Merge pull request #275 from danielinux/wcsm

Support for wolfcrypt in secure-mode from TrustZone-M secure domain
wolfSSL · Sep 21, 2023 · 2ced878 · 2ced878
2 parents cd1c502 + 20dbba9
commit 2ced878
Show file tree

Hide file tree

Showing 49 changed files with 4,286 additions and 1,404 deletions.
diff --git a/.gdbinit b/.gdbinit
@@ -1,4 +1,6 @@
 tar rem:3333
 file wolfboot.elf
+add-symbol-file test-app/image.elf
 foc c
 
+
diff --git a/.github/workflows/test-build.yml b/.github/workflows/test-build.yml
@@ -40,7 +40,7 @@ jobs:
 
       - name: Select config
         run: |
-          cp ${{inputs.config-file}} .config && make include/target.h
+          cp ${{inputs.config-file}} .config
 
       - name: Build tools
         run: |

diff --git a/.gitmodules b/.gitmodules
@@ -4,3 +4,6 @@
 [submodule "lib/wolfTPM"]
 	path = lib/wolfTPM
 	url = https://github.com/wolfssl/wolfTPM
+[submodule "lib/wolfPKCS11"]
+	path = lib/wolfPKCS11
+	url = https://github.com/wolfSSL/wolfPKCS11.git
diff --git a/Makefile b/Makefile
@@ -14,6 +14,7 @@ CFLAGS+=-Werror -Wextra -Wno-array-bounds
 LSCRIPT:=config/target.ld
 LSCRIPT_FLAGS:=
 LDFLAGS:=
+SECURE_LDFLAGS:=
 LD_START_GROUP:=-Wl,--start-group
 LD_END_GROUP:=-Wl,--end-group
 LSCRIPT_IN:=hal/$(TARGET).ld
@@ -37,6 +38,7 @@ else
 endif
 
 WOLFCRYPT_OBJS:=
+SECURE_OBJS:=
 PUBLIC_KEY_OBJS:=
 ifneq ("$(NO_LOADER)","1")
   OBJS+=./src/loader.o
@@ -50,10 +52,10 @@ include options.mk
 
 OBJS+=$(WOLFCRYPT_OBJS)
 OBJS+=$(PUBLIC_KEY_OBJS)
-OBJS+=$(UPDATE_OBJS)
 
 CFLAGS+= \
   -I"." -I"include/" -I"lib/wolfssl" \
+  -Wno-array-bounds \
   -D"WOLFSSL_USER_SETTINGS" \
   -D"WOLFTPM_USER_SETTINGS" \
   -D"PLATFORM_$(TARGET)"
@@ -137,6 +139,7 @@ wolfboot.bin: wolfboot.elf
 	$(Q)$(SIZE) wolfboot.elf
 	@echo
 
+
 test-app/image.bin: wolfboot.elf
 	$(Q)$(MAKE) -C test-app WOLFBOOT_ROOT="$(WOLFBOOT_ROOT)"
 	$(Q)$(SIZE) test-app/image.elf
@@ -211,19 +214,19 @@ wolfboot.elf: include/target.h $(LSCRIPT) $(OBJS) $(LIBS) $(BINASSEMBLE) FORCE
 	$(Q)(test $(SIGN) = NONE) || (grep -q $(SIGN_ALG) src/keystore.c) || \
 		(echo "Key mismatch: please run 'make distclean' to remove all keys if you want to change algorithm" && false)
 	@echo "\t[LD] $@"
-	@echo $(OBJS) $(LIBS)
-	$(Q)$(LD) $(LDFLAGS) $(LSCRIPT_FLAGS) $(LD_START_GROUP) $(OBJS) $(LIBS) $(LD_END_GROUP) -o $@
+	@echo $(OBJS)
+	$(Q)$(LD) $(LDFLAGS) $(LSCRIPT_FLAGS) $(SECURE_LDFLAGS) $(LD_START_GROUP) $(OBJS) $(LIBS) $(LD_END_GROUP) -o $@
 
