Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Properly evaluate PL0 PAUSERs when the fw header bit is unset #1536

Merged
merged 1 commit into from
Jul 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions runtime/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ caliptra-hw-model.workspace = true
caliptra-image-elf.workspace = true
caliptra-image-fake-keys.workspace = true
caliptra-image-gen.workspace = true
caliptra-image-crypto.workspace = true
caliptra-image-serde.workspace = true
caliptra-cfi-lib-git = { workspace = true, features = ["cfi-test"] }
openssl.workspace = true
Expand Down
3 changes: 2 additions & 1 deletion runtime/src/drivers.rs
Original file line number Diff line number Diff line change
Expand Up @@ -590,7 +590,8 @@ impl Drivers {
/// * `flags` - Flags from manifest header
/// * `locality` - Caller's locality
pub fn is_caller_pl1(pl0_pauser: u32, flags: u32, locality: u32) -> bool {
flags & PL0_PAUSER_FLAG == 0 && locality != pl0_pauser
(flags & PL0_PAUSER_FLAG == 0) // There is no PL0 PAUSER
|| (locality != pl0_pauser) // There is a PL0 PAUSER, but it's not the current user
}

/// Get the KeyId for the RT Alias CDI
Expand Down
Original file line number Diff line number Diff line change
@@ -1,15 +1,23 @@
// Licensed under the Apache-2.0 license

use caliptra_builder::ImageOptions;
use caliptra_builder::{
build_firmware_elf,
firmware::{APP_WITH_UART, FMC_WITH_UART},
ImageOptions,
};
use caliptra_common::mailbox_api::{
CertifyKeyExtendedFlags, CertifyKeyExtendedReq, CommandId, MailboxReq, MailboxReqHeader,
PopulateIdevCertReq, StashMeasurementReq,
};
use caliptra_error::CaliptraError;
use caliptra_hw_model::HwModel;
use caliptra_hw_model::{BootParams, Fuses, HwModel, InitParams, SecurityState};
use caliptra_image_crypto::OsslCrypto as Crypto;
use caliptra_image_elf::ElfExecutable;
use caliptra_image_gen::{ImageGenerator, ImageGeneratorConfig};
use caliptra_runtime::{
RtBootStatus, PL0_DPE_ACTIVE_CONTEXT_THRESHOLD, PL1_DPE_ACTIVE_CONTEXT_THRESHOLD,
};

use dpe::{
commands::{
CertifyKeyCmd, CertifyKeyFlags, Command, DeriveContextCmd, DeriveContextFlags, InitCtxCmd,
Expand Down Expand Up @@ -440,3 +448,137 @@ fn test_measurement_log_pl_context_threshold() {
== u32::from(CaliptraError::RUNTIME_PL0_USED_DPE_CONTEXT_THRESHOLD_REACHED)
});
}

#[test]
fn test_pl0_unset_in_header() {
let fuses = Fuses::default();
let rom = caliptra_builder::rom_for_fw_integration_tests().unwrap();
let mut model = caliptra_hw_model::new(
InitParams {
rom: &rom,
security_state: SecurityState::from(fuses.life_cycle as u32),
..Default::default()
},
BootParams {
fuses,
..Default::default()
},
)
.unwrap();

let mut opts = ImageOptions::default();
opts.vendor_config.pl0_pauser = None;
let mut image_bundle =
caliptra_builder::build_and_sign_image(&FMC_WITH_UART, &APP_WITH_UART, opts).unwrap();

// Change PL0 to 1 so that it matches the real PL0 PAUSER but don't set the
// flag bit to make it valid. Also need to re-generate and re-sign the image.
image_bundle.manifest.header.pl0_pauser = 1;

let opts = ImageOptions::default();
let ecc_index = opts.vendor_config.ecc_key_idx;
let lms_index = opts.vendor_config.lms_key_idx;
let gen = ImageGenerator::new(Crypto::default());
let header_digest_vendor = gen
.header_digest_vendor(&image_bundle.manifest.header)
.unwrap();
let header_digest_owner = gen
.header_digest_owner(&image_bundle.manifest.header)
.unwrap();
let fmc_elf = build_firmware_elf(&FMC_WITH_UART).unwrap();
let app_elf = build_firmware_elf(&APP_WITH_UART).unwrap();
let preamble = gen
.gen_preamble(
&ImageGeneratorConfig {
fmc: ElfExecutable::new(
&fmc_elf,
opts.fmc_version as u32,
opts.fmc_svn,
*b"~~~~~NO_GIT_REVISION",
)
.unwrap(),
runtime: ElfExecutable::new(
&app_elf,
opts.app_version,
opts.app_svn,
*b"~~~~~NO_GIT_REVISION",
)
.unwrap(),
vendor_config: opts.vendor_config,
owner_config: opts.owner_config,
},
ecc_index,
lms_index,
&header_digest_vendor,
&header_digest_owner,
)
.unwrap();
image_bundle.manifest.preamble = preamble;

model
.upload_firmware(&image_bundle.to_bytes().unwrap())
.unwrap();

model.step_until(|m| {
m.soc_ifc().cptra_boot_status().read() == u32::from(RtBootStatus::RtReadyForCommands)
});

// If PL0 PAUSER is unset, make sure PL0-only operation fails
let certify_key_cmd = CertifyKeyCmd {
handle: ContextHandle::default(),
label: TEST_LABEL,
flags: CertifyKeyFlags::empty(),
format: CertifyKeyCmd::FORMAT_X509,
};
let resp = execute_dpe_cmd(
&mut model,
&mut Command::CertifyKey(certify_key_cmd),
DpeResult::MboxCmdFailure(CaliptraError::RUNTIME_INCORRECT_PAUSER_PRIVILEGE_LEVEL),
);
assert!(resp.is_none());
}

#[test]
fn test_user_not_pl0() {
let fuses = Fuses::default();
let rom = caliptra_builder::rom_for_fw_integration_tests().unwrap();
let mut model = caliptra_hw_model::new(
InitParams {
rom: &rom,
security_state: SecurityState::from(fuses.life_cycle as u32),
..Default::default()
},
BootParams {
fuses,
..Default::default()
},
)
.unwrap();

let mut opts = ImageOptions::default();
opts.vendor_config.pl0_pauser = Some(0); // Caller PAUSER is always 1 for current models
let image_bundle =
caliptra_builder::build_and_sign_image(&FMC_WITH_UART, &APP_WITH_UART, opts).unwrap();

model
.upload_firmware(&image_bundle.to_bytes().unwrap())
.unwrap();

model.step_until(|m| {
m.soc_ifc().cptra_boot_status().read() == u32::from(RtBootStatus::RtReadyForCommands)
});

// If PAUSER is not PL0, make sure PL0-only operation fails
let certify_key_cmd = CertifyKeyCmd {
handle: ContextHandle::default(),
label: TEST_LABEL,
flags: CertifyKeyFlags::empty(),
format: CertifyKeyCmd::FORMAT_X509,
};
let resp = execute_dpe_cmd(
&mut model,
&mut Command::CertifyKey(certify_key_cmd),
DpeResult::MboxCmdFailure(CaliptraError::RUNTIME_INCORRECT_PAUSER_PRIVILEGE_LEVEL),
);
assert!(resp.is_none());
}
Loading