fix(core): fix tamper setting

[no changelog]

core/embed/models/T3W1/boards/trezor_t3w1_revA.h

@@ -198,4 +198,6 @@
 #define HW_REVISION_2_PORT GPIOI
 #define HW_REVISION_2_CLOCK_ENABLE() __HAL_RCC_GPIOI_CLK_ENABLE()
 
+#define TAMPER_INPUT_2 1
+
 #endif  // TREZOR_T3W1_REVA_H_

core/embed/models/T3W1/boards/trezor_t3w1_revA0.h

@@ -171,4 +171,6 @@
 #define HW_REVISION_2_PORT GPIOI
 #define HW_REVISION_2_CLOCK_ENABLE() __HAL_RCC_GPIOI_CLK_ENABLE()
 
+#define TAMPER_INPUT_2 1
+
 #endif  // TREZOR_T3W1_REVA_H_

core/embed/models/T3W1/boards/trezor_t3w1_revB.h

@@ -198,4 +198,6 @@
 #define HW_REVISION_2_PORT GPIOI
 #define HW_REVISION_2_CLOCK_ENABLE() __HAL_RCC_GPIOI_CLK_ENABLE()
 
+#define TAMPER_INPUT_2 1
+
 #endif  // TREZOR_T3W1_REVA_H_

core/embed/projects/bootloader/main.c

@@ -63,6 +63,9 @@
 #ifdef USE_HASH_PROCESSOR
 #include <sec/hash_processor.h>
 #endif
+#ifdef USE_TAMPER
+#include <sys/tamper.h>
+#endif
 
 #include <io/usb.h>
 #include "version.h"
@@ -101,18 +104,26 @@ static void drivers_init(secbool *touch_initialized) {
   display_init(DISPLAY_RESET_CONTENT);
   unit_properties_init();
 
-#ifdef USE_TOUCH
-  secbool allow_touchless_mode = secfalse;
-#if defined TREZOR_MODEL_T3T1 || defined TREZOR_MODEL_T3W1
-  // on T3T1 and T3W1, tester needs to run without touch, so making an exception
-  // until unit variant is written in OTP
+#if (defined TREZOR_MODEL_T3T1 || defined TREZOR_MODEL_T3W1)
+  // on T3T1 and T3W1, tester needs to run without touch and tamper, so making
+  // an exception until unit variant is written in OTP
   const secbool manufacturing_mode =
       unit_properties()->locked ? secfalse : sectrue;
-  allow_touchless_mode = manufacturing_mode;
+#else
+  const secbool manufacturing_mode = secfalse;
+  (void)manufacturing_mode;  // suppress unused variable warning
+#endif
 
+#ifdef USE_TAMPER
+  tamper_init();
+  if (manufacturing_mode != sectrue) {
+    tamper_external_enable();
+  }
 #endif
+
+#ifdef USE_TOUCH
   *touch_initialized = touch_init();
-  if (allow_touchless_mode != sectrue) {
+  if (manufacturing_mode != sectrue) {
     ensure(*touch_initialized, "Touch screen panel was not loaded properly.");
   }
 #endif

core/embed/projects/prodtest/main.c

@@ -90,6 +90,10 @@
 #include <util/hw_revision.h>
 #endif
 
+#ifdef USE_TAMPER
+#include <sys/tamper.h>
+#endif
+
 #ifdef TREZOR_MODEL_T2T1
 #define MODEL_IDENTIFIER "TREZOR2-"
 #else
@@ -180,6 +184,9 @@ static void drivers_init(void) {
 
   display_init(DISPLAY_RESET_CONTENT);
 
+#ifdef USE_TAMPER
+  tamper_init();
+#endif
 #ifdef USE_STORAGE_HWKEY
   secure_aes_init();
 #endif

core/embed/sys/startup/stm32u5/startup_init.c

@@ -69,6 +69,62 @@ uint32_t SystemCoreClock = DEFAULT_FREQ * 1000000U;
 #pragma GCC optimize( \
     "no-stack-protector")  // applies to all functions in this file
 
