From 907e79031d870470a9a8d652fa869ddc4c664ed1 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Fri, 20 Sep 2024 15:33:57 +0100 Subject: [PATCH 01/13] Bump to tamago@c4704957c2e1bd49bd3a6fa5d7331611dfe9dd3f --- go.mod | 6 ++++-- go.sum | 2 ++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 4bcbb86..c4fc16c 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module github.com/transparency-dev/armored-witness-os -go 1.22.4 +go 1.23.0 + +toolchain go1.23.1 require ( github.com/coreos/go-semver v0.3.1 @@ -17,8 +19,8 @@ require ( github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 - github.com/usbarmory/tamago v0.0.0-20240321170635-3bf2d607eccb golang.org/x/crypto v0.28.0 + github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 golang.org/x/mod v0.21.0 google.golang.org/protobuf v1.35.1 gvisor.dev/gvisor v0.0.0-20240303010120-901d232cd101 diff --git a/go.sum b/go.sum index 552f87b..2b7c989 100644 --- a/go.sum +++ b/go.sum @@ -68,6 +68,8 @@ github.com/usbarmory/tamago v0.0.0-20240321170635-3bf2d607eccb h1:1G0RMAC/WkYlXf github.com/usbarmory/tamago v0.0.0-20240321170635-3bf2d607eccb/go.mod h1:uCPXcPo8SZulhZPz8irfVqzwVlPZ45w7CTJxkfxueGA= golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= +github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 h1:7CX/AZFrsPyfmqLhRW0UDvupcqz/mnyeFrPEshav/sg= +github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= From 222e214d1b6aa2d621622638871d8d2d85e9012a Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Fri, 20 Sep 2024 15:34:06 +0100 Subject: [PATCH 02/13] Bump GoTEE@7e62563c0628fed3ee0aebb4702e22be9bb636e3 --- go.mod | 8 +++----- go.sum | 3 +++ 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index c4fc16c..5e40397 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,6 @@ module github.com/transparency-dev/armored-witness-os -go 1.23.0 - -toolchain go1.23.1 +go 1.23.1 require ( github.com/coreos/go-semver v0.3.1 @@ -14,7 +12,7 @@ require ( github.com/transparency-dev/armored-witness-common v0.0.0-20240313170947-0b19d0fb8b95 github.com/transparency-dev/merkle v0.0.2 github.com/transparency-dev/serverless-log v0.0.0-20231215122707-66f68a7705f5 - github.com/usbarmory/GoTEE v0.0.0-20240314122327-40179239ad36 + github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628 github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 @@ -35,8 +33,8 @@ require ( github.com/stretchr/testify v1.8.2 // indirect github.com/transparency-dev/formats v0.0.0-20230920083814-0f75b1d4e813 // indirect github.com/u-root/u-root v0.11.0 // indirect - golang.org/x/sync v0.6.0 // indirect golang.org/x/sys v0.26.0 // indirect + golang.org/x/sync v0.8.0 // indirect golang.org/x/time v0.5.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 2b7c989..c5bfa61 100644 --- a/go.sum +++ b/go.sum @@ -55,6 +55,8 @@ github.com/u-root/u-root v0.11.0 h1:6gCZLOeRyevw7gbTwMj3fKxnr9+yHFlgF3N7udUVNO8= github.com/u-root/u-root v0.11.0/go.mod h1:DBkDtiZyONk9hzVEdB/PWI9B4TxDkElWlVTHseglrZY= github.com/usbarmory/GoTEE v0.0.0-20240314122327-40179239ad36 h1:rZfhjJpgKuwos6KBdHKouDJmYmpV/FJv4q34eIjtPjw= github.com/usbarmory/GoTEE v0.0.0-20240314122327-40179239ad36/go.mod h1:YlZVucqxy/z5QWKerml3Vm5T14UOzZEs2kXfS1nilx8= +github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628 h1:PGlLJYe1YMmzmSYXhEkOSXSrQjV/mXk6CNk5LTgnndM= +github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628/go.mod h1:solbXmDpRv6u6CmfHiFi3rwsYoTlZXToith669WnvgM= github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c h1:qQL3CljMNrk9TyG8EUvCAPU7/bTVitJMhqlKSNhskis= github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c/go.mod h1:20DIzHJntbLDOptGT7TOm8DkT5mL2jRyzPzVXAYVHJ8= github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 