Skip to content

[otbn] Patch an error in the OTBN boot services program #27679

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: earlgrey_1.0.0
Choose a base branch
from
Open

[otbn] Patch an error in the OTBN boot services program #27679

wants to merge 1 commit into from
+38 −0

Conversation

cfrantz
Copy link
Contributor

@cfrantz cfrantz commented Jul 22, 2025

There is an error in the OTBN boot services program loaded by the ROM that can affect the random share values. This bug is caused by a simple transposition of operands in the p256_base source code.

Since the OTBN program is stored in ROM and loaded into OTBN by the ROM, we patch it in the immutable section before we use that portion of the program.

DO NOT cherrypick this change to the master branch.

@cfrantz cfrantz requested a review from a team as a code owner July 22, 2025 17:19
@cfrantz cfrantz requested review from HU90m and removed request for a team and HU90m July 22, 2025 17:19
nasahlpa
nasahlpa approved these changes Jul 22, 2025
View reviewed changes
Copy link
Member

@nasahlpa nasahlpa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing this!
LGTM.

sw/device/silicon_creator/lib/drivers/otbn.h
*
* There is a bug in the OTBN boot services program loaded by ROM. There is a
* single instruction with mistakenly transposed operands which can affect the
* random share values. This bug DOES NOT affect the correctness of the OTBN
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* random share values. This bug DOES NOT affect the correctness of the OTBN
* random share values. This bug DOES NOT affect the correctness of the OTBN

sw/device/silicon_creator/rom_ext/imm_section/imm_section.c
// Patch a bug in the OTBN ECDSA-P256 program.
//
// There is a single instruction with mistakenly transposed operands which
// can affect the random share values. This bug DOES NOT affect the
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// can affect the random share values. This bug DOES NOT affect the
// can affect the random share values. This bug DOES NOT affect the

@cfrantz
Copy link
Contributor Author

cfrantz commented Jul 22, 2025

Are there any suggestions for testing this?

sasdf
sasdf approved these changes Jul 23, 2025
View reviewed changes
Copy link
Contributor

@sasdf sasdf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@nasahlpa
Copy link
Member

Are there any suggestions for testing this?

IMO running the otbn_boot_services_functest should be sufficient.

@cfrantz
[otbn] Patch an error in the OTBN boot services program
dc4a5b6 
There is an error in the OTBN boot services program loaded by the ROM
that can affect the random share values.  This bug is caused by a
simple transposition of operands in the `p256_base` source code.

Since the OTBN program is stored in ROM and loaded into OTBN by the ROM,
we patch it in the immutable section before we use that portion of
the program.

DO NOT cherrypick this change to the `master` branch.

Signed-off-by: Chris Frantz <cfrantz@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sasdf sasdf sasdf approved these changes

@nasahlpa nasahlpa nasahlpa approved these changes

@johannheyszl johannheyszl Awaiting requested review from johannheyszl

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cfrantz @nasahlpa @sasdf