Add firmware protection to the environment

src/env/mod.rs

@@ -1,3 +1,4 @@
+use crate::api::firmware_protection::FirmwareProtection;
 use crate::api::upgrade_storage::UpgradeStorage;
 use crate::ctap::hid::ChannelID;
 use crate::ctap::status_code::Ctap2StatusCode;
@@ -21,6 +22,7 @@ pub trait Env {
     type UserPresence: UserPresence;
     type Storage: Storage;
     type UpgradeStorage: UpgradeStorage;
+    type FirmwareProtection: FirmwareProtection;
 
     fn rng(&mut self) -> &mut Self::Rng;
     fn user_presence(&mut self) -> &mut Self::UserPresence;
@@ -34,4 +36,6 @@ pub trait Env {
     ///
     /// This function is called at most once. Implementation may panic if called more than once.
     fn upgrade_storage(&mut self) -> StorageResult<Self::UpgradeStorage>;
+
+    fn firmware_protection(&mut self) -> &mut Self::FirmwareProtection;
 }

src/env/test/mod.rs

@@ -1,4 +1,5 @@
 use self::upgrade_storage::BufferUpgradeStorage;
+use crate::api::firmware_protection::FirmwareProtection;
 use crate::ctap::hid::ChannelID;
 use crate::ctap::status_code::Ctap2StatusCode;
 use crate::env::{Env, UserPresence};
@@ -38,11 +39,18 @@ impl UserPresence for TestUserPresence {
     }
 }
 
+impl FirmwareProtection for TestEnv {
+    fn lock(&mut self) -> bool {
+        true
+    }
+}
+
 impl Env for TestEnv {
     type Rng = ThreadRng256;
     type UserPresence = TestUserPresence;
     type Storage = BufferStorage;
     type UpgradeStorage = BufferUpgradeStorage;
+    type FirmwareProtection = Self;
 
     fn rng(&mut self) -> &mut Self::Rng {
         &mut self.rng
@@ -70,4 +78,8 @@ impl Env for TestEnv {
     fn upgrade_storage(&mut self) -> StorageResult<Self::UpgradeStorage> {
         BufferUpgradeStorage::new()
     }
+
+    fn firmware_protection(&mut self) -> &mut Self::FirmwareProtection {
+        self
+    }
 }

src/env/tock/mod.rs

@@ -1,4 +1,5 @@
 use self::storage::{SyscallStorage, SyscallUpgradeStorage};
+use crate::api::firmware_protection::FirmwareProtection;
 use crate::ctap::hid::{ChannelID, CtapHid, KeepaliveStatus, ProcessedPacket};
 use crate::ctap::status_code::Ctap2StatusCode;
 use crate::env::{Env, UserPresence};
@@ -13,7 +14,7 @@ use libtock_drivers::buttons::{self, ButtonState};
 use libtock_drivers::console::Console;
 use libtock_drivers::result::{FlexUnwrap, TockError};
 use libtock_drivers::timer::Duration;
-use libtock_drivers::{led, timer, usb_ctap_hid};
+use libtock_drivers::{crp, led, timer, usb_ctap_hid};
 use persistent_store::StorageResult;
 
 mod storage;
@@ -62,11 +63,18 @@ impl UserPresence for TockEnv {
     }
 }
 
+impl FirmwareProtection for TockEnv {
+    fn lock(&mut self) -> bool {
+        crp::set_protection(crp::ProtectionLevel::FullyLocked).is_ok()
+    }
+}
+
 impl Env for TockEnv {
     type Rng = TockRng256;
     type UserPresence = Self;
     type Storage = SyscallStorage;
     type UpgradeStorage = SyscallUpgradeStorage;
+    type FirmwareProtection = Self;
 
     fn rng(&mut self) -> &mut Self::Rng {
         &mut self.rng
@@ -85,6 +93,10 @@ impl Env for TockEnv {
         assert_once(&mut self.upgrade_storage);
         SyscallUpgradeStorage::new()
     }
+
+    fn firmware_protection(&mut self) -> &mut Self::FirmwareProtection {
+        self
+    }
 }
 
 /// Asserts a boolean is false and sets it to true.