1 /**
2 ******************************************************************************
3 * @file tfm_low_level_security.c
4 * @author MCD Application Team
5 * @brief security protection implementation for for secure boot on STM32L5xx
6 *
7 ******************************************************************************
8 * @attention
9 *
10 * <h2><center>© Copyright (c) 2020 STMicroelectronics.
11 * All rights reserved.</center></h2>
12 *
13 * This software component is licensed by ST under BSD 3-Clause license,
14 * the "License"; You may not use this file except in compliance with the
15 * License. You may obtain a copy of the License at:
16 * opensource.org/licenses/BSD-3-Clause
17 *
18 ******************************************************************************
19 */
20
21 /* Includes ------------------------------------------------------------------*/
22 #include <string.h>
23 #include "boot_hal_cfg.h"
24 #include "mpu_armv8m_drv.h"
25 #include "region_defs.h"
26 #include "tfm_low_level_security.h"
27 #include "bootutil/bootutil_log.h"
28
29 /** @defgroup TFM_SECURITY_Private_Defines Private Defines
30 * @{
31 */
32 /* DUAL BANK page size */
33 #define PAGE_SIZE 0x800
34 #define PAGE_MAX_NUMBER_IN_BANK 127
35 /* SBSFU_Boot Vector Address */
36 #define SBSFU_BOOT_VTOR_ADDR ((uint32_t)(BL2_CODE_START))
37 /**
38 * @}
39 */
40 /* Private function prototypes -----------------------------------------------*/
41 /** @defgroup TFM_SECURITY_Private_Functions Private Functions
42 * @{
43 */
44 #ifdef TFM_OB_RDP_LEVEL_VALUE
45 static void rdp_level(uint32_t rdplevel);
46 #endif /* TFM_OB_RDP_LEVEL_VALUE */
47 static void gtzc_init_cfg(void);
48 static void sau_and_idau_cfg(void);
49 static void mpu_init_cfg(void);
50 static void mpu_appli_cfg(void);
51 static void lock_bl2_shared_area(void);
52 static void enable_hdp_protection(void);
53 static void apply_wrp_sram2(uint32_t offset, uint32_t len);
54 /**
55 * @}
56 */
57
58 /** @defgroup TFM_SECURITY_Exported_Functions Exported Functions
59 * @{
60 */
61
62 /**
63 * @brief Apply the runtime security protections to
64 *
65 * @param None
66 * @note By default, the best security protections are applied
67 * @retval None
68 */
TFM_LL_SECU_ApplyRunTimeProtections(void)69 void TFM_LL_SECU_ApplyRunTimeProtections(void)
70 {
71 /* Unsecure bottom of SRAM1 for error_handler */
72 gtzc_init_cfg();
73
74 /* Set MPU to forbidd execution outside of not muteable code */
75 /* Initialialize not secure MPU to forbidd execution on Flash /SRAM */
76 mpu_init_cfg();
77
78 /* Enable SAU to gain access to flash area non secure for write/read */
79 sau_and_idau_cfg();
80
81 /* Lock top of SRAM2 in secure */
82 lock_bl2_shared_area();
83
84 #ifdef TFM_FLASH_PRIVONLY_ENABLE
85 HAL_FLASHEx_ConfigPrivMode(FLASH_PRIV_DENIED);
86 #endif /* TFM_FLASH_PRIVONLY_ENABLE */
87 }
88
89 /* Place code in a specific section */
90 #if defined(__ICCARM__)
91 #pragma default_function_attributes = @ ".BL2_NoHdp_Code"
92 #elif defined(__CC_ARM)
93 #pragma arm section code = ".BL2_NoHdp_Code"
94 #else
95 __attribute__((section(".BL2_NoHdp_Code")))
96 #endif /* __ICCARM__ */
97
98 /**
99 * @brief Update the runtime security protections for application start
100 *
101 * @param None
102 * @retval None
103 */
TFM_LL_SECU_UpdateRunTimeProtections(void)104 void TFM_LL_SECU_UpdateRunTimeProtections(void)
105 {
106 /* Write Protect SRAM2 */
107 apply_wrp_sram2(BOOT_TFM_SHARED_DATA_BASE, BOOT_TFM_SHARED_DATA_SIZE);
108
109 /* Enable HDP protection to hide sensible boot material */
110 enable_hdp_protection();
111
112 /* Set MPU to enable execution of Secure and Non Secure active slots */
113 mpu_appli_cfg();
114 }
115
116 /* Stop placing data in specified section */
117 #if defined(__ICCARM__)
118 #pragma default_function_attributes =
119 #elif defined(__CC_ARM)
120 #pragma arm section code
121 #endif /* __ICCARM__ */
122
123 /**
124 * @brief Check if the Static security protections to
125 * all the Sections in Flash: WRP, SECURE FLASH, SECURE USER FLASH.