h1:n3JkWqsxKsbX2SKy+ac3v2rgEmTWfA/s0SC5kHlJGBY= @@ -76,6 +78,7 @@ golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= From f81287f925fc5d3c38dd88db584d4903b8aed21e Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Fri, 20 Sep 2024 15:35:20 +0100 Subject: [PATCH 03/13] Makefile works on nix --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index ccac7d0..b9cb384 100644 --- a/Makefile +++ b/Makefile @@ -12,18 +12,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -BUILD_EPOCH := $(shell /bin/date -u "+%s") +BUILD_EPOCH := $(shell date -u "+%s") BUILD_TAGS = linkramsize,linkramstart,disable_fr_auth,linkprintk REV = $(shell git rev-parse --short HEAD 2> /dev/null) GIT_SEMVER_TAG ?= $(shell (git describe --tags --exact-match --match 'v*.*.*' 2>/dev/null || git describe --match 'v*.*.*' --tags 2>/dev/null || git describe --tags 2>/dev/null || echo -n v0.0.${BUILD_EPOCH}+`git rev-parse HEAD`) | tail -c +2 ) SRK_HASH ?= -PROTOC ?= /usr/bin/protoc +PROTOC ?= $(shell which protoc) TAMAGO_SEMVER = $(shell [ -n "${TAMAGO}" -a -x "${TAMAGO}" ] && ${TAMAGO} version | sed 's/.*go\([0-9]\.[0-9]*\.[0-9]*\).*/\1/') MINIMUM_TAMAGO_VERSION=1.22.4 -SHELL = /bin/bash +SHELL = /usr/bin/env bash ifeq ("${DEBUG}","1") BUILD_TAGS := ${BUILD_TAGS},debug @@ -144,7 +144,7 @@ manifest: $(APP)_manifest proto: @echo "generating protobuf classes" -rm -f $(CURDIR)/api/*.pb.go - PATH=$(shell go env GOPATH | awk -F":" '{print $$1"/bin"}') ${PROTOC} --proto_path=$(CURDIR)/api --go_out=$(CURDIR)/api api.proto + PATH=$(shell go env GOPATH | awk -F":" '{print $$1"/bin"}'):${PATH} ${PROTOC} --proto_path=$(CURDIR)/api --go_out=$(CURDIR)/api api.proto $(APP).bin: CROSS_COMPILE=arm-none-eabi- $(APP).bin: $(APP).elf From 4f3b1cf088645d3415a0c7d4d4b27cf064bc812c Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Fri, 20 Sep 2024 15:43:08 +0100 Subject: [PATCH 04/13] Update build/configs --- .github/workflows/pr_build.yml | 2 +- Dockerfile | 2 +- Makefile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr_build.yml b/.github/workflows/pr_build.yml index 5fbe972..6f3b276 100644 --- a/.github/workflows/pr_build.yml +++ b/.github/workflows/pr_build.yml @@ -8,7 +8,7 @@ permissions: jobs: build: env: - TAMAGO_VERSION: 1.22.4 + TAMAGO_VERSION: 1.23.1 TAMAGO: /usr/local/tamago-go/bin/go APPLET_PRIVATE_KEY: /tmp/applet.sec APPLET_PUBLIC_KEY: /tmp/applet.pub diff --git a/Dockerfile b/Dockerfile index 4384064..66cf179 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.22-bookworm +FROM golang:1.23-bookworm ARG TAMAGO_VERSION ARG LOG_ORIGIN diff --git a/Makefile b/Makefile index b9cb384..d04a97b 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ SRK_HASH ?= PROTOC ?= $(shell which protoc) TAMAGO_SEMVER = $(shell [ -n "${TAMAGO}" -a -x "${TAMAGO}" ] && ${TAMAGO} version | sed 's/.*go\([0-9]\.[0-9]*\.[0-9]*\).*/\1/') -MINIMUM_TAMAGO_VERSION=1.22.4 +MINIMUM_TAMAGO_VERSION=1.23.1 SHELL = /usr/bin/env bash From a8848629743ebaff70fee2fa2d889a6940efab63 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Fri, 20 Sep 2024 16:19:05 +0100 Subject: [PATCH 05/13] Follow code --- api/api.pb.go | 36 ++++++++++++++++-------------------- trusted_os/handler.go | 24 ++++-------------------- trusted_os/main.go | 3 ++- 3 files changed, 22 insertions(+), 41 deletions(-) diff --git a/api/api.pb.go b/api/api.pb.go index 2cc89ef..36bb9f2 100644 --- a/api/api.pb.go +++ b/api/api.pb.go @@ -83,13 +83,10 @@ func (ErrorCode) EnumDescriptor() ([]byte, []int) { return file_api_proto_rawDescGZIP(), []int{0} } +// Status information // -// -//Status information -// -//The status information format is returned on any