From 4d8eab903102793fadc3f0d22226994e8b425f03 Mon Sep 17 00:00:00 2001 From: dehanj Date: Mon, 25 Mar 2024 09:34:14 +0100 Subject: [PATCH] Add release notes for TK1-24.03 --- doc/release_notes.md | 76 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 69 insertions(+), 7 deletions(-) diff --git a/doc/release_notes.md b/doc/release_notes.md index 86a2727d..04805f34 100644 --- a/doc/release_notes.md +++ b/doc/release_notes.md @@ -2,6 +2,68 @@ Descriptions of the tagged TKey releases. + +## TK1-24.03 + +This is an official release of the "Bellatrix" version of the Tillitis' +TKey. This version is ready for general use. + +Given the OCI image `ghcr.io/tillitis/tkey-builder:4` built from +`../contrib/Dockerfile` and the generic UDS.hex and UDI.hex, a clean +build should generate the following digest: + +``` +5b373c0ab86b8970b28270bb54825e1dc7f9723a80598ad85851c2b3aabed989 application_fpga.bin +``` + +### FPGA +- Security Monitor now prevents access to RAM outside of the physical + memory. If it detects an access outside of the RAM address space, it + will halt the CPU. +- CPU Monitor changes name to Security monitor, which CPU Monitor is a + part of. Prepare for more functions in the future. +- Support incremental builds for the bitstream, when changing UDS/UDI + between builds. Requires tkey-builder:3 or higher. +- Update Verilog linter to Verilog-2005 and fixed warnings +- Complete testbenches and add 9 tests for the FPGA cores. + +### Firmware +- Make memeq() function side channel silent. +- Change memory constants to defines instead of an enum, to be + compatible with ISO C. +- Deprecate TK1_MMIO_TK1_RAM_ASLR and introduce. + TK1_MMIO_TK1_RAM_ADDR_RAND instead, to distinguish from OS-level + ASLR. +- Use pedantic warnings while building firmware and fixed warnings. +- Use clang-tidy in CI. +- Fix warnings from splint. + +### TP1 +- New plastic clip o and update of BOM. +- Build TP1 firmware in CI. + +### CH552 +- Fixed a bug where a byte of data could in some rare circumstances be + dropped, causing a client app to hang. +- General clean-up of code, translated all comments to English. + +### TK1 +- New injection moulded plastic case + +### tkey-builder +- Updated to version 3. Bumping Ubuntu to 23.10, Yosys to 0.36 and + nextpnr to 0.6. +- Updated to version 4. Bumping pico-sdk to 1.5.1, adding clang-tidy + and splint. + +### Docs +- Fixing broken links, cleaning up docs and READMEs. +- Clarify warm boot attack mitigations and scope for Bellatrix in + threat model. + +For full change log [see](https://github.com/tillitis/tillitis-key1/compare/TK1-23.03.2...TK1-24.03) + + ## TK1-23.03.2 This is the official release of the "Bellatrix" version of the @@ -87,12 +149,12 @@ f11d6b0f57c5405598206dcfea284008413391a2c51f124a2e2ae8600cb78f0b application_fp will start flashing red. Note that the CPU will stay in the trap state until the TKey device is disconnected. -- (HW) The RAM memory now includes an initial adress and scrambling - mechanism to make it harder to find assets generated by and - stored in the RAM by applications. The address space layout +- (HW) The RAM memory now includes an address randomisation and RAM + scrambling mechanism to make it harder to find assets generated by + and stored in the RAM by applications. The address space layout randomizarion (ASLR) and data value scrambling is set up by the - firmware before the application is loaded, and does not affect - how applications executes. + firmware before the application is loaded, and does not affect how + applications executes. - (HW) The UART Rx FIFO now allows applications to read out the number of bytes received and not yet consumed by the application. @@ -142,8 +204,8 @@ f11d6b0f57c5405598206dcfea284008413391a2c51f124a2e2ae8600cb78f0b application_fp PicoRV32. Please compile your programs with the Zmmul extension, `-march=rv32iczmmul` for `clang`. -- (HW) The UDI is locked down and can now only be accessed by - firmware, not applications. +- (HW) The UDI is locked down and can only be accessed by firmware, to + prevent applications from tracking a particular TKey. - (HW) The timer MMIO API now takes separate start and stop bits for triggering the respective action, mitigating a time-of-check to