1 /* 2 * Copyright (c) 2017-2022 ARM Limited 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef __REGION_DEFS_H__ 18 #define __REGION_DEFS_H__ 19 #include "flash_layout.h" 20 21 #define BL2_HEAP_SIZE 0x0001000 22 #define BL2_MSP_STACK_SIZE 0x0002000 23 24 #define LOADER_NS_MSP_STACK_SIZE 0x0000400 25 #define LOADER_NS_HEAP_SIZE 0x0000200 26 #define LOADER_NS_PSP_STACK_SIZE 0x0000400 27 28 #define LOADER_S_MSP_STACK_SIZE 0x0000400 29 #define LOADER_S_HEAP_SIZE 0x0000200 30 #define LOADER_S_PSP_STACK_SIZE 0x0000400 31 32 33 #ifdef ENABLE_HEAP 34 #define S_HEAP_SIZE (0x0000200) 35 #else 36 #define S_HEAP_SIZE (0x0000000) 37 #endif 38 39 #define S_MSP_STACK_SIZE 0x0000800 40 #define S_PSP_STACK_SIZE 0x0000800 41 42 #define NS_HEAP_SIZE 0x0001000 43 #define NS_STACK_SIZE 0x0001800 44 45 /* GTZC specific Alignment */ 46 #define GTZC_RAM_ALIGN 512 47 #define GTZC_FLASH_ALIGN 8192 48 /* 49 * This size of buffer is big enough to store an attestation 50 * token produced by initial attestation service 51 */ 52 #define PSA_INITIAL_ATTEST_TOKEN_MAX_SIZE 0x250 53 54 /* FIX ME : include stm32u5xx.h instead */ 55 #define _SRAM2_TOP (0x40000) /* 256Kbytes */ 56 #define _SRAM1_SIZE_MAX (0x30000) /*!< SRAM1=192k*/ 57 #define _SRAM2_SIZE_MAX (0x10000 - BOOT_TFM_SHARED_DATA_SIZE) /*!< SRAM2=64k -0x400 */ 58 #define _SRAM3_SIZE_MAX (0x80000) /* 512Kbytes */ 59 #define _SRAM4_SIZE_MAX (0x04000) /* 16Kbytes */ 60 61 /* Flash and internal SRAMs base addresses - Non secure aliased */ 62 #define _FLASH_BASE_NS (0x08000000) /*!< FLASH(up to 512 KB) base address */ 63 #define _SRAM1_BASE_NS (0x20000000) /*!< SRAM1(up to 192 KB) base address */ 64 #define _SRAM2_BASE_NS (0x20030000) /*!< SRAM2(64 KB) base address */ 65 #define _SRAM3_BASE_NS (0x20040000) /*!< SRAM3(512 KB) base address */ 66 #define _SRAM4_BASE_NS (0x28000000) /*!< SRAM4(16 KB) base address */ 67 /* Flash and internal SRAMs base addresses - Secure aliased */ 68 #define _FLASH_BASE_S (0x0C000000) /*!< FLASH(up to 512 KB) base address */ 69 #define _SRAM1_BASE_S (0x30000000) /*!< SRAM1(up to 192 KB) base address */ 70 #define _SRAM2_BASE_S (0x30030000) /*!< SRAM2(64 KB) base address */ 71 #define _SRAM3_BASE_S (0x30040000) /*!< SRAM3(512 KB) base address */ 72 #define _SRAM4_BASE_S (0x38000000) /*!