[rom_ext] Update INFO page lockdown for earlgrey_a1

cfrantz · pamaury · commit 8d524f6c672c · 2025-07-18T20:09:42.000+02:00
The INFO page layout has changed between the ES and PROD chips.  Update
the lockdown and ownership functions relating to INFO configuration.
Update the `flash_permission_test` to verify the configuration.

Signed-off-by: Chris Frantz &lt;cfrantz@google.com&gt;
diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl.c b/sw/device/silicon_creator/lib/drivers/flash_ctrl.c
@@ -760,6 +760,7 @@ static const flash_ctrl_info_page_t *kInfoPagesNoOwnerAccess[] = {
     // Bank 1
     &kFlashCtrlInfoPageBootData0,
     &kFlashCtrlInfoPageBootData1,
+    &kFlashCtrlInfoPageCreatorReserved0,
 };
 
 enum {
@@ -805,6 +806,7 @@ void flash_ctrl_cert_info_page_creator_cfg(
 void flash_ctrl_cert_info_page_owner_restrict(
     const flash_ctrl_info_page_t *info_page) {
   SEC_MMIO_ASSERT_WRITE_INCREMENT(kFlashCtrlSecMmioCertInfoPageOwnerRestrict,
-                                  1);
+                                  2);
   flash_ctrl_info_perms_set(info_page, kCertificateInfoPageOwnerAccess);
+  sec_mmio_write32(flash_ctrl_core_base() + info_page->cfg_wen_offset, 0);
 }
diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl.h b/sw/device/silicon_creator/lib/drivers/flash_ctrl.h
@@ -166,9 +166,9 @@ FLASH_CTRL_INFO_PAGES_DEFINE(INFO_PAGE_STRUCT_DECL_);
  */
 enum {
   kFlashCtrlSecMmioCertInfoPageCreatorCfg = 2,
-  kFlashCtrlSecMmioCertInfoPageOwnerRestrict = 1,
+  kFlashCtrlSecMmioCertInfoPageOwnerRestrict = 2,
   kFlashCtrlSecMmioCertInfoPagesOwnerRestrict = 5,
-  kFlashCtrlSecMmioCreatorInfoPagesLockdown = 12,
+  kFlashCtrlSecMmioCreatorInfoPagesLockdown = 14,
   kFlashCtrlSecMmioDataDefaultCfgSet = 1,
   kFlashCtrlSecMmioDataDefaultPermsSet = 1,
   kFlashCtrlSecMmioExecSet = 1,
diff --git a/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc b/sw/device/silicon_creator/lib/drivers/flash_ctrl_unittest.cc
@@ -682,10 +682,11 @@ INSTANTIATE_TEST_SUITE_P(AllCases, FlashCtrlCfgSetTest,
                              }));
 
 TEST_F(FlashCtrlTest, CreatorInfoLockdown) {
-  std::array<const flash_ctrl_info_page_t *, 6> no_owner_access = {
-      &kFlashCtrlInfoPageFactoryId,   &kFlashCtrlInfoPageCreatorSecret,
-      &kFlashCtrlInfoPageOwnerSecret, &kFlashCtrlInfoPageWaferAuthSecret,
-      &kFlashCtrlInfoPageBootData0,   &kFlashCtrlInfoPageBootData1,
+  std::array<const flash_ctrl_info_page_t *, 7> no_owner_access = {
+      &kFlashCtrlInfoPageFactoryId,        &kFlashCtrlInfoPageCreatorSecret,
+      &kFlashCtrlInfoPageOwnerSecret,      &kFlashCtrlInfoPageWaferAuthSecret,
+      &kFlashCtrlInfoPageBootData0,        &kFlashCtrlInfoPageBootData1,
+      &kFlashCtrlInfoPageCreatorReserved0,
   };
   for (auto page : no_owner_access) {
     auto info_page = InfoPages().at(page);
@@ -737,6 +738,7 @@ TEST_F(FlashCtrlTest, CertInfoOwnerRestrict) {
     auto info_page = InfoPages().at(page);
     EXPECT_SEC_READ32(base_ + info_page.cfg_offset, 0x9666666);
     EXPECT_SEC_WRITE32(base_ + info_page.cfg_offset, 0x9669966);
+    EXPECT_SEC_WRITE32(base_ + info_page.cfg_wen_offset, 0);
   }
 
