mbed official
mbed library sources. Supersedes mbed-src.
Dependents: Nucleo_Hello_Encoder BLE_iBeaconScan AM1805_DEMO DISCO-F429ZI_ExportTemplate1 ... more
cmsis/TARGET_CORTEX_M/mbed_tz_context.c@186:707f6e361f3e, 2018-06-22 (annotated)
- Committer:
- Anna Bridge
- Date:
- Fri Jun 22 16:45:37 2018 +0100
- Revision:
- 186:707f6e361f3e
- Child:
- 188:bcfe06ba3d64
mbed-dev library. Release version 162
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Anna Bridge |
186:707f6e361f3e | 1 | /****************************************************************************** |
| Anna Bridge |
186:707f6e361f3e | 2 | * @file tz_context.c |
| Anna Bridge |
186:707f6e361f3e | 3 | * @brief Context Management for Armv8-M TrustZone - Sample implementation |
| Anna Bridge |
186:707f6e361f3e | 4 | * @version V1.1.1 |
| Anna Bridge |
186:707f6e361f3e | 5 | * @date 10. January 2018 |
| Anna Bridge |
186:707f6e361f3e | 6 | ******************************************************************************/ |
| Anna Bridge |
186:707f6e361f3e | 7 | /* |
| Anna Bridge |
186:707f6e361f3e | 8 | * Copyright (c) 2016-2018 Arm Limited. All rights reserved. |
| Anna Bridge |
186:707f6e361f3e | 9 | * |
| Anna Bridge |
186:707f6e361f3e | 10 | * SPDX-License-Identifier: Apache-2.0 |
| Anna Bridge |
186:707f6e361f3e | 11 | * |
| Anna Bridge |
186:707f6e361f3e | 12 | * Licensed under the Apache License, Version 2.0 (the License); you may |
| Anna Bridge |
186:707f6e361f3e | 13 | * not use this file except in compliance with the License. |
| Anna Bridge |
186:707f6e361f3e | 14 | * You may obtain a copy of the License at |
| Anna Bridge |
186:707f6e361f3e | 15 | * |
| Anna Bridge |
186:707f6e361f3e | 16 | * www.apache.org/licenses/LICENSE-2.0 |
| Anna Bridge |
186:707f6e361f3e | 17 | * |
| Anna Bridge |
186:707f6e361f3e | 18 | * Unless required by applicable law or agreed to in writing, software |
| Anna Bridge |
186:707f6e361f3e | 19 | * distributed under the License is distributed on an AS IS BASIS, WITHOUT |
| Anna Bridge |
186:707f6e361f3e | 20 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| Anna Bridge |
186:707f6e361f3e | 21 | * See the License for the specific language governing permissions and |
| Anna Bridge |
186:707f6e361f3e | 22 | * limitations under the License. |
| Anna Bridge |
186:707f6e361f3e | 23 | * |
| Anna Bridge |
186:707f6e361f3e | 24 | * ---------------------------------------------------------------------------- |
| Anna Bridge |
186:707f6e361f3e | 25 | * |
| Anna Bridge |
186:707f6e361f3e | 26 | * $Date: 15. October 2016 |
| Anna Bridge |
186:707f6e361f3e | 27 | * $Revision: 1.1.0 |
| Anna Bridge |
186:707f6e361f3e | 28 | * |
| Anna Bridge |
186:707f6e361f3e | 29 | * Project: TrustZone for ARMv8-M |
| Anna Bridge |
186:707f6e361f3e | 30 | * Title: Context Management for ARMv8-M TrustZone - Sample implementation |
| Anna Bridge |
186:707f6e361f3e | 31 | * |
| Anna Bridge |
186:707f6e361f3e | 32 | *---------------------------------------------------------------------------*/ |
| Anna Bridge |
186:707f6e361f3e | 33 | |
