-
Notifications
You must be signed in to change notification settings - Fork 1
/
make-vulnerable.patch
143 lines (139 loc) · 5.98 KB
/
make-vulnerable.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
diff --git a/core/bench/verilog/sancus-def.v b/core/bench/verilog/sancus-def.v
index 1f7b7cb..a04504c 100644
--- a/core/bench/verilog/sancus-def.v
+++ b/core/bench/verilog/sancus-def.v
@@ -2,7 +2,7 @@
wire exec_done = dut.frontend_0.exec_done;
wire [15:0] pc_nxt = dut.frontend_0.pc_nxt;
-wire [15:0] current_inst_pc = dut.frontend_0.current_inst_pc;
+// wire [15:0] current_inst_pc = dut.frontend_0.current_inst_pc;
wire gie = dut.frontend_0.gie;
wire [8:0] inst_so = dut.frontend_0.inst_so;
wire inst_branch = dut.frontend_0.inst_branch;
@@ -32,4 +32,3 @@ wire [15:0] sm_2_id = dut.execution_unit_0.spm_control_0.omsp_spms[2
wire sm_0_executing = dut.execution_unit_0.spm_control_0.omsp_spms[0].executing;
wire sm_1_executing = dut.execution_unit_0.spm_control_0.omsp_spms[1].executing;
wire sm_2_executing = dut.execution_unit_0.spm_control_0.omsp_spms[2].executing;
-
diff --git a/core/rtl/verilog/omsp_execution_unit.v b/core/rtl/verilog/omsp_execution_unit.v
index 289625b..aef4fcb 100644
--- a/core/rtl/verilog/omsp_execution_unit.v
+++ b/core/rtl/verilog/omsp_execution_unit.v
@@ -91,7 +91,7 @@ module omsp_execution_unit (
puc_rst, // Main system reset
scan_enable, // Scan enable (active during scan shifting)
sm_command,
- current_inst_pc,
+ // current_inst_pc,
prev_inst_pc,
irq_num,
irq_detect,
@@ -145,7 +145,7 @@ input [15:0] pc_nxt; // Next PC value (for CALL & IRQ)
input puc_rst; // Main system reset
input scan_enable; // Scan enable (active during scan shifting)
input [9:0] sm_command;
-input [15:0] current_inst_pc;
+// input [15:0] current_inst_pc;
input [15:0] prev_inst_pc;
input [3:0] irq_num;
input irq_detect;
@@ -606,7 +606,7 @@ omsp_spm_control #(
) spm_control_0(
.mclk (mclk),
.puc_rst (puc_rst),
- .pc (current_inst_pc),
+ .pc (pc),
.prev_pc (prev_inst_pc),
.handling_irq (handling_irq),
.irq_num (irq_num),
@@ -673,7 +673,7 @@ wire irq_secret_end_select = (e_state==`E_IRQ_EXT_0) | (e_state==`E_IRQ
wire irq_reti_addr_select = (e_state==`E_IRQ_4) | irq_exec;
assign sm_request = irq_secret_end_select ? `SM_REQ_SECEND :
irq_reti_addr_select ? `SM_REQ_PUBSTART : crypto_sm_request;
-assign sm_data_select = irq_secret_end_select ? current_inst_pc :
+assign sm_data_select = irq_secret_end_select ? pc :
irq_reti_addr_select ? sm_reti_id : crypto_sm_data_select;
assign sm_data_select_type = irq_secret_end_select ? `SM_SELECT_BY_ADDR :
irq_reti_addr_select ? `SM_SELECT_BY_ID : crypto_sm_data_select_type;
@@ -695,7 +695,7 @@ crypto_control #(
.cmd_id (sm_id),
.cmd_id_prev (sm_id_prev),
.mem_in (mdb_in),
- .pc (current_inst_pc),
+ .pc (pc),
.r9 (r9),
.r10 (r10),
.r11 (r11),
diff --git a/core/rtl/verilog/omsp_frontend.v b/core/rtl/verilog/omsp_frontend.v
index 9b0f0d2..23c3a0e 100644
--- a/core/rtl/verilog/omsp_frontend.v
+++ b/core/rtl/verilog/omsp_frontend.v
@@ -77,7 +77,7 @@ module omsp_frontend (
pc_nxt, // Next PC value (for CALL & IRQ)
sm_irq,
spm_command,
- current_inst_pc,
+ // current_inst_pc,
prev_inst_pc,
irq_num,
irq_detect,
@@ -141,7 +141,7 @@ output [15:0] pc; // Program counter
output [15:0] pc_nxt; // Next PC value (for CALL & IRQ)
output sm_irq;
output [9:0] spm_command;
-output [15:0] current_inst_pc;
+// output [15:0] current_inst_pc;
output [15:0] prev_inst_pc;
output [3:0] irq_num;
output irq_detect;
@@ -302,18 +302,18 @@ always @(posedge mclk or posedge puc_rst)
// logic; do not update the current_inst_pc when handling an interrupt to
// ensure the IRQ logic executes with the memory access rights of the
// interrupted instruction
-reg [15:0] current_inst_pc;
+// reg [15:0] current_inst_pc;
reg [15:0] prev_inst_pc;
always @(posedge mclk or posedge puc_rst)
if (puc_rst)
begin
- current_inst_pc <= 0;
+ // current_inst_pc <= 0;
prev_inst_pc <= 0;
end
else if (decode & ~irq_detect)
begin
- current_inst_pc <= pc;
- prev_inst_pc <= current_inst_pc;
+ // current_inst_pc <= pc;
+ prev_inst_pc <= pc;
end
diff --git a/core/rtl/verilog/openMSP430.v b/core/rtl/verilog/openMSP430.v
index d6ea55a..f246522 100644
--- a/core/rtl/verilog/openMSP430.v
+++ b/core/rtl/verilog/openMSP430.v
@@ -249,7 +249,7 @@ wire [15:0] per_dout_mpy;
wire [15:0] per_dout_clk;
wire [9:0] spm_command;
-wire [15:0] current_inst_pc;
+// wire [15:0] current_inst_pc;
wire [15:0] prev_inst_pc;
wire [3:0] irq_num;
wire irq_detect;
@@ -364,7 +364,7 @@ omsp_frontend frontend_0 (
.pc_nxt (pc_nxt), // Next PC value (for CALL & IRQ)
.sm_irq (sm_irq),
.spm_command (spm_command),
- .current_inst_pc (current_inst_pc),
+ // .current_inst_pc (current_inst_pc),
.prev_inst_pc (prev_inst_pc),
.irq_num (irq_num),
.irq_detect (irq_detect),
@@ -448,7 +448,7 @@ omsp_execution_unit execution_unit_0 (
.puc_rst (puc_rst), // Main system reset
.scan_enable (scan_enable), // Scan enable (active during scan shifting)
.sm_command (spm_command),
- .current_inst_pc (current_inst_pc),
+ // .current_inst_pc (current_inst_pc),
.prev_inst_pc (prev_inst_pc),
.irq_num (irq_num),
.irq_detect (irq_detect),