 $(LSCRIPT): $(LSCRIPT_IN) FORCE
-	@(test $(LSCRIPT_IN) != NONE) || (echo "Error: no linker script" \
+	$(Q)(test $(LSCRIPT_IN) != NONE) || (echo "Error: no linker script" \
 		"configuration found. If you selected Encryption and RAM_CODE, then maybe" \
 		"the encryption algorithm is not yet supported with bootloader updates." \
 		&& false)
-	@(test -r $(LSCRIPT_IN)) || (echo "Error: no RAM/ChaCha linker script found." \
+	$(Q)(test -r $(LSCRIPT_IN)) || (echo "Error: no RAM/ChaCha linker script found." \
 		"If you selected Encryption and RAM_CODE, ensure that you have a" \
 		"custom linker script (i.e. $(TARGET)_chacha_ram.ld). Please read " \
 		"docs/encrypted_partitions.md for more information" && false)
-	@cat $(LSCRIPT_IN) | \
+	$(Q)cat $(LSCRIPT_IN) | \
 		sed -e "s/@ARCH_FLASH_OFFSET@/$(ARCH_FLASH_OFFSET)/g" | \
 		sed -e "s/@BOOTLOADER_PARTITION_SIZE@/$(BOOTLOADER_PARTITION_SIZE)/g" | \
 		sed -e "s/@WOLFBOOT_ORIGIN@/$(WOLFBOOT_ORIGIN)/g" | \

diff --git a/arch.mk b/arch.mk
@@ -136,6 +136,7 @@ ifeq ($(ARCH),ARM)
     endif
   endif
 
+
   ifeq ($(TARGET),stm32l5)
     CORTEX_M33=1
     CFLAGS+=-Ihal
@@ -145,6 +146,9 @@ ifeq ($(ARCH),ARM)
     else
       WOLFBOOT_ORIGIN=0x08000000
     endif
+    ifneq ($(TZEN),1)
+      LSCRIPT_IN=hal/$(TARGET)-ns.ld
+    endif
   endif
 
   ifeq ($(TARGET),stm32u5)
@@ -160,12 +164,20 @@ ifeq ($(ARCH),ARM)
   endif
 
   ## Cortex-M CPU
-  ifeq ($(CORTEX_M33),1)
-    CFLAGS+=-mcpu=cortex-m33 -DCORTEX_M33
-    LDFLAGS+=-mcpu=cortex-m33
-    ifeq ($(TZEN),1)
-      CFLAGS += -mcmse
+ifeq ($(CORTEX_M33),1)
+  CFLAGS+=-mcpu=cortex-m33 -DCORTEX_M33
+  LDFLAGS+=-mcpu=cortex-m33
+  ifeq ($(TZEN),1)
+    OBJS+=hal/stm32_tz.o
+    CFLAGS+=-mcmse
+    ifeq ($(WOLFCRYPT_TZ),1)
+      SECURE_OBJS+=./src/wc_callable.o
+      SECURE_OBJS+=./lib/wolfssl/wolfcrypt/src/random.o
+      CFLAGS+=-DWOLFCRYPT_SECURE_MODE
+      SECURE_LDFLAGS+=-Wl,--cmse-implib -Wl,--out-implib=./src/wc_secure_calls.o
     endif
+  endif # TZEN=1
+  ifeq ($(NO_ASM),1)
     ifeq ($(SPMATH),1)
       ifeq ($(NO_ASM),1)
         MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
@@ -175,6 +187,12 @@ ifeq ($(ARCH),ARM)
       endif
     endif
   else
+    ifeq ($(SPMATH),1)
+      CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_CORTEX_M_ASM
+      MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_cortexm.o
+    endif
+  endif
+else
   ifeq ($(CORTEX_M7),1)
     CFLAGS+=-mcpu=cortex-m7
     LDFLAGS+=-mcpu=cortex-m7
@@ -187,51 +205,52 @@ ifeq ($(ARCH),ARM)
       endif
     endif
   else
-  ifeq ($(CORTEX_M0),1)
-    CFLAGS+=-mcpu=cortex-m0
-    LDFLAGS+=-mcpu=cortex-m0
-    ifeq ($(SPMATH),1)
-      ifeq ($(NO_ASM),1)
-        MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
-      else
-        CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_THUMB_ASM
-        MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_armthumb.o
-      endif
-    endif
-  else
-  ifeq ($(CORTEX_M3),1)
-    CFLAGS+=-mcpu=cortex-m3
-    LDFLAGS+=-mcpu=cortex-m3
-    ifeq ($(NO_ASM),1)
+    ifeq ($(CORTEX_M0),1)
+      CFLAGS+=-mcpu=cortex-m0
+      LDFLAGS+=-mcpu=cortex-m0
       ifeq ($(SPMATH),1)
-        MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
+        ifeq ($(NO_ASM),1)
+          MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
+        else
+          CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_THUMB_ASM
+          MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_armthumb.o
+        endif
       endif
     else
-      ifeq ($(SPMATH),1)
-        CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_CORTEX_M_ASM -DWOLFSSL_SP_NO_UMAAL
-        MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_cortexm.o
-      endif
-    endif
-  else
-    # default Cortex M4
-    CFLAGS+=-mcpu=cortex-m4
-    LDFLAGS+=-mcpu=cortex-m4
-    ifeq ($(NO_ASM),1)
-      ifeq ($(SPMATH),1)
-        MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
-      endif
+      ifeq ($(CORTEX_M3),1)
+
+        CFLAGS+=-mcpu=cortex-m3
+        LDFLAGS+=-mcpu=cortex-m3
+        ifeq ($(NO_ASM),1)
+          ifeq ($(SPMATH),1)
+            MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
+          endif
+        else
+          ifeq ($(SPMATH),1)
+            CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_CORTEX_M_ASM -DWOLFSSL_SP_NO_UMAAL
+            MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_cortexm.o
+          endif
+        endif
     else
-      CFLAGS+=-fomit-frame-pointer # required with debug builds only
-      ifeq ($(SPMATH),1)
-        CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_CORTEX_M_ASM
-        MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_cortexm.o
+      # default Cortex M4
+      CFLAGS+=-mcpu=cortex-m4
+      LDFLAGS+=-mcpu=cortex-m4
+      ifeq ($(NO_ASM),1)
+        ifeq ($(SPMATH),1)
+          MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_c32.o
+        endif
+      else
+        CFLAGS+=-fomit-frame-pointer # required with debug builds only
+        ifeq ($(SPMATH),1)
+          CFLAGS+=-DWOLFSSL_SP_ASM -DWOLFSSL_SP_ARM_CORTEX_M_ASM
+          MATH_OBJS += ./lib/wolfssl/wolfcrypt/src/sp_cortexm.o
+        endif
       endif
     endif
   endif
 endif
 endif
 endif
-endif
 