| Anna Bridge |
186:707f6e361f3e | 34 | #if defined (__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U) |
| Anna Bridge |
186:707f6e361f3e | 35 | |
| Anna Bridge |
186:707f6e361f3e | 36 | #include "RTE_Components.h" |
| Anna Bridge |
186:707f6e361f3e | 37 | #include CMSIS_device_header |
| Anna Bridge |
186:707f6e361f3e | 38 | #include "tz_context.h" |
| Anna Bridge |
186:707f6e361f3e | 39 | |
| Anna Bridge |
186:707f6e361f3e | 40 | /// Number of process slots (threads may call secure library code) |
| Anna Bridge |
186:707f6e361f3e | 41 | #ifndef TZ_PROCESS_STACK_SLOTS |
| Anna Bridge |
186:707f6e361f3e | 42 | #define TZ_PROCESS_STACK_SLOTS 8U |
| Anna Bridge |
186:707f6e361f3e | 43 | #endif |
| Anna Bridge |
186:707f6e361f3e | 44 | |
| Anna Bridge |
186:707f6e361f3e | 45 | /// Stack size of the secure library code |
| Anna Bridge |
186:707f6e361f3e | 46 | #ifndef TZ_PROCESS_STACK_SIZE |
| Anna Bridge |
186:707f6e361f3e | 47 | #define TZ_PROCESS_STACK_SIZE 256U |
| Anna Bridge |
186:707f6e361f3e | 48 | #endif |
| Anna Bridge |
186:707f6e361f3e | 49 | |
| Anna Bridge |
186:707f6e361f3e | 50 | typedef struct { |
| Anna Bridge |
186:707f6e361f3e | 51 | uint32_t sp_top; // stack space top |
| Anna Bridge |
186:707f6e361f3e | 52 | uint32_t sp_limit; // stack space limit |
| Anna Bridge |
186:707f6e361f3e | 53 | uint32_t sp; // current stack pointer |
| Anna Bridge |
186:707f6e361f3e | 54 | } stack_info_t; |
| Anna Bridge |
186:707f6e361f3e | 55 | |
| Anna Bridge |
186:707f6e361f3e | 56 | static stack_info_t ProcessStackInfo [TZ_PROCESS_STACK_SLOTS]; |
| Anna Bridge |
186:707f6e361f3e | 57 | static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][TZ_PROCESS_STACK_SIZE/8U]; |
| Anna Bridge |
186:707f6e361f3e | 58 | static uint32_t ProcessStackFreeSlot = 0xFFFFFFFFU; |
| Anna Bridge |
186:707f6e361f3e | 59 | |
| Anna Bridge |
186:707f6e361f3e | 60 | |
| Anna Bridge |
186:707f6e361f3e | 61 | /// Initialize secure context memory system |
| Anna Bridge |
186:707f6e361f3e | 62 | /// \return execution status (1: success, 0: error) |
| Anna Bridge |
186:707f6e361f3e | 63 | __attribute__((cmse_nonsecure_entry)) |
| Anna Bridge |
186:707f6e361f3e | 64 | uint32_t TZ_InitContextSystem_S (void) { |
| Anna Bridge |
186:707f6e361f3e | 65 | uint32_t n; |
| Anna Bridge |
186:707f6e361f3e | 66 | |
| Anna Bridge |
186:707f6e361f3e | 67 | if (__get_IPSR() == 0U) { |
| Anna Bridge |
186:707f6e361f3e | 68 | return 0U; // Thread Mode |
| Anna Bridge |
186:707f6e361f3e | 69 | } |
| Anna Bridge |
186:707f6e361f3e | 70 | |
| Anna Bridge |
186:707f6e361f3e | 71 | for (n = 0U; n < TZ_PROCESS_STACK_SLOTS; n++) { |
| Anna Bridge |
186:707f6e361f3e | 72 | ProcessStackInfo[n].sp = 0U; |
| Anna Bridge |
186:707f6e361f3e | 73 | ProcessStackInfo[n].sp_limit = (uint32_t)&ProcessStackMemory[n]; |
| Anna Bridge |
186:707f6e361f3e | 74 | ProcessStackInfo[n].sp_top = (uint32_t)&ProcessStackMemory[n] + TZ_PROCESS_STACK_SIZE; |
| Anna Bridge |
186:707f6e361f3e | 75 | *((uint32_t *)ProcessStackMemory[n]) = n + 1U; |
| Anna Bridge |
