grg/checkm8_tool
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Project restructuring

Browse Source
This commit is contained in:
Gregor Haas
2019-12-31 00:30:21 -05:00
parent a215788cbc
commit de3be2df4b
65 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
c8_payloads/CMakeLists.txt Normal file
View File

@@ -0,0 +1,29 @@
project(checkm8_payloads ASM)
include_directories(include)
set(CMAKE_SYSTEM_PROCESSOR arm)
if(${CMAKE_HOST_SYSTEM_PROCESSOR} STREQUAL "x86_64")
set(CMAKE_C_COMPILER /usr/bin/aarch64-linux-gnu-gcc)
set(CMAKE_ASM_COMPILER /usr/bin/aarch64-linux-gnu-as)
set(CMAKE_OBJCOPY /usr/bin/aarch64-linux-gnu-objcopy)
endif()
set(CMAKE_C_FLAGS "-nostdlib -O")
set(PAYLOADS payload_sync payload_aes payload_sysreg)
add_executable(payload_sync src/sync.c)
add_executable(payload_aes src/aes.c)
add_executable(payload_sysreg src/sysreg.c)
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/bin/)
set_directory_properties(PROPERTY ADDITIONAL_CLEAN_FILES "${CMAKE_CURRENT_SOURCE_DIR}/bin/")
foreach(BINARY ${PAYLOADS})
add_custom_command(TARGET ${BINARY} POST_BUILD
BYPRODUCTS ${CMAKE_CURRENT_SOURCE_DIR}/bin/${BINARY}.bin
COMMAND ${CMAKE_OBJCOPY}
ARGS -O binary -j .text -j .payload_text
${CMAKE_CURRENT_BINARY_DIR}/${BINARY}
${CMAKE_CURRENT_SOURCE_DIR}/bin/${BINARY}.bin)
endforeach(BINARY)

BIN
c8_payloads/bin/payload_aes.bin Normal file
View File

Binary file not shown.

1
c8_payloads/bin/payload_sync.bin Normal file
View File

@@ -0,0 +1 @@
<EFBFBD>?<03>u՟?<03><>?<03><>_<>

18
c8_payloads/include/brfunc_aes.h Normal file
View File

@@ -0,0 +1,18 @@
#ifndef CHECKM8_TOOL_BRFUNC_AES_H
#define CHECKM8_TOOL_BRFUNC_AES_H
#include "brfunc_common.h"
#define AES_HW_CRYPTO_CMD ((BOOTROM_FUNC) ADDR_AES_HW_CRYPTO_CMD)
#define CREATE_KEY_COMMAND ((BOOTROM_FUNC) ADDR_CREATE_KEY_COMMAND)
#define PUSH_COMMAND_KEY ((BOOTROM_FUNC) ADDR_PUSH_COMMAND_KEY)
#define PUSH_COMMAND_IV ((BOOTROM_FUNC) ADDR_PUSH_COMMAND_IV)
#define PUSH_COMMAND_DATA ((BOOTROM_FUNC) ADDR_PUSH_COMMAND_DATA)
#define PUSH_COMMAND_FLAG ((BOOTROM_FUNC) ADDR_PUSH_COMMAND_FLAG)
#define WAIT_FOR_COMMAND_FLAG ((BOOTROM_FUNC) ADDR_WAIT_FOR_COMMAND)
#define rAES_INT_STATUS (long *) ADDR_AES_CONTROL
#define rAES_CONTROL (long *) ADDR_AES_STATUS
#endif //CHECKM8_TOOL_BRFUNC_AES_H

35
c8_payloads/include/brfunc_common.h Normal file
View File

@@ -0,0 +1,35 @@
#ifndef CHECKM8_TOOL_BRFUNC_COMMON_H
#define CHECKM8_TOOL_BRFUNC_COMMON_H
#include "checkm8_config.h"
typedef int (*BOOTROM_FUNC)();
#if CHECKM8_PLATFORM == 8010
/* AES */
#define ADDR_AES_HW_CRYPTO_CMD 0x100000f0c
#define ADDR_CREATE_KEY_COMMAND 0x100000e90
#define ADDR_PUSH_COMMAND_KEY 0x100000c64
#define ADDR_PUSH_COMMAND_IV 0x100000d18
#define ADDR_PUSH_COMMAND_DATA 0x100000d98
#define ADDR_PUSH_COMMAND_FLAG 0x100000e20
#define ADDR_WAIT_FOR_COMMAND 0x100000ec4
#define ADDR_AES_CONTROL 0x20A108008
#define ADDR_AES_STATUS 0x20A108018
/* SEP */
#define ADDR_DPA_SEEDED 0x100001140
#define ADDR_SEND_DPA_MESSAGE 0x100002338
/* Timing */
#define ADDR_CLOCK_GATE 0x100009d4c
#define ADDR_SYSTEM_TIME 0x10000B0E0
#define ADDR_TIME_HAS_ELAPSED 0x10000B04F
#else
#error "Unsupported checkm8 platform"
#endif
#endif //CHECKM8_TOOL_BRFUNC_COMMON_H

