[fix] Additional CFI checks

This fix addresses issue# #920 and #921

cfi/lib/src/cfi.rs

@@ -148,7 +148,7 @@ macro_rules! cfi_assert_macro {
         ///
         /// `a` - Left hand side
         /// `b` - Right hand side
-        #[inline(never)]
+        #[inline(always)]
         #[allow(unused)]
         pub fn $name<T>(lhs: T, rhs: T)
         where
@@ -159,6 +159,13 @@ macro_rules! cfi_assert_macro {
                 if !(lhs $op rhs) {
                     cfi_panic(CfiPanicInfo::$panic_info);
                 }
+
+                // Second check for glitch protection
+                CfiCounter::delay();
+                if !(cfi_launder(lhs) $op cfi_launder(rhs)) {
+                    cfi_panic(CfiPanicInfo::$panic_info);
+                }
+
             } else {
                 lhs $op rhs;
             }

cfi/lib/src/cfi_counter.rs

@@ -82,7 +82,7 @@ pub enum CfiCounter {}
 
 impl CfiCounter {
     /// Reset counter
-    #[inline(never)]
+    #[inline(always)]
     pub fn reset(trng: &mut caliptra_drivers::Trng) {
         prng().seed_from_trng(trng);
         Self::reset_internal();

drivers/src/soc_ifc.rs

@@ -144,6 +144,10 @@ impl SocIfc {
         ((val >> 31) & 1) != 0
     }
 
+    pub fn hw_config_internal_trng(&mut self) -> bool {
+        self.soc_ifc.regs().cptra_hw_config().read().i_trng_en()
+    }
+
     /// Enable or disable WDT1
     ///
     /// # Arguments

rom/dev/src/main.rs

@@ -16,13 +16,13 @@ Abstract:
 #![cfg_attr(feature = "fake-rom", allow(unused_imports))]
 
 use crate::{lock::lock_registers, print::HexBytes};
-use caliptra_cfi_lib::CfiCounter;
+use caliptra_cfi_lib::{cfi_assert, cfi_assert_eq, CfiCounter};
 use caliptra_registers::soc_ifc::SocIfcReg;
 use core::hint::black_box;
 
 use caliptra_drivers::{
     cprintln, report_fw_error_fatal, report_fw_error_non_fatal, CaliptraError, Ecc384, Hmac384,
-    KeyVault, Mailbox, ResetReason, Sha256, Sha384, Sha384Acc, ShaAccLockState, SocIfc,
+    KeyVault, Mailbox, ResetReason, Sha256, Sha384, Sha384Acc, ShaAccLockState, SocIfc, Trng,
 };
 use caliptra_error::CaliptraResult;
 use caliptra_image_types::RomInfo;
@@ -69,11 +69,19 @@ pub extern "C" fn rom_entry() -> ! {
 
     if !cfg!(feature = "no-cfi") {
         cprintln!("[state] CFI Enabled");
-        CfiCounter::reset(&mut env.trng);
+        for _ in 0..=2 {
+            CfiCounter::reset(&mut env.trng);
+        }
     } else {
         cprintln!("[state] CFI Disabled");
     }
 
+    // Check if TRNG is correctly sourced as per hw config.
+    match env.trng {
+        Trng::Internal(_) => cfi_assert!(env.soc_ifc.hw_config_internal_trng()),
+        Trng::External(_) => cfi_assert!(!env.soc_ifc.hw_config_internal_trng()),
+    }
+
     let _lifecyle = match env.soc_ifc.lifecycle() {
         caliptra_drivers::Lifecycle::Unprovisioned => "Unprovisioned",
         caliptra_drivers::Lifecycle::Manufacturing => "Manufacturing",