 | PIT_BMC_FW_HASH = 0x064, 31 | SVN_POLICY_FOR_CPLD_UPDATE = 0x084, 32 | SVN_POLICY_FOR_PCH_FW_UPDATE = 0x08c, 33 | SVN_POLICY_FOR_BMC_FW_UPDATE = 0x094, 34 | KEY_CANCELLATION_POLICY_FOR_SIGNING_PCH_PFM = 0x09c, 35 | KEY_CANCELLATION_POLICY_FOR_SIGNING_PCH_UPDATE_CAPSULE = 0x0ac, 36 | KEY_CANCELLATION_POLICY_FOR_SIGNING_BMC_PFM = 0x0bc, 37 | KEY_CANCELLATION_POLICY_FOR_SIGNING_BMC_UPDATE_CAPSULE = 0x0cc, 38 | KEY_CANCELLATION_POLICY_FOR_SIGNING_CPLD_UPDATE_CAPSULE = 0x0dc 39 | }; 40 | 41 | // int verify_root_key_hash(struct pfr_manifest *manifest, uint8_t *root_public_key); 42 | // int verify_root_key_data(struct pfr_manifest *manifest, uint8_t *pubkey_x, uint8_t *pubkey_y); 43 | // int verify_root_key_entry(struct pfr_manifest *manifest, PFR_AUTHENTICATION_BLOCK1 *block1_buffer); 44 | 45 | 46 | #endif /*INTEL_PFR_PROVISION_H*/ 47 | 48 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_recovery.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef INTEL_PFR_RECOVERY_H_ 10 | #define INTEL_PFR_RECOVERY_H_ 11 | 12 | #include 13 | #include "manifest/pfm/pfm_manager.h" 14 | 15 | int intel_pfr_recovery_verify (struct recovery_image *image, struct hash_engine *hash, 16 | struct signature_verification *verification, uint8_t *hash_out, size_t hash_length, 17 | struct pfm_manager *pfm); 18 | 19 | #endif -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_spi_filtering.h: -------------------------------------------------------------------------------- 1 | #ifndef INTEL_PFR_SPI_FILTERING_H_ 2 | #define INTEL_PFR_SPI_FILTERING_H_ 3 | 4 | void init_SPI_RW_region(int spi_device_id); 5 | 6 | #endif /*INTEL_PFR_SPI_FILTERING_H_*/ 7 | -------------------------------------------------------------------------------- /oe-src/FunctionalBlocks/Pfr/intel_2.0/intel_pfr_update.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | #ifndef INTEL_PFR_UPDATE_H_ 10 | #define INTEL_PFR_UPDATE_H_ 11 | 12 | #include 13 | 14 | int intel_pfr_update_verify (struct firmware_image *fw, struct hash_engine *hash, struct rsa_engine *rsa); 15 | 16 | #endif /*INTEL_PFR_UPDATE_H_*/ -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencomputeproject/OCP-OSF-Tektagon_Community_Edition/5d002134e0707ee1a0e107b27736987168b24642/oe-src/HardwareAbstraction/CMakeLists.txt -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | 9 | # HAL 10 | cmake_minimum_required(VERSION 3.12 FATAL_ERROR) 11 | include (../../Common.cmake) 12 | 13 | if(${ZEPHYR_PRESENCE}) 14 | CommonInterfaceNamed(amihardwareinterface) 15 | CommonWrapperLibrary() 16 | 17 | CommonWrapperLibrarySources( 18 | ${COMMON_ROOT}/HardwareAbstraction/Hal/CommonCrypto/CommonHash.c 19 | ${COMMON_ROOT}/HardwareAbstraction/Hal/CommonCrypto/CommonRsa.c 20 | ${COMMON_ROOT}/HardwareAbstraction/Hal/CommonLogging/CommonLogging.c 21 | ${COMMON_ROOT}/HardwareAbstraction/Hal/CommonFlash/CommonFlash.c 22 | ${COMMON_ROOT}/HardwareAbstraction/Hal/CommonFlash/FlashMaster.c 23 | ${COMMON_ROOT}/HardwareAbstraction/Hal/SpiFilter/SpiFilter.c 24 | ${COMMON_ROOT}/HardwareAbstraction/Hal/I2cFilter/I2cFilter.c 25 | ${COMMON_ROOT}/HardwareAbstraction/Hal/I2c/I2c.c 26 | ${COMMON_ROOT}/HardwareAbstraction/Hal/I2c/I2cMaster.c 27 | ) 28 | 29 | CommonCoreLibraryIncludeDirectories( 30 | ${COMMON_ROOT} 31 | ${CERBERUS_ROOT}/projects/Baremetal 32 | ${CERBERUS_ROOT}/projects/zephyr 33 | ${COMMON_ROOT}/HardwareAbstraction/Hal 34 | ${COMMON_ROOT}/FunctionalBlocks/Common 35 | ${CERBERUS_ROOT}/core 36 | ${COMMON_ROOT}/Wrapper/Tektagon-OE 37 | ${COMMON_ROOT}/Silicon/AST1060 38 | ) 39 | 40 | CommonLibraryLinkLibraries(amihardwareinterface) 41 | else() 42 | file(GLOB_RECURSE HAL_COMMON_SOURCE "${CMAKE_CURRENT_LIST_DIR}/*.c") 43 | 44 | CommonCore_Library(HARDWARE_ABSTRACTION ${HAL_COMMON_SOURCE}) 45 | 46 | CommonCoreLibraryIncludeDirectories(HARDWARE_ABSTRACTION 47 | ${CMAKE_CURRENT_LIST_DIR} 48 | ${CERBERUS_ROOT}/core 49 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/projects/Baremetal 50 | ${COMMON_ROOT}/FunctionalBlocks/Common 51 | ${COMMON_ROOT}/Wrapper/BareMetal 52 | ${COMMON_ROOT}/HardwareAbstraction/Qpc/Includes 53 | ${COMMON_ROOT}/HardwareAbstraction/Qpc/Ports/Arm 54 | ${COMMON_ROOT}/HardwareAbstraction/Qpc/Source 55 | ${COMMON_ROOT}/HardwareAbstraction/Qpc/Source/Qv 56 | ${COMMON_ROOT}/HardwareAbstraction/Qpc/Source/Qf 57 | ) 58 | endif() 59 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CommonCrypto/CommonHash.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file Hash.c 9 | * This file contains the Crypto Handling functions 10 | */ 11 | 12 | #include "CommonHash.h" 13 | #include 14 | 15 | static int HashCalculateSha256 (struct hash_engine *Engine, const uint8_t *Data, 16 | size_t Length, uint8_t *Hash, size_t HashLength) 17 | { 18 | return HashEngineCalculateSha256(Data, Length, Hash, HashLength); 19 | } 20 | 21 | static int HashStartSha256 (struct hash_engine *Engine) 22 | { 23 | return HashEngineStartSha256(); 24 | } 25 | 26 | static int HashCalculateSha384 (struct hash_engine *Engine, const uint8_t *Data, 27 | size_t Length, uint8_t *Hash, size_t HashLength) 28 | { 29 | return HashEngineCalculateSha384(Data, Length, Hash, HashLength);; 30 | } 31 | 32 | static int HashStartSha384 (struct hash_engine *Engine){ 33 | 34 | return HashEngineStartSha384(); 35 | } 36 | 37 | static int HashUpdate (struct hash_engine *Engine, const uint8_t *Data, size_t Length) 38 | { 39 | return HashEngineUpdate(Data, Length); 40 | } 41 | 42 | static int HashFinish (struct hash_engine *Engine, uint8_t *Hash, size_t HashLength) 43 | { 44 | return HashEngineFinish(Hash, HashLength); 45 | } 46 | 47 | static void HashCancel (struct hash_engine *Engine) 48 | { 49 | HashEngineCancel(); 50 | } 51 | /** 52 | * Initialize an mbed TLS hash engine. 53 | * 54 | * @param engine The hash engine to initialize. 55 | * 56 | * @return 0 if the hash engine was successfully initialized or an error code. 57 | */ 58 | int HashInitialize (struct hash_engine *Engine) 59 | { 60 | if (Engine == NULL) { 61 | return HASH_ENGINE_INVALID_ARGUMENT; 62 | } 63 | 64 | memset (Engine, 0, sizeof (struct hash_engine)); 65 | 66 | Engine->calculate_sha256 = HashCalculateSha256; 67 | Engine->start_sha256 = HashStartSha256; 68 | #ifdef HASH_ENABLE_SHA384 69 | Engine->calculate_sha384 = HashCalculateSha384; 70 | Engine->start_sha384 = HashStartSha384; 71 | #endif 72 | Engine->update = HashUpdate; 73 | Engine->finish = HashFinish; 74 | Engine->cancel = HashCancel; 75 | 76 | return 0; 77 | } 78 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CommonCrypto/CommonHash.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file Hash.h 9 | * This file contains the Crypto Handling functions 10 | */ 11 | #include 12 | #include 13 | #include 14 | 15 | int HashInitialize (struct hash_engine *Engine); -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CommonCrypto/CommonRsa.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file Rsa.h 9 | * This file contains the Crypto Handling functions 10 | */ 11 | #include 12 | 13 | int RsaInit (struct rsa_engine *Engine); 14 | int RsaSigVerify(struct rsa_engine *Engine, const struct rsa_public_key *Key, 15 | const uint8_t *Signature, size_t SigLength, const uint8_t *Match, size_t MatchLength); -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CommonFlash/CommonFlash.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Flash Handling functions 10 | */ 11 | 12 | #ifndef FLASH_COMMON_H_ 13 | #define FLASH_COMMON_H_ 14 | 15 | #include "flash/flash_master.h" 16 | #include "flash/spi_flash.h" 17 | 18 | struct FlashMaster { 19 | struct flash_master base; 20 | }; 21 | 22 | struct SpiEngine { 23 | struct spi_flash spi; 24 | }; 25 | 26 | struct XferEngine { 27 | struct flash_xfer base; 28 | }; 29 | 30 | /** 31 | * Check the requested operation to ensure it is valid for the device. 32 | */ 33 | #define SPI_FLASH_BOUNDS_CHECK(bytes, addr, len) \ 34 | do { \ 35 | if (addr >= bytes) { \ 36 | return SPI_FLASH_ADDRESS_OUT_OF_RANGE; \ 37 | } \ 38 | \ 39 | if ((addr + len) > bytes) { \ 40 | return SPI_FLASH_OPERATION_OUT_OF_RANGE; \ 41 | } \ 42 | } while (0) 43 | int FlashInit(struct SpiEngine *Spi, struct FlashMaster *Engine); 44 | int FlashMasterInit(struct FlashMaster *spi); 45 | 46 | #endif /* FLASH_COMMON_H_ */ 47 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CommonFlash/FlashMaster.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Flash Master Handling functions 10 | */ 11 | #include "flash/flash_master.h" 12 | #include 13 | #include 14 | #ifndef CERBERUS_PREVIOUS_VERSION 15 | #include 16 | #endif 17 | /** 18 | * Get a set of capabilities supported by the SPI master. 19 | * 20 | * @param spi The SPI master to query. 21 | * 22 | * @return A capabilities bitmask for the SPI master. 23 | */ 24 | uint32_t FlashMasterCapabilities (struct flash_master *spi) 25 | { 26 | return Wrapper_flash_master_capabilities(spi); 27 | } 28 | 29 | /** 30 | * Get a set of capabilities supported by the SPI master. 31 | * 32 | * @param spi The SPI master to query. 33 | * 34 | * @return A capabilities bitmask for the SPI master. 35 | */ 36 | uint32_t SPICommandXfer (struct spi_flash *flash, const struct flash_xfer *Xfer) 37 | { 38 | return Wrapper_SPI_Command_Xfer(flash, Xfer); 39 | } 40 | 41 | int FlashMasterInit(struct FlashMaster *spi) 42 | { 43 | spi->base.capabilities = FlashMasterCapabilities; 44 | #ifndef CERBERUS_PREVIOUS_VERSION 45 | spi->base.xfer = SPI_Command_Xfer; 46 | #endif 47 | 48 | return 0; 49 | } 50 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/CommonLogging/CommonLogging.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Logging Handling functions 10 | */ 11 | 12 | #ifndef COMMON_LOGGING_H_ 13 | #define COMMON_LOGGING_H_ 14 | 15 | //#include 16 | 17 | extern int LogingFlashInit (struct logging_flash *Logging); 18 | extern int DebugInit(void); 19 | 20 | 21 | #endif /* LOGGING_WRAPPER_H_ */ 22 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Dice/Dice.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Dice Handling functions 10 | */ 11 | 12 | #include "Dice.h" 13 | // #include "DiceWrapper.h" 14 | 15 | /** 16 | * Function to Dice Status. 17 | */ 18 | int DiceStatus(void) 19 | { 20 | return DiceStatusHook(); 21 | } 22 | 23 | /** 24 | * Initialize Dice 25 | */ 26 | int DiceInit(struct DiceInterface *Dice) 27 | { 28 | if (Dice == NULL) { 29 | return DICE_INVALID_ARGUMENT; 30 | } 31 | 32 | // memset (Dice, 0, sizeof (struct DiceInterface)); 33 | 34 | Dice->DiceStatus = DiceStatus; 35 | 36 | return 0; 37 | } 38 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Dice/Dice.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Dice Handling functions 10 | */ 11 | 12 | #ifndef DICE_H_ 13 | #define DICE_H_ 14 | 15 | #include 16 | #include 17 | 18 | #define TRACE printf 19 | /** 20 | * Dice Interface 21 | */ 22 | struct DiceInterface { 23 | /** 24 | * Function to Dice Status. 25 | * 26 | * @param Dice Interface 27 | * 28 | * @return 0 29 | */ 30 | int (*DiceStatus ) (); 31 | }; 32 | 33 | int DiceInit(void); 34 | 35 | /** 36 | * Error codes that can be generated by a DICE. 37 | */ 38 | enum { 39 | DICE_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 40 | }; 41 | #endif /* Dice_H_ */ 42 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Gpio/Gpio.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the GPIO Handling functions 10 | */ 11 | 12 | #include "Gpio.h" 13 | 14 | /** 15 | * Function to Set value for the GPIO PIN 16 | */ 17 | static int GpioSetConfiguration(void) 18 | { 19 | return GpioSetConfigurationHook(); 20 | } 21 | 22 | /** 23 | * Function to Get value of the GPIO PIN 24 | */ 25 | static int GpioGetConfiguration(void) 26 | { 27 | return GpioGetConfigurationHook(); 28 | } 29 | 30 | /** 31 | * System Reset 32 | */ 33 | static int SystemReset(void) 34 | { 35 | return SystemResetHook(); 36 | } 37 | 38 | /** 39 | * Initialize GPIO 40 | */ 41 | int GpioInit(struct GpioInterface *Gpio) 42 | { 43 | if (Gpio == NULL) { 44 | return GPIO_INVALID_ARGUMENT; 45 | } 46 | 47 | // memset (Gpio, 0, sizeof (struct Gpio)); 48 | 49 | Gpio->GpioSet = GpioSetConfiguration; 50 | Gpio->GpioGet = GpioGetConfiguration; 51 | Gpio->SysReset = SystemReset; 52 | 53 | return 0; 54 | } 55 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Gpio/Gpio.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the GPIO Handling functions 10 | */ 11 | 12 | #ifndef GPIO_H_ 13 | #define GPIO_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | /** 19 | * Storage for device keys and certificates. 20 | */ 21 | struct GpioInterface { 22 | /** 23 | * GPIO Set. 24 | * 25 | * @param Gpio Interface 26 | * @param id The ID of the key being stored. 