message sent with the -//`U2FHID_ARMORY_INF` vendor specific command. -// +// The status information format is returned on any message sent with the +// `U2FHID_ARMORY_INF` vendor specific command. type Status struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -219,13 +216,10 @@ func (x *Status) GetMAC() string { return "" } +// WitnessStatus contains witness-applet specific status information. // -// -//WitnessStatus contains witness-applet specific status information. -// -//This is embedded in the general Status message if the applet has provided -//this information to the OS. -// +// This is embedded in the general Status message if the applet has provided +// this information to the OS. type WitnessStatus struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -240,17 +234,19 @@ type WitnessStatus struct { IDAttestPublicKey string `protobuf:"bytes,3,opt,name=IDAttestPublicKey,proto3" json:"IDAttestPublicKey,omitempty"` // AttestedID is a note-formatted signed attestation for the current witness identity. // This attestation note contains: - // "ArmoredWitness ID attestation v1" - // - // - // + // + // "ArmoredWitness ID attestation v1" + // + // + // AttestedID string `protobuf:"bytes,4,opt,name=AttestedID,proto3" json:"AttestedID,omitempty"` // AttestedBastionID is a note-formatted signed attestation for the witness' BastionID. // This attestation note contains: - // "ArmoredWitness BastionID attestation v1" - // - // - // + // + // "ArmoredWitness BastionID attestation v1" + // + // + // AttestedBastionID string `protobuf:"bytes,5,opt,name=AttestedBastionID,proto3" json:"AttestedBastionID,omitempty"` } diff --git a/trusted_os/handler.go b/trusted_os/handler.go index ca78e58..5ec9c13 100644 --- a/trusted_os/handler.go +++ b/trusted_os/handler.go @@ -15,7 +15,6 @@ package main import ( - "fmt" "log" "github.com/usbarmory/tamago/arm" @@ -38,7 +37,7 @@ var irqHandler = make(map[int]func()) // defined in handler.s func wakeHandler(g uint32, p uint32) -func isr() (err error) { +func isr() { irq, end := imx6ul.GIC.GetInterrupt(true) if end != nil { @@ -47,22 +46,9 @@ func isr() (err error) { if handle, ok := irqHandler[irq]; ok { handle() - return nil - } - - return fmt.Errorf("unexpected IRQ %d", irq) -} - -func handleInterrupts() { - arm.RegisterInterruptHandler() - - for { - arm.WaitInterrupt() - - if err := isr(); err != nil { - log.Printf("SM IRQ handling error: %v", err) - } + return } + log.Printf("unexpected IRQ %d", irq) } func fiqHandler(ctx *monitor.ExecCtx) (_ error) { @@ -79,9 +65,7 @@ func fiqHandler(ctx *monitor.ExecCtx) (_ error) { return } - if err := isr(); err != nil { - log.Printf("SM FIQ handling error: %v", err) - } + isr() // mask FIQs, applet handler will request unmasking when done bits.Set(&ctx.SPSR, CPSR_FIQ) diff --git a/trusted_os/main.go b/trusted_os/main.go index 6f76382..ec59d4e 100644 --- a/trusted_os/main.go +++ b/trusted_os/main.go @@ -27,6 +27,7 @@ import ( "time" "github.com/coreos/go-semver/semver" + "github.com/usbarmory/tamago/arm" usbarmory "github.com/usbarmory/tamago/board/usbarmory/mk2" "github.com/usbarmory/tamago/soc/nxp/enet" "github.com/usbarmory/tamago/soc/nxp/imx6ul" @@ -259,7 +260,7 @@ func main() { } // never returns - handleInterrupts() + arm.ServiceInterrupts(isr) } func createBundleVerifier(logOrigin string, logVerifier note.Verifier, manifestVerifiers []string) (firmware.BundleVerifier, error) { From 4175f90ac9c56103404178b40085f8d5a13c88f6 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Wed, 16 Oct 2024 12:32:42 +0100 Subject: [PATCH 06/13] mod tidy --- go.mod | 4 ++-- go.sum | 13 ++++--------- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/go.mod