feat(core): implement syscall verifiers

[no changelog]
trezor · Oct 1, 2024 · 48272d1 · 48272d1
1 parent 19c81e6
commit 48272d1
Show file tree

Hide file tree

Showing 16 changed files with 1,074 additions and 60 deletions.
diff --git a/core/embed/kernel/main.c b/core/embed/kernel/main.c
@@ -183,10 +183,21 @@ static void coreapp_init(applet_t *applet) {
  (applet_header_t *)COREAPP_CODE_ALIGN(KERNEL_START + KERNEL_SIZE);
 
  applet_layout_t coreapp_layout = {
- .data1_start = (uint32_t)&_coreapp_clear_ram_0_start,
- .data1_size = (uint32_t)&_coreapp_clear_ram_0_size,
- .data2_start = (uint32_t)&_coreapp_clear_ram_1_start,
- .data2_size = (uint32_t)&_coreapp_clear_ram_1_size,
+ .data1.start = (uint32_t)&_coreapp_clear_ram_0_start,
+ .data1.size = (uint32_t)&_coreapp_clear_ram_0_size,
+ .data2.start = (uint32_t)&_coreapp_clear_ram_1_start,
+ .data2.size = (uint32_t)&_coreapp_clear_ram_1_size,
+#ifdef FIRMWARE_P1_START
+ .code1.start = FIRMWARE_P1_START + KERNEL_SIZE,
+ .code1.size = FIRMWARE_P1_MAXSIZE - KERNEL_SIZE,
+ .code2.start = FIRMWARE_P2_START,
+ .code2.size = FIRMWARE_P2_MAXSIZE,
+#else
+ .code1.start = FIRMWARE_START + KERNEL_SIZE,
+ .code1.size = FIRMWARE_MAXSIZE - KERNEL_SIZE,
+ .code2.start = 0,
+ .code2.size = 0,
+#endif
  };
 
  applet_init(applet, coreapp_header, &coreapp_layout);

diff --git a/core/embed/trezorhal/applet.h b/core/embed/trezorhal/applet.h
@@ -30,23 +30,29 @@
 // Applet entry point
 typedef void (*applet_startup_t)(const char* args, uint32_t random);
 
+typedef struct {
+ uint32_t start;
+ uint32_t size;
+} memory_area_t;
+
 // Applet header found at the beginning of the applet binary
 typedef struct {
  // Stack area
- uint32_t stack_start;
- uint32_t stack_size;
+ memory_area_t stack;
  // Applet entry point
  applet_startup_t startup;
 } applet_header_t;
 
 // Applet memory layout
 typedef struct {
- // Data area 1
- uint32_t data1_start;
- uint32_t data1_size;
- // Data area 2
- uint32_t data2_start;
- uint32_t data2_size;
+ // Read/write data area #1
+ memory_area_t data1;
+ // Read/write data area #2
+ memory_area_t data2;
+ // Read-only code area #1
+ memory_area_t code1;
+ // Read-only code area #2
+ memory_area_t code2;
 
 } applet_layout_t;
 
@@ -76,6 +82,11 @@ void applet_init(applet_t* applet, applet_header_t* header,
 bool applet_reset(applet_t* applet, uint32_t cmd, const void* arg,
  size_t arg_size);
 
+// Returns the currently active applet.
+//
+// Returns `NULL` if no applet is currently active.
+applet_t* applet_active(void);
+
 #endif // SYSCALL_DISPATCH
 
 #endif // TREZORHAL_APPLET_H
diff --git a/core/embed/trezorhal/stm32f4/applet.c b/core/embed/trezorhal/stm32f4/applet.c
@@ -35,11 +35,11 @@ void applet_init(applet_t* applet, applet_header_t* header,
 }
 
 static void applet_clear_memory(applet_t* applet) {
- if (applet->layout.data1_size > 0) {
- memset((void*)applet->layout.data1_start, 0, applet->layout.data1_size);
+ if (applet->layout.data1.size > 0) {
+ memset((void*)applet->layout.data1.start, 0, applet->layout.data1.size);
  }
- if (applet->layout.data2_size > 0) {
- memset((void*)applet->layout.data2_start, 0, applet->layout.data2_size);
+ if (applet->layout.data2.size > 0) {
+ memset((void*)applet->layout.data2.start, 0, applet->layout.data2.size);
  }
 }
 
@@ -49,8 +49,8 @@ bool applet_reset(applet_t* applet, uint32_t cmd, const void* arg,
  applet_clear_memory(applet);
 
  // Reset the applet task (stack pointer, etc.)
- systask_init(&applet->task, applet->header->stack_start,
- applet->header->stack_size);
+ systask_init(&applet->task, applet->header->stack.start,
+ applet->header->stack.size, applet);
 
  // Copy the arguments onto the applet stack
  void* arg_copy = NULL;
@@ -70,4 +70,14 @@ bool applet_reset(applet_t* applet, uint32_t cmd, const void* arg,
  arg3);
 }
 
+applet_t* applet_active(void) {
+ systask_t* task = systask_active();
+
+ if (task == NULL) {
+ return NULL;
+ }
+
+ return (applet_t*)task->applet;
+}
+
 #endif // SYSCALL_DISPATCH