126 * those protections not impacted by a Reset. They are set using the Option Bytes
127 * When the device is locked (RDP Level2), these protections cannot be changed anymore
128 * @param None
129 * @note By default, the best security protections are applied to the different
130 * flash sections in order to maximize the security level for the specific MCU.
131 * @retval None
132 */
TFM_LL_SECU_CheckStaticProtections(void)133 void TFM_LL_SECU_CheckStaticProtections(void)
134 {
135 static FLASH_OBProgramInitTypeDef flash_option_bytes_bank1 = {0};
136 static FLASH_OBProgramInitTypeDef flash_option_bytes_bank2 = {0};
137 #ifdef TFM_NSBOOT_CHECK_ENABLE
138 static FLASH_OBProgramInitTypeDef flash_option_bytes_nsboot0 = {0};
139 static FLASH_OBProgramInitTypeDef flash_option_bytes_nsboot1 = {0};
140 #endif /* TFM_NSBOOT_CHECK_ENABLE */
141 #ifdef TFM_ENABLE_SET_OB
142 HAL_StatusTypeDef ret = HAL_ERROR;
143 #endif /* TFM_ENABLE_SET_OB */
144 uint32_t start;
145 uint32_t end;
146
147 #ifdef TFM_NSBOOT_CHECK_ENABLE
148 /* Get NSBOOTADD0 and NSBOOTADD1 value */
149 flash_option_bytes_nsboot0.BootAddrConfig = OB_BOOTADDR_NS0;
150 HAL_FLASHEx_OBGetConfig(&flash_option_bytes_nsboot0);
151 flash_option_bytes_nsboot1.BootAddrConfig = OB_BOOTADDR_NS1;
152 HAL_FLASHEx_OBGetConfig(&flash_option_bytes_nsboot1);
153 #endif /* TFM_NSBOOT_CHECK_ENABLE */
154
155 /* Get bank1 areaA OB */
156 flash_option_bytes_bank1.WRPArea = OB_WRPAREA_BANK1_AREAA;
157 flash_option_bytes_bank1.WMSecConfig = OB_WMSEC_AREA1;
158 flash_option_bytes_bank1.BootAddrConfig = OB_BOOTADDR_SEC0;
159 HAL_FLASHEx_OBGetConfig(&flash_option_bytes_bank1);
160
161 /* Get bank2 areaB OB */
162 flash_option_bytes_bank2.WRPArea = OB_WRPAREA_BANK2_AREAA;
163 flash_option_bytes_bank2.WMSecConfig = OB_WMSEC_AREA2;
164 HAL_FLASHEx_OBGetConfig(&flash_option_bytes_bank2);
165
166 #ifdef TFM_ENABLE_SET_OB
167 /* Clean the option configuration */
168 flash_option_bytes_bank1.OptionType = 0;
169 flash_option_bytes_bank2.OptionType = 0;
170 flash_option_bytes_bank2.WRPArea = 0;
171 flash_option_bytes_bank1.WRPArea = 0;
172 #endif /* TFM_ENABLE_SET_OB */
173
174 /* Check TZEN = 1 , we are in secure */
175 if ((flash_option_bytes_bank1.USERConfig & FLASH_OPTR_TZEN) != FLASH_OPTR_TZEN)
176 {
177 BOOT_LOG_ERR("Error while checking TZEN value");
178 Error_Handler();
179 }
180
181 /* Check if dual bank is set */
182 if ((flash_option_bytes_bank1.USERConfig & FLASH_OPTR_DBANK) != FLASH_OPTR_DBANK)
183 {
184 BOOT_LOG_ERR("Error while checking dual bank configuration");
185 Error_Handler();
186 }
187
188 /* Check secure boot address */
189 if (flash_option_bytes_bank1.BootAddr != SBSFU_BOOT_VTOR_ADDR)
190 {
191 BOOT_LOG_INF("BootAddr 0x%x", flash_option_bytes_bank1.BootAddr);
192 BOOT_LOG_ERR("Error while checking SEC BOOT Address");
193 Error_Handler();
194 }
195
196 #ifdef TFM_NSBOOT_CHECK_ENABLE
197 /* Check non-secure boot addresses */
198 if ((flash_option_bytes_nsboot0.BootAddr != SBSFU_BOOT_VTOR_ADDR)
199 || (flash_option_bytes_nsboot1.BootAddr != SBSFU_BOOT_VTOR_ADDR))
200 {
201 BOOT_LOG_ERR("Error while checking NS BOOT Address");
202 Error_Handler();
203 }
204 #endif /* TFM_NSBOOT_CHECK_ENABLE */
205
206 /* Check bank1 secure flash protection */
207 start = FLASH_AREA_BL2_OFFSET / PAGE_SIZE;
208 end = (FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1) / PAGE_SIZE;
209 if (end > PAGE_MAX_NUMBER_IN_BANK)
210 {
211 end = PAGE_MAX_NUMBER_IN_BANK;
212 }
213 if ((flash_option_bytes_bank1.WMSecStartPage > flash_option_bytes_bank1.WMSecEndPage)
214 || (start != flash_option_bytes_bank1.WMSecStartPage)
215 || (end != flash_option_bytes_bank1.WMSecEndPage))
216 {
217 BOOT_LOG_INF("BANK 1 secure flash [%d, %d] : OB [%d, %d]",
218 start, end, flash_option_bytes_bank1.WMSecStartPage, flash_option_bytes_bank1.WMSecEndPage);
219 #ifndef TFM_ENABLE_SET_OB
220 BOOT_LOG_ERR("Error while checking secure flash protection");
221 Error_Handler();
222 #else
223 BOOT_LOG_ERR("Error while checking secure flash protection: set wmsec1");