b/go.mod index 5e40397..c151412 100644 --- a/go.mod +++ b/go.mod @@ -17,8 +17,8 @@ require ( github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 - golang.org/x/crypto v0.28.0 github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 + golang.org/x/crypto v0.28.0 golang.org/x/mod v0.21.0 google.golang.org/protobuf v1.35.1 gvisor.dev/gvisor v0.0.0-20240303010120-901d232cd101 @@ -33,8 +33,8 @@ require ( github.com/stretchr/testify v1.8.2 // indirect github.com/transparency-dev/formats v0.0.0-20230920083814-0f75b1d4e813 // indirect github.com/u-root/u-root v0.11.0 // indirect - golang.org/x/sys v0.26.0 // indirect golang.org/x/sync v0.8.0 // indirect + golang.org/x/sys v0.26.0 // indirect golang.org/x/time v0.5.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index c5bfa61..4a1a677 100644 --- a/go.sum +++ b/go.sum @@ -53,8 +53,6 @@ github.com/transparency-dev/serverless-log v0.0.0-20231215122707-66f68a7705f5 h1 github.com/transparency-dev/serverless-log v0.0.0-20231215122707-66f68a7705f5/go.mod h1:rx4EB9NW4aZFJT5kxf6BWRWbZSThl36jv7O5o5r/qv8= github.com/u-root/u-root v0.11.0 h1:6gCZLOeRyevw7gbTwMj3fKxnr9+yHFlgF3N7udUVNO8= github.com/u-root/u-root v0.11.0/go.mod h1:DBkDtiZyONk9hzVEdB/PWI9B4TxDkElWlVTHseglrZY= -github.com/usbarmory/GoTEE v0.0.0-20240314122327-40179239ad36 h1:rZfhjJpgKuwos6KBdHKouDJmYmpV/FJv4q34eIjtPjw= -github.com/usbarmory/GoTEE v0.0.0-20240314122327-40179239ad36/go.mod h1:YlZVucqxy/z5QWKerml3Vm5T14UOzZEs2kXfS1nilx8= github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628 h1:PGlLJYe1YMmzmSYXhEkOSXSrQjV/mXk6CNk5LTgnndM= github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628/go.mod h1:solbXmDpRv6u6CmfHiFi3rwsYoTlZXToith669WnvgM= github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c h1:qQL3CljMNrk9TyG8EUvCAPU7/bTVitJMhqlKSNhskis= @@ -66,19 +64,16 @@ github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1/go.mod h1:gJs github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 h1:VPruqXJEJxTweSRyx3NIkiIqQl9ppZHp4wZnL8+Y0aI= github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8/go.mod h1:XfTrYj8Ik3ljit1cSHTcsXs7lyJ/QMsplPDX8+g5s7c= github.com/usbarmory/tamago v0.0.0-20220823080407-04f05cf2a5a3/go.mod h1:Lok79mjbJnhoBGqhX5cCUsZtSemsQF5FNZW+2R1dRr8= -github.com/usbarmory/tamago v0.0.0-20240321170635-3bf2d607eccb h1:1G0RMAC/WkYlXfmf8D94bHxhN0WpavtdZ2yJhuSNJ4U= -github.com/usbarmory/tamago v0.0.0-20240321170635-3bf2d607eccb/go.mod h1:uCPXcPo8SZulhZPz8irfVqzwVlPZ45w7CTJxkfxueGA= -golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= -golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 h1:7CX/AZFrsPyfmqLhRW0UDvupcqz/mnyeFrPEshav/sg= github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= +golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= +golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= -golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= From f788f8e4d56e0c8591673d21fc80923d6f75a517 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Tue, 24 Sep 2024 13:38:35 +0100 Subject: [PATCH 07/13] Fix BEE --- trusted_os/mem_bee.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/trusted_os/mem_bee.go b/trusted_os/mem_bee.go index 08b345b..c8c34b5 100644 --- a/trusted_os/mem_bee.go +++ b/trusted_os/mem_bee.go @@ -19,6 +19,9 @@ package main import ( _ "unsafe" + + "github.com/usbarmory/tamago/arm" + "github.com/usbarmory/tamago/soc/nxp/imx6ul" ) // The following memory regions are within an alias of external DDR, required @@ -56,3 +59,12 @@ var ramSize uint32 = secureSize //go:linkname vecTableStart github.com/usbarmory/tamago/arm.vecTableStart var vecTableStart uint32 = physicalStart + +func