   flash_ctrl_cert_info_page_owner_restrict(
diff --git a/sw/device/silicon_creator/lib/ownership/owner_block.c b/sw/device/silicon_creator/lib/ownership/owner_block.c
@@ -251,12 +251,10 @@ rom_error_t owner_block_flash_apply(const owner_flash_config_t *flash,
 }
 
 static inline hardened_bool_t is_owner_page(const owner_info_page_t *config) {
-  if (config->bank == 0) {
-    if (config->page >= 6 && config->page <= 9) {
-      // Currently, bank0, pages 6-9 (inclusive) are the pages reserved
-      // for the owner's use.
-      return kHardenedBoolTrue;
-    }
+  // On earlgrey_a1, in banks 0 and 1, pages 5-8 (inclusive) are reserved
+  // for the owner.
+  if (config->page >= 5 && config->page <= 8) {
+    return kHardenedBoolTrue;
   }
   return kHardenedBoolFalse;
 }
diff --git a/sw/device/silicon_creator/lib/ownership/owner_block_unittest.cc b/sw/device/silicon_creator/lib/ownership/owner_block_unittest.cc
@@ -219,7 +219,7 @@ const owner_flash_info_config_t info_config = {
             {
                 // Disallowed page
                 .bank = 0,
-                .page = 5,
+                .page = 9,
                 .access = FLASH_ACCESS(
                     /*index=*/1,
                     /*read=*/true,
diff --git a/sw/host/tests/ownership/flash_permission_test.rs b/sw/host/tests/ownership/flash_permission_test.rs
@@ -105,6 +105,49 @@ impl FlashRegion<'_> {
     }
 }
 
+fn flash_info_check(info: &[FlashRegion<'_>], unlocked: bool) -> Result<()> {
+    // Flash info regions when no OwnerReserved pages are configured:
+    let config = [
+        FlashRegion("info", 0, 0, 0, "uu-uu-uu-uu-uu-uu", "LK"), // factory ID
+        FlashRegion("info", 0, 0, 1, "uu-uu-uu-uu-uu-uu", "LK"), // creator secret
+        FlashRegion("info", 0, 0, 2, "uu-uu-uu-uu-uu-uu", "LK"), // owner secret
+        FlashRegion("info", 0, 0, 3, "uu-uu-uu-uu-uu-uu", "LK"), // wafer auth secret
+        FlashRegion("info", 0, 0, 4, "RD-xx-xx-SC-EC-xx", "LK"), // attestation key seeds
+        FlashRegion("info", 0, 0, 5, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 0, 0, 6, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 0, 0, 7, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 0, 0, 8, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 0, 0, 9, "RD-xx-xx-SC-EC-xx", "LK"), // factory certs
+        FlashRegion("info", 1, 0, 0, "uu-uu-uu-uu-uu-uu", "LK"), // boot data 0
+        FlashRegion("info", 1, 0, 1, "uu-uu-uu-uu-uu-uu", "LK"), // boot data 1
+        FlashRegion("info", 1, 0, 2, "RD-xx-xx-SC-EC-xx", "LK"), // owner config 0
+        if unlocked {
+            FlashRegion("info", 1, 0, 3, "RD-WR-ER-SC-EC-xx", "LK") // owner config 1
+        } else {
+            FlashRegion("info", 1, 0, 3, "RD-xx-xx-SC-EC-xx", "LK") // owner config 1
+        },
+        FlashRegion("info", 1, 0, 4, "uu-uu-uu-uu-uu-uu", "LK"), // creator reserved
+        FlashRegion("info", 1, 0, 5, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 1, 0, 6, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 1, 0, 7, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 1, 0, 8, "xx-xx-xx-xx-xx-xx", "UN"), // owner reserved
+        FlashRegion("info", 1, 0, 9, "RD-xx-xx-SC-EC-xx", "LK"), // dice certs
+    ];
+    assert_eq!(info.len(), config.len());
+    let mut err = 0;
+    for i in 0..config.len() {
+        if info[i] != config[i] {
+            log::error!("INFO entry {i}: {:?} != {:?}", info[i], config[i]);
+            err += 1;
+        }
+    }
+    if err != 0 {
+        Err(anyhow!("INFO lockdown mismatch"))
+    } else {
+        Ok(())
+    }
+}
+
 fn flash_permission_test(opts: &Opts, transport: &TransportWrapper) -> Result<()> {
     let uart = transport.uart("console")?;
     let rescue = RescueSerial::new(Rc::clone(&uart));
@@ -198,17 +241,7 @@ fn flash_permission_test(opts: &Opts, transport: &TransportWrapper) -> Result<()
             FlashRegion("data", 7, 0, 0, "xx-xx-xx-xx-xx-xx", "UN")
         );
 