224 flash_option_bytes_bank1.WMSecStartPage = start;
225 flash_option_bytes_bank1.WMSecEndPage = end;
226 flash_option_bytes_bank1.OptionType |= OPTIONBYTE_WMSEC;
227 flash_option_bytes_bank1.WMSecConfig |= OB_WMSEC_AREA1 | OB_WMSEC_SECURE_AREA_CONFIG;
228 #endif /* TFM_ENABLE_SET_OB */
229 }
230
231 /* Check bank2 secure flash protection */
232 start = FLASH_AREA_BL2_OFFSET;
233 end = (FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1) / PAGE_SIZE;
234 if (end > PAGE_MAX_NUMBER_IN_BANK)
235 {
236 end = end - (PAGE_MAX_NUMBER_IN_BANK + 1);
237 if ((start != flash_option_bytes_bank2.WMSecStartPage)
238 || (end != flash_option_bytes_bank2.WMSecEndPage))
239 {
240 BOOT_LOG_INF("BANK 2 secure flash [%d, %d] : OB [%d, %d]", start, end, flash_option_bytes_bank2.WMSecStartPage,
241 flash_option_bytes_bank2.WMSecEndPage);
242 #ifndef TFM_ENABLE_SET_OB
243 BOOT_LOG_ERR("Error while checking secure flash protection");
244 Error_Handler();
245 #else
246 BOOT_LOG_ERR("Error while checking secure flash protection : set wmsec2");
247 flash_option_bytes_bank2.WMSecStartPage = start;
248 flash_option_bytes_bank2.WMSecEndPage = end;
249 flash_option_bytes_bank2.OptionType = OPTIONBYTE_WMSEC;
250 flash_option_bytes_bank2.WMSecConfig |= OB_WMSEC_AREA2 | OB_WMSEC_SECURE_AREA_CONFIG ;
251 #endif /* TFM_ENABLE_SET_OB */
252 }
253 }
254 /* the bank 2 must be fully unsecure */
255 else if (flash_option_bytes_bank2.WMSecEndPage >= flash_option_bytes_bank2.WMSecStartPage)
256 {
257 BOOT_LOG_INF("BANK 2 secure flash [%d, %d] : OB [%d, %d]", 127, 0, flash_option_bytes_bank2.WMSecStartPage,
258 flash_option_bytes_bank2.WMSecEndPage);
259 #ifndef TFM_ENABLE_SET_OB
260 BOOT_LOG_ERR("Error while checking secure flash protection");
261 Error_Handler();
262 #else
263 /* bank is not unsecured , modify option bytes */
264 flash_option_bytes_bank2.WMSecStartPage = 127;
265 flash_option_bytes_bank2.WMSecEndPage = 0;
266 flash_option_bytes_bank2.OptionType = OPTIONBYTE_WMSEC;
267 flash_option_bytes_bank2.WMSecConfig |= OB_WMSEC_AREA2 | OB_WMSEC_SECURE_AREA_CONFIG ;
268 #endif /* TFM_ENABLE_SET_OB */
269 }
270
271 #ifdef TFM_WRP_PROTECT_ENABLE
272 /* Check flash write protection */
273 start = FLASH_AREA_BL2_OFFSET / PAGE_SIZE;
274 end = (FLASH_AREA_BL2_OFFSET + FLASH_AREA_BL2_SIZE +
275 FLASH_AREA_BL2_NOHDP_SIZE - 1) / PAGE_SIZE;
276 if ((flash_option_bytes_bank1.WRPStartOffset > flash_option_bytes_bank1.WRPEndOffset)
277 || (start != flash_option_bytes_bank1.WRPStartOffset)
278 || (end != flash_option_bytes_bank1.WRPEndOffset))
279 {
280 BOOT_LOG_INF("BANK 1 flash write protection [%d, %d] : OB [%d, %d]", start, end,
281 flash_option_bytes_bank1.WRPStartOffset,
282 flash_option_bytes_bank1.WRPEndOffset);
283 #ifndef TFM_ENABLE_SET_OB
284 BOOT_LOG_ERR("Error while checking write protection ");
285 Error_Handler();
286 #else
287 flash_option_bytes_bank1.WRPStartOffset = start;
288 flash_option_bytes_bank1.WRPEndOffset = end;
289 flash_option_bytes_bank1.WRPArea |= OB_WRPAREA_BANK1_AREAA;
290
291 BOOT_LOG_ERR("Error while checking write protection : set wrp1");
292 flash_option_bytes_bank1.OptionType |= OPTIONBYTE_WRP;
293 #endif /* TFM_ENABLE_SET_OB */
294 }
295 #endif /* TFM_WRP_PROTECT_ENABLE */
296
297 #ifdef TFM_HDP_PROTECT_ENABLE
298 /* Check secure user flash protection (HDP) */
299 start = 0;
300 end = (FLASH_BL2_HDP_END) / PAGE_SIZE;
301 if (
302 (flash_option_bytes_bank1.WMSecStartPage > flash_option_bytes_bank1.WMHDPEndPage)
303 || (start < flash_option_bytes_bank1.WMSecStartPage)
304 || (end > flash_option_bytes_bank1.WMHDPEndPage)
305 || (flash_option_bytes_bank1.WMSecConfig & OB_WMSEC_HDP_AREA_DISABLE))
306 {
307 BOOT_LOG_INF("BANK 1 secure user flash [%d, %d] : OB [%d, %d]",
308 start,
309 end,
310 flash_option_bytes_bank1.WMSecStartPage,
311 flash_option_bytes_bank1.WMHDPEndPage);
312 #ifndef TFM_ENABLE_SET_OB
313 BOOT_LOG_ERR("Error while checking secure user flash protection");
314 Error_Handler();
315 #else
