[FiSim] Unsigned owner upgrade test

Perform an instruction skip GDB test on getting an unsigned owner
configuration block accepted in ROM_EXT.

Signed-off-by: Siemen Dhooghe <[email protected]>

Author: siemen11

sw/device/silicon_creator/lib/ownership/test_owner.c

@@ -37,7 +37,9 @@
 #define TEST_OWNER_CONFIG_VERSION 1
 
 #ifndef TEST_OWNER_UPDATE_MODE
-#define TEST_OWNER_UPDATE_MODE kOwnershipUpdateModeOpen
+// #define TEST_OWNER_UPDATE_MODE kOwnershipUpdateModeOpen
+// #define TEST_OWNER_UPDATE_MODE kOwnershipUpdateModeNewVersion
+#define TEST_OWNER_UPDATE_MODE kOwnershipUpdateModeSelfVersion
 #endif
 
 #if defined(TEST_OWNER_KEY_ALG_HYBRID_SPX_PURE) || \

sw/device/tests/penetrationtests/BUILD

@@ -2,7 +2,7 @@
 # Licensed under the Apache License, Version 2.0, see LICENSE for details.
 # SPDX-License-Identifier: Apache-2.0
 
-load(":pentest.bzl", "pentest_cryptolib_fi_asym", "pentest_cryptolib_fi_gdb_asym", "pentest_cryptolib_fi_gdb_sym", "pentest_cryptolib_fi_sym", "pentest_cryptolib_sca_asym", "pentest_cryptolib_sca_sym", "pentest_fi", "pentest_fi_ibex", "pentest_fi_otbn", "pentest_sca")
+load(":pentest.bzl", "pentest_cryptolib_fi_asym", "pentest_cryptolib_fi_gdb_asym", "pentest_cryptolib_fi_gdb_sym", "pentest_cryptolib_fi_sym", "pentest_cryptolib_sca_asym", "pentest_cryptolib_sca_sym", "pentest_fi", "pentest_fi_ibex", "pentest_fi_otbn", "pentest_owner_upgrade_fi_gdb", "pentest_sca")
 load("@ot_python_deps//:requirements.bzl", "requirement")
 
 package(default_visibility = ["//visibility:public"])
@@ -473,3 +473,14 @@ pentest_fi(
     test_harness = "//sw/host/penetrationtests/python/fi:fi_rng_python_test",
     test_vectors = [],
 )
+
+pentest_owner_upgrade_fi_gdb(
+    name = "fi_owner_upgrade_python_gdb_test",
+    tags = [
+        "manual",
+        "skip_in_ci",
+    ],
+    test_args = "",
+    test_harness = "//sw/host/penetrationtests/python/fi:fi_owner_upgrade_python_gdb_test",
+    test_vectors = [],
+)