27 | * 28 | * @return 0 if the key was successfully stored or an error code. 29 | */ 30 | int (*GpioSet) (); 31 | 32 | /** 33 | * GPIO Set. 34 | * 35 | * @param store The key storage where the key is saved. 36 | * @param id The ID of the key to load. 37 | * 38 | * @return 0 if the key was successfully loaded or an error code. 39 | */ 40 | int (*GpioGet) (); 41 | 42 | /** 43 | * Boot Release 44 | * 45 | * @param Gpio Interface 46 | * 47 | * @return 0 if the successfully erased or an error code. 48 | */ 49 | int (*SysReset) (); 50 | }; 51 | 52 | int GpioInit (struct GpioInterface *Gpio); 53 | 54 | /** 55 | * Error codes that can be generated by a GPIO. 56 | */ 57 | enum { 58 | GPIO_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 59 | }; 60 | 61 | #endif /* GPIO_H_ */ 62 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Hal.yaml: -------------------------------------------------------------------------------- 1 | Features: 2 | - feature: 3 | name: Crypto 4 | macro: CRYPTO_SUPPORT 5 | description: Switch to enable crypto interface 6 | enable: Yes 7 | - feature: 8 | name: Dice 9 | macro: DICE_SUPPORT 10 | description: Switch to enable Dice interface 11 | enable: Yes 12 | - feature: 13 | name: CommonFlash 14 | macro: COMMONFLASH_SUPPORT 15 | description: Switch to enable CommonFlash interface 16 | enable: Yes 17 | - feature: 18 | name: Gpio 19 | macro: GPIO_SUPPORT 20 | description: Switch to enable Gpio interface 21 | enable: Yes 22 | - feature: 23 | name: I2c 24 | macro: I2C_SUPPORT 25 | description: Switch to enable I2c interface 26 | enable: Yes 27 | - feature: 28 | name: Interrupt 29 | macro: INTERRUPT_SUPPORT 30 | description: Switch to enable Interrupt interface 31 | enable: Yes 32 | - feature: 33 | name: Logging 34 | macro: LOG_SUPPORT 35 | description: Switch to enable Logging interface 36 | enable: Yes 37 | - feature: 38 | name: Smbus 39 | macro: SMBUS_SUPPORT 40 | description: Switch to enable Smbus interface 41 | enable: Yes 42 | - feature: 43 | name: SmbusFilter 44 | macro: SMBUSFILTER_SUPPORT 45 | description: Switch to enable SmbusFilter interface 46 | enable: Yes 47 | - feature: 48 | name: Spi 49 | macro: SPI_SUPPORT 50 | description: Switch to enable Spi interface 51 | enable: Yes 52 | - feature: 53 | name: SpiFilter 54 | macro: SPIFILTER_SUPPORT 55 | description: Switch to enable SpiFilter interface 56 | enable: Yes 57 | - feature: 58 | name: Timer 59 | macro: TIMER_SUPPORT 60 | description: Switch to enable Timer interface 61 | enable: Yes 62 | - feature: 63 | name: WatchDog 64 | macro: WATCHDOG_SUPPORT 65 | description: Switch to enable WatchDog interface 66 | enable: Yes 67 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/I2c/I2c.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Handling functions 10 | */ 11 | 12 | #include "I2c.h" 13 | #include "i2c/i2c_master_interface.h" 14 | #include "I2c/I2cWrapper.h" 15 | 16 | /* I2cSlaveInitSlaveDev 17 | * I2c salve initial to asp1060 api. 18 | * 19 | * @param i2c structure i2c_slave_interface 20 | * @param DevName I2C device name, support I2C_0 and I2C_1 21 | * @param slave_addr I2c slave device slave address 22 | * 23 | * @return 0 if the I2C slave was successfully initialize or an error code. 24 | */ 25 | int I2cSlaveInitSlaveDev(struct i2c_slave_interface *i2c, char *DevName, uint8_t slave_addr) 26 | { 27 | return I2cSlaveWrapperInitSlaveDev(i2c, DevName, slave_addr); 28 | } 29 | /** 30 | * Initialize an aspeed I2C slave engine. 31 | * 32 | * @param engine The I2C slave to initialize. 33 | * 34 | * @return 0 if the I2C slave was successfully initialize or an error code. 35 | */ 36 | int I2cSlaveInit (struct i2c_slave_interface *I2cSlaveEngine) 37 | { 38 | int status; 39 | 40 | if (I2cSlaveEngine == NULL) { 41 | return I2C_SLAVE_INVALID_ARGUMENT; 42 | } 43 | 44 | memset (I2cSlaveEngine, 0, sizeof (I2cSlaveEngine)); 45 | 46 | I2cSlaveEngine->InitSlaveDev = I2cSlaveInitSlaveDev; 47 | 48 | return 0; 49 | } 50 | 51 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/I2c/I2c.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Handling functions 10 | */ 11 | 12 | #ifndef COMMON_I2C_H_ 13 | #define COMMON_I2C_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | #include "status/rot_status.h" 19 | 20 | #define I2C_SLAVE_ERROR(code) ROT_ERROR (ROT_MODULE_I2C_SLAVE, code) 21 | /** 22 | * Error codes that can be generated by an I2C slave driver. 23 | */ 24 | enum { 25 | I2C_SLAVE_INVALID_ARGUMENT = I2C_SLAVE_ERROR (0x00), /**< Input parameter is null or not valid. */ 26 | I2C_SLAVE_NO_MEMORY = I2C_SLAVE_ERROR (0x01), /**< Memory allocation failed. */ 27 | I2C_SLAVE_NO_DEVICE = I2C_SLAVE_ERROR (0x02), /**< Not found device */ 28 | }; 29 | /** 30 | * Defines the interface to an I2C slave 31 | */ 32 | 33 | struct i2c_slave_interface { 34 | /** 35 | * Initial I2C device to slave device using provided interface 36 | * 37 | * @param i2c I2C slave interface to use 38 | * @param DevName I2C device name (EX:I2C_0 or I2C_1) 39 | * @param slave_addr I2C slave device address to setting 40 | * 41 | * @return Transfer status, 0 if success or an error code. 42 | */ 43 | int (*InitSlaveDev) (struct i2c_slave_interface *i2c, char *DevName, uint8_t slave_addr); 44 | }; 45 | 46 | int I2cSlaveInit (struct i2c_slave_interface *I2cSlaveEngine); 47 | 48 | #endif /* COMMON_I2C_H_ */ -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/I2cFilter/I2cFilter.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Handling functions 10 | */ 11 | 12 | #include "I2cFilter.h" 13 | #include "I2cFilter/I2cFilterWrapper.h" 14 | 15 | /** 16 | * @brief Initialize specific device of I2C filter 17 | * 18 | * @param i2c_filter_interface I2C filter interface to use 19 | * 20 | * @return 0 if the I2C filter failed to initialize or an error code. 21 | */ 22 | static int I2cFilterInit(struct i2c_filter_interface *filter) 23 | { 24 | return WrapperI2cFilterInit(filter->filter.device_id); 25 | } 26 | 27 | /** 28 | * @brief Enable / disable specific device of I2C filter 29 | * 30 | * @param i2c_filter_interface I2C filter interface to use 31 | * @param en enable I2C filter 32 | * 33 | * @return 0 if the I2C filter failed to enable or an error code. 34 | */ 35 | static int I2cFilterEnable(struct i2c_filter_interface *filter, bool enable) 36 | { 37 | return WrapperI2cFilterEnable(filter->filter.device_id, enable); 38 | } 39 | 40 | /** 41 | * @brief Setup whitelist for specific device of I2C filter with provided offset of slave device. 42 | * Index can using on stores every single offset of slave device with each single index. 43 | * 44 | * @param i2c_filter_interface I2C filter interface to use 45 | * @param index Index to stores register address or offset of slave device 46 | * 47 | * @return 0 if the I2C filter failed to setup or an error code. 48 | */ 49 | static int I2cFilterSet(struct i2c_filter_interface *filter, uint8_t index) 50 | { 51 | return WrapperI2cFilterSet(filter->filter.device_id, index); 52 | } 53 | 54 | /** 55 | * @brief Retrieves a I2C filter interface provided functions. 56 | * 57 | * @param i2c_filter_interface I2C filter interface to use 58 | * 59 | * @return 0 if the I2C filter failed to initialization or an error code. 60 | */ 61 | int I2cFilterInitialization(struct i2c_filter_interface *Filter) 62 | { 63 | if (Filter == NULL) 64 | return -1; 65 | 66 | memset(Filter, 0, sizeof(*Filter)); 67 | 68 | Filter->init_filter = I2cFilterInit; 69 | Filter->enable_filter = I2cFilterEnable; 70 | Filter->set_filter = I2cFilterSet; 71 | 72 | return 0; 73 | } 74 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/I2cFilter/I2cFilter.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Handling functions 10 | */ 11 | 12 | #ifndef COMMON_I2C_FILTER_H_ 13 | #define COMMON_I2C_FILTER_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include "status/rot_status.h" 20 | 21 | /** 22 | * Defines the device to an I2C filter 23 | */ 24 | struct i2c_filter_device_info { 25 | uint8_t device_id; 26 | uint8_t slave_addr; 27 | /** 28 | * white-list/allow-list data to pass through I2C filter . This should provided 256 bytes buffer to 29 | * decide which I2C slave offset should be allowed/blocked by filter. 30 | * 31 | * bit position as I2C slave offset data. ex. bit0 for offset 0x00 and bit32 for offset 0x20. 32 | * And bit value as 1'b1 to I2C slave offset data for that slave data will be allowed by 33 | * white-list/allow-list, otherwise will be blocked. 34 | */ 35 | void* whitelist_elements; 36 | }; 37 | 38 | 39 | /** 40 | * Defines the interface to an I2C filter 41 | */ 42 | struct i2c_filter_interface { 43 | 44 | struct i2c_filter_device_info filter; 45 | /** 46 | * Initializes the I2C filter. 47 | * 48 | * @param filter The I2C filter to initialization. 49 | * 50 | * @return 0 if the I2C filter was configured successfully or an error code. 51 | */ 52 | 53 | int (*init_filter) (struct i2c_filter_interface *filter); 54 | 55 | /** 56 | * Enable or disable the I2C filter. A disabled I2C filter will block all access from the host 57 | * to slave device. 58 | * 59 | * @param filter The I2C filter to update. 60 | * @param enable Flag indicating if the I2C filter should be enabled or disabled. 61 | * 62 | * @return 0 if the I2C filter was configured successfully or an error code. 63 | */ 64 | 65 | int (*enable_filter) (struct i2c_filter_interface *filter, bool enable); 66 | 67 | /** 68 | * Set the white-list/allow-list for the I2C filter. 69 | * 70 | * @param filter The I2C filter instance to use 71 | * @param index The white-list/allow-list index to update 72 | */ 73 | 74 | int (*set_filter) (struct i2c_filter_interface *filter, uint8_t index); 75 | }; 76 | 77 | #endif /* COMMON_I2C_FILTER_H_ */ 78 | 79 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Interrupt/Interrupt.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Interrupt Handling functions 10 | */ 11 | 12 | #include 13 | #include 14 | #include 15 | #include "Interrupt.h" 16 | 17 | /** 18 | * Function to Timer Interrupt 19 | */ 20 | static int GetTimerInterrupt(void) 21 | { 22 | return GetTimerInterruptHook(); 23 | } 24 | 25 | /** 26 | * Initialize Interrupt Interface 27 | */ 28 | int InterruptInterface(struct InterruptInterface *Interrupt) 29 | { 30 | if (Interrupt == NULL) { 31 | return INTERRUPT_INVALID_ARGUMENT; 32 | } 33 | 34 | // memset (Interrupt, 0, sizeof (struct Interrupt)); 35 | 36 | Interrupt->TimerInterrupt = GetTimerInterrupt; 37 | 38 | return 0; 39 | } 40 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Interrupt/Interrupt.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the GPIO Handling functions 10 | */ 11 | 12 | #ifndef INTERRUPT_H_ 13 | #define INTERRUPT_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | /** 19 | * Interrupt Interface 20 | */ 21 | struct InterruptInterface { 22 | /** 23 | * Function to initialize Timer Interrupt. 24 | * 25 | * @param Interrupt Interface 26 | * 27 | * @return 0 28 | */ 29 | int (*TimerInterrupt) (); 30 | 31 | }; 32 | 33 | int InterruptInterface (struct InterruptInterface *Interrupt); 34 | 35 | /** 36 | * Error codes that can be generated by a GPIO. 37 | */ 38 | enum { 39 | INTERRUPT_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 40 | }; 41 | 42 | #endif /* INTERRUPT_H_ */ 43 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Smbus/Smbus.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Smbus Handling functions 10 | */ 11 | 12 | #include "Smbus.h" 13 | 14 | /** 15 | * Function to Smbus Read. 16 | */ 17 | static int SmbusReadAccess(void) 18 | { 19 | return SmbusReadAccessHook(); 20 | } 21 | 22 | /** 23 | * Function to Smbus Write. 24 | */ 25 | static int SmbusWriteAccess(void) 26 | { 27 | return SmbusWriteAccessHook(); 28 | } 29 | 30 | /** 31 | * Initialize Smbus 32 | */ 33 | int SmbusInit(struct SmbusInterface *Smbus) 34 | { 35 | if (Smbus == NULL) { 36 | return SMBUS_INVALID_ARGUMENT; 37 | } 38 | 39 | // memset (Smbus, 0, sizeof (struct Smbus)); 40 | 41 | Smbus->SmbusRead = SmbusReadAccess; 42 | Smbus->SmbusWrite = SmbusWriteAccess; 43 | 44 | return 0; 45 | } 46 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Smbus/Smbus.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Smbus Handling functions 10 | */ 11 | 12 | #ifndef SMBUS_H_ 13 | #define SMBUS_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | /** 20 | * Smbus Interface 21 | */ 22 | struct SmbusInterface { 23 | /** 24 | * Function to Smbus Enable. 25 | * 26 | * @param Smbus Interface 27 | * 28 | * @return 0 29 | */ 30 | int (*SmbusRead ) (); 31 | 32 | /** 33 | * Function to Smbus Disable. 