You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by je...@apache.org on 2021/10/26 17:04:20 UTC
[mynewt-core] 09/10: mcu/nrf5340: Add system start for non-secure
application
This is an automated email from the ASF dual-hosted git repository.
jerzy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
commit a8cd86b2fd5960a6a63ff4fd275cab4d45b2f816
Author: Jerzy Kasenberg <je...@codecoup.pl>
AuthorDate: Wed Oct 20 16:38:40 2021 +0200
mcu/nrf5340: Add system start for non-secure application
This modifies hal_system_start() to execute non-secure code.
Bootloader that runs secure code changes peripheral/memory permissions
to non-secure before jumping to application code.
Interrupts are also marked as unsecure.
---
hw/mcu/nordic/nrf5340/pkg.yml | 2 +
hw/mcu/nordic/nrf5340/src/hal_system_start.c | 91 ++++++++++++++++++++++++++++
2 files changed, 93 insertions(+)
diff --git a/hw/mcu/nordic/nrf5340/pkg.yml b/hw/mcu/nordic/nrf5340/pkg.yml
index 4ffbaec..b1dd4c9 100644
--- a/hw/mcu/nordic/nrf5340/pkg.yml
+++ b/hw/mcu/nordic/nrf5340/pkg.yml
@@ -40,6 +40,8 @@ pkg.cflags.NFC_PINS_AS_GPIO:
pkg.cflags.GPIO_AS_PIN_RESET:
- '-DCONFIG_GPIO_AS_PINRESET=1'
+pkg.cflags:
+ - -mcmse
pkg.deps.UART_0:
- "@apache-mynewt-core/hw/drivers/uart/uart_hal"
diff --git a/hw/mcu/nordic/nrf5340/src/hal_system_start.c b/hw/mcu/nordic/nrf5340/src/hal_system_start.c
index 3a2066b..fca96a4 100644
--- a/hw/mcu/nordic/nrf5340/src/hal_system_start.c
+++ b/hw/mcu/nordic/nrf5340/src/hal_system_start.c
@@ -22,6 +22,95 @@
#include <mcu/cortex_m33.h>
#include <mcu/nrf5340_hal.h>
+#if MCUBOOT_MYNEWT
+#include <bootutil/bootutil.h>
+#endif
+#include <os/util.h>
+
+#if MYNEWT_VAL(BOOT_LOADER) && !MYNEWT_VAL(MCU_APP_SECURE)
+
+struct periph_id_range {
+ uint8_t first;
+ uint8_t last;
+};
+
+/* Array of peripheral ID ranges that will be set as unsecure before bootloader jumps to application code */
+static const struct periph_id_range ns_peripheral_ids[] = {
+ { 0, 0 },
+ { 4, 6 },
+ { 8, 12 },
+ { 14, 17 },
+ { 20, 21 },
+ { 23, 36 },
+ { 38, 38 },
+ { 40, 40 },
+ { 42, 43 },
+ { 45, 45 },
+ { 48, 48 },
+ { 51, 52 },
+ { 54, 55 },
+ { 57, 57 },
+ { 66, 66 },
+ { 128, 129 },
+};
+
+void
+hal_system_start(void *img_start)
+{
+ int i;
+ int j;
+ int range_count;
+ struct flash_sector_range sr;
+ uintptr_t *img_data;
+ /* Number of 16kB flash regions used by bootloader */
+ int bootloader_flash_regions;
+ __attribute__((cmse_nonsecure_call, noreturn)) void (* app_reset)(void);
+
+ /* Mark selected peripherals as unsecure */
+ for (i = 0; i < ARRAY_SIZE(ns_peripheral_ids); ++i) {
+ for (j = ns_peripheral_ids[i].first; j <= ns_peripheral_ids[i].last; ++j) {
+ if (((NRF_SPU->PERIPHID[j].PERM & SPU_PERIPHID_PERM_PRESENT_Msk) == 0) ||
+ ((NRF_SPU->PERIPHID[j].PERM & SPU_PERIPHID_PERM_SECUREMAPPING_Msk) < SPU_PERIPHID_PERM_SECUREMAPPING_UserSelectable)) {
+ continue;
+ }
+ NRF_SPU->PERIPHID[j].PERM &= ~SPU_PERIPHID_PERM_SECATTR_Msk;
+ }
+ }
+
+ /* Route exceptions to non-secure, allow software reset from non-secure */
+ SCB->AIRCR = 0x05FA0000 | (SCB->AIRCR & (~SCB_AIRCR_VECTKEY_Msk | SCB_AIRCR_SYSRESETREQS_Msk)) | SCB_AIRCR_BFHFNMINS_Msk;
+ for (i = 0; i < ARRAY_SIZE(NVIC->ITNS); ++i) {
+ NVIC->ITNS[i] = 0xFFFFFFFF;
+ }
+
+ /* Mark non-bootloader flash regions as non-secure */
+ flash_area_to_sector_ranges(FLASH_AREA_BOOTLOADER, &range_count, &sr);
+ bootloader_flash_regions = (sr.fsr_sector_count * sr.fsr_sector_size) / 0x4000;
+
+ for (i = bootloader_flash_regions; i < 64; ++i) {
+ NRF_SPU->FLASHREGION[i].PERM &= ~SPU_FLASHREGION_PERM_SECATTR_Msk;
+ }
+
+ /* Mark RAM as non-secure */
+ for (i = 0; i < 64; ++i) {
+ NRF_SPU->RAMREGION[i].PERM &= ~SPU_FLASHREGION_PERM_SECATTR_Msk;
+ }
+
+ /* Move DPPI to non-secure area */
+ NRF_SPU->DPPI->PERM = 0;
+
+ /* Move GPIO to non-secure area */
+ NRF_SPU->GPIOPORT[0].PERM = 0;
+ NRF_SPU->GPIOPORT[1].PERM = 0;
+
+ img_data = img_start;
+ app_reset = (void *)(img_data[1]);
+ __TZ_set_MSP_NS(img_data[0]);
+ app_reset();
+}
+
+#else
+
/**
* Boots the image described by the supplied image header.
*
@@ -41,6 +130,8 @@ hal_system_start(void *img_start)
: "r" (img_data[0]), "r" (img_data[1]));
}
+#endif
+
/**
* Boots the image described by the supplied image header.
* This routine is used in split-app scenario when loader decides