sw/device/tests/penetrationtests/firmware/testdata/BUILD

@@ -0,0 +1,196 @@
+# Copyright lowRISC contributors (OpenTitan project).
+# Licensed under the Apache License, Version 2.0, see LICENSE for details.
+# SPDX-License-Identifier: Apache-2.0
+
+package(default_visibility = ["//visibility:public"])
+
+load("@//rules:signing.bzl", "offline_presigning_artifacts", "offline_signature_attach")
+load("//rules:const.bzl", "CONST", "hex")
+load("//rules:manifest.bzl", "manifest")
+load(
+    "//rules/opentitan:defs.bzl",
+    "opentitan_binary",
+    "opentitan_test",
+    "silicon_params",
+)
+load(
+    "//rules:otp.bzl",
+    "STD_OTP_OVERLAYS",
+    "otp_hex",
+    "otp_image",
+    "otp_json",
+    "otp_partition",
+)
+
+# Building a wrongly signed BL0 binary for testing the secure boot
+opentitan_binary(
+    name = "bl0_firmware",
+    testonly = True,
+    # This can be any other source of the pentest framework
+    srcs = ["//sw/device/tests/penetrationtests/firmware:firmware_cryptolib_fi_sym.c"],
+    exec_env = {
+        "//hw/top_earlgrey:fpga_cw340_rom_ext": None,
+    },
+    deps = [
+        "//sw/device/tests/penetrationtests/firmware/sca:trigger_sca",
+        "//sw/device/tests/penetrationtests/firmware/fi:cryptolib_fi_sym",
+        "//sw/device/tests/penetrationtests/firmware/lib:extclk_sca_fi",
+        "//sw/device/tests/penetrationtests/firmware/lib:pentest_lib",
+        "//sw/device/lib/base:csr",
+        "//sw/device/lib/base:status",
+        "//sw/device/lib/crypto/drivers:entropy",
+        "//sw/device/lib/testing/test_framework:check",
+        "//sw/device/lib/testing/test_framework:ottf_main",
+        "//sw/device/lib/testing/test_framework:ujson_ottf",
+        "//sw/device/lib/ujson",
+
+        # Include all JSON commands.
+        "//sw/device/tests/penetrationtests/json:commands",
+    ],
+)
+
+offline_presigning_artifacts(
+    name = "non_signed_firmware",
+    testonly = True,
+    srcs = [":bl0_firmware"],
+    ecdsa_key = {"//sw/device/silicon_creator/lib/ownership/keys/fake:app_prod_ecdsa": "prod_key_0"},
+    manifest = "//sw/device/silicon_owner:manifest",
+    spx_key = {},
+    tags = ["manual"],
+)
+
+offline_signature_attach(
+    name = "wrong_signed_firmware",
+    testonly = True,
+    srcs = [":non_signed_firmware"],
+    # We provide a wrong signature
+    ecdsa_signatures = ["bl0_firmware_fpga_cw340_rom_ext.ecdsa_sig"],
+    spx_signatures = [],
+    tags = ["manual"],
+)
+
+# For when building specialized manifests for security testing.
+manifest(d = {
+    "name": "rom_ext_rollback_manifest",
+    "identifier": hex(CONST.OWNER),
+    "security_version": "0",
+    "visibility": ["//visibility:public"],
+})
+
+otp_json(
+    name = "otp_json_rom_ext_fi",
+    partitions = [
+        otp_partition(
+            name = "CREATOR_SW_CFG",
+            items = {
+                "CREATOR_SW_CFG_RMA_SPIN_EN": otp_hex(CONST.HARDENED_TRUE),
+                # Number of Ibex cycles to spin: we set this to the highest value
+                "CREATOR_SW_CFG_RMA_SPIN_CYCLES": "0xffffffff",
+                # Enable SPX+ signature verification.
+                # TODO: ROM_EXT is not signed with this yet
+                # "CREATOR_SW_CFG_SIGVERIFY_SPX_EN": otp_hex(0x0),
+                # Turn off the ROM_EXT_IMM
+                "CREATOR_SW_CFG_IMMUTABLE_ROM_EXT_EN": otp_hex(0x0),
+                # We disable randomness since that messes with GDB
+                "CREATOR_SW_CFG_RNG_EN": otp_hex(0x0),
+            },
+        ),
+        otp_partition(
+            name = "SECRET2",
+            items = {
+                # We set reproducible bitstreams for the tests
+                "RMA_TOKEN": "0000000000000005",
+                "CREATOR_ROOT_KEY_SHARE0": "1111111111111111111111111111111111111111111111111111111111111111",
+                "CREATOR_ROOT_KEY_SHARE1": "2222222222222222222222222222222222222222222222222222222222222222",
+            },
+            lock = True,
+        ),
+    ],
+    visibility = ["//visibility:private"],
+)
+
+otp_image(
+    name = "otp_img_rom_ext_fi",
+    src = "//hw/ip/otp_ctrl/data:otp_json_rma",
+    overlays = STD_OTP_OVERLAYS + [
+        ":otp_json_rom_ext_fi",
+    ],
+)
+
+otp_json(
+    name = "otp_json_rom_rollback_fi",
+    partitions = [
+        otp_partition(
+            name = "CREATOR_SW_CFG",
+            items = {
+                "CREATOR_SW_CFG_RMA_SPIN_EN": otp_hex(CONST.HARDENED_TRUE),
+                # Number of Ibex cycles to spin: we set this to the highest value
+                "CREATOR_SW_CFG_RMA_SPIN_CYCLES": "0xffffffff",
+                # We set the version to a higher number to check rollback protection
+                "CREATOR_SW_CFG_MIN_SEC_VER_ROM_EXT": "0x1",
+                # Enable SPX+ signature verification.
+                # TODO: ROM_EXT is not signed with this yet
+                # "CREATOR_SW_CFG_SIGVERIFY_SPX_EN": otp_hex(0x0),
+            },
+        ),
+        otp_partition(
+            name = "SECRET2",
+            items = {
+                # We set reproducible bitstreams for the tests
+                "RMA_TOKEN": "0000000000000005",
+                "CREATOR_ROOT_KEY_SHARE0": "1111111111111111111111111111111111111111111111111111111111111111",
+                "CREATOR_ROOT_KEY_SHARE1": "2222222222222222222222222222222222222222222222222222222222222222",
+            },
+            lock = True,
+        ),
+    ],
+    visibility = ["//visibility:private"],
+)
+
+otp_image(
+    name = "otp_img_rom_rollback_fi",
+    src = "//hw/ip/otp_ctrl/data:otp_json_rma",
+    overlays = STD_OTP_OVERLAYS + [
+        ":otp_json_rom_rollback_fi",
+    ],
+)
+
+otp_json(
+    name = "otp_json_rom_ext_rollback_fi",
+    partitions = [
+        otp_partition(
+            name = "CREATOR_SW_CFG",
+            items = {
+                "CREATOR_SW_CFG_RMA_SPIN_EN": otp_hex(CONST.HARDENED_TRUE),
+                # Number of Ibex cycles to spin: we set this to the highest value
+                "CREATOR_SW_CFG_RMA_SPIN_CYCLES": "0xffffffff",
+                # We set the version to a higher number to check rollback protection
+                "CREATOR_SW_CFG_MIN_SEC_VER_BL0": "0x2",
+                # Enable SPX+ signature verification.
+                # TODO: ROM_EXT is not signed with this yet
+                # "CREATOR_SW_CFG_SIGVERIFY_SPX_EN": otp_hex(0x0),
+            },
+        ),
+        otp_partition(
+            name = "SECRET2",
+            items = {
+                # We set reproducible bitstreams for the tests
+                "RMA_TOKEN": "0000000000000005",
+                "CREATOR_ROOT_KEY_SHARE0": "1111111111111111111111111111111111111111111111111111111111111111",
+                "CREATOR_ROOT_KEY_SHARE1": "2222222222222222222222222222222222222222222222222222222222222222",
+            },
+            lock = True,
+        ),
+    ],
+    visibility = ["//visibility:private"],
+)
+
+otp_image(
+    name = "otp_img_rom_ext_rollback_fi",
+    src = "//hw/ip/otp_ctrl/data:otp_json_rma",
+    overlays = STD_OTP_OVERLAYS + [
+        ":otp_json_rom_ext_rollback_fi",
+    ],
+)
+
+exports_files(["bl0_owner_upgrade.c"])