186:707f6e361f3e | 76 | } |
| Anna Bridge |
186:707f6e361f3e | 77 | *((uint32_t *)ProcessStackMemory[--n]) = 0xFFFFFFFFU; |
| Anna Bridge |
186:707f6e361f3e | 78 | |
| Anna Bridge |
186:707f6e361f3e | 79 | ProcessStackFreeSlot = 0U; |
| Anna Bridge |
186:707f6e361f3e | 80 | |
| Anna Bridge |
186:707f6e361f3e | 81 | // Default process stack pointer and stack limit |
| Anna Bridge |
186:707f6e361f3e | 82 | __set_PSPLIM((uint32_t)ProcessStackMemory); |
| Anna Bridge |
186:707f6e361f3e | 83 | __set_PSP ((uint32_t)ProcessStackMemory); |
| Anna Bridge |
186:707f6e361f3e | 84 | |
| Anna Bridge |
186:707f6e361f3e | 85 | // Privileged Thread Mode using PSP |
| Anna Bridge |
186:707f6e361f3e | 86 | __set_CONTROL(0x02U); |
| Anna Bridge |
186:707f6e361f3e | 87 | |
| Anna Bridge |
186:707f6e361f3e | 88 | return 1U; // Success |
| Anna Bridge |
186:707f6e361f3e | 89 | } |
| Anna Bridge |
186:707f6e361f3e | 90 | |
| Anna Bridge |
186:707f6e361f3e | 91 | |
| Anna Bridge |
186:707f6e361f3e | 92 | /// Allocate context memory for calling secure software modules in TrustZone |
| Anna Bridge |
186:707f6e361f3e | 93 | /// \param[in] module identifies software modules called from non-secure mode |
| Anna Bridge |
186:707f6e361f3e | 94 | /// \return value != 0 id TrustZone memory slot identifier |
| Anna Bridge |
186:707f6e361f3e | 95 | /// \return value 0 no memory available or internal error |
| Anna Bridge |
186:707f6e361f3e | 96 | __attribute__((cmse_nonsecure_entry)) |
| Anna Bridge |
186:707f6e361f3e | 97 | TZ_MemoryId_t TZ_AllocModuleContext_S (TZ_ModuleId_t module) { |
| Anna Bridge |
186:707f6e361f3e | 98 | uint32_t slot; |
| Anna Bridge |
186:707f6e361f3e | 99 | |
| Anna Bridge |
186:707f6e361f3e | 100 | (void)module; // Ignore (fixed Stack size) |
| Anna Bridge |
186:707f6e361f3e | 101 | |
| Anna Bridge |
186:707f6e361f3e | 102 | if (__get_IPSR() == 0U) { |
| Anna Bridge |
186:707f6e361f3e | 103 | return 0U; // Thread Mode |
| Anna Bridge |
186:707f6e361f3e | 104 | } |
| Anna Bridge |
186:707f6e361f3e | 105 | |
| Anna Bridge |
186:707f6e361f3e | 106 | if (ProcessStackFreeSlot == 0xFFFFFFFFU) { |
| Anna Bridge |
186:707f6e361f3e | 107 | return 0U; // No slot available |
| Anna Bridge |
186:707f6e361f3e | 108 | } |
| Anna Bridge |
186:707f6e361f3e | 109 | |
| Anna Bridge |
186:707f6e361f3e | 110 | slot = ProcessStackFreeSlot; |
| Anna Bridge |
186:707f6e361f3e | 111 | ProcessStackFreeSlot = *((uint32_t *)ProcessStackMemory[slot]); |
| Anna Bridge |
186:707f6e361f3e | 112 | |
| Anna Bridge |
186:707f6e361f3e | 113 | ProcessStackInfo[slot].sp = ProcessStackInfo[slot].sp_top; |
| Anna Bridge |
186:707f6e361f3e | 114 | |
| Anna Bridge |
186:707f6e361f3e | 115 | return (slot + 1U); |
| Anna Bridge |
186:707f6e361f3e | 116 | } |
| Anna Bridge |
186:707f6e361f3e | 117 | |
| Anna Bridge |
186:707f6e361f3e | 118 | |
| Anna Bridge |
186:707f6e361f3e | 119 | /// Free context memory that was previously allocated with \ref TZ_AllocModuleContext_S |
| Anna Bridge |
186:707f6e361f3e | 120 | /// \param[in] id TrustZone memory slot identifier |
