aboutsummaryrefslogtreecommitdiff
path: root/projects/hsm
diff options
context:
space:
mode:
Diffstat (limited to 'projects/hsm')
-rw-r--r--projects/hsm/hsm.c3
-rw-r--r--projects/hsm/log.c4
-rw-r--r--projects/hsm/mgmt-bootloader.c11
-rw-r--r--projects/hsm/mgmt-cli.c14
-rw-r--r--projects/hsm/mgmt-firmware.c5
-rw-r--r--projects/hsm/mgmt-fpga.c39
-rw-r--r--projects/hsm/mgmt-keystore.c20
-rw-r--r--projects/hsm/mgmt-masterkey.c20
-rw-r--r--projects/hsm/mgmt-misc.c24
-rw-r--r--projects/hsm/mgmt-misc.h3
-rw-r--r--projects/hsm/mgmt-task.c13
11 files changed, 122 insertions, 34 deletions
diff --git a/projects/hsm/hsm.c b/projects/hsm/hsm.c
index 5ef2ccc..f20ee64 100644
--- a/projects/hsm/hsm.c
+++ b/projects/hsm/hsm.c
@@ -419,7 +419,6 @@ void hal_sleep(const unsigned seconds) { task_delay(seconds * 1000); }
int main(void)
{
stm_init();
- uart_set_default(STM_UART_MGMT);
led_on(LED_GREEN);
if (hal_rpc_server_init() != LIBHAL_OK)
@@ -428,7 +427,7 @@ int main(void)
/* Initialize the ibuf queues. */
memset(&ibuf_waiting, 0, sizeof(ibuf_waiting));
memset(&ibuf_ready, 0, sizeof(ibuf_ready));
- for (int i = 0; i < sizeof(ibufs)/sizeof(ibufs[0]); ++i)
+ for (size_t i = 0; i < sizeof(ibufs)/sizeof(ibufs[0]); ++i)
ibuf_put(&ibuf_waiting, &ibufs[i]);
/* Create the rpc dispatch worker tasks. */
diff --git a/projects/hsm/log.c b/projects/hsm/log.c
index c0d9df4..fbc0e73 100644
--- a/projects/hsm/log.c
+++ b/projects/hsm/log.c
@@ -63,6 +63,6 @@ void hal_log(const hal_log_level_t level, const char *format, ...)
vsnprintf(buffer, sizeof(buffer), format, ap);
va_end(ap);
- uart_send_string2(STM_UART_MGMT, buffer);
- uart_send_string2(STM_UART_MGMT, "\r\n");
+ uart_send_string(buffer);
+ uart_send_string("\r\n");
}
diff --git a/projects/hsm/mgmt-bootloader.c b/projects/hsm/mgmt-bootloader.c
index 738686e..1d8b8ad 100644
--- a/projects/hsm/mgmt-bootloader.c
+++ b/projects/hsm/mgmt-bootloader.c
@@ -50,16 +50,19 @@ extern hal_user_t user;
static uint32_t dfu_offset;
-static int _flash_write_callback(uint8_t *buf, size_t len)
+static HAL_StatusTypeDef _flash_write_callback(uint8_t *buf, size_t len)
{
- if (stm_flash_write32(dfu_offset, (uint32_t *)buf, (uint32_t)len/4) != 1)
- return 0;
+ HAL_StatusTypeDef status = stm_flash_write32(dfu_offset, (uint32_t *)buf, len/4);
dfu_offset += DFU_UPLOAD_CHUNK_SIZE;
- return 1;
+ return status;
}
static int cmd_bootloader_upload(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
if (user < HAL_USER_SO) {
cli_print(cli, "Permission denied.");
return CLI_ERROR;
diff --git a/projects/hsm/mgmt-cli.c b/projects/hsm/mgmt-cli.c
index ec9bf8f..2b5be1f 100644
--- a/projects/hsm/mgmt-cli.c
+++ b/projects/hsm/mgmt-cli.c
@@ -64,8 +64,8 @@ static tcb_t *cli_task;
#endif
typedef struct {
- int ridx;
- volatile int widx;
+ unsigned ridx;
+ unsigned widx;
mgmt_cli_dma_state_t rx_state;
uint8_t buf[CLI_UART_RECVBUF_SIZE];
} ringbuf_t;
@@ -103,6 +103,8 @@ static uint8_t uart_rx;
*/
void HAL_UART1_RxCpltCallback(UART_HandleTypeDef *huart)
{
+ huart = huart;
+
ringbuf_write_char(&uart_ringbuf, uart_rx);
task_wake(cli_task);
}
@@ -110,13 +112,13 @@ void HAL_UART1_RxCpltCallback(UART_HandleTypeDef *huart)
static void uart_cli_print(struct cli_def *cli __attribute__ ((unused)), const char *buf)
{
char crlf[] = "\r\n";
- uart_send_string2(STM_UART_MGMT, buf);
- uart_send_string2(STM_UART_MGMT, crlf);
+ uart_send_string(buf);
+ uart_send_string(crlf);
}