init() { + imx6ul.ARM.SetAttribute( + vecTableStart, + vecTableStart + (1 << 20), + arm.TTE_EXECUTE_NEVER, + 0, + ) +} From f353b8472f94b0ee830a5b88b1c445a78d2bda5f Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Fri, 20 Sep 2024 17:48:40 +0100 Subject: [PATCH 08/13] got get caam --- go.mod | 2 ++ go.sum | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index c151412..9ba8429 100644 --- a/go.mod +++ b/go.mod @@ -2,6 +2,8 @@ module github.com/transparency-dev/armored-witness-os go 1.23.1 +toolchain go1.23.1 + require ( github.com/coreos/go-semver v0.3.1 github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a diff --git a/go.sum b/go.sum index 4a1a677..824578f 100644 --- a/go.sum +++ b/go.sum @@ -63,7 +63,6 @@ github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 h1:Ba8KE+wt6b github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1/go.mod h1:gJsQWSa5rjprEZb8/NqDzoOPxk6LTuEPsPiqpbrEUjw= github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 h1:VPruqXJEJxTweSRyx3NIkiIqQl9ppZHp4wZnL8+Y0aI= github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8/go.mod h1:XfTrYj8Ik3ljit1cSHTcsXs7lyJ/QMsplPDX8+g5s7c= -github.com/usbarmory/tamago v0.0.0-20220823080407-04f05cf2a5a3/go.mod h1:Lok79mjbJnhoBGqhX5cCUsZtSemsQF5FNZW+2R1dRr8= github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 h1:7CX/AZFrsPyfmqLhRW0UDvupcqz/mnyeFrPEshav/sg= github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= From 5db0cb9871e579e5d315213d51977c6da2929299 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Mon, 23 Sep 2024 14:24:28 +0100 Subject: [PATCH 09/13] Bump GoTEE --- go.mod | 2 -- go.sum | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/go.mod b/go.mod index 9ba8429..c151412 100644 --- a/go.mod +++ b/go.mod @@ -2,8 +2,6 @@ module github.com/transparency-dev/armored-witness-os go 1.23.1 -toolchain go1.23.1 - require ( github.com/coreos/go-semver v0.3.1 github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a diff --git a/go.sum b/go.sum index 824578f..4a1a677 100644 --- a/go.sum +++ b/go.sum @@ -63,6 +63,7 @@ github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 h1:Ba8KE+wt6b github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1/go.mod h1:gJsQWSa5rjprEZb8/NqDzoOPxk6LTuEPsPiqpbrEUjw= github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 h1:VPruqXJEJxTweSRyx3NIkiIqQl9ppZHp4wZnL8+Y0aI= github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8/go.mod h1:XfTrYj8Ik3ljit1cSHTcsXs7lyJ/QMsplPDX8+g5s7c= +github.com/usbarmory/tamago v0.0.0-20220823080407-04f05cf2a5a3/go.mod h1:Lok79mjbJnhoBGqhX5cCUsZtSemsQF5FNZW+2R1dRr8= github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 h1:7CX/AZFrsPyfmqLhRW0UDvupcqz/mnyeFrPEshav/sg= github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= From 5b62aadb0a439990b9ec7ee327e1d021fd1b9aa8 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Tue, 24 Sep 2024 13:38:44 +0100 Subject: [PATCH 10/13] Bump tamago --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c151412..7a7a8d5 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 - github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 + github.com/usbarmory/tamago v0.0.0-20240924114619-273d67cd811d golang.org/x/crypto v0.28.0 golang.org/x/mod v0.21.0 google.golang.org/protobuf v1.35.1 diff --git a/go.sum b/go.sum index 4a1a677..0ec8b11 100644 --- a/go.sum +++ b/go.sum @@ -64,8 +64,8 @@ github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1/go.mod h1:gJs github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 h1:VPruqXJEJxTweSRyx3NIkiIqQl9ppZHp4wZnL8+Y0aI= github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8/go.mod h1:XfTrYj8Ik3ljit1cSHTcsXs7lyJ/QMsplPDX8+g5s7c= github.com/usbarmory/tamago