| Anna Bridge |
186:707f6e361f3e | 121 | /// \return execution status (1: success, 0: error) |
| Anna Bridge |
186:707f6e361f3e | 122 | __attribute__((cmse_nonsecure_entry)) |
| Anna Bridge |
186:707f6e361f3e | 123 | uint32_t TZ_FreeModuleContext_S (TZ_MemoryId_t id) { |
| Anna Bridge |
186:707f6e361f3e | 124 | uint32_t slot; |
| Anna Bridge |
186:707f6e361f3e | 125 | |
| Anna Bridge |
186:707f6e361f3e | 126 | if (__get_IPSR() == 0U) { |
| Anna Bridge |
186:707f6e361f3e | 127 | return 0U; // Thread Mode |
| Anna Bridge |
186:707f6e361f3e | 128 | } |
| Anna Bridge |
186:707f6e361f3e | 129 | |
| Anna Bridge |
186:707f6e361f3e | 130 | if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) { |
| Anna Bridge |
186:707f6e361f3e | 131 | return 0U; // Invalid ID |
| Anna Bridge |
186:707f6e361f3e | 132 | } |
| Anna Bridge |
186:707f6e361f3e | 133 | |
| Anna Bridge |
186:707f6e361f3e | 134 | slot = id - 1U; |
| Anna Bridge |
186:707f6e361f3e | 135 | |
| Anna Bridge |
186:707f6e361f3e | 136 | if (ProcessStackInfo[slot].sp == 0U) { |
| Anna Bridge |
186:707f6e361f3e | 137 | return 0U; // Inactive slot |
| Anna Bridge |
186:707f6e361f3e | 138 | } |
| Anna Bridge |
186:707f6e361f3e | 139 | ProcessStackInfo[slot].sp = 0U; |
| Anna Bridge |
186:707f6e361f3e | 140 | |
| Anna Bridge |
186:707f6e361f3e | 141 | *((uint32_t *)ProcessStackMemory[slot]) = ProcessStackFreeSlot; |
| Anna Bridge |
186:707f6e361f3e | 142 | ProcessStackFreeSlot = slot; |
| Anna Bridge |
186:707f6e361f3e | 143 | |
| Anna Bridge |
186:707f6e361f3e | 144 | return 1U; // Success |
| Anna Bridge |
186:707f6e361f3e | 145 | } |
| Anna Bridge |
186:707f6e361f3e | 146 | |
| Anna Bridge |
186:707f6e361f3e | 147 | |
| Anna Bridge |
186:707f6e361f3e | 148 | /// Load secure context (called on RTOS thread context switch) |
| Anna Bridge |
186:707f6e361f3e | 149 | /// \param[in] id TrustZone memory slot identifier |
| Anna Bridge |
186:707f6e361f3e | 150 | /// \return execution status (1: success, 0: error) |
| Anna Bridge |
186:707f6e361f3e | 151 | __attribute__((cmse_nonsecure_entry)) |
| Anna Bridge |
186:707f6e361f3e | 152 | uint32_t TZ_LoadContext_S (TZ_MemoryId_t id) { |
| Anna Bridge |
186:707f6e361f3e | 153 | uint32_t slot; |
| Anna Bridge |
186:707f6e361f3e | 154 | |
| Anna Bridge |
186:707f6e361f3e | 155 | if ((__get_IPSR() == 0U) || ((__get_CONTROL() & 2U) == 0U)) { |
| Anna Bridge |
186:707f6e361f3e | 156 | return 0U; // Thread Mode or using Main Stack for threads |
| Anna Bridge |
186:707f6e361f3e | 157 | } |
| Anna Bridge |
186:707f6e361f3e | 158 | |
| Anna Bridge |
186:707f6e361f3e | 159 | if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) { |
| Anna Bridge |
186:707f6e361f3e | 160 | return 0U; // Invalid ID |
| Anna Bridge |
186:707f6e361f3e | 161 | } |
| Anna Bridge |
186:707f6e361f3e | 162 | |
| Anna Bridge |
186:707f6e361f3e | 163 | slot = id - 1U; |
| Anna Bridge |
186:707f6e361f3e | 164 | |
| Anna Bridge |
186:707f6e361f3e | 165 | if (ProcessStackInfo[slot].sp == 0U) { |
| Anna Bridge |
186:707f6e361f3e | 166 | return 0U; // Inactive slot |