316 BOOT_LOG_ERR("Error while checking secure user flash protection : set hdp1");
317 flash_option_bytes_bank1.WMSecStartPage = start;
318 flash_option_bytes_bank1.WMHDPEndPage = end;
319 flash_option_bytes_bank1.OptionType |= OPTIONBYTE_WMSEC;
320 /* clean disable */
321 flash_option_bytes_bank1.WMSecConfig &= ~OB_WMSEC_HDP_AREA_DISABLE;
322 /* enable */
323 flash_option_bytes_bank1.WMSecConfig |= OB_WMSEC_HDP_AREA_CONFIG ;
324 flash_option_bytes_bank1.WMSecConfig |= OB_WMSEC_HDP_AREA_ENABLE;
325 flash_option_bytes_bank1.WMSecConfig |= OB_WMSEC_AREA1;
326 #endif /* TFM_ENABLE_SET_OB */
327 }
328 #else /* TFM_HDP_PROTECT_ENABLE */
329 flash_option_bytes_bank1.WMSecConfig &= ~(OB_WMSEC_HDP_AREA_CONFIG | OB_WMSEC_HDP_AREA_ENABLE);
330 flash_option_bytes_bank1.WMSecConfig |= OB_WMSEC_HDP_AREA_DISABLE;
331 #endif /* TFM_HDP_PROTECT_ENABLE */
332
333 #ifdef TFM_SECURE_USER_SRAM2_ERASE_AT_RESET
334 /* Check SRAM2 ERASE on reset */
335 if ((flash_option_bytes_bank1.USERConfig & FLASH_OPTR_SRAM2_RST) != 0)
336 {
337 BOOT_LOG_ERR("Error while checking OB for SRAM2 ERASE at Reset");
338 Error_Handler();
339 }
340 #endif /*TFM_SECURE_USER_SRAM2_ERASE_AT_RESET */
341
342 #ifdef TFM_ENABLE_SET_OB
343 /* Configure Options Bytes */
344 if ((flash_option_bytes_bank1.OptionType != 0) || (flash_option_bytes_bank2.OptionType != 0))
345 {
346 /* Unlock the Flash to enable the flash control register access */
347 HAL_FLASH_Unlock();
348
349 /* Unlock the Options Bytes */
350 HAL_FLASH_OB_Unlock();
351
352 /* Verify Options Bytes to configure */
353 if ((flash_option_bytes_bank1.OptionType & OPTIONBYTE_RDP) != 0)
354 {
355 BOOT_LOG_ERR("Error while checking OB RDP to program");
356 Error_Handler();
357 }
358 if ((flash_option_bytes_bank2.OptionType & OPTIONBYTE_RDP) != 0)
359 {
360 BOOT_LOG_ERR("Error while checking OB RDP to program");
361 Error_Handler();
362 }
363 if ((flash_option_bytes_bank2.WRPArea) != 0)
364 {
365 BOOT_LOG_ERR("Error while checking bank 2 OB WRP AREA to program");
366 Error_Handler();
367 }
368 if ((flash_option_bytes_bank1.WRPArea & ~OB_WRPAREA_BANK1_AREAA) != 0)
369 {
370 BOOT_LOG_ERR("Error while checking bank 1 OB WRP AREA to program");
371 Error_Handler();
372 }
373 if ((flash_option_bytes_bank1.OptionType) != 0)
374 {
375 /* Program the Options Bytes */
376 ret = HAL_FLASHEx_OBProgram(&flash_option_bytes_bank1);
377 if (ret != HAL_OK)
378 {
379 BOOT_LOG_ERR("Error while setting OB Bank1 config");
380 Error_Handler();
381 }
382 }
383 if ((flash_option_bytes_bank2.OptionType) != 0)
384 {
385 /* Program the Options Bytes */
386 ret = HAL_FLASHEx_OBProgram(&flash_option_bytes_bank2);
387 if (ret != HAL_OK)
388 {
389 BOOT_LOG_ERR("Error while setting OB Bank1 config");
390 Error_Handler();
391 }
392 }
393
394 /* Launch the Options Bytes (reset the board, should not return) */
395 ret = HAL_FLASH_OB_Launch();
396 if (ret != HAL_OK)
397 {
398 BOOT_LOG_ERR("Error while execution OB_Launch");
399 Error_Handler();
400 }
401
402 /* Code should not be reached, reset the board */
403 HAL_NVIC_SystemReset();
404 }
405 #endif /* TFM_ENABLE_SET_OB */
406
407 #ifdef TFM_OB_BOOT_LOCK
408 /* Check Boot lock protection */
409 if (flash_option_bytes_bank1.BootLock != TFM_OB_BOOT_LOCK)
410 {
411 BOOT_LOG_INF("BootLock 0x%x", flash_option_bytes_bank1.BootLock);
412 BOOT_LOG_ERR("Error while checking SEC BOOT LOCK");
413 Error_Handler();
414 }
415 #endif /* TFM_OB_BOOT_LOCK */
416
417 #ifdef TFM_OB_RDP_LEVEL_VALUE
418 /* Check RDL level */
419 if (flash_option_bytes_bank1.RDPLevel != TFM_OB_RDP_LEVEL_VALUE)
420 {
421 BOOT_LOG_INF("RDPLevel 0x%x (0x%x)", flash_option_bytes_bank1.RDPLevel, TFM_OB_RDP_LEVEL_VALUE);
422 BOOT_LOG_ERR("Error while checking RDP level");
423 rdp_level(TFM_OB_RDP_LEVEL_VALUE);
424 Error_Handler();
425 }
426 #endif /* TFM_OB_RDP_LEVEL_VALUE */
427 }
428
429 #ifdef TFM_OB_RDP_LEVEL_VALUE
rdp_level(uint32_t rdplevel)430 static void rdp_level(uint32_t rdplevel)
431 {
432 #ifdef TFM_ENABLE_SET_OB
433 static FLASH_OBProgramInitTypeDef flash_option_bytes_bank = {0};