34 | * 35 | * @param Smbus Interface 36 | * 37 | * @return 0 38 | */ 39 | int (*SmbusWrite ) (); 40 | }; 41 | 42 | int SmbusInit (struct SmbusInterface *Smbus); 43 | 44 | /** 45 | * Error codes that can be generated by a SMBUS. 46 | */ 47 | enum { 48 | SMBUS_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 49 | }; 50 | #endif /* Smbus_H_ */ 51 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/SmbusFilter/SmbusFilter.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | 9 | #include "SmbusFilter.h" 10 | 11 | /** 12 | * Function to Enable SmbusFilter. 13 | */ 14 | static int SmbusFilterEnabled(void) 15 | { 16 | return SmbusFilterEnabledHook(); 17 | } 18 | 19 | /** 20 | * Function to Disable SmbusFilter. 21 | */ 22 | static int SmbusFilterDisabled(void) 23 | { 24 | return SmbusFilterDisabledHook(); 25 | } 26 | 27 | /** 28 | * Initialize SmbusFilter 29 | */ 30 | int SmbusFilterInit(struct SmbusFilterInterface *SmbusFilter) 31 | { 32 | if (SmbusFilter == NULL) { 33 | return SMBUSFILTER_INVALID_ARGUMENT; 34 | } 35 | 36 | // memset (SmbusFilter, 0, sizeof (struct SmbusFilter)); 37 | 38 | SmbusFilter->SmbusFilterEnable = SmbusFilterEnabled; 39 | SmbusFilter->SmbusFilterDisable = SmbusFilterDisabled; 40 | 41 | return 0; 42 | } 43 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/SmbusFilter/SmbusFilter.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Smbus Filter functions 10 | */ 11 | 12 | #ifndef SMBUSFILTER_H_ 13 | #define SMBUSFILTER_H_ 14 | 15 | #include 16 | 17 | /** 18 | * SmbusFilter Interface 19 | */ 20 | struct SmbusFilterInterface { 21 | /** 22 | * Function to SmbusFilter Enable. 23 | * 24 | * @param SmbusFilter Interface 25 | * 26 | * @return 0 27 | */ 28 | int (*SmbusFilterEnable ) (); 29 | 30 | /** 31 | * Function to SmbusFilter Disable. 32 | * 33 | * @param SmbusFilter Interface 34 | * 35 | * @return 0 36 | */ 37 | int (*SmbusFilterDisable ) (); 38 | }; 39 | 40 | int SmbusFilterInit (struct SmbusFilterInterface *SmbusFilter); 41 | 42 | /** 43 | * Error codes that can be generated by a Smbus FILTER. 44 | */ 45 | enum { 46 | SMBUSFILTER_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 47 | }; 48 | #endif /* SMBUSFILTER_H_ */ 49 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Spi/Spi.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Spi Handling functions 10 | */ 11 | 12 | #include "Spi.h" 13 | 14 | /** 15 | * Function to read data in SPI port. 16 | */ 17 | static int SpiReadAccess(void) 18 | { 19 | return SpiReadAccessHook(); 20 | } 21 | 22 | /** 23 | * Function to write data in SPI port 24 | */ 25 | static int SpiWriteAccess(void) 26 | { 27 | return SpiWriteAccessHook(); 28 | } 29 | 30 | /** 31 | * Function to erase the particular chip of size 4k. 32 | */ 33 | static int SpiEraseAccess(void) 34 | { 35 | return SpiEraseAccessHook(); 36 | } 37 | 38 | /** 39 | * Initialize Spi 40 | */ 41 | int SpiInit(struct SpiInterface *Spi) 42 | { 43 | if (Spi == NULL) { 44 | return SPI_INVALID_ARGUMENT; 45 | } 46 | 47 | // memset (Spi, 0, sizeof (struct Spi)); 48 | Spi->SpiRead = SpiReadAccess; 49 | Spi->SpiWrite = SpiWriteAccess; 50 | Spi->SpiErase = SpiEraseAccess; 51 | 52 | return 0; 53 | } 54 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Spi/Spi.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Spi Handling functions 10 | */ 11 | 12 | #ifndef SPI_H_ 13 | #define SPI_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | /** 20 | * Spi Interface 21 | */ 22 | struct SpiInterface { 23 | /** 24 | * Function to read data in SPI port. 25 | * 26 | * @param Spi Interface 27 | * 28 | * @return 0 29 | */ 30 | int (*SpiRead ) (); 31 | 32 | /** 33 | * Function to write data in SPI port 34 | * 35 | * @param Spi Interface 36 | * 37 | * @return 0 38 | */ 39 | int (*SpiWrite ) (); 40 | /** 41 | * Function to erase the particular chip of size 4k. 42 | * 43 | * @param Spi Interface 44 | * 45 | * @return 0 46 | */ 47 | int (*SpiErase ) (); 48 | 49 | /** 50 | * Function to read the data using DMA mode. 51 | * 52 | * @param Spi Interface 53 | * 54 | * @return 0 55 | */ 56 | int (*SpiDmaRead ) (); 57 | }; 58 | 59 | int SpiInit (struct SpiInterface *Spi); 60 | /** 61 | * Error codes that can be generated by a SPI. 62 | */ 63 | enum { 64 | SPI_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 65 | }; 66 | 67 | #endif /* SPI_H_ */ 68 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/SpiFilter/SpiFilter.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Timer Handling functions 10 | */ 11 | 12 | #ifndef SPIFILTER_COMMON_H_ 13 | #define SPIFILTER_COMMON_H_ 14 | 15 | #include "spi_filter/spi_filter_interface.h" 16 | 17 | #define SPI_FILTER_READ_PRIV 0 18 | #define SPI_FILTER_WRITE_PRIV 1 19 | 20 | #define SPI_FILTER_PRIV_ENABLE 0 21 | #define SPI_FILTER_PRIV_DIABLE 1 22 | 23 | struct SpiFilterEngine{ 24 | struct spi_filter_interface base; 25 | int dev_id; 26 | }; 27 | 28 | int SpiFilterInit(struct SpiFilterEngine *SpiFilter); 29 | 30 | #endif /* SPIFILTER_H_ */ 31 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Timer/Timer.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Timer Handling functions 10 | */ 11 | 12 | #include "Timer.h" 13 | 14 | /** 15 | * Function to Start Basic Timer. 16 | */ 17 | static int BasicTimerStart(void) 18 | { 19 | return BasicTimerStartHook(); 20 | } 21 | 22 | /** 23 | * Function to Start Basic Timer. 24 | */ 25 | static int BasicTimerStop(void) 26 | { 27 | return BasicTimerStopHook(); 28 | } 29 | 30 | /** 31 | * Initialize Basic Timer 32 | */ 33 | int TimerInit(struct TimerInterface *Timer) 34 | { 35 | if (Timer == NULL) { 36 | return TIMER_INVALID_ARGUMENT; 37 | } 38 | 39 | // memset (Timer, 0, sizeof (struct Timer)); 40 | 41 | Timer->BasicTimerStart = BasicTimerStart; 42 | Timer->BasicTimerStop = BasicTimerStop; 43 | 44 | return 0; 45 | } 46 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Timer/Timer.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Timer Handling functions 10 | */ 11 | 12 | #ifndef TIMER_H_ 13 | #define TIMER_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | /** 20 | * Timer Interface 21 | */ 22 | struct TimerInterface { 23 | /** 24 | * Function to Start Basic Timer. 25 | * 26 | * @param Timer Interface 27 | * 28 | * @return 0 29 | */ 30 | int (*BasicTimerStart) (); 31 | 32 | /** 33 | * Function to Stop Basic Timer. 34 | * 35 | * @param Timer Interface 36 | * 37 | * @return 0 38 | */ 39 | int (*BasicTimerStop) (); 40 | }; 41 | 42 | int BasicTimerInit(struct TimerInterface *Timer); 43 | 44 | /** 45 | * Error codes that can be generated by a Timer. 46 | */ 47 | enum { 48 | TIMER_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 49 | }; 50 | #endif /* TIMER_H_ */ 51 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Watchdog/Watchdog.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Watchdog Handling functions 10 | */ 11 | 12 | #include "Watchdog.h" 13 | 14 | /** 15 | * Function to Watchdog Read. 16 | */ 17 | static int WatchdogFeed(void) 18 | { 19 | return WatchdogFeedHook(); 20 | } 21 | 22 | /** 23 | * Function to Watchdog Disable 24 | */ 25 | static int WatchdogDisable(void) 26 | { 27 | return WatchdogDisable(); 28 | } 29 | 30 | /** 31 | * Initialize Watchdog 32 | */ 33 | int WatchdogInit(struct WatchdogInterface *Watchdog) 34 | { 35 | if (Watchdog == NULL) { 36 | return WATCHDOG_INVALID_ARGUMENT; 37 | } 38 | 39 | // memset (Watchdog, 0, sizeof (struct Watchdog)); 40 | 41 | Watchdog->WatchdogFeed = WatchdogFeed; 42 | Watchdog->WatchdogDisable = WatchdogDisable; 43 | 44 | return 0; 45 | } 46 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Hal/Watchdog/Watchdog.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Watchdog Handling functions 10 | */ 11 | 12 | #ifndef WATCHDOG_H_ 13 | #define WATCHDOG_H_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | /** 20 | * Watchdog Interface 21 | */ 22 | struct WatchdogInterface { 23 | /** 24 | * Function to Watchdog Feed. 25 | * 26 | * @param Watchdog Interface 27 | * 28 | * @return 0 29 | */ 30 | int (*WatchdogFeed) (); 31 | 32 | /** 33 | * Function to Watchdog Disable. 34 | * 35 | * @param Watchdog Interface 36 | * 37 | * @return 0 38 | */ 39 | int (*WatchdogDisable) (); 40 | }; 41 | 42 | int WatchdogInit(struct WatchdogInterface *Watchdog); 43 | 44 | /** 45 | * Error codes that can be generated by a Window. 46 | */ 47 | enum { 48 | WATCHDOG_INVALID_ARGUMENT = 0x00 /**< Input parameter is null or not valid. */ 49 | }; 50 | 51 | #endif /* Watchdog_H_ */ 52 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/HardwareAbstraction.cmake: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright © 2022 American Megatrends International LLC * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #***********************************************************************- 8 | # file HardwareAbstraction.cmake 9 | # Abstract: 10 | # 11 | # Defines the full set of compiler definitions necessary to enable Hardware Abstraction to publish its tasks. 12 | # Remove unwanted items from the list if you are not using it. 13 | # 14 | # -- 15 | 16 | set(HARDWARE_ROOT ${CMAKE_CURRENT_LIST_DIR}) 17 | 18 | set( 19 | HARDWARE_ABSTRACTION_LIST 20 | CRYPTO_INITILIZATION 21 | DICE_INITILIZATION 22 | FLASH_INITILIZATION 23 | GPIO_INITILIZATION 24 | I2C_INITILIZATION 25 | INTERRUPT_INITILIZATION 26 | SMBUS_INITILIZATION 27 | SMBUSFILTER_INITILIZATION 28 | SPI_INITILIZATION 29 | SPIFILTER_INITILIZATION 30 | TIMER_INITILIZATION 31 | WATCHDOG_INITILIZATION 32 | ) 33 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/Kconfig: -------------------------------------------------------------------------------- 1 | # Copyright (c) 2016 Intel Corporation 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | source "HardwareAbstraction/smf/Kconfig" 5 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/smf/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2022, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | # SPDX-License-Identifier: Apache-2.0 9 | 10 | include(../../Common.cmake) 11 | 12 | CommonInterfaceNamed(smf) 13 | 14 | CommonCoreLibraryIncludeDirectories(smf INTERFACE ${CMAKE_CURRENT_SOURCE_DIR}) 15 | 16 | CommonWrapperLibrary() 17 | 18 | CommonWrapperLibrarySources(smf.c) 19 | 20 | CommonLibraryLinkLibraries(smf) 21 | -------------------------------------------------------------------------------- /oe-src/HardwareAbstraction/smf/Kconfig: -------------------------------------------------------------------------------- 1 | # Copyright 2021 The Chromium OS Authors 2 | # SPDX-License-Identifier: Apache-2.0 3 | 4 | config SMF 5 | bool "Enable Hierarchical State Machine" 6 | help 7 | This option enables the Hierarchical State Machine library 8 | 9 | if SMF 10 | 11 | config SMF_ANCESTOR_SUPPORT 12 | bool "Enable states to have 1 or more ancestors" 13 | help 14 | If y, then the state machine framework includes ancestor state support 15 | 16 | endif # SMF 17 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | set(AMI_PORT_ROOT ${CMAKE_CURRENT_LIST_DIR} CACHE INTERNAL "AMI_PORT_ROOT") 2 | 3 | zephyr_interface_library_named(ami_middleware) 4 | zephyr_library() 5 | 6 | set(AMI_MIDDLEWARE_ROOT ${CMAKE_CURRENT_LIST_DIR} CACHE INTERNAL "AMI_MIDDLEWARE_ROOT") 7 | zephyr_library_sources( 8 | ${AMI_MIDDLEWARE_ROOT}/flash/flash_aspeed.c 9 | ${AMI_MIDDLEWARE_ROOT}/gpio/gpio_aspeed.c 10 | ${AMI_MIDDLEWARE_ROOT}/crypto/hash_aspeed.c 11 | ${AMI_MIDDLEWARE_ROOT}/crypto/rsa_aspeed.c 12 | ${AMI_MIDDLEWARE_ROOT}/crypto/ecdsa_aspeed.c 13 | ${AMI_MIDDLEWARE_ROOT}/i2c/i2c_filter_aspeed.c 14 | ${AMI_MIDDLEWARE_ROOT}/i2c/I2C_Slave_aspeed.c 15 | ${AMI_MIDDLEWARE_ROOT}/watchdog/watchdog_aspeed.c 16 | ${AMI_MIDDLEWARE_ROOT}/otp/otp_aspeed.c 17 | ${AMI_MIDDLEWARE_ROOT}/abr/abr_aspeed.c 18 | ${AMI_MIDDLEWARE_ROOT}/spi_filter/spi_filter_aspeed.c 19 | ) 20 | zephyr_library_include_directories( 21 | . 22 | $ENV{ZEPHYR_BASE}/build/zephyr/include/generated/ 23 | $ENV{ZEPHYR_BASE}/include/storage/ 24 | ) 25 | 26 | zephyr_library_link_libraries(ami_middleware) 27 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/Kconfig: -------------------------------------------------------------------------------- 1 | config AST1060 2 | bool "Enable AST1060 Silicon layer" 3 | help 4 | This option enables the Hierarchical State Machine library -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/abr/abr_aspeed.c: -------------------------------------------------------------------------------- 1 | #include "abr_aspeed.h" 2 | #include 3 | 4 | void print_abr_wdt_info(void) 5 | { 6 | /* ABR enable */ 7 | if (sys_read32(HW_STRAP2_SCU510) & BIT(11)) // OTPSTRAP[43] 8 | printk("\r\n The boot SPI ABR is enabled"); 9 | else 10 | printk("\r\n The boot SPI ABR is disabled"); 11 | 12 | if (sys_read32(HW_STRAP2_SCU510) & BIT(12)) // OTPSTRAP[44] 13 | printk(", Single flash"); 14 | else 15 | printk(", Dual flashes"); 16 | // OTPSTRAP[3] 17 | printk(", Source: %s (%s)", 18 | (sys_read32(ASPEED_FMC_WDT2_CTRL) & BIT(4)) ? "Alternate" : "Primary", // Boot flash source select indicator 19 | (sys_read32(HW_STRAP1_SCU500) & BIT(3)) ? "1/3 flash layout" : "1/2 flash layout"); 20 | 21 | if (sys_read32(HW_STRAP2_SCU510) & GENMASK(15, 13)) { // OTPSTRAP[47:45] 22 | printk(", Boot SPI flash size: %ldMB.", 23 | BIT((sys_read32(HW_STRAP2_SCU510) >> 13) & 0x7) / 2); 24 | } else 25 | printk(", no define size."); 26 | 27 | printk("\n"); 28 | 29 | if (sys_read32(ASPEED_FMC_WDT2_CTRL) & BIT(0)) 30 | printk("\r\n WDT status: enabled.