static ssize_t uart_cli_read(struct cli_def *cli __attribute__ ((unused)), void *buf, size_t count)
{
- for (int i = 0; i < count; ++i) {
+ for (size_t i = 0; i < count; ++i) {
while (ringbuf_read_char(&uart_ringbuf, (uint8_t *)(buf + i)) == 0)
task_sleep();
}
@@ -125,7 +127,7 @@ static ssize_t uart_cli_read(struct cli_def *cli __attribute__ ((unused)), void
static ssize_t uart_cli_write(struct cli_def *cli __attribute__ ((unused)), const void *buf, size_t count)
{
- uart_send_bytes(STM_UART_MGMT, (uint8_t *) buf, count);
+ uart_send_bytes((uint8_t *) buf, count);
return (ssize_t)count;
}
diff --git a/projects/hsm/mgmt-firmware.c b/projects/hsm/mgmt-firmware.c
index ec8a69d..b6b3321 100644
--- a/projects/hsm/mgmt-firmware.c
+++ b/projects/hsm/mgmt-firmware.c
@@ -36,7 +36,6 @@
#define HAL_OK CMSIS_HAL_OK
#include "stm-init.h"
#include "stm-uart.h"
-#include "stm-flash.h"
#include "mgmt-cli.h"
@@ -49,6 +48,10 @@ extern hal_user_t user;
static int cmd_firmware_upload(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
if (user < HAL_USER_SO) {
cli_print(cli, "Permission denied.");
return CLI_ERROR;
diff --git a/projects/hsm/mgmt-fpga.c b/projects/hsm/mgmt-fpga.c
index 06f2a26..af7ba11 100644
--- a/projects/hsm/mgmt-fpga.c
+++ b/projects/hsm/mgmt-fpga.c
@@ -55,20 +55,31 @@ extern hal_user_t user;
static volatile uint32_t dfu_offset = 0;
-static int _flash_write_callback(uint8_t *buf, size_t len)
+static HAL_StatusTypeDef _flash_write_callback(uint8_t *buf, size_t len)
{
+ HAL_StatusTypeDef res;
+
if ((dfu_offset % FPGACFG_SECTOR_SIZE) == 0)
/* first page in sector, need to erase sector */
- if (fpgacfg_erase_sector(dfu_offset / FPGACFG_SECTOR_SIZE) != 1)
- return CLI_ERROR;
+ if ((res = fpgacfg_erase_sector(dfu_offset / FPGACFG_SECTOR_SIZE)) != CMSIS_HAL_OK)
+ return res;
- int res = fpgacfg_write_data(dfu_offset, buf, BITSTREAM_UPLOAD_CHUNK_SIZE) == 1;
+ /* fpgacfg_write_data (a thin wrapper around n25q128_write_data)
+ * requires the offset and length to be page-aligned. The last chunk
+ * will be short, so we pad it out to the full chunk size.
+ */
+ len = len;
+ res = fpgacfg_write_data(dfu_offset, buf, BITSTREAM_UPLOAD_CHUNK_SIZE);
dfu_offset += BITSTREAM_UPLOAD_CHUNK_SIZE;
return res;
}
static int cmd_fpga_bitstream_upload(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
if (user < HAL_USER_SO) {
cli_print(cli, "Permission denied.");
return CLI_ERROR;
@@ -81,7 +92,7 @@ static int cmd_fpga_bitstream_upload(struct cli_def *cli, const char *command, c
fpgacfg_access_control(ALLOW_ARM);
cli_print(cli, "Checking if FPGA config memory is accessible");
- if (fpgacfg_check_id() != 1) {
+ if (fpgacfg_check_id() != CMSIS_HAL_OK) {
cli_print(cli, "ERROR: FPGA config memory not accessible. Check that jumpers JP7 and JP8 are installed.");
return CLI_ERROR;
}
@@ -96,10 +107,14 @@ static int cmd_fpga_bitstream_upload(struct cli_def *cli, const char *command, c
static int cmd_fpga_bitstream_erase(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
fpgacfg_access_control(ALLOW_ARM);
cli_print(cli, "Checking if FPGA config memory is accessible");
- if (fpgacfg_check_id() != 1) {
+ if (fpgacfg_check_id() != CMSIS_HAL_OK) {
cli_print(cli, "ERROR: FPGA config memory not accessible. Check that jumpers JP7 and JP8 are installed.");
return CLI_ERROR;
}
@@ -110,7 +125,7 @@ static int cmd_fpga_bitstream_erase(struct cli_def *cli, const char *command, ch
*
* This command could be made to accept an argument indicating the whole memory should be erased.