-        // Bank 1, pages 2-3 are the ownership pages.  In an ownership unlocked
-        // state, OwnerPage0 (bank 1 page 2) should be read-only and OwnerPage1
-        // (bank1 page 3) should be read/write.
-        assert_eq!(
-            region[20],
-            FlashRegion("info", 1, 0, 2, "RD-xx-xx-SC-EC-xx", "LK")
-        );
-        assert_eq!(
-            region[21],
-            FlashRegion("info", 1, 0, 3, "RD-WR-ER-SC-EC-xx", "LK")
-        );
+        flash_info_check(&region[8..], /*unlocked=*/ true)?;
     }
 
     log::info!("###### Get Boot Log (2/2) ######");
@@ -306,17 +339,7 @@ fn flash_permission_test(opts: &Opts, transport: &TransportWrapper) -> Result<()
         FlashRegion("data", 7, 0, 0, "xx-xx-xx-xx-xx-xx", "UN")
     );
 
-    // Bank 1, pages 2-3 are the ownership pages.  In an ownership locked
-    // state, both pages should be read-only.
-    assert_eq!(
-        region[20],
-        FlashRegion("info", 1, 0, 2, "RD-xx-xx-SC-EC-xx", "LK")
-    );
-    assert_eq!(
-        region[21],
-        FlashRegion("info", 1, 0, 3, "RD-xx-xx-SC-EC-xx", "LK")
-    );
-
+    flash_info_check(&region[8..], /*unlocked=*/ false)?;
     Ok(())
 }
 

Original file line number	Diff line number	Diff line change
`@@ -251,12 +251,10 @@ rom_error_t owner_block_flash_apply(const owner_flash_config_t *flash,`
`251`	`251`	`}`
`252`	`252`
`253`	`253`	`static inline hardened_bool_t is_owner_page(const owner_info_page_t *config) {`
`254`		`- if (config->bank == 0) {`
`255`		`- if (config->page >= 6 && config->page <= 9) {`
`256`		`- // Currently, bank0, pages 6-9 (inclusive) are the pages reserved`
`257`		`- // for the owner's use.`
`258`		`- return kHardenedBoolTrue;`
`259`		`- }`
	`254`	`+ // On earlgrey_a1, in banks 0 and 1, pages 5-8 (inclusive) are reserved`
	`255`	`+ // for the owner.`
	`256`	`+ if (config->page >= 5 && config->page <= 8) {`
	`257`	`+ return kHardenedBoolTrue;`
`260`	`258`	`}`
`261`	`259`	`return kHardenedBoolFalse;`
`262`	`260`	`}`
Original file line number	Diff line number	Diff line change
`@@ -219,7 +219,7 @@ const owner_flash_info_config_t info_config = {`
`219`	`219`	`{`
`220`	`220`	`// Disallowed page`
`221`	`221`	`.bank = 0,`
`222`		`- .page = 5,`
	`222`	`+ .page = 9,`
`223`	`223`	`.access = FLASH_ACCESS(`
`224`	`224`	`/index=/1,`
`225`	`225`	`/read=/true,`