< SRAM4(16 KB) base address */ 73 74 #define TOTAL_ROM_SIZE FLASH_TOTAL_SIZE 75 #define TOTAL_RAM_SIZE (_SRAM1_SIZE_MAX +_SRAM2_SIZE_MAX) 76 /* 192 + 64 Kbytes - BOOT info */ 77 /* boot info are placed and locked at top of SRAM2 */ 78 79 #define S_TOTAL_RAM2_SIZE (_SRAM2_SIZE_MAX) /*! size require for Secure part */ 80 #define S_TOTAL_RAM1_SIZE (0x10000) 81 #define S_TOTAL_RAM_SIZE (S_TOTAL_RAM2_SIZE + S_TOTAL_RAM1_SIZE) 82 #define NS_TOTAL_RAM_SIZE (TOTAL_RAM_SIZE - S_TOTAL_RAM_SIZE) 83 84 /* 85 * Boot partition structure if MCUBoot is used: 86 * 0x0_0000 Bootloader header 87 * 0x0_0400 Image area 88 * 0x7_0000 Trailer 89 */ 90 /* IMAGE_CODE_SIZE is the space available for the software binary image. 91 * It is less than the FLASH_PARTITION_SIZE because we reserve space 92 * for the image header and trailer introduced by the bootloader. 93 */ 94 95 #ifdef BL2 96 #define S_IMAGE_PRIMARY_PARTITION_OFFSET (FLASH_AREA_0_OFFSET) 97 #define S_IMAGE_SECONDARY_PARTITION_OFFSET (FLASH_AREA_2_OFFSET) 98 #define NS_IMAGE_PRIMARY_PARTITION_OFFSET (FLASH_AREA_0_OFFSET + FLASH_S_PARTITION_SIZE) 99 #define NS_IMAGE_SECONDARY_PARTITION_OFFSET (FLASH_AREA_2_OFFSET + FLASH_S_PARTITION_SIZE) 100 #else 101 #error "Config without BL2 not supported" 102 #endif /* BL2 */ 103 104 105 #define IMAGE_S_CODE_SIZE \ 106 (FLASH_S_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE) 107 #define IMAGE_NS_CODE_SIZE \ 108 (FLASH_NS_PARTITION_SIZE - BL2_HEADER_SIZE - BL2_TRAILER_SIZE) 109 110 /* FIXME: veneer region size is increased temporarily while both legacy veneers 111 * and their iovec-based equivalents co-exist for secure partitions. To be 112 * adjusted as legacy veneers are eliminated 113 */ 114 #define CMSE_VENEER_REGION_SIZE (0x00000380) 115 116 /* Use SRAM1 memory to store Code data */ 117 #define S_ROM_ALIAS_BASE (_FLASH_BASE_S) 118 #define NS_ROM_ALIAS_BASE (_FLASH_BASE_NS) 119 120 121 #define S_RAM_ALIAS_BASE (_SRAM1_BASE_S) 122 #define NS_RAM_ALIAS_BASE (_SRAM1_BASE_NS) 123 124 /* Alias definitions for secure and non-secure areas*/ 125 #define S_ROM_ALIAS(x) (S_ROM_ALIAS_BASE + (x)) 126 #define NS_ROM_ALIAS(x) (NS_ROM_ALIAS_BASE + (x)) 127 128 #define LOADER_NS_ROM_ALIAS(x) (_FLASH_BASE_NS + (x)) 129 #define LOADER_S_ROM_ALIAS(x) (_FLASH_BASE_S + (x)) 130 131 #define S_RAM_ALIAS(x) (S_RAM_ALIAS_BASE + (x)) 132 #define NS_RAM_ALIAS(x) (NS_RAM_ALIAS_BASE + (x)) 133 134 135 #define S_IMAGE_PRIMARY_AREA_OFFSET (S_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE) 136 #define S_CODE_START (S_ROM_ALIAS(S_IMAGE_PRIMARY_AREA_OFFSET)) 137 #define S_CODE_SIZE (IMAGE_S_CODE_SIZE - CMSE_VENEER_REGION_SIZE) 138 #define S_CODE_LIMIT ((S_CODE_START + S_CODE_SIZE) -1) 139 #define S_DATA_START (S_RAM_ALIAS(NS_TOTAL_RAM_SIZE)) 140 #define S_DATA_SIZE (S_TOTAL_RAM_SIZE) 141 #define S_DATA_LIMIT (S_DATA_START + S_DATA_SIZE - 1) 142 143 /* CMSE Veneers region */ 144 #define CMSE_VENEER_REGION_START (S_CODE_LIMIT + 1) 145 /* Non-secure regions */ 146 147 /* Secure regions , the end of secure regions must be aligned on page size for dual bank 0x800*/ 148 /* Offset and size definition in flash area, used by assemble.py 149 * 0x11400+0x33c00= 13000+34000 = 45000*/ 150 151 #define NS_IMAGE_PRIMARY_AREA_OFFSET (NS_IMAGE_PRIMARY_PARTITION_OFFSET + BL2_HEADER_SIZE) 152 #define NS_CODE_START (NS_ROM_ALIAS(NS_IMAGE_PRIMARY_AREA_OFFSET)) 153 #define NS_CODE_SIZE (IMAGE_NS_CODE_SIZE) 154 #define NS_CODE_LIMIT (NS_CODE_START + NS_CODE_SIZE - 1) 155 #define NS_DATA_START (NS_RAM_ALIAS(0)) 156 #define NS_NO_INIT_DATA_SIZE (0x100) 157 #define NS_DATA_SIZE (NS_TOTAL_RAM_SIZE) 158 #define NS_DATA_LIMIT (NS_DATA_START + NS_DATA_SIZE - 1) 159 160 /* NS partition information is used for MPC and SAU configuration */ 161 #define NS_PARTITION_START (NS_CODE_START) 162 #define NS_PARTITION_SIZE (NS_CODE_SIZE) 163 164 /* Secondary partition for new images/ in case of firmware upgrade */ 165 #define SECONDARY_PARTITION_START (NS_ROM_ALIAS(S_IMAGE_SECONDARY_PARTITION_OFFSET)) 166 #define SECONDARY_PARTITION_SIZE (FLASH_AREA_2_SIZE) 167 168 #ifdef BL2 169 /* Personalized region */ 170 #define PERSO_START (S_ROM_ALIAS(FLASH_AREA_PERSO_OFFSET)) 171 #define PERSO_SIZE (FLASH_AREA_PERSO_SIZE) 172 #define PERSO_LIMIT (PERSO_START + PERSO_SIZE - 1) 173 174 /* Bootloader region protected by hdp */ 175 #define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET)) 176 #define BL2_CODE_SIZE (FLASH_AREA_BL2_SIZE) 177 #define BL2_CODE_LIMIT (BL2_CODE_START + BL2_CODE_SIZE - 1) 178 179 /* Bootloader region not protected by hdp */ 180 #define BL2_NOHDP_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_NOHDP_OFFSET)) 181 #define BL2_NOHDP_CODE_SIZE (FLASH_AREA_BL2_NOHDP_SIZE) 182 #define BL2_NOHDP_CODE_LIMIT (BL2_NOHDP_CODE_START + BL2_NOHDP_CODE_SIZE - 1) 183 184 /* Bootloader boot address */ 185 #define BL2_BOOT_VTOR_ADDR (BL2_CODE_START) 186 187 /* keep 256 bytes unused to place while(1) for non secure to enable */ 188 /* regression from local tool with non secure attachment 189 * This avoid blocking board in case of hardening error */ 190 #define BL2_DATA_START (S_RAM_ALIAS(_SRAM1_SIZE_MAX)) 191 #define BL2_DATA_SIZE (BOOT_TFM_SHARED_DATA_BASE - BL2_DATA_START) 192 #define BL2_DATA_LIMIT (BL2_DATA_START + BL2_DATA_SIZE - 1) 193 194 /* Define BL2 MPU SRAM protection to remove execution capability */ 195 /* Area is covering the complete