434 HAL_StatusTypeDef ret = HAL_ERROR;
435
436 flash_option_bytes_bank.OptionType = OPTIONBYTE_RDP;
437 flash_option_bytes_bank.RDPLevel = rdplevel;
438 BOOT_LOG_INF("Programming RDP to %x", rdplevel);
439
440 /* Unlock the Flash to enable the flash control register access */
441 HAL_FLASH_Unlock();
442
443 /* Unlock the Options Bytes */
444 HAL_FLASH_OB_Unlock();
445
446 /* Program the Options Bytes */
447 ret = HAL_FLASHEx_OBProgram(&flash_option_bytes_bank);
448 if (ret != HAL_OK)
449 {
450 BOOT_LOG_ERR("Error while setting OB Bank config");
451 Error_Handler();
452 }
453
454 /* Launch the Options Bytes (reset the board, should not return) */
455 ret = HAL_FLASH_OB_Launch();
456 if (ret != HAL_OK)
457 {
458 BOOT_LOG_ERR("Error while execution OB_Launch");
459 Error_Handler();
460 }
461
462 /* Code should not be reached, reset the board */
463 HAL_NVIC_SystemReset();
464 #endif /* TFM_ENABLE_SET_OB */
465 }
466 #endif /* TFM_OB_RDP_LEVEL_VALUE */
467
468 /**
469 * @brief Memory Config Init
470 * @param None
471 * @retval None
472 */
gtzc_init_cfg(void)473 static void gtzc_init_cfg(void)
474 {
475 #ifdef TFM_ERROR_HANDLER_NON_SECURE
476 /* unsecure only one block in SRAM1 */
477 GTZC_MPCBB1_S->VCTR[0] = 0xfffffffe;
478 #endif /* TFM_ERROR_HANDLER_NON_SECURE */
479 }
480
481 /**
482 * @brief Sau idau init
483 * @param None
484 * @retval None
485 */
sau_and_idau_cfg(void)486 static void sau_and_idau_cfg(void)
487 {
488 /* Disable SAU */
489 TZ_SAU_Disable();
490 /* Configures SAU regions non-secure to gain access to SRAM1 non secure */
491 #ifdef TFM_ERROR_HANDLER_NON_SECURE
492 SAU->RNR = 0;
493 SAU->RBAR = (SRAM1_BASE_NS & SAU_RBAR_BADDR_Msk);
494 SAU->RLAR = ((SRAM1_BASE_NS + 0xff) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
495 #endif /* TFM_ERROR_HANDLER_NON_SECURE */
496 /* Configure RSS table */
497 SAU->RNR = 1;
498 SAU->RBAR = (0x0BF90000 & SAU_RBAR_BADDR_Msk);
499 SAU->RLAR = ((0x0BF90000 + 0xffff) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
500 #ifdef TFM_ERROR_HANDLER_NON_SECURE
501 /* Allow non secure access to Flash non Secure peripheral for regression */
502 SAU->RNR = 2;
503 SAU->RBAR = ((uint32_t)FLASH_NS & SAU_RBAR_BADDR_Msk);
504 SAU->RLAR = (((uint32_t)FLASH_NS + 0xffff) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
505 #endif /* TFM_ERROR_HANDLER_NON_SECURE */
506 /* Allow non secure Flash base access */
507 #if defined(EXTERNAL_FLASH)
508 SAU->RNR = 3;
509 SAU->RBAR = ((uint32_t)FLASH_BASE_NS + FLASH_AREA_1_OFFSET) & SAU_RBAR_BADDR_Msk;
510 SAU->RLAR = (((uint32_t)FLASH_BASE_NS + FLASH_AREA_1_OFFSET
511 + FLASH_AREA_1_SIZE - 1) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
512 SAU->RNR = 4;
513 SAU->RBAR = ((uint32_t)OSPI_FLASH_BASE_ADDRESS + FLASH_AREA_2_OFFSET) & SAU_RBAR_BADDR_Msk;
514 SAU->RLAR = (((uint32_t)OSPI_FLASH_BASE_ADDRESS + FLASH_AREA_3_OFFSET
515 + FLASH_AREA_3_SIZE - 1) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
516 #else
517 SAU->RNR = 3;
518 SAU->RBAR = ((uint32_t)FLASH_BASE_NS + FLASH_AREA_1_OFFSET) & SAU_RBAR_BADDR_Msk;
519 SAU->RLAR = (((uint32_t)FLASH_BASE_NS + FLASH_AREA_3_OFFSET
520 + FLASH_AREA_3_SIZE - 1) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
521 #endif
522 /* Force memory writes before continuing */
523 __DSB();
524 /* Flush and refill pipeline with updated permissions */
525 __ISB();
526 /* Enable SAU */
527 TZ_SAU_Enable();
528 }
529
530 /**
531 * @brief mpu init
532 * @param None
533 * @retval None
534 */
mpu_init_cfg(void)535 static void mpu_init_cfg(void)
536 {
537 #ifdef TFM_BOOT_MPU_PROTECTION
538 struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
539 struct mpu_armv8m_dev_t dev_mpu_ns = { MPU_BASE_NS};
540 struct mpu_armv8m_region_cfg_t region_cfg;
541 /* Secure MPU */
542 /* background region is enabled , secure execution on unsecure flash is not possible*/
543 /* but non secure execution on unsecure flash is possible , non secure mpu is used to protect execution */