9
c8_payloads/include/brfunc_sep.h Normal file
View File

@@ -0,0 +1,9 @@
#ifndef CHECKM8_TOOL_BRFUNC_SEP_H
#define CHECKM8_TOOL_BRFUNC_SEP_H
#include "brfunc_common.h"
#define DPA_SEEDED ((BOOTROM_FUNC) ADDR_DPA_SEEDED)
#define SEP_CREATE_SEND_DPA_MESSAGE ((BOOTROM_FUNC) ADDR_SEND_DPA_MESSAGE)
#endif //CHECKM8_TOOL_BRFUNC_SEP_H

10
c8_payloads/include/brfunc_timing.h Normal file
View File

@@ -0,0 +1,10 @@
#ifndef CHECKM8_TOOL_BRFUNC_TIMING_H
#define CHECKM8_TOOL_BRFUNC_TIMING_H
#include "brfunc_common.h"
#define CLOCK_GATE ((BOOTROM_FUNC) ADDR_CLOCK_GATE)
#define SYSTEM_TIME ((BOOTROM_FUNC) ADDR_SYSTEM_TIME)
#define TIME_HAS_ELAPSED ((BOOTROM_FUNC) ADDR_TIME_HAS_ELAPSED)
#endif //CHECKM8_TOOL_BRFUNC_TIMING_H

7
c8_payloads/include/util.h Normal file
View File

@@ -0,0 +1,7 @@
#ifndef CHECKM8_TOOL_UTIL_H
#define CHECKM8_TOOL_UTIL_H
#define PAYLOAD_SECTION __attribute__ ((section (".payload_text")))
#define TEXT_SECTION __attribute__((section (".text")))
#endif //CHECKM8_TOOL_UTIL_H

59
c8_payloads/src/aes.c Normal file
View File

@@ -0,0 +1,59 @@
#include "brfunc_aes.h"
#include "brfunc_timing.h"
#include "brfunc_sep.h"
#include "util.h"
PAYLOAD_SECTION
int aes_hw_crypto_command(unsigned int cmd,
void *src,
void *dst,
int len,
unsigned int opts,
void *key,
void *iv)
{
int seeded;
long cgvar;
long start = 0, timeout = 0;
__asm__("orr %0, xzr, #0x3c" : "=r" (cgvar));
CLOCK_GATE(cgvar, 1);
// seeded = DPA_SEEDED();
// if(!(seeded & 1))
// {
// SEP_CREATE_SEND_DPA_MESSAGE();
// start = SYSTEM_TIME();
//
// while(!(seeded & 1) && !(timeout & 1))
// {
// seeded = DPA_SEEDED();
// timeout = TIME_HAS_ELAPSED(start, 1000);
// }
// }
//
// if(timeout) return -1;
unsigned int key_command = CREATE_KEY_COMMAND(0, 0, 0, 0, 1, 0, 0, 0);
*rAES_INT_STATUS = 0x20;
*rAES_CONTROL = 1;
PUSH_COMMAND_KEY(key_command, key);
PUSH_COMMAND_IV(0, 0, 0, iv);
PUSH_COMMAND_DATA(0, 0, src, dst, len);
PUSH_COMMAND_FLAG(0, 1, 1);
WAIT_FOR_COMMAND_FLAG();
*rAES_CONTROL = 2;
CLOCK_GATE(cgvar, 0);
return 0;
}
TEXT_SECTION
int _start(void *src,
void *dst,
void *key)
{
return aes_hw_crypto_command(0, src, dst, 128, 0, key, 0);
}

10
c8_payloads/src/sync.c Normal file
View File

@@ -0,0 +1,10 @@
#include "util.h"
TEXT_SECTION
void _start()
{
__asm__("dmb sy");
__asm__("ic iallu");
__asm__("dsb sy");
__asm__("isb");
}

17
c8_payloads/src/sysreg.c Normal file
View File

@@ -0,0 +1,17 @@
#include "util.h"
struct sysregs
{
long pt_base;
long evt_base;
};
TEXT_SECTION
long long _start()
{
struct sysregs res;
__asm__("mrs %0, ttbr0_el1" : "=r" (res.pt_base));
__asm__("mrs %0, vbar_el1" : "=r" (res.evt_base));
return res.evt_base;
}