SRAM memory space non secure alias and secure alias */ 196 #define BL2_SRAM_AREA_BASE (_SRAM1_BASE_NS) 197 #define BL2_SRAM_AREA_END (_SRAM4_BASE_S + _SRAM4_SIZE_MAX -1) 198 199 /* Define Area provision by BL2 */ 200 #define BL2_OTP_AREA_BASE S_ROM_ALIAS(TFM_OTP_NV_COUNTERS_AREA_ADDR) 201 #define BL2_OTP_AREA_SIZE (TFM_OTP_NV_COUNTERS_AREA_SIZE) 202 /* Define Area for Initializing NVM counter */ 203 /* backup sector is initialised */ 204 #define BL2_NVM_AREA_BASE S_ROM_ALIAS(TFM_NV_COUNTERS_AREA_ADDR+FLASH_AREA_IMAGE_SECTOR_SIZE) 205 #define BL2_NVM_AREA_SIZE (FLASH_AREA_IMAGE_SECTOR_SIZE) 206 /* Define Area for initializing BL2_NVCNT */ 207 /* backup sector is initialised */ 208 #define BL2_NVMCNT_AREA_BASE S_ROM_ALIAS(FLASH_BL2_NVCNT_AREA_OFFSET+FLASH_AREA_IMAGE_SECTOR_SIZE) 209 #define BL2_NVMCNT_AREA_SIZE (FLASH_AREA_IMAGE_SECTOR_SIZE) 210 #endif /* BL2 */ 211 212 213 #define LOADER_NS_CODE_SIZE (0x6000) /* 24 Kbytes */ 214 215 #if defined(MCUBOOT_PRIMARY_ONLY) 216 /* Secure Loader Image */ 217 #define FLASH_AREA_LOADER_BANK_OFFSET (FLASH_B_SIZE-LOADER_IMAGE_S_CODE_SIZE-LOADER_NS_CODE_SIZE) 218 #define FLASH_AREA_LOADER_OFFSET (FLASH_TOTAL_SIZE-LOADER_IMAGE_S_CODE_SIZE-LOADER_NS_CODE_SIZE) 219 /* Control Secure Loader Image */ 220 #if (FLASH_AREA_LOADER_OFFSET % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0 221 #error "FLASH_AREA_LOADER_OFFSET not aligned on FLASH_AREA_IMAGE_SECTOR_SIZE" 222 #endif /* (FLASH_AREA_LOADER_OFFSET % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0 */ 223 224 /* Non-Secure Loader Image */ 225 #define LOADER_NS_CODE_START (LOADER_NS_ROM_ALIAS(FLASH_AREA_LOADER_OFFSET + LOADER_IMAGE_S_CODE_SIZE)) 226 /* Control Non-Secure Loader Image */ 227 #if (LOADER_NS_CODE_START % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0 228 #error "LOADER_NS_CODE_START not aligned on FLASH_AREA_IMAGE_SECTOR_SIZE" 229 #endif /* (LOADER_NS_CODE_START % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0 */ 230 231 /* define used for checking possible overlap */ 232 #define LOADER_CODE_SIZE (LOADER_NS_CODE_SIZE+LOADER_IMAGE_S_CODE_SIZE) 233 #else 234 /* Loader Image */ 235 #define FLASH_AREA_LOADER_BANK_OFFSET (FLASH_B_SIZE-LOADER_NS_CODE_SIZE) 236 #define FLASH_AREA_LOADER_OFFSET (FLASH_TOTAL_SIZE-LOADER_NS_CODE_SIZE) 237 /* Control Loader Image */ 238 #if (FLASH_AREA_LOADER_OFFSET % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0 239 #error "FLASH_AREA_LOADER_OFFSET not aligned on FLASH_AREA_IMAGE_SECTOR_SIZE" 240 #endif /* (FLASH_AREA_LOADER_OFFSET % FLASH_AREA_IMAGE_SECTOR_SIZE) != 