1 /*
2 * Copyright (c) 2020 Nordic Semiconductor ASA. All rights reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #ifndef __SPU_H__
18 #define __SPU_H__
19
20 #include <stddef.h>
21 #include <stdint.h>
22 #include <stdbool.h>
23
24 #include <hal/nrf_spu.h>
25
26 #define SPU_LOCK_CONF_LOCKED true
27 #define SPU_LOCK_CONF_UNLOCKED false
28 #define SPU_SECURE_ATTR_SECURE true
29 #define SPU_SECURE_ATTR_NONSECURE false
30
31 /**
32 * \brief SPU interrupt enabling
33 *
34 * Enable security violations outside the Cortex-M33
35 * to trigger SPU interrupts.
36 */
37 void spu_enable_interrupts(void);
38
39 enum spu_events {
40 SPU_EVENT_RAMACCERR = 1 << 0,
41 SPU_EVENT_FLASHACCERR = 1 << 1,
42 SPU_EVENT_PERIPHACCERR= 1 << 2,
43 };
44
45 /**
46 * \brief Retrieve bitmask of SPU events.
47 */
48 uint32_t spu_events_get(void);
49
50 /**
51 * \brief SPU event clearing
52 *
53 * Clear SPU event registers
54 */
55 void spu_clear_events(void);
56
57 /**
58 * \brief Reset TF-M memory regions to being Secure.
59 *
60 * Reset all (Flash or SRAM, but excluding the regions owned by the
61 * bootloader(s)) memory region permissions to be Secure and have the
62 * default (Read-Write-Execute allow) access policy.
63 *
64 * \note region lock is not applied to allow modifying the configuration.
65 */
66 void spu_regions_reset_unlocked_secure(void);
67
68 /**
69 * \brief Configure the SPU Flash memory region
70 */
71 void spu_regions_flash_config(uint32_t start_addr, uint32_t limit_addr, bool secure_attr,
72 uint32_t permissions, bool lock_conf);
73
74 /**
75 * \brief Configure SPU SRAM memory regions
76 */
77 void spu_regions_sram_config(uint32_t start_addr, uint32_t limit_addr, bool secure_attr,
78 uint32_t permissions, bool lock_conf);
79
80 /**
81 * \brief Configure Non-Secure Callable area
82 *
83 * Configure a single region in Secure Flash as Non-Secure Callable
84 * (NSC) area.
85 *
86 * \note Any Secure Entry functions, exposing secure services to the
87 * Non-Secure firmware, shall be located inside this NSC area.
88 *
89 * If the start address of the NSC area is hard-coded, it must follow
90 * the HW restrictions: The size must be a power of 2 between 32 and
91 * 4096, and the end address must fall on a SPU region boundary.
92 *
93 * \note region lock is applied to prevent further modification during
94 * the current reset cycle.
95 */
96 void spu_regions_flash_config_non_secure_callable(uint32_t start_addr, uint32_t limit_addr);
97
98 /**
99 * \brief Restrict access to peripheral to secure
100 *
101 * Configure a device peripheral to be accessible from Secure domain only.
102 *
103 * \param periph_id ID number of a particular peripheral.
104 * \param periph_lock Variable indicating whether to lock peripheral security
105 *
106 * \note
107 * - peripheral shall not be a Non-Secure only peripheral
108 * - DMA transactions are configured as Secure
109 */
110 void spu_peripheral_config_secure(const uint8_t periph_id, bool periph_lock);
111
112 /**
113 * Configure a device peripheral to be accessible from Non-Secure domain.
114 *
115 * \param periph_id ID number of a particular peripheral.
116 * \param periph_lock Variable indicating whether to lock peripheral security
117 *
118 * \note
119 * - peripheral shall not be a Secure-only peripheral
120 * - DMA transactions are configured as Non-Secure
121 */
122 void spu_peripheral_config_non_secure(const uint8_t periph_id, bool periph_lock);
123
124 /**
125 * Configure DPPI channels to be accessible from Non-Secure domain.