*/
- if (fpgacfg_erase_sector(0) != 0) {
+ if (fpgacfg_erase_sector(0) != CMSIS_HAL_OK) {
cli_print(cli, "Erasing first sector in FPGA config memory failed");
return CLI_ERROR;
}
@@ -123,6 +138,10 @@ static int cmd_fpga_bitstream_erase(struct cli_def *cli, const char *command, ch
static int cmd_fpga_reset(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
fpgacfg_access_control(ALLOW_FPGA);
fpgacfg_reset_fpga(RESET_FULL);
hal_core_reset_table();
@@ -136,7 +155,11 @@ static int cmd_fpga_show_cores(struct cli_def *cli, const char *command, char *a
hal_core_t *core;
const hal_core_info_t *info;
- if (! fpgacfg_check_done()) {
+ command = command;
+ argv = argv;
+ argc = argc;
+
+ if (fpgacfg_check_done() != CMSIS_HAL_OK) {
cli_print(cli, "FPGA has not loaded a bitstream");
return CLI_OK;
}
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c
index 0104265..b79a5fe 100644
--- a/projects/hsm/mgmt-keystore.c
+++ b/projects/hsm/mgmt-keystore.c
@@ -59,6 +59,8 @@ static int cmd_keystore_set_pin(struct cli_def *cli, const char *command, char *
hal_error_t status;
hal_client_handle_t client = { -1 };
+ command = command;
+
if (argc != 2) {
cli_print(cli, "Wrong number of arguments (%i).", argc);
cli_print(cli, "Syntax: keystore set pin <user|so|wheel> <pin>");
@@ -91,6 +93,8 @@ static int cmd_keystore_clear_pin(struct cli_def *cli, const char *command, char
hal_error_t status;
hal_client_handle_t client = { -1 };
+ command = command;
+
if (argc != 1) {
cli_print(cli, "Wrong number of arguments (%i).", argc);
cli_print(cli, "Syntax: keystore clear pin <user|so|wheel>");
@@ -122,6 +126,8 @@ static int cmd_keystore_set_pin_iterations(struct cli_def *cli, const char *comm
hal_error_t status;
hal_client_handle_t client = { -1 };
+ command = command;
+
if (argc != 1) {
cli_print(cli, "Wrong number of arguments (%i).", argc);
cli_print(cli, "Syntax: keystore set pin iterations <number>");
@@ -145,6 +151,8 @@ static int cmd_keystore_delete_key(struct cli_def *cli, const char *command, cha
hal_error_t status;
hal_uuid_t name;
+ command = command;
+
if (argc != 1) {
cli_print(cli, "Wrong number of arguments (%i).", argc);
cli_print(cli, "Syntax: keystore delete key <name>");
@@ -205,7 +213,7 @@ static int show_keys(struct cli_def *cli, const char *title)
if (!done)
previous_uuid = uuids[sizeof(uuids)/sizeof(*uuids) - 1];
- for (int i = 0; i < n; i++) {
+ for (unsigned i = 0; i < n; i++) {
if ((status = hal_uuid_format(&uuids[i], key_name, sizeof(key_name))) != LIBHAL_OK) {
cli_print(cli, "Could not convert key name, skipping: %s",
@@ -276,6 +284,10 @@ static int show_pin(struct cli_def *cli, char *label, hal_user_t user)
static int cmd_keystore_show_keys(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
int err = 0;
err |= show_keys(cli, "Keystore:");
@@ -291,7 +303,9 @@ static int cmd_keystore_show_keys(struct cli_def *cli, const char *command, char
static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *argv[], int argc)
{
hal_error_t err;
- int status;
+ HAL_StatusTypeDef status;
+
+ command = command;
if (argc != 1 || strcmp(argv[0], "YesIAmSure") != 0) {
cli_print(cli, "Syntax: keystore erase YesIAmSure");
@@ -299,7 +313,7 @@ static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *ar
}
cli_print(cli, "OK, erasing keystore, this will take about 45 seconds...");
- if ((status = keystore_erase_bulk()) != 1) {
