From 86608c6770cf08c138a2bdab5855072f64be09ef Mon Sep 17 00:00:00 2001 From: joshua Date: Sat, 30 Dec 2023 23:54:31 -0500 Subject: initial commit --- Drivers/CMSIS/Core/Template/ARMv8-M/main_s.c | 58 +++++++ Drivers/CMSIS/Core/Template/ARMv8-M/tz_context.c | 200 +++++++++++++++++++++++ 2 files changed, 258 insertions(+) create mode 100644 Drivers/CMSIS/Core/Template/ARMv8-M/main_s.c create mode 100644 Drivers/CMSIS/Core/Template/ARMv8-M/tz_context.c (limited to 'Drivers/CMSIS/Core/Template/ARMv8-M') diff --git a/Drivers/CMSIS/Core/Template/ARMv8-M/main_s.c b/Drivers/CMSIS/Core/Template/ARMv8-M/main_s.c new file mode 100644 index 0000000..cde9ff0 --- /dev/null +++ b/Drivers/CMSIS/Core/Template/ARMv8-M/main_s.c @@ -0,0 +1,58 @@ +/****************************************************************************** + * @file main_s.c + * @brief Code template for secure main function + * @version V1.1.1 + * @date 10. January 2018 + ******************************************************************************/ +/* + * Copyright (c) 2013-2018 Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* Use CMSE intrinsics */ +#include + +#include "RTE_Components.h" +#include CMSIS_device_header + +/* TZ_START_NS: Start address of non-secure application */ +#ifndef TZ_START_NS +#define TZ_START_NS (0x200000U) +#endif + +/* typedef for non-secure callback functions */ +typedef void (*funcptr_void) (void) __attribute__((cmse_nonsecure_call)); + +/* Secure main() */ +int main(void) { + funcptr_void NonSecure_ResetHandler; + + /* Add user setup code for secure part here*/ + + /* Set non-secure main stack (MSP_NS) */ + __TZ_set_MSP_NS(*((uint32_t *)(TZ_START_NS))); + + /* Get non-secure reset handler */ + NonSecure_ResetHandler = (funcptr_void)(*((uint32_t *)((TZ_START_NS) + 4U))); + + /* Start non-secure state software application */ + NonSecure_ResetHandler(); + + /* Non-secure software does not return, this code is not executed */ + while (1) { + __NOP(); + } +} diff --git a/Drivers/CMSIS/Core/Template/ARMv8-M/tz_context.c b/Drivers/CMSIS/Core/Template/ARMv8-M/tz_context.c new file mode 100644 index 0000000..298bbf7 --- /dev/null +++ b/Drivers/CMSIS/Core/Template/ARMv8-M/tz_context.c @@ -0,0 +1,200 @@ +/****************************************************************************** + * @file tz_context.c + * @brief Context Management for Armv8-M TrustZone - Sample implementation + * @version V1.1.1 + * @date 10. January 2018 + ******************************************************************************/ +/* + * Copyright (c) 2016-2018 Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "RTE_Components.h" +#include CMSIS_device_header +#include "tz_context.h" + +/// Number of process slots (threads may call secure library code) +#ifndef TZ_PROCESS_STACK_SLOTS +#define TZ_PROCESS_STACK_SLOTS 8U +#endif + +/// Stack size of the secure library code +#ifndef TZ_PROCESS_STACK_SIZE +#define TZ_PROCESS_STACK_SIZE 256U +#endif + +typedef struct { + uint32_t sp_top; // stack space top + uint32_t sp_limit; // stack space limit + uint32_t sp; // current stack pointer +} stack_info_t; + +static stack_info_t ProcessStackInfo [TZ_PROCESS_STACK_SLOTS]; +static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][TZ_PROCESS_STACK_SIZE/8U]; +static uint32_t ProcessStackFreeSlot = 0xFFFFFFFFU; + + +/// Initialize secure context memory system +/// \return execution status (1: success, 0: error) +__attribute__((cmse_nonsecure_entry)) +uint32_t TZ_InitContextSystem_S (void) { + uint32_t n; + + if (__get_IPSR() == 0U) { + return 0U; // Thread Mode + } + + for (n = 0U; n < TZ_PROCESS_STACK_SLOTS; n++) { + ProcessStackInfo[n].sp = 0U; + ProcessStackInfo[n].sp_limit = (uint32_t)&ProcessStackMemory[n]; + ProcessStackInfo[n].sp_top = (uint32_t)&ProcessStackMemory[n] + TZ_PROCESS_STACK_SIZE; + *((uint32_t *)ProcessStackMemory[n]) = n + 1U; + } + *((uint32_t *)ProcessStackMemory[--n]) = 0xFFFFFFFFU; + + ProcessStackFreeSlot = 0U; + + // Default process stack pointer and stack limit + __set_PSPLIM((uint32_t)ProcessStackMemory); + __set_PSP ((uint32_t)ProcessStackMemory); + + // Privileged Thread Mode using PSP + __set_CONTROL(0x02U); + + return 1U; // Success +} + + +/// Allocate context memory for calling secure software modules in TrustZone +/// \param[in] module identifies software modules called from non-secure mode +/// \return value != 0 id TrustZone memory slot identifier +/// \return value 0 no memory available or internal error +__attribute__((cmse_nonsecure_entry)) +TZ_MemoryId_t TZ_AllocModuleContext_S (TZ_ModuleId_t module) { + uint32_t slot; + + (void)module; // Ignore (fixed Stack size) + + if (__get_IPSR() == 0U) { + return 0U; // Thread Mode + } + + if (ProcessStackFreeSlot == 0xFFFFFFFFU) { + return 0U; // No slot available + } + + slot = ProcessStackFreeSlot; + ProcessStackFreeSlot = *((uint32_t *)ProcessStackMemory[slot]); + + ProcessStackInfo[slot].sp = ProcessStackInfo[slot].sp_top; + + return (slot + 1U); +} + + +/// Free context memory that was previously allocated with \ref TZ_AllocModuleContext_S +/// \param[in] id TrustZone memory slot identifier +/// \return execution status (1: success, 0: error) +__attribute__((cmse_nonsecure_entry)) +uint32_t TZ_FreeModuleContext_S (TZ_MemoryId_t id) { + uint32_t slot; + + if (__get_IPSR() == 0U) { + return 0U; // Thread Mode + } + + if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) { + return 0U; // Invalid ID + } + + slot = id - 1U; + + if (ProcessStackInfo[slot].sp == 0U) { + return 0U; // Inactive slot + } + ProcessStackInfo[slot].sp = 0U; + + *((uint32_t *)ProcessStackMemory[slot]) = ProcessStackFreeSlot; + ProcessStackFreeSlot = slot; + + return 1U; // Success +} + + +/// Load secure context (called on RTOS thread context switch) +/// \param[in] id TrustZone memory slot identifier +/// \return execution status (1: success, 0: error) +__attribute__((cmse_nonsecure_entry)) +uint32_t TZ_LoadContext_S (TZ_MemoryId_t id) { + uint32_t slot; + + if ((__get_IPSR() == 0U) || ((__get_CONTROL() & 2U) == 0U)) { + return 0U; // Thread Mode or using Main Stack for threads + } + + if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) { + return 0U; // Invalid ID + } + + slot = id - 1U; + + if (ProcessStackInfo[slot].sp == 0U) { + return 0U; // Inactive slot + } + + // Setup process stack pointer and stack limit + __set_PSPLIM(ProcessStackInfo[slot].sp_limit); + __set_PSP (ProcessStackInfo[slot].sp); + + return 1U; // Success +} + + +/// Store secure context (called on RTOS thread context switch) +/// \param[in] id TrustZone memory slot identifier +/// \return execution status (1: success, 0: error) +__attribute__((cmse_nonsecure_entry)) +uint32_t TZ_StoreContext_S (TZ_MemoryId_t id) { + uint32_t slot; + uint32_t sp; + + if ((__get_IPSR() == 0U) || ((__get_CONTROL() & 2U) == 0U)) { + return 0U; // Thread Mode or using Main Stack for threads + } + + if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) { + return 0U; // Invalid ID + } + + slot = id - 1U; + + if (ProcessStackInfo[slot].sp == 0U) { + return 0U; // Inactive slot + } + + sp = __get_PSP(); + if ((sp < ProcessStackInfo[slot].sp_limit) || + (sp > ProcessStackInfo[slot].sp_top)) { + return 0U; // SP out of range + } + ProcessStackInfo[slot].sp = sp; + + // Default process stack pointer and stack limit + __set_PSPLIM((uint32_t)ProcessStackMemory); + __set_PSP ((uint32_t)ProcessStackMemory); + + return 1U; // Success +} -- cgit v1.2.3