 ifeq ($(TZEN),1)
   CFLAGS+=-DTZEN
@@ -712,7 +731,7 @@ ifeq ($(DUALBANK_SWAP),1)
   UPDATE_OBJS:=src/update_flash_hwswap.o
 endif
 
-ifeq ("$(UPDATE_OBJS)","")
+ifeq ($(UPDATE_OBJS),)
   UPDATE_OBJS:=./src/update_flash.o
 endif
 

diff --git a/config/examples/stm32l5-nonsecure-dualbank.config b/config/examples/stm32l5-nonsecure-dualbank.config
@@ -3,7 +3,7 @@ TZEN?=0
 TARGET?=stm32l5
 SIGN?=ECC256
 HASH?=SHA256
-DEBUG?=1
+DEBUG?=0
 VTOR?=1
 CORTEX_M0?=0
 CORTEX_M33?=1
@@ -18,8 +18,8 @@ V?=0
 SPMATH?=1
 RAM_CODE?=0
 DUALBANK_SWAP?=1
-WOLFBOOT_PARTITION_SIZE?=0x36000
-WOLFBOOT_SECTOR_SIZE?=0x800
-WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x0800a000
-WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x0804a000
+WOLFBOOT_PARTITION_SIZE?=0x30000
+WOLFBOOT_SECTOR_SIZE?=0x2000
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08010000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x08110000
 WOLFBOOT_PARTITION_SWAP_ADDRESS?=0xFFFFFFFF
diff --git a/config/examples/stm32l5-wolfcrypt-tz.config b/config/examples/stm32l5-wolfcrypt-tz.config
@@ -0,0 +1,29 @@
+ARCH?=ARM
+TZEN?=1
+TARGET?=stm32l5
+SIGN?=ECC256
+HASH?=SHA256
+DEBUG?=0
+VTOR?=1
+CORTEX_M0?=0
+CORTEX_M33?=1
+NO_ASM?=0
+NO_MPU=1
+EXT_FLASH?=0
+SPI_FLASH?=0
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=1
+WOLFBOOT_VERSION?=1
+V?=0
+SPMATH?=1
+RAM_CODE?=0
+DUALBANK_SWAP?=0
+WOLFBOOT_PARTITION_SIZE?=0x1F800
+WOLFBOOT_SECTOR_SIZE?=0x800
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08040000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x805F800
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x0807F000
+FLAGS_HOME=0
+DISABLE_BACKUP=0
+WOLFCRYPT_TZ=1
+WOLFCRYPT_TZ_PKCS11=1
diff --git a/config/examples/stm32u5-nonsecure-dualbank.config b/config/examples/stm32u5-nonsecure-dualbank.config
@@ -18,8 +18,8 @@ V?=0
 SPMATH?=1
 RAM_CODE?=0
 DUALBANK_SWAP?=1
-WOLFBOOT_PARTITION_SIZE?=0x36000
+WOLFBOOT_PARTITION_SIZE?=0x30000
 WOLFBOOT_SECTOR_SIZE?=0x2000
-WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x0800a000
-WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x0810a000
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08010000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x08110000
 WOLFBOOT_PARTITION_SWAP_ADDRESS?=0xFFFFFFFF