+/*
+ * This function replaces calls to universal, but flash-wasting
+ * function HAL_RCC_OscConfig.
+ *
+ * This is the configuration before the optimization:
+ *  osc_init_def.OscillatorType = RCC_OSCILLATORTYPE_LSI;
+ *  osc_init_def.LSIState = RCC_LSI_ON;
+ *  HAL_RCC_OscConfig(&osc_init_def);
+ */
+void lsi_init(void) {
+  /* Update LSI configuration in Backup Domain control register    */
+  /* Requires to enable write access to Backup Domain of necessary */
+
+  if (HAL_IS_BIT_CLR(PWR->DBPR, PWR_DBPR_DBP)) {
+    /* Enable write access to Backup domain */
+    SET_BIT(PWR->DBPR, PWR_DBPR_DBP);
+
+    /* Wait for Backup domain Write protection disable */
+    while (HAL_IS_BIT_CLR(PWR->DBPR, PWR_DBPR_DBP))
+      ;
+  }
+
+  uint32_t bdcr_temp = RCC->BDCR;
+
+  if (RCC_LSI_DIV1 != (bdcr_temp & RCC_BDCR_LSIPREDIV)) {
+    if (((bdcr_temp & RCC_BDCR_LSIRDY) == RCC_BDCR_LSIRDY) &&
+        ((bdcr_temp & RCC_BDCR_LSION) != RCC_BDCR_LSION)) {
+      /* If LSIRDY is set while LSION is not enabled, LSIPREDIV can't be updated
+       */
+      /* The LSIPREDIV cannot be changed if the LSI is used by the IWDG or by
+       * the RTC */
+
+      return;
+    }
+
+    /* Turn off LSI before changing RCC_BDCR_LSIPREDIV */
+    if ((bdcr_temp & RCC_BDCR_LSION) == RCC_BDCR_LSION) {
+      __HAL_RCC_LSI_DISABLE();
+
+      /* Wait till LSI is disabled */
+      while (READ_BIT(RCC->BDCR, RCC_BDCR_LSIRDY) != 0U)
+        ;
+    }
+
+    /* Set LSI division factor */
+    MODIFY_REG(RCC->BDCR, RCC_BDCR_LSIPREDIV, 0);
+  }
+
+  /* Enable the Internal Low Speed oscillator (LSI) */
+  __HAL_RCC_LSI_ENABLE();
+
+  /* Wait till LSI is ready */
+  while (READ_BIT(RCC->BDCR, RCC_BDCR_LSIRDY) == 0U)
+    ;
+}
+
 void SystemInit(void) {
   // set flash wait states for an increasing HCLK frequency
 
@@ -171,6 +227,12 @@ void SystemInit(void) {
   // enable power supply for GPIOG 2 to 15
   PWR->SVMCR |= PWR_SVMCR_IO2SV;
 
+#ifdef USE_LSE
+  // TODO
+#else
+  lsi_init();
+#endif
+
   __HAL_RCC_PWR_CLK_DISABLE();
 
   // this will be overriden by static initialization

core/embed/sys/tamper/inc/sys/tamper.h

@@ -17,8 +17,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#ifndef TREZOR_HAL_TAMPER_H
-#define TREZOR_HAL_TAMPER_H
+#pragma once
 
 #include <trezor_types.h>
 
@@ -30,13 +29,10 @@
 // Initializes the tamper detection
 void tamper_init(void);
 
-// Triggers one of internal tampers.
-// The function is intended for experimentation with internal tamper mechanism
-// Use TAMP_CR1_xxx constants to as a parameter
-// Only TAMP_CR1_ITAMP5E (RTC) and TAMP_CR1_ITAMP8E (monotonic counter)
-// are supported
-void tamper_test(uint32_t tamper_type);
+// Get status of external tamper inputs
+uint8_t tamper_external_read(void);
 
-#endif  // KERNEL_MODE
+// Enable external tamper inputs
+void tamper_external_enable(void);
 
-#endif  // TREZOR_HAL_TAMPER_H
+#endif  // KERNEL_MODE