\n"); 31 | else 32 | printk("\r\n WDT status: disabled.\n"); 33 | } 34 | 35 | void clear_source_select_indicator(void) 36 | { 37 | uint32_t reg_val; 38 | uint8_t bitmask; 39 | 40 | bitmask = 0xea; 41 | reg_val = sys_read32(ASPEED_FMC_WDT2_CTRL); 42 | reg_val |= bitmask << 16; 43 | sys_write32(reg_val, ASPEED_FMC_WDT2_CTRL); 44 | printk("\r\n The indicator is cleared.\n"); 45 | } 46 | 47 | void disable_watchdog(void) 48 | { 49 | uint32_t reg_val; 50 | uint8_t bitmask; 51 | 52 | bitmask = BIT(0); 53 | reg_val = sys_read32(ASPEED_FMC_WDT2_CTRL); 54 | reg_val &= ~bitmask; 55 | sys_write32(reg_val, ASPEED_FMC_WDT2_CTRL); 56 | printk("\r\n The WDT is disabled.\n"); 57 | } 58 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/abr/abr_aspeed.h: -------------------------------------------------------------------------------- 1 | #define HW_STRAP1_SCU500 0x7e6e2500 2 | #define HW_STRAP2_SCU510 0x7e6e2510 3 | #define ASPEED_FMC_WDT2_CTRL 0x7e620064 -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/crypto/ecdsa_aspeed.c: -------------------------------------------------------------------------------- 1 | #ifdef CONFIG_ECDSA_ASPEED 2 | #define ECDSA_DRV_NAME DT_LABEL(DT_INST(0, aspeed_ecdsa)) 3 | #endif 4 | 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | 12 | int aspeed_ecdsa_verify_middlelayer(uint8_t *public_key_x, uint8_t *public_key_y, 13 | const uint8_t *digest, uint8_t *signature_r, 14 | uint8_t *signature_s) 15 | { 16 | int status = 0; 17 | const struct device *dev = device_get_binding(ECDSA_DRV_NAME); 18 | struct ecdsa_ctx ini; 19 | struct ecdsa_pkt pkt; 20 | struct ecdsa_key ek; 21 | 22 | ek.curve_id = ECC_CURVE_NIST_P256; 23 | ek.qx = public_key_x; 24 | ek.qy = public_key_y; 25 | pkt.m = digest; 26 | pkt.r = signature_r; 27 | pkt.s = signature_s; 28 | pkt.m_len = 32; 29 | pkt.r_len = 32; 30 | pkt.s_len = 32; 31 | status = ecdsa_begin_session(dev, &ini, &ek); 32 | if (status) { 33 | printk("ecdsa_begin_session fail: %d\r\n", status); 34 | } 35 | status = ecdsa_verify(&ini, &pkt); 36 | if (status) { 37 | printk("Fail\r\n"); 38 | } else { 39 | printk("Success\r\n"); 40 | } 41 | ecdsa_free_session(dev, &ini); 42 | 43 | return status; 44 | } 45 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/crypto/ecdsa_aspeed.h: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | int aspeed_ecdsa_verify_middlelayer(uint8_t *public_key_x, uint8_t *public_key_y, const uint8_t *digest, uint8_t *signature_r, uint8_t *signature_s); -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/crypto/hash_aspeed.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 AMI 3 | * 4 | * SPDX-License-Identifier: Apache-2.0 5 | */ 6 | #ifndef ZEPHYR_INCLUDE_HASH_API_MIDLEYER_H_ 7 | #define ZEPHYR_INCLUDE_HASH_API_MIDLEYER_H_ 8 | 9 | #include 10 | 11 | #define ZEPHYR_HASH_API_MIDLEYER_TEST_SUPPORT 1 // non-zero for support hash functions testing 12 | 13 | #ifdef CONFIG_CRYPTO_ASPEED 14 | #ifndef HASH_DRV_NAME 15 | #define HASH_DRV_NAME CONFIG_CRYPTO_ASPEED_HASH_DRV_NAME // define hash driver for Aspeed 16 | #endif 17 | #endif 18 | 19 | /** 20 | * Structure internal hash parameters. 21 | * 22 | * Refer to comments for individual fields to know the contract in terms 23 | */ 24 | typedef struct hash_params { 25 | /** 26 | * Structure encoding session parameters. 27 | * 28 | * Refer to comments for individual fields to know the contract 29 | * in terms of who fills what and when w.r.t begin_session() call. 30 | */ 31 | struct hash_ctx ctx; 32 | /** 33 | * Structure encoding IO parameters of one cryptographic 34 | * operation like encrypt/decrypt. 35 | * 36 | * The fields which has not been explicitly called out has to 37 | * be filled up by the app before making the cipher_xxx_op() 38 | * call. 39 | */ 40 | struct hash_pkt pkt; 41 | /** 42 | * non-zero value for this parameter is present hash session is ready 43 | */ 44 | uint8_t sessionReady; 45 | } hash_params; 46 | 47 | #if ZEPHYR_HASH_API_MIDLEYER_TEST_SUPPORT 48 | void hash_engine_function_test(void); // hash functions testing 49 | #endif 50 | 51 | int hash_engine_sha_calculate(enum hash_algo algo, const uint8_t *data, size_t length, uint8_t *hash, size_t hash_length); 52 | int hash_engine_start(enum hash_algo algo); 53 | int hash_engine_update(const uint8_t *data, size_t length); 54 | int hash_engine_finish(uint8_t *hash, size_t hash_length); 55 | void hash_engine_cancel(void); 56 | 57 | 58 | #endif /* ZEPHYR_INCLUDE_HASH_API_MIDLEYER_H_ */ -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/crypto/rsa_aspeed.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 AMI 3 | * 4 | * SPDX-License-Identifier: Apache-2.0 5 | */ 6 | #ifndef ZEPHYR_INCLUDE_RSA_API_MIDLEYER_H_ 7 | #define ZEPHYR_INCLUDE_RSA_API_MIDLEYER_H_ 8 | 9 | #include 10 | 11 | #define ZEPHYR_RSA_API_MIDLEYER_TEST_SUPPORT 1 // non-zero for support rsa functions testing 12 | 13 | #ifdef CONFIG_CRYPTO_ASPEED 14 | #ifndef RSA_DRV_NAME 15 | #define RSA_DRV_NAME DT_LABEL(DT_INST(0, aspeed_rsa)) // define rsa driver for Aspeed 16 | #endif 17 | #endif 18 | 19 | #if ZEPHYR_RSA_API_MIDLEYER_TEST_SUPPORT 20 | void rsa_engine_function_test(void); // rsa functions testing 21 | #endif 22 | 23 | int decrypt_aspeed(const struct rsa_key *key, const uint8_t *encrypted, size_t in_length, uint8_t *decrypted, size_t out_length); 24 | int sig_verify_aspeed(const struct rsa_key *key, const uint8_t *signature, int sig_length, const uint8_t *match, size_t match_length); 25 | int rsa_sig_verify_test(void); 26 | #endif /* ZEPHYR_INCLUDE_RSA_API_MIDLEYER_H_ */ 27 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/gpio/gpio_aspeed.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 AMI 3 | * 4 | */ 5 | #ifndef ZEPHYR_INCLUDE_GPIO_API_MIDLEYER_H_ 6 | #define ZEPHYR_INCLUDE_GPIO_API_MIDLEYER_H_ 7 | 8 | #define BMC_SPI_MONITOR "spi_m1" 9 | #define PCH_SPI_MONITOR "spi_m2" 10 | #define CPU0_RST 1 // refer to ASPEED Datasheet V0.8 p.41 11 | #define BMC_SRST 5 12 | 13 | #include 14 | #include 15 | #include 16 | 17 | 18 | enum { 19 | GPIO_APP_CMD_NOOP = 0x00, /**< No-op */ 20 | }; 21 | 22 | 23 | 24 | 25 | #endif 26 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/i2c/I2C_Slave_aspeed.h: -------------------------------------------------------------------------------- 1 | #ifndef ZEPHYR_INCLUDE_I2C_SLAVE_DEVICE_API_MIDLEYER_H_ 2 | #define ZEPHYR_INCLUDE_I2C_SLAVE_DEVICE_API_MIDLEYER_H_ 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | #define I2C_SLAVE_BUF_SIZE 256 9 | enum i2c_xfer_mode { 10 | DMA_MODE = 0, 11 | BUFF_MODE, 12 | BYTE_MODE, 13 | }; 14 | 15 | struct i2c_aspeed_config { 16 | uint32_t global_reg; 17 | uintptr_t base; 18 | /* Buffer mode */ 19 | uintptr_t buf_base; 20 | size_t buf_size; 21 | uint32_t bitrate; 22 | int multi_master; 23 | int smbus_alert; 24 | const struct device *clock_dev; 25 | const clock_control_subsys_t clk_id; 26 | uint32_t ac_timing; 27 | void (*irq_config_func)(const struct device *dev); 28 | uint32_t clk_src; 29 | int clk_div_mode; /* 0: old mode, 1: new mode */ 30 | enum i2c_xfer_mode mode; 31 | }; 32 | 33 | struct i2c_aspeed_data { 34 | struct k_sem sync_sem; 35 | struct k_mutex trans_mutex; 36 | 37 | int alert_enable; 38 | 39 | uint32_t bus_recover; 40 | 41 | struct i2c_msg *msgs; /* cur xfer msgs */ 42 | uint16_t addr; 43 | int buf_index; /*buffer mode idx */ 44 | int msgs_index; /* cur xfer msgs index */ 45 | int msgs_count; /* total msgs */ 46 | 47 | int master_xfer_cnt; /* total xfer count */ 48 | 49 | bool slave_attached; 50 | 51 | int xfer_complete; 52 | 53 | uint32_t bus_frequency; 54 | /* master configuration */ 55 | bool multi_master; 56 | int cmd_err; 57 | uint16_t flags; 58 | uint8_t *buf; 59 | int len; /* master xfer count */ 60 | 61 | /* slave configuration */ 62 | uint8_t slave_addr; 63 | uint32_t slave_xfer_len; 64 | uint32_t slave_xfer_cnt; 65 | 66 | /* byte mode check re-start */ 67 | uint8_t slave_addr_last; 68 | 69 | #ifdef CONFIG_I2C_SLAVE 70 | unsigned char slave_dma_buf[I2C_SLAVE_BUF_SIZE]; 71 | struct i2c_slave_config *slave_cfg; 72 | #endif 73 | }; 74 | 75 | typedef struct _I2C_Slave_Process { 76 | uint8_t InProcess; 77 | uint8_t operation; 78 | uint8_t DataBuf[2]; 79 | } I2C_Slave_Process; 80 | 81 | enum { 82 | SLAVE_IDLE, 83 | MASTER_CMD_READ, 84 | MASTER_DATA_READ_SLAVE_DATA_SEND, 85 | }; 86 | 87 | #define SLAVE_BUF_INDEX0 0x00 88 | #define SLAVE_BUF_INDEX1 0x01 89 | 90 | #define SlaveDataReceiveComplete 0x02 91 | #define I2CInProcess_Flag 0x01 92 | 93 | int ast_i2c_slave_dev_init(const struct device *dev, uint8_t slave_addr); 94 | // void PchBmcProcessCommands(unsigned char *CipherText); 95 | 96 | #define SLAVE_BUF_DMA_MODE 0 97 | #define SLAVE_BUF_BUFF_MODE 1 98 | #define SLAVE_BUF_BYTE_MODE 2 99 | #define SLAVE_BUF_B_size 0x80 100 | #endif -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/i2c/i2c_filter_aspeed.h: -------------------------------------------------------------------------------- 1 | #ifndef ZEPHYR_INCLUDE_I2C_FILTER_ASPEED_API_MIDLEYER_H_ 2 | #define ZEPHYR_INCLUDE_I2C_FILTER_ASPEED_API_MIDLEYER_H_ 3 | 4 | #define I2C_FILTER_MIDDLEWARE_PREFIX "I2C_FILTER_" 5 | #define I2C_FILTER_MIDDLEWARE_STRING_SIZE sizeof("xxx") 6 | #define I2C_FILTER_MIDDLEWARE_DEV_NAME_SIZE (sizeof(I2C_FILTER_MIDDLEWARE_PREFIX) + I2C_FILTER_MIDDLEWARE_STRING_SIZE - 1) 7 | 8 | int i2c_filter_middleware_set_whitelist(uint8_t filter_sel, uint8_t whitelist_tbl_idx, uint8_t slv_addr, void *whitelist_tbl); 9 | int i2c_filter_middleware_en(uint8_t filter_sel, bool en); 10 | int i2c_filter_middleware_init(uint8_t filter_sel); 11 | 12 | #endif // ZEPHYR_INCLUDE_I2C_FILTER_ASPEED_API_MIDLEYER_H_ 13 | 14 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/spi_filter/spi_filter_aspeed.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 AMI 3 | * 4 | * SPDX-License-Identifier: Apache-2.0 5 | */ 6 | 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | 17 | 18 | 19 | void SPI_Monitor_Enable(char *dev_name, bool enabled) 20 | { 21 | const struct device *dev_m = NULL; 22 | 23 | dev_m = device_get_binding(dev_name); 24 | spim_rst_flash(dev_m, 1000); 25 | spim_passthrough_config(dev_m, 0, false); 26 | spim_ext_mux_config(dev_m, 1); 27 | spim_monitor_enable(dev_m, enabled); 28 | } 29 | 30 | int Set_SPI_Filter_RW_Region(char *dev_name, enum addr_priv_rw_select rw_select, enum addr_priv_op op, mm_reg_t addr, uint32_t len) 31 | { 32 | int ret = 0; 33 | const struct device *dev_m = NULL; 34 | 35 | dev_m = device_get_binding(dev_name); 36 | 37 | ret = spim_address_privilege_config(dev_m, rw_select, op, addr, len); 38 | 39 | return ret; 40 | 41 | } -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/spi_filter/spi_filter_aspeed.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 AMI 3 | * 4 | * SPDX-License-Identifier: Apache-2.0 5 | */ 6 | #ifndef ZEPHYR_INCLUDE_SPI_FILTER_API_MIDLEYER_H_ 7 | #define ZEPHYR_INCLUDE_SPI_FILTER_API_MIDLEYER_H_ 8 | 9 | #include 10 | #include 11 | #include 12 | #include 13 | 14 | void SPI_Monitor_Enable(char *dev_name, bool enabled); 15 | int Set_SPI_Filter_RW_Region(char *dev_name, enum addr_priv_rw_select rw_select, enum addr_priv_op op, mm_reg_t addr, uint32_t len); 16 | 17 | #endif -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/watchdog/watchdog_aspeed.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2022 AMI 3 | * 4 | * SPDX-License-Identifier: Apache-2.0 5 | */ 6 | 7 | #include 8 | #include 9 | #include 10 | /** 11 | * Initial watchdog timer and configure timeout configuration. 12 | * 13 | * @param dev Pointer to the device structure for the driver instance, the possible value is wdt1/wdt2/wdt3/wdt4 . 14 | * @param wdt_cfg Watchdog timeout configuration struct , refer to drivers/watchdog.h . 15 | * @param reset_option Configuration options , the possible value is WDT_FLAG_RESET_NONE/WDT_FLAG_RESET_CPU_CORE/WDT_FLAG_RESET_SOC, refer to drivers/watchdog.h . 