sw/device/tests/penetrationtests/firmware/testdata/bl0_owner_upgrade.c

@@ -0,0 +1,38 @@
+// Copyright lowRISC contributors (OpenTitan project).
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+
+#include "sw/device/lib/base/bitfield.h"
+#include "sw/device/lib/base/status.h"
+#include "sw/device/lib/runtime/log.h"
+#include "sw/device/lib/testing/test_framework/check.h"
+#include "sw/device/lib/testing/test_framework/ottf_main.h"
+#include "sw/device/silicon_creator/lib/drivers/flash_ctrl.h"
+#include "sw/device/silicon_creator/lib/drivers/retention_sram.h"
+#include "sw/device/silicon_creator/lib/drivers/rstmgr.h"
+#include "sw/device/silicon_creator/lib/ownership/owner_block.h"
+
+OTTF_DEFINE_TEST_CONFIG();
+
+bool test_main(void) {
+  // read the active owner block page 0 from flash
+  owner_block_t block;
+  CHECK(flash_ctrl_info_read(&kFlashCtrlInfoPageOwnerSlot0, 0,
+                             sizeof(block) / sizeof(uint32_t),
+                             &block) == kErrorOk);
+  LOG_INFO("owner_page_0: %d", block.config_version);
+
+  // modify it (unsigned)
+  block.config_version = 5;
+
+  // write the upgrade request to page 1
+  CHECK(flash_ctrl_info_erase(&kFlashCtrlInfoPageOwnerSlot1,
+                              kFlashCtrlEraseTypePage) == kErrorOk);
+  CHECK(flash_ctrl_info_write(&kFlashCtrlInfoPageOwnerSlot1, 0,
+                              sizeof(block) / sizeof(uint32_t),
+                              &block) == kErrorOk);
+  LOG_INFO("owner_page_1 erased and written");
+  while (1) {
+  }
+  return true;
+}

