-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Light Secure Mode and Heavy Secure Mode emulation #12
Draft
vbe0201
wants to merge
41
commits into
main
Choose a base branch
from
crypto
base: main
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As per title, this PR is a WIP effort to add support for the different Falcon security modes.
Synopsis
Starting from the Maxwell generation of NVIDIA GPUs, the Falcons supports three different execution modes at runtime which orchestrate the amount of privileges the Falcon has in accessing registers and memory. These modes namely are:
Non-secure mode (NS): The only possible mode that can be used without code that is cryptographically signed by NVIDIA. Functionality is similar to pre-Maxwell Falcons, except that they can be further restricted in their capability to access certain registers and/or do DMA.
Light Secure mode (LS): Can be explicitly enabled from Heavy Secure mode context. This mode grants more privileges than NS but fewer than HS and is mostly used for debugging purposes rather than in production code.
Heavy Secure mode (HS): Granted by hardware after a successful MAC comparison upon jumping to a code block tagged as secure. In this mode, the Falcon acts similar to a black box, as NVIDIA likes to say. Most of the internal state is inaccessible from external sources (such as the host system) while the Falcon operates on the highest amount of privileges possible.
Falcon ROM mode: During certain cryptographic operations, the Falcon jumps into the Falcon bootrom located in an internal ROM segment that is hidden away from running code. Due to debugging functionality not working on it, it effectively is a shittier-HS-mode-but-you-can-execute-csigauth (cc SciresM)
faucon-emu
will want to support these modes of execution along with the ability to provide custom keys and the corresponding functionality to disassemble crypto commands infaucon-asm
.More Technical Synopsis
Falcons that support cryptographic operations are referred to as secretful units and come with a Security Co-Processor (SCP) which processes incoming crypto commands from the main circuity. The SCP is subdivided into different hardware blocks, each of them taking care of a different task to keep the cryptosystem as a whole intact:
CMD
: The hardware block that receives Falcon crypto commands and decodes them into SCP instructionsLOAD
: A block that handles DMA load operations between the Falcon and the internal SCP state (registers and crypto stream)STORE
: A block that handles DMA store operations between the Falcon and the internal SCP state (registers and crypto stream)SEQ
: A block that records, stores, and carries out sequences of Falcon crypto commands as macrosCTL
: A block that oversees and controls certain state and features of the SCPRND
: A block that is responsible for hardware-accelerated random number generationRNG
: A block that controls and wraps the functionality of theRND
blockAES
: Hardware-accelerated 128-bit AES implementation in ECB modefaucon-emu
introduces a structureScp
that is owned byCpu
and emulates the functionality of the above blocks. The focus is not accurate LLE but to have abstract representations of all the features which interact nicely with the core logic by emulating the relevant Falcon concepts. Extending theMemory
structure by a ROM section (plus adding the relevant flag bit for locking it down) along with some poor Falcon assembly stubs reimplementing the desired portions of it for accurately maintaining state modifications on the crypto registers.Steps
Document and add support for parsing the SCP-related configuration entries
Extend
faucon-asm-derive
andfaucon-asm
to support crypto instruction disassemblingsize
:0x3
,a
:0x3
,b
:0x5
,subopcode
:0x3C
forCCMD
u16
crypto pair:insn[3] << 8 | insn[2]
crypto_pair >> 0xA & 0x1F
crypto_pair >> 4 & 0x3F
crypto_pair & 0xF
and/orcrypto_pair >> 0x4 & 0xF
Add support for crypto instruction emulation in
faucon-emu
usingScp
(this will cover up most of the important Falcon SCP concepts, such as crypto registers, ACL, crypto streams, SEQ macroing)Add DMA support for Falcon <-> SCP
Implement ROM mode with bootrom code stubs (?)
Implement HS authentication including secure code pages in
Memory
Implement SCP MMIO registers
Add LS functionality
Add useful
faucon
CLI commands, such as auth signature generation/validation and code encryption