16 | * 17 | * 18 | * @retval 0 if successfully or an error code. 19 | * 20 | */ 21 | 22 | int watchdog_init(const struct device *dev, struct watchdog_config *wdt_config) 23 | { 24 | int ret = 0; 25 | struct wdt_timeout_cfg init_wdt_cfg; 26 | 27 | init_wdt_cfg.window.min = wdt_config->wdt_cfg.window.min; 28 | init_wdt_cfg.window.max = wdt_config->wdt_cfg.window.max; 29 | init_wdt_cfg.callback = wdt_config->wdt_cfg.callback; 30 | ret = wdt_install_timeout(dev, &init_wdt_cfg); 31 | if (ret != 0) { 32 | printk("watchdog_init error: fail to install dev timeout. \n"); 33 | return ret; 34 | } 35 | 36 | ret = wdt_setup(dev, wdt_config->reset_option); 37 | if (ret != 0) { 38 | printk("watchdog_init error: fail to setup dev timeout. \n"); 39 | return ret; 40 | } 41 | 42 | return ret; 43 | } 44 | 45 | /** 46 | * Feed specified watchdog timeout. 47 | * 48 | * @param dev Pointer to the device structure for the driver instance. the possible value is wdt1/wdt2/wdt3/wdt4 . 49 | * @param channel_id Index of the fed channel. 50 | * 51 | * @retval 0 If successful or an error code. 52 | */ 53 | int watchdog_feed(const struct device *dev, int channel_id) 54 | { 55 | int ret = 0; 56 | 57 | ret = wdt_feed(dev, channel_id); 58 | return ret; 59 | } 60 | 61 | /** 62 | * Disable watchdog instance. 63 | * 64 | * 65 | * @param dev Pointer to the device structure for the driver instance, the possible value is wdt1/wdt2/wdt3/wdt4 . 66 | * 67 | * @retval 0 If successful or an error code. 68 | * 69 | */ 70 | int watchdog_disable(const struct device *dev) 71 | { 72 | int ret = 0; 73 | 74 | ret = wdt_disable(dev); 75 | return ret; 76 | } 77 | 78 | -------------------------------------------------------------------------------- /oe-src/Silicon/AST1060/watchdog/watchdog_aspeed.h: -------------------------------------------------------------------------------- 1 | 2 | /* 3 | * Copyright (c) 2022 AMI 4 | * 5 | * SPDX-License-Identifier: Apache-2.0 6 | */ 7 | 8 | 9 | #ifndef ZEPHYR_INCLUDE_WATCHDOG_API_MIDLETER_H_ 10 | #define ZEPHYR_INCLUDE_WATCHDOG_API_MIDLETER_H_ 11 | 12 | #include 13 | #include 14 | 15 | struct watchdog_config { 16 | struct wdt_timeout_cfg wdt_cfg; 17 | uint8_t reset_option; // WDT_FLAG_RESET_SHIFT , WDT_FLAG_RESET_CPU_CORE , WDT_FLAG_RESET_SOC 18 | }; 19 | 20 | static char *WDT_Devices_List[4] = { 21 | "wdt1", 22 | "wdt2", 23 | "wdt3", 24 | "wdt4" 25 | }; 26 | /** 27 | * Initial watchdog timer and configure timeout configuration. 28 | * 29 | * @param dev Pointer to the device structure for the driver instance, the possible value is wdt1/wdt2/wdt3/wdt4 . 30 | * @param wdt_cfg Watchdog timeout configuration struct , refer to drivers/watchdog.h . 31 | * @param reset_option Configuration options , the possible value is WDT_FLAG_RESET_NONE/WDT_FLAG_RESET_CPU_CORE/WDT_FLAG_RESET_SOC, refer to drivers/watchdog.h . 32 | * 33 | * 34 | * @retval 0 if successfully or an error code. 35 | * 36 | */ 37 | // int watchdog_init(const struct device *dev, const struct wdt_timeout_cfg *wdt_cfg, uint8_t reset_option); 38 | int watchdog_init(const struct device *dev, struct watchdog_config *wdt_cfg); 39 | 40 | /** 41 | * Feed specified watchdog timeout. 42 | * 43 | * @param dev Pointer to the device structure for the driver instance. the possible value is wdt1/wdt2/wdt3/wdt4 . 44 | * @param channel_id Index of the fed channel. 45 | * 46 | * @retval 0 If successful or an error code. 47 | */ 48 | int watchdog_feed(const struct device *dev, int channel_id); 49 | 50 | 51 | /** 52 | * Disable watchdog instance. 53 | * 54 | * 55 | * @param dev Pointer to the device structure for the driver instance, the possible value is wdt1/wdt2/wdt3/wdt4 . 56 | * 57 | * @retval 0 If successful or an error code. 58 | * 59 | */ 60 | int watchdog_disable(const struct device *dev); 61 | 62 | 63 | #endif 64 | -------------------------------------------------------------------------------- /oe-src/Silicon/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | add_subdirectory_ifdef(CONFIG_AST1060 AST1060) -------------------------------------------------------------------------------- /oe-src/Silicon/Kconfig: -------------------------------------------------------------------------------- 1 | source "Silicon/AST1060/Kconfig" -------------------------------------------------------------------------------- /oe-src/Testing/ActiveObject/ActiveObjectTest.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | 10 | #include 11 | #include 12 | #include 13 | #include "StateManager.h" 14 | #include "ActiveObjectTest.h" 15 | 16 | TEST_SUITE_LABEL ("ActiveObject_Layer"); 17 | 18 | /******************* 19 | * Test cases 20 | *******************/ 21 | 22 | static void ActiveObjectTestInit (CuTest *Test) 23 | { 24 | TEST_START; 25 | StateManager(); 26 | //CuAssertIntEquals (Test, 0, Status); 27 | } 28 | 29 | 30 | TEST_SUITE_START (ActiveObject_Layer); 31 | 32 | TEST(ActiveObjectTestInit); 33 | 34 | TEST_SUITE_END; 35 | -------------------------------------------------------------------------------- /oe-src/Testing/ActiveObject/ActiveObjectTest.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | #ifndef ACTIVE_OBJECT_H_ 10 | #define ACTIVE_OBJECT_H_ 11 | 12 | #include "stdlib.h" 13 | #include "testing.h" 14 | #include "pthread.h" 15 | 16 | static void ActiveObjectTestInit(CuTest *test); 17 | 18 | #endif /* ACTIVE_OBJECT_ALL_TESTS_H_ */ 19 | -------------------------------------------------------------------------------- /oe-src/Testing/Application/ApplicationTest.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | 10 | #include 11 | #include 12 | #include 13 | #include "ApplicationTest.h" 14 | 15 | TEST_SUITE_LABEL ("Application"); 16 | 17 | /******************* 18 | * Test cases 19 | *******************/ 20 | 21 | static void ApplicationTestInit (CuTest *Test) 22 | { 23 | TEST_START; 24 | //ApplicationStart(); 25 | //CuAssertIntEquals (Test, 0, Status); 26 | } 27 | 28 | 29 | TEST_SUITE_START (Application); 30 | 31 | TEST(ApplicationTestInit); 32 | 33 | TEST_SUITE_END; 34 | -------------------------------------------------------------------------------- /oe-src/Testing/Application/ApplicationTest.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | #ifndef APPLICATION_TEST_H_ 10 | #define APPLICATION_TEST_H_ 11 | 12 | #include "stdlib.h" 13 | #include "testing.h" 14 | #include "pthread.h" 15 | 16 | static void ApplicationTestInit (CuTest *Test); 17 | 18 | #endif /* APPLICATION_TEST_H_ */ 19 | -------------------------------------------------------------------------------- /oe-src/Testing/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright © 2022 American Megatrends International LLC * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | 9 | cmake_minimum_required(VERSION 3.12 FATAL_ERROR) 10 | include (../Common.cmake) 11 | 12 | file(GLOB_RECURSE TestingCommonSource "${CMAKE_CURRENT_LIST_DIR}/*.c") 13 | 14 | CommonCore_Library(Testing ${TestingCommonSource}) 15 | 16 | CommonCoreLibraryIncludeDirectories(Testing 17 | ${CMAKE_CURRENT_LIST_DIR} 18 | ${COMMON_ROOT}/Wrapper/BareMetal/StateManager 19 | ${COMMON_ROOT}/Wrapper/BareMetal/StateActions 20 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/projects/Baremetal 21 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/testing 22 | ${COMMON_ROOT}/Configuration 23 | ) 24 | 25 | -------------------------------------------------------------------------------- /oe-src/Testing/FunctionalBlocks/ManifestProcessTest.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | 10 | #include 11 | #include 12 | #include 13 | #include "ManifestProcessTest.h" 14 | 15 | TEST_SUITE_LABEL ("ManifestProcessTest"); 16 | 17 | /******************* 18 | * Test cases 19 | *******************/ 20 | 21 | static void ManifestProcessTestInit (CuTest *Test) 22 | { 23 | TEST_START; 24 | printf("ManifestProcessTestInit\n"); 25 | //CuAssertIntEquals (Test, 0, Status); 26 | } 27 | 28 | 29 | TEST_SUITE_START (ManifestProcessTest); 30 | 31 | TEST(ManifestProcessTestInit); 32 | 33 | TEST_SUITE_END; 34 | -------------------------------------------------------------------------------- /oe-src/Testing/FunctionalBlocks/ManifestProcessTest.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | #ifndef MANIFEST_PROCESS_TEST_LAYER_H_ 10 | #define MANIFEST_PROCESS_TEST_LAYER_H_ 11 | 12 | #include "stdlib.h" 13 | #include "testing.h" 14 | #include "pthread.h" 15 | 16 | static void ManifestProcessTestInit(CuTest *test); 17 | 18 | #endif /* MANIFEST_PROCESS_TESTS_H_ */ 19 | -------------------------------------------------------------------------------- /oe-src/Testing/HardwareAbstraction/HardwareAbstractionTest.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | 10 | #include 11 | #include 12 | #include 13 | #include "HardwareAbstractionTest.h" 14 | 15 | TEST_SUITE_LABEL ("HardwareAbstraction_Layer"); 16 | 17 | /******************* 18 | * Test cases 19 | *******************/ 20 | 21 | static void HardwareAbstractionTestInit (CuTest *Test) 22 | { 23 | TEST_START; 24 | HalConfiguration(); 25 | //CuAssertIntEquals (Test, 0, Status); 26 | } 27 | 28 | 29 | TEST_SUITE_START (HardwareAbstraction_Layer); 30 | 31 | TEST(HardwareAbstractionTestInit); 32 | 33 | TEST_SUITE_END; 34 | -------------------------------------------------------------------------------- /oe-src/Testing/HardwareAbstraction/HardwareAbstractionTest.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | #ifndef HARDWAREABSTRACTION_LAYER_H_ 10 | #define HARDWAREABSTRACTION_LAYER_H_ 11 | 12 | #include "stdlib.h" 13 | #include "testing.h" 14 | #include "pthread.h" 15 | 16 | static void HardwareAbstractionTestInit(CuTest *test); 17 | 18 | #endif /* HARDWAREABSTRACTION_ALL_TESTS_H_ */ 19 | -------------------------------------------------------------------------------- /oe-src/Testing/README.md: -------------------------------------------------------------------------------- 1 | # Unit testings for HRoT core functions will be added here 2 | -------------------------------------------------------------------------------- /oe-src/Testing/Testing.yaml: -------------------------------------------------------------------------------- 1 | Features: 2 | - feature: 3 | name: Baremetal Unit Testing 4 | macro: BAREMETAL_UNITTEST_SUPPORT 5 | description: Switch to enable Baremetal Unit Test support 6 | enable: Yes 7 | - feature: 8 | name: Tektagaon-OE Unit Testing 9 | macro: TE_OE_UNITTEST_SUPPORT 10 | description: Switch to enable TE-OE Unit Test support 11 | enable: No 12 | -------------------------------------------------------------------------------- /oe-src/Wrapper/CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencomputeproject/OCP-OSF-Tektagon_Community_Edition/5d002134e0707ee1a0e107b27736987168b24642/oe-src/Wrapper/CMakeLists.txt -------------------------------------------------------------------------------- /oe-src/Wrapper/Kconfig: -------------------------------------------------------------------------------- 1 | source "Wrapper/Tektagon-OE/Kconfig" -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # cmake_minimum_required(VERSION 3.13.1) 2 | include(../../Common.cmake) 3 | 4 | zephyr_interface_library_named(TE-Wrapper) 5 | zephyr_library() 6 | 7 | set(WRAPPER_DIR ${CMAKE_CURRENT_LIST_DIR}) 8 | #target_link_libraries(Cerberus INTERFACE) 9 | 10 | # Collect the Source Build Files 11 | file(GLOB_RECURSE TE_WRAPPER_SOURCES "${WRAPPER_DIR}/*.c") 12 | set(WRAPPER_INCLUDES ${WRAPPER_DIR}) 13 | 14 | zephyr_library_sources( 15 | ${TE_WRAPPER_SOURCES} 16 | ) 17 | 18 | zephyr_library_include_directories( 19 | ${CERBERUS_ROOT}/core/ 20 | ${CERBERUS_ROOT}/projects/ 21 | ${CERBERUS_ROOT}/projects/Baremetal 22 | ${CERBERUS_ROOT}/projects/zephyr 23 | ${COMMON_ROOT}/Silicon/AST1060 24 | ${WRAPPER_INCLUDES}/ 25 | ${COMMON_ROOT}/HardwareAbstraction/Hal 26 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/core/manifest 27 | ${COMMON_ROOT}/FunctionalBlocks/Cerberus/core/manifest/pfm 28 | ) 29 | 30 | zephyr_compile_options( 31 | -fno-builtin 32 | -fdata-sections 33 | -Wall 34 | -Wextra 35 | -Wno-sign-compare 36 | -g -ggdb3 37 | ) 38 | 39 | zephyr_library_link_libraries(TE-Wrapper) 40 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Crypto/HashWrapper.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2020, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | #include "HashWrapper.h" 10 | #include 11 | #include 12 | 13 | /** 14 | * Function to Hash Engine Calculate Sha256. 15 | */ 16 | int HashEngineCalculateSha256 (const char *Data, size_t Length, char *Hash, size_t HashLength) 17 | { 18 | enum hash_algo shaAlgo = HASH_SHA256; 19 | 20 | return hash_engine_sha_calculate(shaAlgo, Data, Length, Hash, HashLength); 21 | } 22 | 23 | /** 24 | * Function to Hash Engine Start Sha256. 