v0.0.0-20220823080407-04f05cf2a5a3/go.mod h1:Lok79mjbJnhoBGqhX5cCUsZtSemsQF5FNZW+2R1dRr8= -github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1 h1:7CX/AZFrsPyfmqLhRW0UDvupcqz/mnyeFrPEshav/sg= -github.com/usbarmory/tamago v0.0.0-20240909213541-c4704957c2e1/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= +github.com/usbarmory/tamago v0.0.0-20240924114619-273d67cd811d h1:rPQ3OVO/SRWviAFLpXO4OUOtTlUH2IIAzZvcWfW9elk= +github.com/usbarmory/tamago v0.0.0-20240924114619-273d67cd811d/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= From 0f3b68c1a30658e830839b711e509e56d272995d Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Tue, 24 Sep 2024 13:42:06 +0100 Subject: [PATCH 11/13] Track changes --- trusted_os/handler.go | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/trusted_os/handler.go b/trusted_os/handler.go index 5ec9c13..2937eb1 100644 --- a/trusted_os/handler.go +++ b/trusted_os/handler.go @@ -38,11 +38,7 @@ var irqHandler = make(map[int]func()) func wakeHandler(g uint32, p uint32) func isr() { - irq, end := imx6ul.GIC.GetInterrupt(true) - - if end != nil { - close(end) - } + irq := imx6ul.GIC.GetInterrupt(true) if handle, ok := irqHandler[irq]; ok { handle() From 09b8e2f5b8886581c78eacfd5aaf456e41d2542c Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Wed, 16 Oct 2024 13:10:22 +0100 Subject: [PATCH 12/13] Proto --- api/api.pb.go | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/api/api.pb.go b/api/api.pb.go index 36bb9f2..2cc89ef 100644 --- a/api/api.pb.go +++ b/api/api.pb.go @@ -83,10 +83,13 @@ func (ErrorCode) EnumDescriptor() ([]byte, []int) { return file_api_proto_rawDescGZIP(), []int{0} } -// Status information // -// The status information format is returned on any message sent with the -// `U2FHID_ARMORY_INF` vendor specific command. +// +//Status information +// +//The status information format is returned on any message sent with the +//`U2FHID_ARMORY_INF` vendor specific command. +// type Status struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -216,10 +219,13 @@ func (x *Status) GetMAC() string { return "" } -// WitnessStatus contains witness-applet specific status information. // -// This is embedded in the general Status message if the applet has provided -// this information to the OS. +// +//WitnessStatus contains witness-applet specific status information. +// +//This is embedded in the general Status message if the applet has provided +//this information to the OS. +// type WitnessStatus struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -234,19 +240,17 @@ type WitnessStatus struct { IDAttestPublicKey string `protobuf:"bytes,3,opt,name=IDAttestPublicKey,proto3" json:"IDAttestPublicKey,omitempty"` // AttestedID is a note-formatted signed attestation for the current witness identity. // This attestation note contains: - // - // "ArmoredWitness ID attestation v1" - // - // - // + // "ArmoredWitness ID attestation v1" + // + // + // AttestedID string `protobuf:"bytes,4,opt,name=AttestedID,proto3" json:"AttestedID,omitempty"` // AttestedBastionID is a note-formatted signed attestation for the witness' BastionID. // This attestation note contains: - // - // "ArmoredWitness BastionID attestation v1" - // - // - // + // "ArmoredWitness BastionID attestation v1" + // + // + // AttestedBastionID string `protobuf:"bytes,5,opt,name=AttestedBastionID,proto3" json:"AttestedBastionID,omitempty"` } From 6a84ebb1ed6727349d67640ac67330b6944a1b00 Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Wed, 16 Oct 2024 13:48:07 +0100 Subject: [PATCH 13/13] bump armory-boot@09d0327c3c99d65b08c4c6d252c474eace17395d --- go.mod | 6 ++++-- go.sum | 12 ++++++++---- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 7a7a8d5..01f2b6b 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/transparency-dev/merkle v0.0.2 github.com/transparency-dev/serverless-log v0.0.0-20231215122707-66f68a7705f5 github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628 - github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c + github.com/usbarmory/armory-boot v0.0.0-20240924115649-09d0327c3c99 github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 github.com/usbarmory/imx-usbserial v0.0.0-20230503192150-40b6298b31f8 @@ -32,7 +32,9 @@ require ( github.com/pierrec/lz4/v4 v4.1.14 // indirect github.com/stretchr/testify v1.8.2 // indirect github.com/transparency-dev/formats v0.0.0-20230920083814-0f75b1d4e813 // indirect - github.com/u-root/u-root v0.11.0 // indirect + github.com/u-root/u-root v0.14.0 // indirect + github.com/u-root/uio v0.0.0-20240209044354-b3d14b93376a // indirect + golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect golang.org/x/sync v0.8.0 // indirect golang.org/x/sys v0.26.0 // indirect golang.org/x/time v0.5.0 // indirect diff --git a/go.sum b/go.sum index 0ec8b11..9ed9dda 100644 --- a/go.sum +++ b/go.sum @@ -51,12 +51,14 @@ github.com/transparency-dev/merkle v0.0.2 h1:Q9nBoQcZcgPamMkGn7ghV8XiTZ/kRxn1yCG github.com/transparency-dev/merkle v0.0.2/go.mod h1:pqSy+OXefQ1EDUVmAJ8MUhHB9TXGuzVAT58PqBoHz1A= github.com/transparency-dev/serverless-log v0.0.0-20231215122707-66f68a7705f5 h1:jD3VKdFO2BKl8PfDSFuMvMoMekqMBPxKgvF1H2FPXTw= github.com/transparency-dev/serverless-log v0.0.0-20231215122707-66f68a7705f5/go.mod h1:rx4EB9NW4aZFJT5kxf6BWRWbZSThl36jv7O5o5r/qv8= -github.com/u-root/u-root v0.11.0 h1:6gCZLOeRyevw7gbTwMj3fKxnr9+yHFlgF3N7udUVNO8= -github.com/u-root/u-root v0.11.0/go.mod h1:DBkDtiZyONk9hzVEdB/PWI9B4TxDkElWlVTHseglrZY= +github.com/u-root/u-root v0.14.0 h1:Ka4T10EEML7dQ5XDvO9c3MBN8z4nuSnGjcd1jmU2ivg= +github.com/u-root/u-root v0.14.0/go.mod h1:hAyZorapJe4qzbLWlAkmSVCJGbfoU9Pu4jpJ1WMluqE= +github.com/u-root/uio v0.0.0-20240209044354-b3d14b93376a h1:BH1SOPEvehD2kVrndDnGJiUF0TrBpNs+iyYocu6h0og= +github.com/u-root/uio v0.0.0-20240209044354-b3d14b93376a/go.mod h1:P3a5rG4X7tI17Nn3aOIAYr5HbIMukwXG0urG0WuL8OA= github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628 h1:PGlLJYe1YMmzmSYXhEkOSXSrQjV/mXk6CNk5LTgnndM= github.com/usbarmory/GoTEE v0.0.0-20240913144333-7e62563c0628/go.mod h1:solbXmDpRv6u6CmfHiFi3rwsYoTlZXToith669WnvgM= -github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c h1:qQL3CljMNrk9TyG8EUvCAPU7/bTVitJMhqlKSNhskis= -github.com/usbarmory/armory-boot v0.0.0-20230922092524-e66d926bc36c/go.mod h1:20DIzHJntbLDOptGT7TOm8DkT5mL2jRyzPzVXAYVHJ8= +github.com/usbarmory/armory-boot v0.0.0-20240924115649-09d0327c3c99 h1:gDYQA/MDwqfTW5kRIqMcZ/rLlMwSyHJ9fIoWDIBCTLw= +github.com/usbarmory/armory-boot v0.0.0-20240924115649-09d0327c3c99/go.mod h1:rhSWQ269NlXN2Nn3qZawWjqXBgbxtnx118RbJ2H6IlQ= github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655 h1:n3JkWqsxKsbX2SKy+ac3v2rgEmTWfA/s0SC5kHlJGBY= github.com/usbarmory/crucible v0.0.0-20240221192724-1595f2219655/go.mod h1:xEDojciFHw8iteMACinYDeHDn07V9MiS0KO0uCLRRnk= github.com/usbarmory/imx-usbnet v0.0.0-20240304152630-ca189bf3b3c1 h1:Ba8KE+wt6bvbAqnN0lKjRwtdX6ud8J7Z2X2Ds+crEJQ= @@ -68,6 +70,8 @@ github.com/usbarmory/tamago v0.0.0-20240924114619-273d67cd811d h1:rPQ3OVO/SRWviA github.com/usbarmory/tamago v0.0.0-20240924114619-273d67cd811d/go.mod h1:NL88q9ZsIPYFzXaosAeKgu1Kr5i1k4Rau3wnbNBL5bY= golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= +golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ= +golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=