1 /*
2  * Copyright (c) 2017-2018 ARM Limited
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef __REGION_DEFS_H__
18 #define __REGION_DEFS_H__
19 #include "flash_layout.h"
20 
21 #define BL2_HEAP_SIZE           0x0001000
22 #define BL2_MSP_STACK_SIZE      0x0002000
23 
24 #define LOADER_S_MSP_STACK_SIZE 0x0000400
25 #define LOADER_S_HEAP_SIZE      0x0000200
26 #define LOADER_S_PSP_STACK_SIZE 0x0000400
27 
28 #define S_HEAP_SIZE             0x0001000
29 #define S_MSP_STACK_SIZE_INIT   0x0000400
30 #define S_MSP_STACK_SIZE        0x0000800
31 #define S_PSP_STACK_SIZE        0x0000800
32 
33 #define NS_HEAP_SIZE            0x0001000
34 #define NS_STACK_SIZE           0x0001000
35 
36 #define NS_MSP_STACK_SIZE       0x0000C00
37 #define NS_PSP_STACK_SIZE       0x0000C00
38 
39 /* GTZC specific Alignment */
40 #define GTZC_RAM_ALIGN 512
41 #define GTZC_FLASH_ALIGN 8192
42 
43 /*
44  * This size of buffer is big enough to store an attestation
45  * token produced by initial attestation service
46  */
47 #define PSA_INITIAL_ATTEST_TOKEN_MAX_SIZE   0x250
48 
49 #define _SRAM2_TOP              (0x40000) /* 256Kbytes */
50 #define _SRAM1_SIZE_MAX         (0x40000) /*!< SRAM1=256 KB */
51 #define _SRAM2_SIZE_MAX         (0x10000 - BOOT_TFM_SHARED_DATA_SIZE)  /*!< SRAM2=64k -0x400 */
52 #define _SRAM3_SIZE_MAX         (0x50000) /*!< SRAM3=320 KB */
53 
54 /* Flash and internal SRAMs base addresses - Non secure aliased */
55 #define _FLASH_BASE_NS          (0x08000000) /*!< FLASH(up to 512 KB) base address */
56 #define _SRAM1_BASE_NS          (0x20000000) /*!< SRAM1(up to 192 KB) base address */
57 #define _SRAM2_BASE_NS          (0x20040000) /*!< SRAM2(64 KB) base address */
58 #define _SRAM3_BASE_NS          (0x20050000) /*!< SRAM3(320 KB) base address */
59 /* Flash and internal SRAMs base addresses - Secure aliased */
60 #define _FLASH_BASE_S           (0x0C000000) /*!< FLASH(up to 512 KB) base address */
61 #define _SRAM1_BASE_S           (0x30000000) /*!< SRAM1(up to 192 KB) base address */
62 #define _SRAM2_BASE_S           (0x30040000) /*!< SRAM2(64 KB) base address */
63 #define _SRAM3_BASE_S           (0x30050000) /*!< SRAM3(320 KB) base address */
64 
65 
66 #define TOTAL_ROM_SIZE          FLASH_TOTAL_SIZE
67 #define TOTAL_RAM_SIZE          (_SRAM1_SIZE_MAX +_SRAM2_SIZE_MAX)
68 
69 #define S_TOTAL_RAM2_SIZE       (_SRAM2_SIZE_MAX) /*! size require for Secure part */
70 #define S_TOTAL_RAM1_SIZE       (0x0)
71 #define S_TOTAL_RAM_SIZE        (S_TOTAL_RAM2_SIZE + S_TOTAL_RAM1_SIZE)
72 #define NS_TOTAL_RAM_SIZE       (TOTAL_RAM_SIZE - S_TOTAL_RAM_SIZE)
73 /*
74  * Boot partition structure if MCUBoot is used:
75  * 0x0_0000 Bootloader header
76  * 0x0_0400 Image area
77  * 0x7_0000 Trailer
78  */
79 /* IMAGE_CODE_SIZE is the space available for the software binary image.
80  * It is less than the FLASH_PARTITION_SIZE because we reserve space
81  * for the image header and trailer introduced by the bootloader.