126 *
127 * \param channels_mask Bitmask with channels configuration.
128 * \param lock_conf Variable indicating whether to lock DPPI channel security
129 *
130 * \note all channels are configured as Non-Secure
131 */
spu_dppi_config_non_secure(uint32_t channels_mask,bool lock_conf)132 static inline void spu_dppi_config_non_secure(uint32_t channels_mask, bool lock_conf)
133 {
134 nrf_spu_dppi_config_set(NRF_SPU, 0, channels_mask, lock_conf);
135 }
136
137 /**
138 * Configure GPIO pins to be accessible from Non-Secure domain.
139 *
140 * \param port_number GPIO Port number
141 * \param gpio_mask Bitmask with gpio configuration.
142 * \param lock_conf Variable indicating whether to lock GPIO port security
143 *
144 * \note all pins are configured as Non-Secure
145 */
spu_gpio_config_non_secure(uint8_t port_number,uint32_t gpio_mask,bool lock_conf)146 static inline void spu_gpio_config_non_secure(uint8_t port_number, uint32_t gpio_mask,
147 bool lock_conf)
148 {
149 nrf_spu_gpio_config_set(NRF_SPU, port_number, gpio_mask, lock_conf);
150 }
151
152 /**
153 * \brief Return base address of a Flash SPU regions
154 *
155 * Get the base (lowest) address of a particular Flash SPU region
156 *
157 * \param region_id Valid flash SPU region ID
158 *
159 * \return the base address of the given flash SPU region
160 */
161 uint32_t spu_regions_flash_get_base_address_in_region(uint32_t region_id);
162
163 /**
164 * \brief Return last address of a Flash SPU regions
165 *
166 * Get the last (highest) address of a particular Flash SPU region
167 *
168 * \param region_id Valid flash SPU region ID
169 *
170 * \return the last address of the given flash SPU region
171 */
172 uint32_t spu_regions_flash_get_last_address_in_region(uint32_t region_id);
173
174 /**
175 * \brief Return the ID of the first Flash SPU region
176 *
177 * \return the first Flash region ID
178 */
179 uint32_t spu_regions_flash_get_start_id(void);
180
181 /**
182 * \brief Return the ID of the last Flash SPU region
183 *
184 * \return the last Flash region ID
185 */
186 uint32_t spu_regions_flash_get_last_id(void);
187
188 /**
189 * \brief Return the size of Flash SPU regions
190 *
191 * \return the size of Flash SPU regions
192 */
193 uint32_t spu_regions_flash_get_region_size(void);
194
195 /**
196 * \brief Return base address of a SRAM SPU regions
197 *
198 * Get the base (lowest) address of a particular SRAM SPU region
199 *
200 * \param region_id Valid SRAM SPU region ID
201 *
202 * \return the base address of the given SRAM SPU region
203 */
204 uint32_t spu_regions_sram_get_base_address_in_region(uint32_t region_id);
205
206 /**
207 * \brief Return last address of a SRAM SPU regions
208 *
209 * Get the last (highest) address of a particular SRAM SPU region
210 *
211 * \param region_id Valid SRAM SPU region ID
212 *
213 * \return the last address of the given SRAM SPU region
214 */
215 uint32_t spu_regions_sram_get_last_address_in_region(uint32_t region_id);
216
217 /**
218 * \brief Return the ID of the first SRAM SPU region
219 *
220 * \return the first SRAM region ID
221 */
222 uint32_t spu_regions_sram_get_start_id(void);
223
224 /**
225 * \brief Return the ID of the last SRAM SPU region
226 *
227 * \return the last SRAM region ID
228 */
229 uint32_t spu_regions_sram_get_last_id(void);
230
231 /**
232 * \brief Return the size of SRAM SPU regions
233 *
234 * \return the size of SRAM SPU regions
235 */
236 uint32_t spu_regions_sram_get_region_size(void);
237
238 #endif
239