+ if ((status = keystore_erase_bulk()) != CMSIS_HAL_OK) {
cli_print(cli, "Failed erasing token keystore: %i", status);
return CLI_ERROR;
}
diff --git a/projects/hsm/mgmt-masterkey.c b/projects/hsm/mgmt-masterkey.c
index 9f5e4d0..765cb10 100644
--- a/projects/hsm/mgmt-masterkey.c
+++ b/projects/hsm/mgmt-masterkey.c
@@ -82,6 +82,10 @@ static int cmd_masterkey_status(struct cli_def *cli, const char *command, char *
{
hal_error_t status;
+ command = command;
+ argv = argv;
+ argc = argc;
+
cli_print(cli, "Status of master key:\n");
status = hal_mkm_volatile_read(NULL, 0);
@@ -107,7 +111,7 @@ static int _masterkey_set(struct cli_def *cli, char *argv[], int argc,
return CLI_ERROR;
}
cli_print(cli, "Random key:\n");
- uart_send_hexdump(STM_UART_MGMT, buf, 0, sizeof(buf) - 1);
+ uart_send_hexdump(buf, 0, sizeof(buf) - 1);
cli_print(cli, "\n");
}
@@ -118,7 +122,7 @@ static int _masterkey_set(struct cli_def *cli, char *argv[], int argc,
}
cli_print(cli, "Parsed key:\n");
- uart_send_hexdump(STM_UART_MGMT, buf, 0, sizeof(buf) - 1);
+ uart_send_hexdump(buf, 0, sizeof(buf) - 1);
cli_print(cli, "\n");
}
@@ -132,6 +136,8 @@ static int _masterkey_set(struct cli_def *cli, char *argv[], int argc,
static int cmd_masterkey_set(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+
return _masterkey_set(cli, argv, argc, "volatile", hal_mkm_volatile_write);
}
@@ -139,6 +145,10 @@ static int cmd_masterkey_erase(struct cli_def *cli, const char *command, char *a
{
hal_error_t err;
+ command = command;
+ argv = argv;
+ argc = argc;
+
if ((err = hal_mkm_volatile_erase(KEK_LENGTH)) == LIBHAL_OK) {
cli_print(cli, "Erased master key from volatile memory");
} else {
@@ -149,6 +159,8 @@ static int cmd_masterkey_erase(struct cli_def *cli, const char *command, char *a
static int cmd_masterkey_unsecure_set(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+
return _masterkey_set(cli, argv, argc, "flash", hal_mkm_flash_write);
}
@@ -156,6 +168,10 @@ static int cmd_masterkey_unsecure_erase(struct cli_def *cli, const char *command
{
hal_error_t err;
+ command = command;
+ argv = argv;
+ argc = argc;
+
if ((err = hal_mkm_flash_erase(KEK_LENGTH)) == LIBHAL_OK) {
cli_print(cli, "Erased unsecure master key from flash");
} else {
diff --git a/projects/hsm/mgmt-misc.c b/projects/hsm/mgmt-misc.c
index 016d7cb..86f1be8 100644
--- a/projects/hsm/mgmt-misc.c
+++ b/projects/hsm/mgmt-misc.c
@@ -60,7 +60,7 @@ int cli_receive_data(struct cli_def *cli, uint8_t *buf, size_t len, cli_data_cal
cli_print(cli, "OK, write size (4 bytes), data in %li byte chunks, CRC-32 (4 bytes)", (uint32_t) n);
- if (uart_receive_bytes(STM_UART_MGMT, (void *) &filesize, sizeof(filesize), 2000) != CMSIS_HAL_OK) {
+ if (uart_receive_bytes((void *) &filesize, sizeof(filesize), 2000) != CMSIS_HAL_OK) {
cli_print(cli, "Receive timed out");
goto fail;
}
@@ -75,7 +75,7 @@ int cli_receive_data(struct cli_def *cli, uint8_t *buf, size_t len, cli_data_cal
if (filesize < n) n = filesize;
- if (uart_receive_bytes(STM_UART_MGMT, (void *) buf, n, 2000) != CMSIS_HAL_OK) {
+ if (uart_receive_bytes((void *) buf, n, 2000) != CMSIS_HAL_OK) {
cli_print(cli, "Receive timed out");
goto fail;
}
@@ -85,18 +85,18 @@ int cli_receive_data(struct cli_def *cli, uint8_t *buf, size_t len, cli_data_cal
/* After reception of a chunk but before ACKing we have "all" the time in the world to
* calculate CRC and invoke the data_callback.