82  */
83 
84 #ifndef BL2_HEADER_SIZE
85 #define BL2_HEADER_SIZE                     (0x400) /*!< Appli image header size */
86 #endif
87 #ifndef BL2_TRAILER_SIZE
88 #define BL2_TRAILER_SIZE                    (0x400)
89 #endif
90 
91 #define BL2_DATA_HEADER_SIZE                (0x20)  /*!< Data image header size */
92 
93 #define S_IMAGE_PRIMARY_PARTITION_OFFSET    (FLASH_AREA_0_OFFSET)
94 #define S_IMAGE_SECONDARY_PARTITION_OFFSET  (FLASH_AREA_2_OFFSET)
95 #define NS_IMAGE_PRIMARY_PARTITION_OFFSET   (FLASH_AREA_0_OFFSET + FLASH_S_PARTITION_SIZE)
96 #define NS_IMAGE_SECONDARY_PARTITION_OFFSET (FLASH_AREA_2_OFFSET + FLASH_S_PARTITION_SIZE)
97 #if (MCUBOOT_S_DATA_IMAGE_NUMBER == 1)
98 #define S_DATA_IMAGE_PRIMARY_PARTITION_OFFSET    (FLASH_AREA_4_OFFSET)
99 #define S_DATA_IMAGE_SECONDARY_PARTITION_OFFSET  (FLASH_AREA_6_OFFSET)
100 #endif /* MCUBOOT_S_DATA_IMAGE_NUMBER == 1 */
101 #if (MCUBOOT_NS_DATA_IMAGE_NUMBER == 1)
102 #define NS_DATA_IMAGE_PRIMARY_PARTITION_OFFSET   (FLASH_AREA_5_OFFSET)
103 #define NS_DATA_IMAGE_SECONDARY_PARTITION_OFFSET (FLASH_AREA_7_OFFSET)
104 #endif /* MCUBOOT_NS_DATA_IMAGE_NUMBER == 1 */
105 
106 
107 
108 #define IMAGE_S_CODE_SIZE \
109     (FLASH_S_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE)
110 #define IMAGE_NS_CODE_SIZE \
111     (FLASH_NS_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE)
112 
113 /* FIXME: veneer region size is increased temporarily while both legacy veneers
114  * and their iovec-based equivalents co-exist for secure partitions. To be
115  * adjusted as legacy veneers are eliminated
116  */
117 #define CMSE_VENEER_REGION_SIZE             (0x00000380)
118 
119 /* Use SRAM1 memory to store Code data */
120 #define S_ROM_ALIAS_BASE                    (_FLASH_BASE_S)
121 #define NS_ROM_ALIAS_BASE                   (_FLASH_BASE_NS)
122 
123 
124 #define S_RAM_ALIAS_BASE                    (_SRAM1_BASE_S)
125 #define NS_RAM_ALIAS_BASE                   (_SRAM1_BASE_NS)
126 
127 /* Alias definitions for secure and non-secure areas*/
128 #define S_ROM_ALIAS(x)                      (S_ROM_ALIAS_BASE + (x))
129 #define NS_ROM_ALIAS(x)                     (NS_ROM_ALIAS_BASE + (x))
130 
131 #define LOADER_S_ROM_ALIAS(x)               (_FLASH_BASE_S + (x))
132 
133 #define S_RAM_ALIAS(x)                      (S_RAM_ALIAS_BASE + (x))
134 #define NS_RAM_ALIAS(x)                     (NS_RAM_ALIAS_BASE + (x))
135 
136 
137 #define S_IMAGE_PRIMARY_AREA_OFFSET         (S_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE)
138 #define S_CODE_START                        (S_ROM_ALIAS(S_IMAGE_PRIMARY_AREA_OFFSET))
139 #define S_CODE_SIZE                         (IMAGE_S_CODE_SIZE - CMSE_VENEER_REGION_SIZE)
140 #define S_CODE_LIMIT                        ((S_CODE_START + S_CODE_SIZE) -0x1)
141 #define S_DATA_START                        (_SRAM2_BASE_S)
142 #define S_DATA_SIZE                         (S_TOTAL_RAM_SIZE)
143 #define S_DATA_LIMIT                        (S_DATA_START + S_DATA_SIZE -0x1)
144 
145 #if (MCUBOOT_S_DATA_IMAGE_NUMBER == 1)
146 #define S_DATA_IMAGE_PRIMARY_AREA_OFFSET    (S_DATA_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_DATA_HEADER_SIZE)
147 #endif /* MCUBOOT_S_DATA_IMAGE_NUMBER == 1 */