25 | */ 26 | int HashEngineStartSha256(void) 27 | { 28 | enum hash_algo shaAlgo = HASH_SHA256; 29 | 30 | return hash_engine_start(shaAlgo); 31 | } 32 | 33 | /** 34 | * Function to Hash Engine Calculate Sha384 35 | */ 36 | int HashEngineCalculateSha384 (const char *Data, size_t Length, char *Hash, size_t HashLength) 37 | { 38 | enum hash_algo shaAlgo = HASH_SHA384; 39 | 40 | return hash_engine_sha_calculate(shaAlgo, Data, Length, Hash, HashLength); 41 | } 42 | /** 43 | * Function to Hash Engine Start Sha384 44 | */ 45 | int HashEngineStartSha384(void) 46 | { 47 | enum hash_algo shaAlgo = HASH_SHA384; 48 | 49 | return hash_engine_start(shaAlgo); 50 | } 51 | /** 52 | * Function to Hash Engine Update 53 | */ 54 | int HashEngineUpdate (const char *Data, size_t Length) 55 | { 56 | return hash_engine_update(Data, Length); 57 | } 58 | 59 | /** 60 | * Function to Hash Engine Finish. 61 | */ 62 | int HashEngineFinish (char *Hash, size_t HashLength) 63 | { 64 | return hash_engine_finish(Hash, HashLength); 65 | } 66 | /** 67 | * Function to Hash Engine Cancel. 68 | */ 69 | void HashEngineCancel(void) 70 | { 71 | hash_engine_cancel(); 72 | } 73 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Crypto/HashWrapper.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Crypto Wrapper Handling functions 10 | */ 11 | 12 | #ifndef HASH_WRAPPER_H_ 13 | #define HASH_WRAPPER_H_ 14 | 15 | #include 16 | #include 17 | int HashEngineCalculateSha256 (const char *Data, size_t Length, char *Hash, size_t HashLength); 18 | int HashEngineStartSha256(void); 19 | int HashEngineCalculateSha384 (const char *Data, size_t Length, char *Hash, size_t HashLength); 20 | int HashEngineStartSha384(void); 21 | int HashEngineUpdate (const char *Data, size_t Length); 22 | int HashEngineFinish (char *Hash, size_t HashLength); 23 | void HashEngineCancel(void); 24 | 25 | #endif /* HASH_WRAPPER_H_ */ 26 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Crypto/RsaWrapper.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2020, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | 9 | #include 10 | #include 11 | #include 12 | #include "platform.h" 13 | #include "RsaWrapper.h" 14 | #include 15 | 16 | int RsaWrapperDecrypt(const struct rsa_private_key *Key, 17 | const uint8_t *Encrypted, size_t InLength, const uint8_t *Label, size_t LabelLength, 18 | enum hash_type PadHash, uint8_t *Decrypted, size_t OutLength) 19 | { 20 | return decrypt_aspeed(Key,Encrypted,InLength, Decrypted, OutLength); 21 | } 22 | 23 | int RsaWrapperSigVerify(const struct rsa_public_key *Key, 24 | const uint8_t *Signature, size_t SigLength, const uint8_t *Match, size_t MatchLength) 25 | { 26 | struct rsa_key DriverKey; 27 | DriverKey.m = Key->modulus;//&test; 28 | DriverKey.m_bits = Key->mod_length * 8; 29 | DriverKey.e = &Key->exponent; 30 | DriverKey.e_bits = 24; 31 | DriverKey.d = NULL; 32 | DriverKey.d_bits = 0; 33 | 34 | return sig_verify_aspeed(&DriverKey, Signature, SigLength, Match, MatchLength); 35 | } 36 | 37 | int RsaWrapperGenerateKey(struct rsa_private_key *Key, int Bits) 38 | { 39 | return 0; 40 | } 41 | 42 | int RsaWrapperInitPrivateKey(struct rsa_private_key *Key, 43 | const uint8_t *Der, size_t Length) 44 | { 45 | return 0; 46 | } 47 | 48 | int RsaWrapperInitPublicKey(struct rsa_private_key *Key, 49 | const uint8_t *Der, size_t Length) 50 | { 51 | return 0; 52 | } 53 | 54 | int RsaWrapperReleaseKey(struct rsa_private_key *Key) 55 | { 56 | return 0; 57 | } 58 | 59 | int RsaWrapperGetPrivateKeyDer( const struct rsa_private_key *Key, 60 | uint8_t **Der, size_t *Length) 61 | { 62 | return 0; 63 | } 64 | 65 | int RsaWrapperGetPublicKeyDer( const struct rsa_private_key *Key, 66 | uint8_t **Der, size_t *Length) 67 | { 68 | return 0; 69 | } 70 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Crypto/RsaWrapper.h: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | 4 | struct rsa_engine_wrapper{ 5 | struct rsa_engine base; 6 | }; 7 | 8 | int rsa_wrapper_init (struct rsa_engine_wrapper *engine); 9 | int rsa_wrapper_sig_verify(struct rsa_engine *engine, const struct rsa_public_key *key,const uint8_t *signature, size_t sig_length, const uint8_t *match, size_t match_length); 10 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Crypto/SignatureVerificationRsaWrapper.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Signature Wrapper Handling functions 10 | */ 11 | 12 | #include 13 | #include 14 | #include 15 | #include "SignatureVerificationRsaWrapper.h" 16 | 17 | static int signature_verification_rsa_verify_signature (struct signature_verification *verification, 18 | const uint8_t *digest, size_t length, const uint8_t *signature, size_t sig_length) 19 | { 20 | struct signature_verification_rsa_wrapper *rsa = (struct signature_verification_rsa_wrapper*) verification; 21 | 22 | if (rsa == NULL) { 23 | return SIG_VERIFICATION_INVALID_ARGUMENT; 24 | } 25 | 26 | return rsa->rsa->sig_verify (rsa->rsa, rsa->key, signature, sig_length, digest, length); 27 | } 28 | 29 | /** 30 | * Initialize signature verification with an RSA public key. 31 | * 32 | * @param verification The verification instance to initialize. 33 | * @param rsa The RSA engine to use for verification. 34 | * @param key The RSA public key for the signatures to verify. 35 | * 36 | * @return 0 if the verification instance was successfully initialized or an error code. 37 | */ 38 | int signature_verification_rsa_wrapper_init (struct signature_verification_rsa_wrapper *verification, 39 | struct rsa_engine *rsa, const struct rsa_public_key *key) 40 | { 41 | if ((verification == NULL) || (rsa == NULL) || (key == NULL)) { 42 | return SIG_VERIFICATION_INVALID_ARGUMENT; 43 | } 44 | memset (verification, 0, sizeof (struct signature_verification)); 45 | 46 | verification->rsa = rsa; 47 | verification->key = key; 48 | 49 | verification->base.verify_signature = signature_verification_rsa_verify_signature; 50 | 51 | return 0; 52 | } 53 | 54 | /** 55 | * Release the resources used for RSA signature verification. 56 | * 57 | * @param verification The verification instance to release. 58 | */ 59 | void signature_verification_rsa_wrapper_release (struct signature_verification_rsa_wrapper *verification) 60 | { 61 | 62 | } 63 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Crypto/SignatureVerificationRsaWrapper.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Signature Wrapper Handling functions 10 | */ 11 | 12 | #ifndef SIGNATURE_VERIFICATION_RSA_H_ 13 | #define SIGNATURE_VERIFICATION_RSA_H_ 14 | 15 | #include "common/signature_verification.h" 16 | #include "crypto/rsa.h" 17 | 18 | 19 | /** 20 | * Verification implementation to verify RSA signatures. 21 | */ 22 | struct signature_verification_rsa_wrapper { 23 | struct signature_verification base; /**< Base verification instance. */ 24 | struct rsa_engine *rsa; /**< RSA engine to use for verification. */ 25 | const struct rsa_public_key *key; /**< Public key for signature verification. */ 26 | }; 27 | 28 | 29 | int signature_verification_rsa_wrapper_init (struct signature_verification_rsa_wrapper *verification, 30 | struct rsa_engine *rsa, const struct rsa_public_key *key); 31 | void signature_verification_rsa_wrapper_release (struct signature_verification_rsa_wrapper *verification); 32 | 33 | 34 | #endif /* SIGNATURE_VERIFICATION_RSA_H_ */ 35 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Flash/FlashMasterWrapper.c: -------------------------------------------------------------------------------- 1 | #include "flash/flash_master.h" 2 | #include 3 | #include "FlashWrapper.h" 4 | 5 | /** 6 | * Get a set of capabilities supported by the SPI master. 7 | * 8 | * @param spi The SPI master to query. 9 | * 10 | * @return A capabilities bitmask for the SPI master. 11 | */ 12 | uint32_t Wrapper_flash_master_capabilities (struct flash_master *spi) 13 | { 14 | return FLASH_CAP_DUAL_1_2_2 | FLASH_CAP_DUAL_1_1_2 | FLASH_CAP_QUAD_4_4_4 | 15 | FLASH_CAP_QUAD_1_4_4 | FLASH_CAP_QUAD_1_1_4 | FLASH_CAP_3BYTE_ADDR | FLASH_CAP_4BYTE_ADDR; 16 | } 17 | 18 | uint32_t Wrapper_SPI_Command_Xfer (struct spi_flash *flash, const struct flash_xfer *Xfer) 19 | { 20 | return 0; 21 | } 22 | 23 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Flash/FlashWrapper.h: -------------------------------------------------------------------------------- 1 | 2 | //*********************************************************************** 3 | //* * 4 | //* Copyright (c) 1985-2022, AMI. * 5 | //* * 6 | //* All rights reserved. Subject to AMI licensing agreement. * 7 | //* * 8 | //*********************************************************************** 9 | /**@file 10 | * This file contains the Flash Wrapper Handling functions 11 | */ 12 | 13 | #ifndef FLASH_WRAPPER_COMMON_H_ 14 | #define FLASH_WRAPPER_COMMON_H_ 15 | 16 | #include "flash/spi_flash.h" 17 | 18 | int Wrapper_spi_flash_get_device_size (struct spi_flash *flash, uint32_t *bytes); 19 | int Wrapper_spi_flash_read (struct spi_flash *flash, uint32_t address, uint8_t *data, size_t length); 20 | int Wrapper_spi_flash_get_page_size (struct spi_flash *flash, uint32_t *bytes); 21 | int Wrapper_spi_flash_minimum_write_per_page (struct spi_flash *flash, uint32_t *bytes); 22 | int Wrapper_spi_flash_write (struct spi_flash *flash, uint32_t address, const uint8_t *data, size_t length); 23 | int Wrapper_spi_flash_get_sector_size (struct spi_flash *flash, uint32_t *bytes); 24 | int Wrapper_spi_flash_sector_erase (struct spi_flash *flash, uint32_t sector_addr); 25 | int Wrapper_spi_flash_get_block_size (struct spi_flash *flash, uint32_t *bytes); 26 | int Wrapper_spi_flash_block_erase (struct spi_flash *flash, uint32_t block_addr); 27 | int Wrapper_spi_flash_chip_erase (struct spi_flash *flash); 28 | uint32_t Wrapper_flash_master_capabilities (struct flash_master *spi); 29 | 30 | 31 | #endif /* FLASH_WRAPPER_COMMON_H_ */ 32 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/I2c/I2cWrapper.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Handling functions 10 | */ 11 | 12 | //#include 13 | //#include 14 | #include 15 | #include 16 | #include 17 | #include 18 | //#include 19 | #include "I2cWrapper.h" 20 | #include 21 | #include 22 | 23 | /* I2cSlaveWrapperInitSlaveDev 24 | * I2c salve initial wrapper to asp1060 api. 25 | * 26 | * @param i2c structure i2c_slave_interface 27 | * @param DevName I2C device name, support I2C_0 and I2C_1 28 | * @param slave_addr I2c slave device slave address 29 | * 30 | * @return 0 if the I2C slave was successfully initialize or an error code. 31 | */ 32 | int I2cSlaveWrapperInitSlaveDev(struct i2c_slave_interface *i2c, char *DevName, uint8_t slave_addr) 33 | { 34 | const struct device *dev; 35 | 36 | dev = device_get_binding(DevName); 37 | 38 | if (!dev) { 39 | return I2C_SLAVE_NO_DEVICE; 40 | } 41 | printk("\r\n I2CSlave_wrapper_InitSlaveDev get device\r\n"); 42 | return ast_i2c_slave_dev_init(dev , slave_addr); 43 | } 44 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/I2c/I2cWrapper.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Handling functions 10 | */ 11 | 12 | #ifndef I2C_WRAPPER_H_ 13 | #define I2C_WRAPPER_H_ 14 | 15 | #include 16 | #include 17 | 18 | //int I2cSlaveWrapperInitSlaveDev(struct i2c_slave_interface *i2c, char *DevName, uint8_t slave_addr); 19 | 20 | #endif /* I2C_WRAPPER_H_ */ 21 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/I2cFilter/I2cFilterWrapper.c: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the I2c Wrapper Handling functions 10 | */ 11 | 12 | #include "I2cFilterWrapper.h" 13 | #include 14 | #include 15 | 16 | /** 17 | * @brief Initialize specific device of I2C filter 18 | * 19 | * @param i2c_filter_interface I2C filter interface to use 20 | * 21 | * @return 0 if the I2C filter failed to initialize or an error code. 22 | */ 23 | static int WrapperI2cFilterInit(struct i2c_filter_interface *filter) 24 | { 25 | int ret; 26 | 27 | ret = i2c_filter_middleware_init(filter->filter.device_id); 28 | 29 | return ret; 30 | } 31 | 32 | /** 33 | * @brief Enable / disable specific device of I2C filter 34 | * 35 | * @param i2c_filter_interface I2C filter interface to use 36 | * @param en enable I2C filter 37 | * 38 | * @return 0 if the I2C filter failed to enable or an error code. 39 | */ 40 | static int WrapperI2cFilterEnable(struct i2c_filter_interface *filter, bool enable) 41 | { 42 | int ret; 43 | 44 | ret = i2c_filter_middleware_en(filter->filter.device_id, enable); 45 | 46 | return ret; 47 | } 48 | 49 | /** 50 | * @brief Setup whitelist for specific device of I2C filter with provided offset of slave device. 