544 /* since SAU is enabled later to gain access to non secure flash */
545 /* Forbid execuction outside of flash write protected area */
546 /* descriptor 0 is set execute readonly before jumping in Secure application */
547 region_cfg.region_nr = 0;
548 region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_0_OFFSET ;
549 region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1;
550 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
551 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
552 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
553 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
554 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
555 {
556 Error_Handler();
557 }
558 region_cfg.region_nr = 1;
559 region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_1_OFFSET ;
560 region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE - 1;
561 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
562 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
563 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
564 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
565 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
566 {
567 Error_Handler();
568 }
569 region_cfg.region_nr = 2;
570 region_cfg.region_base = FLASH_BASE_S;
571 region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_BL2_OFFSET - 1;
572 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
573 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
574 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
575 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
576 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
577 {
578 Error_Handler();
579 }
580 region_cfg.region_nr = 3;
581 region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_BL2_NOHDP_OFFSET + FLASH_AREA_BL2_NOHDP_SIZE;
582 region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET - 1;
583 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
584 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
585 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
586 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
587 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
588 {
589 Error_Handler();
590 }
591 /* Forbid execuction on full SRAM area */
592 region_cfg.region_nr = 4;
593 region_cfg.region_base = SRAM1_BASE_S ;
594 region_cfg.region_limit = SRAM1_BASE_S + TOTAL_RAM_SIZE - 1;
595 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
596 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
597 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
598 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
599 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
600 {
601 Error_Handler();
602 }
603 /* forbid secure peripheral execution */
604 region_cfg.region_nr = 5;
605 region_cfg.region_base = PERIPH_BASE_S;
606 region_cfg.region_limit = PERIPH_BASE_S + 0xFFFFFFF;
607 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
608 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
609 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
610 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
611 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
612 {
613 Error_Handler();
614 }
615 /* enable secure MPU */
616 mpu_armv8m_enable(&dev_mpu_s, PRIVILEGED_DEFAULT_ENABLE,
617 HARDFAULT_NMI_ENABLE);
618 /* forbid execution on non secure FLASH /RAM in case of jump in non secure */
619 /* Non Secure MPU background all access in priviligied */
620 /* reduced execution to all flash during control */
621 region_cfg.region_nr = 0;
622 region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_1_OFFSET;
623 region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE - 1;
624 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
625 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
626 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
627 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
628 if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
629 {
630 Error_Handler();