148 
149 /* CMSE Veneers region */
150 #define CMSE_VENEER_REGION_START            (S_CODE_LIMIT + 1)
151 /* Non-secure regions */
152 
153 /* Secure regions , the end of secure regions must be aligned on page size for dual bank 0x800*/
154 /* Offset and size definition in flash area, used by assemble.py
155  * 0x11400+0x33c00= 13000+34000 = 45000*/
156 
157 #define NS_IMAGE_PRIMARY_AREA_OFFSET        (NS_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE)
158 #define NS_CODE_START                       (NS_ROM_ALIAS(NS_IMAGE_PRIMARY_AREA_OFFSET))
159 #define NS_CODE_SIZE                        (IMAGE_NS_CODE_SIZE)
160 #define NS_CODE_LIMIT                       (NS_CODE_START + NS_CODE_SIZE - 1)
161 #define NS_DATA_START                       (NS_RAM_ALIAS(0))
162 #define NS_DATA_START_2                     (_SRAM3_BASE_NS)
163 #define NS_NO_INIT_DATA_SIZE                (0x100)
164 #define NS_DATA_SIZE                        (_SRAM1_SIZE_MAX)
165 #define NS_DATA_SIZE_2                      (_SRAM3_SIZE_MAX)
166 #define NS_DATA_LIMIT                       (NS_DATA_START + NS_DATA_SIZE - 1)
167 #define NS_DATA_LIMIT_2                     (NS_DATA_START_2 + NS_DATA_SIZE_2 - 1)
168 
169 /* NS partition information is used for MPC and SAU configuration */
170 #define NS_PARTITION_START                  (NS_CODE_START)
171 #define NS_PARTITION_SIZE                   (NS_CODE_SIZE)
172 
173 /* Secondary partition for new images/ in case of firmware upgrade */
174 #define SECONDARY_PARTITION_START           (NS_ROM_ALIAS(S_IMAGE_SECONDARY_PARTITION_OFFSET))
175 #define SECONDARY_PARTITION_SIZE            (FLASH_AREA_2_SIZE)
176 
177 #ifdef BL2
178 #define PERSO_START                         (S_ROM_ALIAS(FLASH_AREA_PERSO_OFFSET))
179 #define PERSO_SIZE                          (FLASH_AREA_PERSO_SIZE)
180 #define PERSO_LIMIT                         (PERSO_START + PERSO_SIZE - 1)
181 /* Bootloader region protected by hdp */
182 #define BL2_CODE_START                      (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET))
183 #define BL2_CODE_SIZE                       (FLASH_AREA_BL2_SIZE)
184 #define BL2_CODE_LIMIT                      (BL2_CODE_START + BL2_CODE_SIZE - 1)
185 
186 #define BL2_NOHDP_CODE_START                (S_ROM_ALIAS(FLASH_AREA_BL2_NOHDP_OFFSET))
187 #define BL2_NOHDP_CODE_SIZE                 (FLASH_AREA_BL2_NOHDP_SIZE)
188 #define BL2_NOHDP_CODE_LIMIT                (BL2_NOHDP_CODE_START + BL2_NOHDP_CODE_SIZE - 1)
189 /* Bootloader boot address */
190 #define BL2_BOOT_VTOR_ADDR                  (BL2_CODE_START)
191 
192 /*  keep 256 bytes unused to place while(1) for non secure to enable */
193 /*  regression from local tool with non secure attachment
194  *  This avoid blocking board in case of hardening error */
195 #define BL2_DATA_START                      (S_RAM_ALIAS(_SRAM1_SIZE_MAX))
196 #define BL2_DATA_SIZE                       (BOOT_TFM_SHARED_DATA_BASE - BL2_DATA_START)
197 #define BL2_DATA_LIMIT                      (BL2_DATA_START + BL2_DATA_SIZE - 1)
198 
199 /* Define BL2 MPU SRAM protection to remove execution capability */
200 /* Area is covering the complete SRAM memory space non secure alias and secure alias */