| Anna Bridge |
186:707f6e361f3e | 167 | } |
| Anna Bridge |
186:707f6e361f3e | 168 | |
| Anna Bridge |
186:707f6e361f3e | 169 | // Setup process stack pointer and stack limit |
| Anna Bridge |
186:707f6e361f3e | 170 | __set_PSPLIM(ProcessStackInfo[slot].sp_limit); |
| Anna Bridge |
186:707f6e361f3e | 171 | __set_PSP (ProcessStackInfo[slot].sp); |
| Anna Bridge |
186:707f6e361f3e | 172 | |
| Anna Bridge |
186:707f6e361f3e | 173 | return 1U; // Success |
| Anna Bridge |
186:707f6e361f3e | 174 | } |
| Anna Bridge |
186:707f6e361f3e | 175 | |
| Anna Bridge |
186:707f6e361f3e | 176 | |
| Anna Bridge |
186:707f6e361f3e | 177 | /// Store secure context (called on RTOS thread context switch) |
| Anna Bridge |
186:707f6e361f3e | 178 | /// \param[in] id TrustZone memory slot identifier |
| Anna Bridge |
186:707f6e361f3e | 179 | /// \return execution status (1: success, 0: error) |
| Anna Bridge |
186:707f6e361f3e | 180 | __attribute__((cmse_nonsecure_entry)) |
| Anna Bridge |
186:707f6e361f3e | 181 | uint32_t TZ_StoreContext_S (TZ_MemoryId_t id) { |
| Anna Bridge |
186:707f6e361f3e | 182 | uint32_t slot; |
| Anna Bridge |
186:707f6e361f3e | 183 | uint32_t sp; |
| Anna Bridge |
186:707f6e361f3e | 184 | |
| Anna Bridge |
186:707f6e361f3e | 185 | if ((__get_IPSR() == 0U) || ((__get_CONTROL() & 2U) == 0U)) { |
| Anna Bridge |
186:707f6e361f3e | 186 | return 0U; // Thread Mode or using Main Stack for threads |
| Anna Bridge |
186:707f6e361f3e | 187 | } |
| Anna Bridge |
186:707f6e361f3e | 188 | |
| Anna Bridge |
186:707f6e361f3e | 189 | if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) { |
| Anna Bridge |
186:707f6e361f3e | 190 | return 0U; // Invalid ID |
| Anna Bridge |
186:707f6e361f3e | 191 | } |
| Anna Bridge |
186:707f6e361f3e | 192 | |
| Anna Bridge |
186:707f6e361f3e | 193 | slot = id - 1U; |
| Anna Bridge |
186:707f6e361f3e | 194 | |
| Anna Bridge |
186:707f6e361f3e | 195 | if (ProcessStackInfo[slot].sp == 0U) { |
| Anna Bridge |
186:707f6e361f3e | 196 | return 0U; // Inactive slot |
| Anna Bridge |
186:707f6e361f3e | 197 | } |
| Anna Bridge |
186:707f6e361f3e | 198 | |
| Anna Bridge |
186:707f6e361f3e | 199 | sp = __get_PSP(); |
| Anna Bridge |
186:707f6e361f3e | 200 | if ((sp < ProcessStackInfo[slot].sp_limit) || |
| Anna Bridge |
186:707f6e361f3e | 201 | (sp > ProcessStackInfo[slot].sp_top)) { |
| Anna Bridge |
186:707f6e361f3e | 202 | return 0U; // SP out of range |
| Anna Bridge |
186:707f6e361f3e | 203 | } |
| Anna Bridge |
186:707f6e361f3e | 204 | ProcessStackInfo[slot].sp = sp; |
| Anna Bridge |
186:707f6e361f3e | 205 | |
| Anna Bridge |
186:707f6e361f3e | 206 | // Default process stack pointer and stack limit |
| Anna Bridge |
186:707f6e361f3e | 207 | __set_PSPLIM((uint32_t)ProcessStackMemory); |
| Anna Bridge |
186:707f6e361f3e | 208 | __set_PSP ((uint32_t)ProcessStackMemory); |
| Anna Bridge |
186:707f6e361f3e | 209 | |
| Anna Bridge |
186:707f6e361f3e | 210 | return 1U; // Success |
| Anna Bridge |
186:707f6e361f3e | 211 | } |
| Anna Bridge |
186:707f6e361f3e | 212 | #endif |