*/
- if (data_callback != NULL && ! data_callback(buf, (size_t) n)) {
+ if (data_callback != NULL && data_callback(buf, n) != CMSIS_HAL_OK) {
cli_print(cli, "Data processing failed");
goto okay;
}
counter++;
- uart_send_bytes(STM_UART_MGMT, (void *) &counter, 4);
+ uart_send_bytes((void *) &counter, 4);
}
my_crc = hal_crc32_finalize(my_crc);
cli_print(cli, "Send CRC-32");
- uart_receive_bytes(STM_UART_MGMT, (void *) &crc, sizeof(crc), 2000);
+ uart_receive_bytes((void *) &crc, sizeof(crc), 2000);
cli_print(cli, "CRC-32 0x%x, calculated CRC 0x%x", (unsigned int) crc, (unsigned int) my_crc);
if (crc == my_crc) {
cli_print(cli, "CRC checksum MATCHED");
@@ -116,6 +116,11 @@ int cli_receive_data(struct cli_def *cli, uint8_t *buf, size_t len, cli_data_cal
#ifdef DO_PROFILING
static int cmd_profile_start(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ cli = cli;
+ command = command;
+ argv = argv;
+ argc = argc;
+
extern uint32_t CRYPTECH_FIRMWARE_START;
extern char __etext; /* end of text/code symbol, defined by linker */
extern void monstartup (size_t lowpc, size_t highpc);
@@ -125,6 +130,11 @@ static int cmd_profile_start(struct cli_def *cli, const char *command, char *arg
static int cmd_profile_stop(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ cli = cli;
+ command = command;
+ argv = argv;
+ argc = argc;
+
extern void _mcleanup(void);
_mcleanup();
return CLI_OK;
@@ -134,6 +144,10 @@ static int cmd_profile_stop(struct cli_def *cli, const char *command, char *argv
static int cmd_reboot(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
cli_print(cli, "\n\n\nRebooting\n\n\n");
HAL_NVIC_SystemReset();
diff --git a/projects/hsm/mgmt-misc.h b/projects/hsm/mgmt-misc.h
index 862ca0c..ef63a9e 100644
--- a/projects/hsm/mgmt-misc.h
+++ b/projects/hsm/mgmt-misc.h
@@ -37,7 +37,8 @@
#include <libcli.h>
-typedef int (*cli_data_callback)(uint8_t *, size_t);
+/* Write a chunk of received data to flash. */
+typedef HAL_StatusTypeDef (*cli_data_callback)(uint8_t *, size_t);
extern int cli_receive_data(struct cli_def *cli, uint8_t *buf, size_t len, cli_data_callback data_callback);
diff --git a/projects/hsm/mgmt-task.c b/projects/hsm/mgmt-task.c
index 4668585..c2a3d3f 100644
--- a/projects/hsm/mgmt-task.c
+++ b/projects/hsm/mgmt-task.c
@@ -52,6 +52,10 @@ extern size_t request_queue_max(void);
static int cmd_task_show(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
cli_print(cli, "name state stack high water");
cli_print(cli, "-------- -------- ----------------");
@@ -76,6 +80,10 @@ static int cmd_task_show(struct cli_def *cli, const char *command, char *argv[],
#ifdef DO_TASK_METRICS
static int cmd_task_show_metrics(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ command = command;
+ argv = argv;
+ argc = argc;
+
struct task_metrics tm;
task_get_metrics(&tm);
@@ -88,6 +96,11 @@ static int cmd_task_show_metrics(struct cli_def *cli, const char *command, char
static int cmd_task_reset_metrics(struct cli_def *cli, const char *command, char *argv[], int argc)
{
+ cli = cli;
+ command = command;
+ argv = argv;
+ argc = argc;
+
task_reset_metrics();
return CLI_OK;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 12:33:28 +0000