201 #define BL2_SRAM_AREA_BASE                  (_SRAM1_BASE_NS)
202 #define BL2_SRAM_AREA_END                   (_SRAM3_BASE_S + _SRAM3_SIZE_MAX - 1)
203 
204 /* Define Area provision by BL2 */
205 #define BL2_OTP_AREA_BASE                   S_ROM_ALIAS(TFM_OTP_NV_COUNTERS_AREA_ADDR)
206 #define BL2_OTP_AREA_SIZE                   (TFM_OTP_NV_COUNTERS_AREA_SIZE)
207 /* Define Area for Initializing NVM counter */
208 /* backup sector is initialised */
209 #define BL2_NVM_AREA_BASE                   S_ROM_ALIAS(TFM_NV_COUNTERS_AREA_ADDR+FLASH_AREA_IMAGE_SECTOR_SIZE)
210 #define BL2_NVM_AREA_SIZE                   (FLASH_AREA_IMAGE_SECTOR_SIZE)
211 /* Define Area for initializing BL2_NVCNT   */
212 /* backup sector is initialised */
213 #define BL2_NVMCNT_AREA_BASE                S_ROM_ALIAS(FLASH_BL2_NVCNT_AREA_OFFSET+FLASH_AREA_IMAGE_SECTOR_SIZE)
214 #define BL2_NVMCNT_AREA_SIZE                (FLASH_AREA_IMAGE_SECTOR_SIZE)
215 #endif /* BL2 */
216 
217 
218 /*  Secure Loader Image */
219 /* Control  Secure Loader Image */
220 #if (FLASH_AREA_LOADER_OFFSET  % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0
221 #error "FLASH_AREA_LOADER_OFFSET  not aligned on FLASH_AREA_IMAGE_SECTOR_SIZE"
222 #endif /* (FLASH_AREA_LOADER_OFFSET  % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0  */
223 
224 
225 #define LOADER_IMAGE_S_CODE_SIZE            (FLASH_AREA_LOADER_SIZE)
226 
227 #define LOADER_S_CODE_START                 (LOADER_S_ROM_ALIAS(FLASH_AREA_LOADER_OFFSET))
228 #define LOADER_S_CODE_SIZE                  (LOADER_IMAGE_S_CODE_SIZE)
229 #define LOADER_S_CODE_LIMIT                 (LOADER_S_CODE_START + LOADER_S_CODE_SIZE -1)
230 #define LOADER_S_DATA_START                 (S_RAM_ALIAS(_SRAM1_SIZE_MAX))
231 #define LOADER_S_DATA_SIZE                  (_SRAM2_SIZE_MAX)
232 #define LOADER_S_DATA_LIMIT                 (LOADER_S_DATA_START + LOADER_S_DATA_SIZE - 1)
233 #define TRIGGER_LOADER_ADDRESS              (NS_RAM_ALIAS(0))
234 #define TRIGGER_LOADER_ADDRESS_S            (S_RAM_ALIAS(0))
235 #define TRIGGER_LOADER_MAGIC                (0x10ADE8AD)
236 
237 /* TFM non volatile data (PS/ITS) region */
238 #define TFM_NV_DATA_START                   (S_ROM_ALIAS(FLASH_PS_AREA_OFFSET))
239 #define TFM_NV_DATA_SIZE                    (FLASH_PS_AREA_SIZE + FLASH_ITS_AREA_SIZE)
240 #define TFM_NV_DATA_LIMIT                   (TFM_NV_DATA_START + TFM_NV_DATA_SIZE - 1)
241 /* Additional Check to detect flash download slot overlap or overflow */
242 #define FLASH_AREA_END_OFFSET_MAX (FLASH_TOTAL_SIZE)
243 
244 #if (MCUBOOT_S_DATA_IMAGE_NUMBER == 1)
245 /* S DATA image layout */
246 #define S_DATA_IMAGE_IAT_PRIV_KEY_OFFSET    (BL2_DATA_HEADER_SIZE)
247 #endif /* (MCUBOOT_S_DATA_IMAGE_NUMBER == 1) */
248 
249 #if (MCUBOOT_NS_DATA_IMAGE_NUMBER == 1)
250 /* NS DATA image layout */
251 #define NS_DATA_IMAGE_DATA1_OFFSET          (BL2_DATA_HEADER_SIZE)
252 #define NS_DATA_IMAGE_DATA1_SIZE            (32U)
253 #endif /* (MCUBOOT_NS_DATA_IMAGE_NUMBER == 1) */
254 
255 #if FLASH_AREA_END_OFFSET > FLASH_AREA_END_OFFSET_MAX
256 #error "Flash memory overflow"
257 #endif /* FLASH_AREA_END_OFFSET > FLASH_AREA_END_OFFSET_MAX */
258 
259 
260 #endif /* __REGION_DEFS_H__ */
261