sw/device/tests/penetrationtests/pentest.bzl

@@ -704,3 +704,44 @@ def pentest_cryptolib_sca_asym(name, test_vectors, test_args, test_harness, tags
         ),
         deps = FIRMWARE_DEPS_CRYPTOLIB_SCA_ASYM,
     )
+
+def pentest_owner_upgrade_fi_gdb(name, test_vectors, test_args, test_harness, tags):
+    """A macro for defining a CryptoTest test case.
+
+    Args:
+        name: the name of the test.
+        test_vectors: the test vectors to use.
+        test_args: additional arguments to pass to the test.
+        test_harness: the test harness to use.
+        tags: indicate the tags for CI.
+    """
+    opentitan_test(
+        name = name,
+        exec_env = {
+            "//hw/top_earlgrey:fpga_cw340_rom_ext": None,
+        },
+        srcs = ["//sw/device/tests/penetrationtests/firmware/testdata:bl0_owner_upgrade.c"],
+        fpga = fpga_params(
+            timeout = "eternal",
+            # We set an OTP with the RMA lifecycle, ensure ROM_EXT can still boot
+            otp = "//sw/device/tests/penetrationtests/firmware/testdata:otp_img_rom_ext_fi",
+            changes_otp = True,  # i.e. changes owner
+            data = test_vectors,
+            tags = tags,
+            test_cmd = """
+                --bootstrap={firmware} --rom_ext={rom_ext} --rom={rom}
+            """ + test_args,
+            test_harness = test_harness,
+        ),
+        deps = [
+            "//sw/device/lib/base:bitfield",
+            "//sw/device/lib/base:status",
+            "//sw/device/lib/runtime:log",
+            "//sw/device/lib/testing/test_framework:check",
+            "//sw/device/lib/testing/test_framework:ottf_main",
+            "//sw/device/silicon_creator/lib/drivers:flash_ctrl",
+            "//sw/device/silicon_creator/lib/drivers:retention_sram",
+            "//sw/device/silicon_creator/lib/drivers:rstmgr",
+            "//sw/device/silicon_creator/lib/ownership:owner_block",
+        ],
+    )

sw/host/penetrationtests/python/fi/BUILD

@@ -212,6 +212,25 @@ py_binary(
     ],
 )
 
+py_binary(
+    name = "fi_owner_upgrade_python_gdb_test",
+    testonly = True,
+    srcs = ["gdb_testing/fi_owner_upgrade_python_gdb_test.py"],
+    data = [
+        "//sw/host/opentitantool",
+        "//third_party/openocd:jtag_cmsis_dap_adapter_cfg",
+        "//third_party/openocd:openocd_bin",
+        "//util/openocd/target:lowrisc-earlgrey.cfg",
+        "@lowrisc_rv32imcb_toolchain//:bin/riscv32-unknown-elf-gdb",
+    ],
+    deps = [
+        "//sw/host/penetrationtests/python/util:dis_parser",
+        "//sw/host/penetrationtests/python/util:gdb_controller",
+        "//sw/host/penetrationtests/python/util:targets",
+        "@rules_python//python/runfiles",
+    ],
+)
+
 py_library(
     name = "fi_ibex_functions",
     srcs = ["host_scripts/fi_ibex_functions.py"],