51 | * Index can using on stores every single offset of slave device with each single index. 52 | * 53 | * @param i2c_filter_interface I2C filter interface to use 54 | * @param index Index to stores register address or offset of slave device 55 | * 56 | * @return 0 if the I2C filter failed to setup or an error code. 57 | */ 58 | static int WrapperI2cFilterSet(struct i2c_filter_interface *filter, uint8_t index) 59 | { 60 | int ret; 61 | 62 | ret = i2c_filter_middleware_set_whitelist(filter->filter.device_id, index, 63 | filter->filter.slave_addr, filter->filter.whitelist_elements); 64 | 65 | return ret; 66 | } 67 | 68 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/I2cFilter/I2cFilterWrapper.h: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | 7 | #include 8 | #include "I2cFilter/I2cFilter.h" 9 | 10 | static int WrapperI2cFilterInit(struct i2c_filter_interface *filter); 11 | static int WrapperI2cFilterEnable(struct i2c_filter_interface *filter, bool enable); 12 | static int WrapperI2cFilterSet(struct i2c_filter_interface *filter, uint8_t index); -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Kconfig: -------------------------------------------------------------------------------- 1 | config TEKTAGONOE 2 | bool "Enable tektagonoe Wrapper layer" 3 | help 4 | This option enables the Hierarchical Wrapperlibrary -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/Logging/LoggingWrapper.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Logging Handling functions 10 | */ 11 | #ifndef LOGGINGWRAPPER_H_ 12 | #define LOGGINGWRAPPER_H_ 13 | 14 | #include 15 | #include 16 | 17 | #define TE_LOGGING_FLASH_SIZE 0x1000000 18 | #define TE_LOGGING_BASE_ADD 0 19 | #define TE_ROT_INTERNAL_LOG ROT_INTERNAL_LOG 20 | 21 | extern int debug_log_test(void); 22 | 23 | #endif /* LOGGING_WRAPPER_H_ */ -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/ManifestProcess/ManifestWrapper.h: -------------------------------------------------------------------------------- 1 | //***********************************************************************// 2 | //* *// 3 | //* Copyright © 2022 AMI *// 4 | //* *// 5 | //* All rights reserved. Subject to AMI licensing agreement. *// 6 | //* *// 7 | //***********************************************************************// 8 | 9 | /* 10 | * manifestProcessor.h 11 | * 12 | */ 13 | 14 | #ifndef MANIFEST_PROCESS_WRAPPER_H_ 15 | #define MANIFEST_PROCESS_WRAPPER_H_ 16 | 17 | #include "manifest.h" 18 | #include "manifest_flash.h" 19 | #include "firmware/app_image.h" 20 | 21 | int ManifestFlashVerifyWrapper (struct manifest_flash *manifest, struct hash_engine *hash, 22 | struct signature_verification *verification, uint8_t *hash_out, size_t hash_length); 23 | 24 | 25 | #endif /* MANIFEST_PROCESS_WRAPPER_H_ */ 26 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/ManifestProcess/PfmFlashWrapper/PfmFlashWrapper.h: -------------------------------------------------------------------------------- 1 | //*********************************************************************** 2 | //* * 3 | //* Copyright (c) 1985-2022, AMI. * 4 | //* * 5 | //* All rights reserved. Subject to AMI licensing agreement. * 6 | //* * 7 | //*********************************************************************** 8 | /**@file 9 | * This file contains the Pfm Handling functions 10 | */ 11 | 12 | #ifndef PFM_FLASH_WRAPPER_H_ 13 | #define PFM_FLASH_WRAPPER_H_ 14 | 15 | #include "pfm.h" 16 | #include "pfm_flash.h" 17 | #include "flash/flash_util.h" 18 | #include "manifest/manifest_flash.h" 19 | 20 | 21 | #endif /* PFM_FLASH_H_ */ 22 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/SpiFilter/SpiFilterWrapper.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Timer Handling functions 10 | */ 11 | 12 | #ifndef SPIFILTER_WRAPPER_H_ 13 | #define SPIFILTER_WRAPPER_H_ 14 | 15 | #include "spi_filter/spi_filter_interface.h" 16 | #include "spi_filter/spi_filter_aspeed.h" 17 | 18 | int SpiFilterGetPort(void); 19 | int SpiFilterGetMfgId(uint8_t *MfgId); 20 | int SpiFilterSetMfgId(uint8_t MfgId); 21 | int SpiFilterGetFlashSize(uint32_t *Bytes); 22 | int SpiFilterSetFlashSize(uint32_t Bytes); 23 | int SpiGetFilterEnabled(spi_filter_flash_mode *Mode); 24 | int SpiSetFilterEnabled(spi_filter_flash_mode Mode); 25 | int SpiGetFilterMode(spi_filter_flash_mode *Mode); 26 | int SpiSetFilterMode(spi_filter_flash_mode Mode); 27 | int SpiEnableFilter(bool Enable); 28 | int SpiFilterGetRoCs(spi_filter_cs *ActiveSelect); 29 | int SpiFilterSetRoCs(spi_filter_cs ActiveSelect); 30 | int SpiFilterGetAddressByteMode(spi_filter_address_mode *Mode); 31 | int SpiFilterGetFixedAddressByteMode(bool *Fixed); 32 | int SpiFilterSetAddressByteMode(spi_filter_address_mode Mode); 33 | int SpiFilterSetFixedAddressByteMode(spi_filter_address_mode Mode); 34 | int SpiFilterGetAddressByteModeWriteEnableRequired(bool *Required); 35 | int SpiFilterRequireAddressByteModeWriteEnable(bool Require); 36 | int SpiFilterGetResetAddressByteMode(spi_filter_address_mode *Mode); 37 | int SpiFilterSetResetAddressByteMode(spi_filter_address_mode Mode); 38 | int SpiFilterAreAllSingleFlashWritesAllowed(bool *Allowed); 39 | int SpiFilterAllowAllSingleFlashWrites(bool Allowed); 40 | int SpiFilterGetWriteEnableDetected(bool *Detected); 41 | int SpiFilterGetFlashDirtyState(spi_filter_flash_state *State); 42 | int SpiFilterClearFlashDirtyState(void); 43 | int SpiGetFilterRwRegion(uint8_t Region, uint32_t *StartAddress, uint32_t *EndAddress); 44 | int SpiSetFilterRwRegion(uint8_t Region, uint32_t StartAddress, uint32_t EndAddress); 45 | int SpiClearFilterRwRegions(void); 46 | 47 | #endif /* SPIFILTER_WRAPPER_H_ */ 48 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/WatchDog/WatchDog.c: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the WatchDog Handling functions 10 | */ 11 | #include 12 | /** 13 | * WatchDog timer init; 14 | * 15 | * @param dev Pointer to the device structure for the driver instance, the possible value is wdt1/wdt2/wdt3/wdt4 . 16 | * @param wdt_cfg Watchdog timeout configuration struct , refer to drivers/watchdog.h . 17 | * @param reset_option Configuration options , the possible value is WDT_FLAG_RESET_NONE/WDT_FLAG_RESET_CPU_CORE/WDT_FLAG_RESET_SOC, refer to drivers/watchdog.h . 18 | * 19 | * 20 | * @retval 0 if successfully or an error code. 21 | * 22 | */ 23 | int WatchDogInit(const struct device *dev, struct watchdog_config *wdt_config) 24 | { 25 | return watchdog_init(dev, wdt_config); 26 | } 27 | 28 | /** 29 | * Feed specified watchdog timeout wrapper, points to silicon base 30 | * 31 | * @retval 0 If successful or an error code. 32 | */ 33 | int WatchDogFeed(const struct device *dev, int channel_id) 34 | { 35 | return watchdog_feed(dev, channel_id); 36 | } 37 | 38 | /** 39 | * Disable watchdog wrapper points to Silicon base 40 | * 41 | * 42 | * @param dev Pointer to the device structure for the driver instance, the possible value is wdt1/wdt2/wdt3/wdt4 . 43 | * 44 | * @retval 45 | * 46 | */ 47 | int WatchDogDisable(const struct device *dev) 48 | { 49 | return watchdog_disable(dev); 50 | } 51 | 52 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Tektagon-OE/WatchDog/WatchDog.h: -------------------------------------------------------------------------------- 1 | // *********************************************************************** 2 | // * * 3 | // * Copyright (c) 1985-2022, AMI. * 4 | // * * 5 | // * All rights reserved. Subject to AMI licensing agreement. * 6 | // * * 7 | // *********************************************************************** 8 | /**@file 9 | * This file contains the Watchdog Handling functions 10 | */ 11 | 12 | #ifndef WATCHDOG_H_ 13 | #define WATCHDOG_H_ 14 | 15 | 16 | #endif 17 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Wrapper.cmake: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright © 2022 American Megatrends International LLC * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #***********************************************************************- 8 | # file HardwareAbstraction.cmake 9 | # Abstract: 10 | # 11 | # Defines the full set of compiler definitions necessary to enable Hardware Abstraction to publish its tasks. 12 | # Remove unwanted items from the list if you are not using it. 13 | # 14 | # -- 15 | 16 | set(WRAPPER_ROOT ${CMAKE_CURRENT_LIST_DIR}) 17 | 18 | -------------------------------------------------------------------------------- /oe-src/Wrapper/Wrapper.yaml: -------------------------------------------------------------------------------- 1 | Features: 2 | - feature: 3 | name: BareMetal Wrapper 4 | macro: BAREMETAL_WRAPPER_SUPPORT 5 | description: Switch to enable Baremetal Wrapper 6 | enable: Yes 7 | - feature: 8 | name: TE_OE WRAPPER 9 | macro: TE_OE_WRAPPER_SUPPORT 10 | description: Switch to enable TE_OE Wrapper 11 | enable: No 12 | -------------------------------------------------------------------------------- /west_init/west.yml: -------------------------------------------------------------------------------- 1 | #*********************************************************************** 2 | #* * 3 | #* Copyright (c) 1985-2023, AMI. * 4 | #* * 5 | #* All rights reserved. Subject to AMI licensing agreement. * 6 | #* * 7 | #*********************************************************************** 8 | 9 | 10 | manifest: 11 | self: 12 | path: Tektagon-OpenEdition 13 | 14 | remotes: 15 | - name: github 16 | url-base: https://github.com/AspeedTech-BMC 17 | - name: cerberus-github 18 | url-base: https://github.com/Azure 19 | projects: 20 | - name: zephyr 21 | remote: github 22 | revision: e33ef8c893edd2379109a4b718c4ac32ef14351f 23 | import: 24 | name-whitelist: 25 | - cmsis 26 | - mbedtls 27 | path: oe-src/ 28 | - name: Project-Cerberus 29 | remote: cerberus-github 30 | revision: b71c6353803aa9062354140e6bc06f707fe9908f 31 | path: oe-src/FunctionalBlocks/Cerberus/ 32 | -------------------------------------------------------------------------------- /zephyr_patches/10_CVE-2022-46392.patch: -------------------------------------------------------------------------------- 1 | diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h 2 | index b012bad453..23a40e0be2 100644 3 | --- a/modules/mbedtls/configs/config-tls-generic.h 4 | +++ b/modules/mbedtls/configs/config-tls-generic.h 5 | @@ -428,7 +428,7 @@ 6 | 7 | /* Enable OpenThread optimizations. */ 8 | #if defined(CONFIG_MBEDTLS_OPENTHREAD_OPTIMIZATIONS_ENABLED) 9 | -#define MBEDTLS_MPI_WINDOW_SIZE 1 /**< Maximum windows size used. */ 10 | +#define MBEDTLS_MPI_WINDOW_SIZE 4 /**< Maximum windows size used. */ 11 | #define MBEDTLS_MPI_MAX_SIZE 32 /**< Maximum number of bytes for usable MPIs. */ 12 | #define MBEDTLS_ECP_WINDOW_SIZE 2 /**< Maximum window size used */ 13 | #define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Enable fixed-point speed-up */ 14 | -------------------------------------------------------------------------------- /zephyr_patches/1_PATCH_CVE-2021-3510.patch: -------------------------------------------------------------------------------- 1 | diff --git a/include/data/json.h b/include/data/json.h 2 | index 43a5ed27a3..5b36ef7971 100644 3 | --- a/include/data/json.h 4 | +++ b/include/data/json.h 5 | @@ -360,11 +360,14 @@ typedef int (*json_append_bytes_t)(const char *bytes, size_t len, 6 | .offset = offsetof(struct_, \ 7 | len_field_), \ 8 | { \ 9 | - .object = { \ 10 | - .sub_descr = \ 11 | + .array = { \ 12 | + .element_descr = \ 13 | elem_descr_, \ 14 | - .sub_descr_len = \ 15 | - elem_descr_len_, \ 16 | + .n_elements = \ 17 | + 1 + \ 18 | + ZERO_OR_COMPILE_ERROR( \ 19 | + elem_descr_len_ == 1 \ 20 | + ), \ 21 | }, \ 22 | }, \ 23 | } }, \ 24 | diff --git a/lib/os/json.c b/lib/os/json.c 25 | index 69d3d614c9..df52d13c13 100644 26 | --- a/lib/os/json.c 27 | +++ b/lib/os/json.c 28 | @@ -509,12 +509,18 @@ static int arr_parse(struct json_obj *obj, 29 | { 30 | ptrdiff_t elem_size = get_elem_size(elem_descr); 31 | void *last_elem = (char *)field + elem_size * max_elements; 32 | - size_t *elements = (size_t *)((char *)val + elem_descr->offset); 33 | + size_t *elements = NULL; 34 | struct token value; 35 | 36 | + if (val) { 37 | + elements = (size_t *)((char *)val + elem_descr->offset); 38 | + } 39 | + 40 | __ASSERT_NO_MSG(elem_size > 0); 41 | 42 | - *elements = 0; 43 | + if (elements) { 44 | + *elements = 0; 45 | + } 46 | 47 | while (!arr_next(obj, &value)) { 48 | if (value.type == JSON_TOK_LIST_END) { 49 | @@ -525,11 +531,13 @@ static int arr_parse(struct json_obj *obj, 50 | return -ENOSPC; 51 | } 52 | 53 | - if (decode_value(obj, elem_descr, &value, field, val) < 0) { 54 | + if (decode_value(obj, elem_descr, &value, field, NULL) < 