Skip to content

Latest commit

 

History

History
132 lines (91 loc) · 8.63 KB

chapter3.adoc

File metadata and controls

132 lines (91 loc) · 8.63 KB
Raw

Debug Module Security (non-ISA) Extension

This chapter defines the required security enhancements for the Debug Module. The debug operations listed below are modified by the extension.

  • Halt

  • Reset

  • Keepalive

  • Abstract commands (Access Register, Quick Access, Access Memory)

  • System bus access

If any hart in the system implements the Sdsec extension, the Debug Module must also implement the Debug Module Security Extension.

External Debug Security Extensions Discovery

The ISA and non-ISA external debug security extensions impose security constraints and introduce non-backward-compatible changes. The presence of the extensions can be determined by polling the allsecured or/and anysecured bits in dmstatus Details of newly introduced fields in dmstatus. If the field allsecured or anysecured is set to 1, it represents that all or any selected harts adopt the Sdsec extension. When any hart adopts the Sdsec extension, it indicates the Debug Module implements Debug Module Security Extension as described in this chapter.

Halt

The halt behavior for a hart is detailed in [sdsecextdbg]. According to The RISC-V Debug Specification cite:[dbgspec], a halt request must be responded within one second. However, this constraint must be removed as the request might be pending due to the situations where debugging is disallowed. In the case of halt-on-reset request, the request is only acknowledged by the hart once it has reached a privilege level in which debug is permitted.

Reset

The hartreset operation resets selected harts. When M-mode is not allowed to be debugged, the hart will raise a security fault error to the Debug Module. The debugger could monitor the error by polling allsecfault or/and anysecfault in dmstatus.

The ndmreset operation is a system-level reset not tied to hart privilege levels and reset the entire system (excluding the Debug Module). Debug Module Security Extension makes ndmreset read-only 0. The debugger can determine support for the ndmreset operation by setting the field to 1 and subsequently verifying the returned value upon reading.

Keepalive

The keepalive bit serves as an optional request for the hart to remain available for debugging. This bit only takes effect when M-mode is allowed to be debugged; otherwise, the hart behaves as if the bit is not set.

Abstract Commands

The hart’s response to abstract commands is detailed in [sdsecextdbg]. The following subsection delineates the constraints when the Debug Module issues an abstract command.

Relaxed Permission Check relaxedpriv

The relaxedpriv field is hardwired to 0.

Address Translation aamvirtual

The field aamvirtual in the command (at 0x17 in the Debug Module) determines whether the Access Memory command uses a physical or virtual address. When an Access Memory command is issued with aamvirtual=0, the hart must check whether the physical access is allowed to access memory. The hart responds with an exception to the Debug Module when M-mode is not permitted to debug, tvm (in mstatus) is set to 1, and mode (in satp) enables any kind of virtual translation. In the event of an exception, the Debug Module set cmderr of abstractcs (at 0x16 in Debug Module) to 3 and clear the data registers to 0.

Quick Access

When M-mode debugging is not allowed (mdbgen=0) for a hart, any Quick Access operation will be discarded, causing abstractcs.cmderr to set to 6.

Note
 Quick Access abstract commands effect a halt, execution of Program Buffer, and resume of the selected hart. However, it is undesirable for these Quick Access halts to remain pending until debug is allowed, since the debugger blocks while waiting for the Quick Access to complete. Returning an error only for Quick Access commands received when debug is not allowed would require the hart to distinguish between Quick Access halt requests and other halt requests. Because Quick Access is merely an optimized flow and not required for any usage models, it was decided to avoid burdening the hart with extra hardware. Therefore, Quick Access is forbiden when mdbgen is 0.

System Bus Access

The System Bus Access must be checked by bus initiator protection mechanisms such as IOPMP cite:[iopmp], WorldGuard cite:[worldguard]. The bus protection unit can return error to Debug Module on illegal access, in that case, Debug Module will set sberror of sbcs (at 0x38 in Debug Module) to 6 (security fault error).

Note
 Trusted entities like RoT should configure IOPMP or equivalent protection before granting debug access to M-mode. Similarly, M-mode should apply the protection before enabling supervisor domain debug.

Security Fault Error Reporting

A dedicated error code, security fault error (cmderr 6), is included in cmderr of abstractcs. Issuance of abstract commands under disallowed circumstance sets cmderr to 6. Additionally, the bus security fault error (sberror 6) is introduced in sberror of sbcs to denote errors related to system bus access.

The error raised by resethaltreq, reset can be identified through the fields allsecfault and anysecfault in dmstatus. Error status bits are internally maintained for each hart, with the allsecfault and anysecfault fields indicating the error status of the currently selected harts. These error statuses are sticky and can only be cleared by writing 1 to acksecfault in dmcs2.

Non-secure Debug

The state element nsecdbg is introduced to retain full debugging capabilities, as if the extensions in this specification were not implemented. When nsecdbg is set to 1:

  • All debug operations are executed with M-mode privilege (equivalent to having mdbgen set to 1) for all harts in the system.

  • The ndmreset operation is allowed.

  • The relaxedpriv field may be configurable.

  • System Bus Access may bypass the bus initiator protections.

  • Trace output is enabled in all privilege modes.

[NOTE] During the early stages of a chip’s lifecycle, such as when developing the boot process, it is desirable to debug from the initial system state. The nsecdbg should only be set to 1 when the entire system is authorized for unrestricted debugging and tracing.

Update of Debug Module Registers

Newly introduced fields in dmstatus
{reg: [
  {bits:   20, name: 'defined in Debug Module'},
  {bits:   1, name: 'anysecured'},
  {bits:   1, name: 'allsecured'},
  {bits:   3, name: 'defined in Debug Module'},
  {bits:   1, name: 'anysecfault'},
  {bits:   1, name: 'allsecfault'},
  {bits:   5, name: '0'},
], config:{lanes: 3, hspace:1024}}
Table 1. Details of newly introduced fields in dmstatus
Field Description Access Reset

allsecured

The field is 1 when all currently selected harts implement Sdsec extension

R

-

anysecured

The field is 1 when any currently selected hart implements Sdsec extension

R

-

allsecfault

The field is 1 when all currently selected harts have raised security fault due to reset or keepalive operation.

R

-

anysecfault

The field is 1 when any currently selected hart has raised security fault due to reset or keepalive operation.

R

-
Newly introduced acksecfault in dmcs2
{reg: [
  {bits:   12, name: 'defined in Debug Module'},
  {bits:   1, name: 'acksecfault'},
  {bits:   19, name: '0'},
], config:{lanes: 2, hspace:1024}}
Table 2. Detail of acksecfault in dmcs2
Field Description Access Reset

acksecfault

0 (nop): No effect.

1 (ack): Clears error status bits for any selected harts.

W1

-