0 */ 241 242 #define LOADER_NS_CODE_START (LOADER_NS_ROM_ALIAS(FLASH_AREA_LOADER_OFFSET)) 243 /* define used for checking possible overlap */ 244 #define LOADER_CODE_SIZE (LOADER_NS_CODE_SIZE) 245 #endif /* MCUBOOT_PRIMARY_ONLY */ 246 247 #define LOADER_IMAGE_S_CODE_SIZE (0x4000) /* 16 Kbytes */ 248 #define LOADER_CMSE_VENEER_REGION_SIZE (0x100) 249 #define LOADER_S_CODE_START (LOADER_S_ROM_ALIAS(FLASH_AREA_LOADER_OFFSET)) 250 #define LOADER_S_CODE_SIZE (LOADER_IMAGE_S_CODE_SIZE - LOADER_CMSE_VENEER_REGION_SIZE) 251 #define LOADER_S_CODE_LIMIT (LOADER_S_CODE_START + LOADER_S_CODE_SIZE -1) 252 #define LOADER_S_DATA_START (S_RAM_ALIAS(_SRAM1_SIZE_MAX)) 253 #define LOADER_S_DATA_SIZE (_SRAM2_SIZE_MAX) 254 #define LOADER_S_DATA_LIMIT (LOADER_S_DATA_START + LOADER_S_DATA_SIZE - 1) 255 #define LOADER_CMSE_VENEER_REGION_START (LOADER_S_CODE_LIMIT + 1) 256 #define LOADER_CMSE_VENEER_REGION_LIMIT (LOADER_S_ROM_ALIAS(FLASH_AREA_LOADER_OFFSET+LOADER_IMAGE_S_CODE_SIZE - 1)) 257 258 #define LOADER_NS_CODE_LIMIT (LOADER_NS_CODE_START+LOADER_NS_CODE_SIZE - 1) 259 #define LOADER_NS_DATA_START (NS_RAM_ALIAS(0x0)) 260 #define LOADER_NS_DATA_SIZE (_SRAM1_SIZE_MAX) 261 #define LOADER_NS_DATA_LIMIT (LOADER_NS_DATA_START + LOADER_NS_DATA_SIZE - 1) 262 263 #ifdef MCUBOOT_PRIMARY_ONLY 264 #define LOADER_MAX_CODE_SIZE (FLASH_TOTAL_SIZE - FLASH_AREA_1_OFFSET - FLASH_AREA_1_SIZE) 265 #else 266 #define LOADER_MAX_CODE_SIZE (FLASH_TOTAL_SIZE - FLASH_AREA_3_OFFSET - FLASH_AREA_3_SIZE) 267 #endif /* MCUBOOT_PRIMARY_ONLY */ 268 269 #if LOADER_CODE_SIZE > LOADER_MAX_CODE_SIZE 270 #error "Loader mapping overlapping slot %LOADER_CODE_SIZE %LOADER_MAX_CODE_SIZE" 271 #endif /* LOADER_CODE_SIZE > LOADER_MAX_CODE_SIZE */ 272 273 /* TFM non volatile data (NVCNT/PS/ITS) region */ 274 #define TFM_NV_DATA_START (S_ROM_ALIAS(FLASH_AREA_OTP_OFFSET)) 275 #define TFM_NV_DATA_SIZE (FLASH_AREA_OTP_SIZE + FLASH_NV_COUNTERS_AREA_SIZE \ 276 + FLASH_PS_AREA_SIZE + FLASH_ITS_AREA_SIZE) 277 #define TFM_NV_DATA_LIMIT (TFM_NV_DATA_START + TFM_NV_DATA_SIZE - 1) 278 /* Additional Check to detect flash download slot overlap or overflow */ 279 #if defined(MCUBOOT_EXT_LOADER) 280 #define FLASH_AREA_END_OFFSET_MAX FLASH_AREA_LOADER_OFFSET 281 #else 282 #define FLASH_AREA_END_OFFSET_MAX (FLASH_TOTAL_SIZE) 283 #endif /* defined(MCUBOOT_EXT_LOADER) */ 284 285 #if FLASH_AREA_END_OFFSET > FLASH_AREA_END_OFFSET_MAX 286 #error "Flash memory overflow" 287 #endif /* FLASH_AREA_END_OFFSET > FLASH_AREA_END_OFFSET_MAX */ 288 289 #endif /* __REGION_DEFS_H__ */ 290