0) { 55 | return -EINVAL; 56 | } 57 | 58 | - (*elements)++; 59 | + if (elements) { 60 | + (*elements)++; 61 | + } 62 | field = (char *)field + elem_size; 63 | } 64 | 65 | diff --git a/tests/lib/json/src/main.c b/tests/lib/json/src/main.c 66 | index 97a94f1421..42ad1520b9 100644 67 | --- a/tests/lib/json/src/main.c 68 | +++ b/tests/lib/json/src/main.c 69 | @@ -232,8 +232,20 @@ static void test_json_decoding_array_array(void) 70 | &obj_array_array_ts); 71 | 72 | zassert_equal(ret, 1, "Encoding array of object returned no errors"); 73 | + zassert_equal(obj_array_array_ts.objects_array_len, 3, "Array has correct number of items"); 74 | + 75 | + zassert_true(!strcmp(obj_array_array_ts.objects_array[0].objects.name, 76 | + "Simón Bolívar"), "String decoded correctly"); 77 | + zassert_equal(obj_array_array_ts.objects_array[0].objects.height, 168, 78 | + "Simón Bolívar height decoded correctly"); 79 | + 80 | zassert_true(!strcmp(obj_array_array_ts.objects_array[1].objects.name, 81 | "Pelé"), "String decoded correctly"); 82 | + zassert_equal(obj_array_array_ts.objects_array[1].objects.height, 173, 83 | + "Pelé height decoded correctly"); 84 | + 85 | + zassert_true(!strcmp(obj_array_array_ts.objects_array[2].objects.name, 86 | + "Usain Bolt"), "String decoded correctly"); 87 | zassert_equal(obj_array_array_ts.objects_array[2].objects.height, 195, 88 | "Usain Bolt height decoded correctly"); 89 | } 90 | -------------------------------------------------------------------------------- /zephyr_patches/3_CVE-2021-3835.patch: -------------------------------------------------------------------------------- 1 | diff --git a/subsys/bluetooth/host/hci_raw.c b/subsys/bluetooth/host/hci_raw.c 2 | index 503c49e0ae..93a488fe49 100644 3 | --- a/subsys/bluetooth/host/hci_raw.c 4 | +++ b/subsys/bluetooth/host/hci_raw.c 5 | @@ -159,6 +159,10 @@ struct net_buf *bt_buf_get_tx(enum bt_buf_type type, k_timeout_t timeout, 6 | bt_buf_set_type(buf, type); 7 | 8 | if (data && size) { 9 | + if (net_buf_tailroom(buf) < size) { 10 | + net_buf_unref(buf); 11 | + return NULL; 12 | + } 13 | net_buf_add_mem(buf, data, size); 14 | } 15 | 16 | diff --git a/subsys/usb/class/bluetooth.c b/subsys/usb/class/bluetooth.c 17 | index 173f35e48f..5484f48a75 100644 18 | --- a/subsys/usb/class/bluetooth.c 19 | +++ b/subsys/usb/class/bluetooth.c 20 | @@ -226,11 +226,19 @@ static void acl_read_cb(uint8_t ep, int size, void *priv) 21 | if (IS_ENABLED(CONFIG_USB_DEVICE_BLUETOOTH_VS_H4) && 22 | bt_hci_raw_get_mode() == BT_HCI_RAW_MODE_H4) { 23 | buf = bt_buf_get_tx(BT_BUF_H4, K_FOREVER, data, size); 24 | + if (!buf) { 25 | + LOG_ERR("Failed to allocate buffer"); 26 | + goto restart_out_transfer; 27 | + } 28 | pkt_len = hci_pkt_get_len(buf, &data[1], size - 1); 29 | LOG_DBG("pkt_len %u, chunk %u", pkt_len, size); 30 | } else { 31 | buf = bt_buf_get_tx(BT_BUF_ACL_OUT, K_FOREVER, 32 | data, size); 33 | + if (!buf) { 34 | + LOG_ERR("Failed to allocate buffer"); 35 | + goto restart_out_transfer; 36 | + } 37 | pkt_len = hci_pkt_get_len(buf, data, size); 38 | LOG_DBG("pkt_len %u, chunk %u", pkt_len, size); 39 | } 40 | @@ -241,6 +249,12 @@ static void acl_read_cb(uint8_t ep, int size, void *priv) 41 | buf = NULL; 42 | } 43 | } else { 44 | + if (net_buf_tailroom(buf) < size) { 45 | + LOG_ERR("Buffer tailroom too small"); 46 | + net_buf_unref(buf); 47 | + buf = NULL; 48 | + goto restart_out_transfer; 49 | + } 50 | /* 51 | * Take over the next chunk if HCI packet is 52 | * larger than USB_MAX_FS_BULK_MPS. 53 | -------------------------------------------------------------------------------- /zephyr_patches/4_CVE-2021-3861.patch: -------------------------------------------------------------------------------- 1 | diff --git a/subsys/usb/Kconfig b/subsys/usb/Kconfig 2 | index e80093b926..0e9708b852 100644 3 | --- a/subsys/usb/Kconfig 4 | +++ b/subsys/usb/Kconfig 5 | @@ -75,7 +75,7 @@ config USB_DEVICE_BLUETOOTH_BIG_BUF 6 | 7 | config USB_REQUEST_BUFFER_SIZE 8 | int "Set buffer size for Standard, Class and Vendor request handlers" 9 | - range 256 65536 if USB_DEVICE_NETWORK_RNDIS 10 | + range 64 512 if USB_DEVICE_NETWORK_RNDIS 11 | range 8 65536 12 | default 256 if USB_DEVICE_NETWORK_RNDIS 13 | default 266 if (USB_DEVICE_BLUETOOTH && USB_DEVICE_BLUETOOTH_BIG_BUF) 14 | diff --git a/subsys/usb/class/netusb/Kconfig b/subsys/usb/class/netusb/Kconfig 15 | index f731d2e083..9cd6fae631 100644 16 | --- a/subsys/usb/class/netusb/Kconfig 17 | +++ b/subsys/usb/class/netusb/Kconfig 18 | @@ -27,7 +27,6 @@ config USB_DEVICE_NETWORK_EEM 19 | config USB_DEVICE_NETWORK_RNDIS 20 | bool "USB Remote NDIS (RNDIS) Networking device" 21 | select USB_DEVICE_NETWORK 22 | - select USB_COMPOSITE_DEVICE 23 | help 24 | Remote NDIS (RNDIS) is commonly used Microsoft vendor protocol with 25 | Specification available from Microsoft web site. 26 | diff --git a/subsys/usb/class/netusb/function_rndis.c b/subsys/usb/class/netusb/function_rndis.c 27 | index c8c83b8f2b..4dbb2ab2a1 100644 28 | --- a/subsys/usb/class/netusb/function_rndis.c 29 | +++ b/subsys/usb/class/netusb/function_rndis.c 30 | @@ -33,7 +33,7 @@ static struct k_fifo rndis_tx_queue; 31 | 32 | /* Serialize RNDIS command queue for later processing */ 33 | #define CFG_RNDIS_CMD_BUF_COUNT 2 34 | -#define CFG_RNDIS_CMD_BUF_SIZE 512 35 | +#define CFG_RNDIS_CMD_BUF_SIZE CONFIG_USB_REQUEST_BUFFER_SIZE 36 | NET_BUF_POOL_DEFINE(rndis_cmd_pool, CFG_RNDIS_CMD_BUF_COUNT, 37 | CFG_RNDIS_CMD_BUF_SIZE, 0, NULL); 38 | static struct k_fifo rndis_cmd_queue; 39 | @@ -45,9 +45,7 @@ static K_KERNEL_STACK_DEFINE(cmd_stack, 2048); 40 | static struct k_thread cmd_thread_data; 41 | 42 | struct usb_rndis_config { 43 | -#ifdef CONFIG_USB_COMPOSITE_DEVICE 44 | struct usb_association_descriptor iad; 45 | -#endif 46 | struct usb_if_descriptor if0; 47 | struct cdc_header_descriptor if0_header; 48 | struct cdc_cm_descriptor if0_cm; 49 | @@ -61,7 +59,6 @@ struct usb_rndis_config { 50 | } __packed; 51 | 52 | USBD_CLASS_DESCR_DEFINE(primary, 0) struct usb_rndis_config rndis_cfg = { 53 | -#ifdef CONFIG_USB_COMPOSITE_DEVICE 54 | .iad = { 55 | .bLength = sizeof(struct usb_association_descriptor), 56 | .bDescriptorType = USB_ASSOCIATION_DESC, 57 | @@ -72,7 +69,6 @@ USBD_CLASS_DESCR_DEFINE(primary, 0) struct usb_rndis_config rndis_cfg = { 58 | .bFunctionProtocol = 0, 59 | .iFunction = 0, 60 | }, 61 | -#endif 62 | /* Interface descriptor 0 */ 63 | /* CDC Communication interface */ 64 | .if0 = { 65 | @@ -1161,9 +1157,7 @@ static void netusb_interface_config(struct usb_desc_header *head, 66 | rndis_cfg.if0_union.bControlInterface = bInterfaceNumber; 67 | rndis_cfg.if0_union.bSubordinateInterface0 = bInterfaceNumber + 1; 68 | rndis_cfg.if1.bInterfaceNumber = bInterfaceNumber + 1; 69 | -#ifdef CONFIG_USB_COMPOSITE_DEVICE 70 | rndis_cfg.iad.bFirstInterface = bInterfaceNumber; 71 | -#endif 72 | } 73 | 74 | USBD_CFG_DATA_DEFINE(primary, netusb) struct usb_cfg_data netusb_config = { 75 | -------------------------------------------------------------------------------- /zephyr_patches/6_CVE-2022-1041.patch: -------------------------------------------------------------------------------- 1 | diff --git a/subsys/bluetooth/mesh/pb_adv.c b/subsys/bluetooth/mesh/pb_adv.c 2 | index 944c16f56b..6db9f21cf4 100644 3 | --- a/subsys/bluetooth/mesh/pb_adv.c 4 | +++ b/subsys/bluetooth/mesh/pb_adv.c 5 | @@ -140,7 +140,7 @@ static struct bt_mesh_send_cb buf_sent_cb = { 6 | .end = buf_sent, 7 | }; 8 | 9 | -static uint8_t last_seg(uint8_t len) 10 | +static uint8_t last_seg(uint16_t len) 11 | { 12 | if (len <= START_PAYLOAD_MAX) { 13 | return 0; 14 | @@ -468,6 +468,13 @@ static void gen_prov_start(struct prov_rx *rx, struct net_buf_simple *buf) 15 | return; 16 | } 17 | 18 | + if (START_LAST_SEG(rx->gpc) != last_seg(link.rx.buf->len)) { 19 | + BT_ERR("Invalid SegN (%u, calculated %u)", START_LAST_SEG(rx->gpc), 20 | + last_seg(link.rx.buf->len)); 21 | + prov_failed(PROV_ERR_NVAL_FMT); 22 | + return; 23 | + } 24 | + 25 | prov_clear_tx(); 26 | 27 | link.rx.last_seg = START_LAST_SEG(rx->gpc); 28 | -------------------------------------------------------------------------------- /zephyr_patches/7_CVE-FIX-CVE-2022-1042.patch: -------------------------------------------------------------------------------- 1 | diff --git a/subsys/bluetooth/mesh/pb_adv.c b/subsys/bluetooth/mesh/pb_adv.c 2 | index 944c16f56b..f755d58082 100644 3 | --- a/subsys/bluetooth/mesh/pb_adv.c 4 | +++ b/subsys/bluetooth/mesh/pb_adv.c 5 | @@ -30,6 +30,7 @@ 6 | 7 | #define START_PAYLOAD_MAX 20 8 | #define CONT_PAYLOAD_MAX 23 9 | +#define RX_BUFFER_MAX 65 10 | 11 | #define START_LAST_SEG(gpc) (gpc >> 2) 12 | #define CONT_SEG_INDEX(gpc) (gpc >> 2) 13 | @@ -39,7 +40,8 @@ 14 | #define LINK_ACK 0x01 15 | #define LINK_CLOSE 0x02 16 | 17 | -#define XACT_SEG_DATA(_seg) (&link.rx.buf->data[20 + ((_seg - 1) * 23)]) 18 | +#define XACT_SEG_OFFSET(_seg) (20 + ((_seg - 1) * 23)) 19 | +#define XACT_SEG_DATA(_seg) (&link.rx.buf->data[XACT_SEG_OFFSET(_seg)]) 20 | #define XACT_SEG_RECV(_seg) (link.rx.seg &= ~(1 << (_seg))) 21 | 22 | #define XACT_ID_MAX 0x7f 23 | @@ -117,7 +119,7 @@ struct prov_rx { 24 | uint8_t gpc; 25 | }; 26 | 27 | -NET_BUF_SIMPLE_DEFINE_STATIC(rx_buf, 65); 28 | +NET_BUF_SIMPLE_DEFINE_STATIC(rx_buf, RX_BUFFER_MAX); 29 | 30 | static struct pb_adv link = { .rx = { .buf = &rx_buf } }; 31 | 32 | @@ -375,6 +377,11 @@ static void gen_prov_cont(struct prov_rx *rx, struct net_buf_simple *buf) 33 | BT_DBG("Ignoring already received segment"); 34 | return; 35 | } 36 | + if (XACT_SEG_OFFSET(seg) + buf->len > RX_BUFFER_MAX) { 37 | + BT_WARN("Rx buffer overflow. Malformed generic prov frame?"); 38 | + return; 39 | + } 40 | + 41 | 42 | memcpy(XACT_SEG_DATA(seg), buf->data, buf->len); 43 | XACT_SEG_RECV(seg); 44 | -------------------------------------------------------------------------------- /zephyr_patches/8_CVE-FIX-CVE-2022-1841.patch: -------------------------------------------------------------------------------- 1 | diff --git a/subsys/net/ip/tcp2.c b/subsys/net/ip/tcp2.c 2 | index b2e10d5d98..43f562f054 100644 3 | --- a/subsys/net/ip/tcp2.c 4 | +++ b/subsys/net/ip/tcp2.c 5 | @@ -230,8 +230,9 @@ static const char *tcp_flags(uint8_t flags) 6 | if (flags & URG) { 7 | len += snprintk(buf + len, BUF_SIZE - len, "URG,"); 8 | } 9 | - 10 | - buf[len - 1] = '\0'; /* delete the last comma */ 11 | + if (len > 0) { 12 | + buf[len - 1] = '\0'; /* delete the last comma */ 13 | + } 14 | } 15 | #undef BUF_SIZE 16 | return buf; 17 | -------------------------------------------------------------------------------- /zephyr_patches/pfr_ast1060.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 ASPEED Technology Inc. 3 | * 4 | * SPDX-License-Identifier: Apache-2.0 5 | */ 6 | 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | 17 | #define PFR_SCU_CTRL_REG 0x7e6e20f0 18 | 19 | #if !DT_NODE_HAS_STATUS(DT_INST(0, demo_gpio_basic_api), okay) 20 | #error "no correct gpio device" 21 | #endif 22 | 23 | void pfr_bmc_srst_enable_ctrl(bool enable) 24 | { 25 | int ret; 26 | const struct gpio_dt_spec gpio_m5 = 27 | GPIO_DT_SPEC_GET_BY_IDX(DT_INST(0, demo_gpio_basic_api), 28 | out_gpios, 0); 29 | 30 | if (enable) 31 | gpio_pin_set(gpio_m5.port, gpio_m5.pin, 0); 32 | else 33 | gpio_pin_set(gpio_m5.port, gpio_m5.pin, 1); 34 | 35 | ret = gpio_pin_configure_dt(&gpio_m5, GPIO_OUTPUT); 36 | if (ret) 37 | return; 38 | 39 | k_busy_wait(10000); /* 10ms */ 40 | } 41 | 42 | #if DT_NODE_HAS_PROP(DT_INST(0, demo_gpio_basic_api), bmc_extrst_ctrl_out_gpios) 43 | void pfr_bmc_extrst_enable_ctrl(bool enable) 44 | { 45 | int ret; 46 | const struct gpio_dt_spec gpio_h2 = 47 | GPIO_DT_SPEC_GET_BY_IDX(DT_INST(0, demo_gpio_basic_api), 48 | bmc_extrst_ctrl_out_gpios, 0); 49 | 50 | if (enable) 51 | gpio_pin_set(gpio_h2.port, gpio_h2.pin, 0); 52 | else 53 | gpio_pin_set(gpio_h2.port, gpio_h2.pin, 1); 54 | 55 | ret = gpio_pin_configure_dt(&gpio_h2, GPIO_OUTPUT); 56 | if (ret) 57 | return; 58 | 59 | k_busy_wait(10000); /* 10ms */ 60 | } 61 | #endif 62 | 63 | #if DT_NODE_HAS_PROP(DT_INST(0, demo_gpio_basic_api), pch_rst_ctrl_out_gpios) 64 | void pfr_pch_rst_enable_ctrl(bool enable) 65 | { 66 | int ret; 67 | const struct gpio_dt_spec gpio_m2 = 68 | GPIO_DT_SPEC_GET_BY_IDX(DT_INST(0, demo_gpio_basic_api), 69 | pch_rst_ctrl_out_gpios, 0); 70 | 71 | if (enable) 72 | gpio_pin_set(gpio_m2.port, gpio_m2.pin, 0); 73 | else 74 | gpio_pin_set(gpio_m2.port, gpio_m2.pin, 1); 75 | 76 | ret = gpio_pin_configure_dt(&gpio_m2, GPIO_OUTPUT); 77 | if (ret) 78 | return; 79 | 80 | k_busy_wait(10000); /* 10ms */ 81 | } 82 | #endif 83 | 84 | --------------------------------------------------------------------------------