631 }
632 region_cfg.region_nr = 1;
633 region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_2_OFFSET;
634 region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE - 1;
635 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
636 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
637 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
638 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
639 if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
640 {
641 Error_Handler();
642 }
643 /* Forbid execuction on full SRAM area */
644 region_cfg.region_nr = 2;
645 #ifdef TFM_ERROR_HANDLER_NON_SECURE
646 region_cfg.region_base = SRAM1_BASE_NS + (~MPU_RBAR_BASE_Msk) + 1;
647 #else
648 region_cfg.region_base = SRAM1_BASE_NS ;
649 #endif /* TFM_ERROR_HANDLER_NON_SECURE */
650 region_cfg.region_limit = SRAM1_BASE_NS + TOTAL_RAM_SIZE - 1;
651 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
652 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
653 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
654 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
655 if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
656 {
657 Error_Handler();
658 }
659 /* forbid secure peripheral execution */
660 region_cfg.region_nr = 3;
661 region_cfg.region_base = PERIPH_BASE_NS;
662 region_cfg.region_limit = PERIPH_BASE_NS + 0xFFFFFFF;
663 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
664 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
665 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
666 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
667 if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
668 {
669 Error_Handler();
670 }
671 /* enable non secure MPU */
672 mpu_armv8m_enable(&dev_mpu_ns, PRIVILEGED_DEFAULT_ENABLE,
673 HARDFAULT_NMI_ENABLE);
674 #endif /* TFM_BOOT_MPU_PROTECTION */
675 }
676
677 /* Place code in a specific section */
678 #if defined(__ICCARM__)
679 #pragma default_function_attributes = @ ".BL2_NoHdp_Code"
680 #elif defined(__CC_ARM)
681 #pragma arm section code = ".BL2_NoHdp_Code"
682 #else
683 __attribute__((section(".BL2_NoHdp_Code")))
684 #endif /* __ICCARM__ */
685
686 /**
687 * @brief mpu configuration for running secure/non secure application
688 * @param None
689 * @retval None
690 */
mpu_appli_cfg(void)691 static void mpu_appli_cfg(void)
692 {
693 #ifdef TFM_BOOT_MPU_PROTECTION
694 /* static variables are used to ensure rodata placement in the specific section */
695 static struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
696 static struct mpu_armv8m_dev_t dev_mpu_ns = { MPU_BASE_NS};
697 struct mpu_armv8m_region_cfg_t region_cfg;
698 /* region 0 is now enable for execution */
699 region_cfg.region_nr = 0;
700 region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_0_OFFSET ;
701 region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1;
702 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
703 region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_ONLY;
704 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
705 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
706 if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
707 {
708 Error_Handler();
709 }
710 /* region 0 is now enable for execution */
711 region_cfg.region_nr = 0;
712 region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_1_OFFSET;
713 region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE - 1;
714 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
715 region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
716 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
717 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
718 if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
719 {
720 Error_Handler();
721 }
722 #ifdef TFM_ERROR_HANDLER_NON_SECURE
723 region_cfg.region_base = SRAM1_BASE_NS ;
724 /* Forbid execution on full SRAM area */
725 region_cfg.region_nr = 4;
726 region_cfg.region_base = SRAM1_BASE_NS ;
727 region_cfg.region_limit = SRAM1_BASE_NS + (~MPU_RBAR_BASE_Msk);
728 region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
729 region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
730 region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
731 region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
732 if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
733 {
734 Error_Handler();
735 }
736 #endif /* TFM_ERROR_HANDLER_NON_SECURE */
737 #endif /* TFM_BOOT_MPU_PROTECTION */
738 }
739
740 /* Stop placing data in specified section */
741 #if defined(__ICCARM__)
742 #pragma default_function_attributes =
743 #elif defined(__CC_ARM)
744 #pragma arm section code
745 #endif /* __ICCARM__ */
746
747 /**
748 * @brief lock bl2 shared sram in secure
749 * @param None
750 * @retval None
751 */
lock_bl2_shared_area(void)752 static void lock_bl2_shared_area(void)
753 {
754 MPCBB_ConfigTypeDef MPCBB_desc;
755 /* assumption shared area in SRAM2 in the last 8 Kbytes super block */
756 /* This area in SRAM 2 is updated BL2 and can be lock to avoid any changes */
757 if (
758 (BOOT_TFM_SHARED_DATA_BASE >= S_RAM_ALIAS(_SRAM2_TOP - GTZC_MPCBB_SUPERBLOCK_SIZE))
759 && (BOOT_TFM_SHARED_DATA_SIZE <= GTZC_MPCBB_SUPERBLOCK_SIZE))
760 {
761
762 __HAL_RCC_GTZC_CLK_ENABLE();
763 if (HAL_GTZC_MPCBB_GetConfigMem(SRAM2_BASE, &MPCBB_desc) != HAL_OK)
764 {
765 Error_Handler();
766 }
767 MPCBB_desc.AttributeConfig.MPCBB_LockConfig_array[0] |= 0x00000080;
768 if (HAL_GTZC_MPCBB_ConfigMem(SRAM2_BASE, &MPCBB_desc) != HAL_OK)
769 {
770 Error_Handler();
771 }
772 }
773 else Error_Handler();
774 }
775
776 /* Place code in a specific section */
777 #if defined(__ICCARM__)
778 #pragma default_function_attributes = @ ".BL2_NoHdp_Code"
779 #elif defined(__CC_ARM)
780 #pragma arm section code = ".BL2_NoHdp_Code"
781 #else
782 __attribute__((section(".BL2_NoHdp_Code")))
783 #endif /* __ICCARM__ */
784
785 /**
786 * @brief Enable HDP protection
787 * @param None
788 * @retval None
789 */
enable_hdp_protection(void)790 static void enable_hdp_protection(void)
791 {
792 #ifdef TFM_HDP_PROTECT_ENABLE
793 do
794 {
795 /* Activate HDP protection */
796 SET_BIT(FLASH->SECHDPCR, FLASH_SECHDPCR_HDP1_ACCDIS);
797 } while ((FLASH->SECHDPCR & FLASH_SECHDPCR_HDP1_ACCDIS) != FLASH_SECHDPCR_HDP1_ACCDIS);
798
799 if ((FLASH->SECHDPCR & FLASH_SECHDPCR_HDP1_ACCDIS) != FLASH_SECHDPCR_HDP1_ACCDIS)
800 {
801 /* Security issue : execution stopped ! */
802 Error_Handler();
803 }
804 #endif /* TFM_HDP_PROTECT_ENABLE */
805 }
806
807 /* Stop placing data in specified section */
808 #if defined(__ICCARM__)
809 #pragma default_function_attributes =
810 #elif defined(__CC_ARM)
811 #pragma arm section code
812 #endif /* __ICCARM__ */
813 /* Place code in a specific section */
814 #if defined(__ICCARM__)
815 #pragma default_function_attributes = @ ".BL2_NoHdp_Code"
816 #elif defined(__CC_ARM)
817 #pragma arm section code = ".BL2_NoHdp_Code"
818 #else
819 __attribute__((section(".BL2_NoHdp_Code")))
820 #endif /* __ICCARM__ */
apply_wrp_sram2(uint32_t offset,uint32_t len)821 static void apply_wrp_sram2(uint32_t offset, uint32_t len)
822 {
823 uint32_t start_offset = ((offset - SRAM2_BASE_S)/ SRAM2_PAGE_SIZE);
824 uint32_t end_offset = start_offset + (len -1)/SRAM2_PAGE_SIZE;
825 uint32_t index;
826 __IO uint32_t *pt;
827 __IO uint32_t *SRAM2_CFG[2]={&SYSCFG_S->SWPR, &SYSCFG_S->SWPR2};
828 uint32_t val[2]={0, 0};
829
830 __HAL_RCC_SYSCFG_CLK_ENABLE();
831 for (index = start_offset; index <= end_offset; index ++)
832 {
833 val[(index > 31) ? 1 : 0]|= (1 << ( (index > 31) ? (index -32) : index));
834 }
835 for(index = 0; index < 2; index ++)
836 {
837 pt = SRAM2_CFG[index];
838 *pt = val[index];
839 }
840 }
841 /* Stop placing data in specified section */
842 #if defined(__ICCARM__)
843 #pragma default_function_attributes =
844 #elif defined(__CC_ARM)
845 #pragma arm section code
846 #endif /* __ICCARM__ */
847 /**
848 * @}
849 */
850
851 /************************ (C) COPYRIGHT STMicroelectronics *****END OF FILE****/
852
