diff options
author | Michel Jaouen <michel.jaouen@st.com> | 2020-06-18 10:16:56 +0200 |
---|---|---|
committer | Michel Jaouen <michel.jaouen@st.com> | 2020-08-13 09:51:10 +0200 |
commit | ff44a6ecd462c1d95f641b32bc7d97c156d5ea8c (patch) | |
tree | be09a6430a71cf0eef1ca374cb04cbf8a1811746 | |
parent | 1a2f3655456b402d60080515e14a079fd87120fd (diff) | |
download | trusted-firmware-m-ff44a6ecd462c1d95f641b32bc7d97c156d5ea8c.tar.gz |
Platform: stm32l5xx: Fix for ARMCLANG and IAR build
Change-Id: I911408ebccf22873be0d09ef6a873a699dff33c7
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
5 files changed, 50 insertions, 36 deletions
diff --git a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c index 5ae1ab5136..d38718411c 100644 --- a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c +++ b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c @@ -159,12 +159,12 @@ static int32_t USART0_Transfer(const void *data_out, void *data_in, static uint32_t USART0_GetTxCount(void) { - return ARM_DRIVER_ERROR_UNSUPPORTED; + return 0; } static uint32_t USART0_GetRxCount(void) { - return ARM_DRIVER_ERROR_UNSUPPORTED; + return 0; } static int32_t USART0_Control(uint32_t control, uint32_t arg) { diff --git a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c index 1b433324d5..dd55ce4390 100644 --- a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c +++ b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c @@ -25,7 +25,7 @@ #ifndef ARG_UNUSED #define ARG_UNUSED(arg) ((void)arg) #endif /* ARG_UNUSED */ - +void NMI_Handler(void); /* config for flash driver */ #define FLASH0_SECTOR_SIZE 0x1000 #define FLASH0_PAGE_SIZE 0x800 diff --git a/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h b/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h index c793aec2ee..9a1b2ab126 100644 --- a/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h +++ b/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h @@ -54,7 +54,9 @@ #endif /* STM32L5 */ #if defined(__DOMAIN_NS) && (__DOMAIN_NS == 1) -#undef __ARM_FEATURE_CMSE +#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3) +#error "non secure build with secure option" +#endif #endif /* Uncomment the line below according to the target STM32L5 device used in your diff --git a/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c b/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c index f364bf4d99..4ac9fecb2e 100644 --- a/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c +++ b/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c @@ -492,7 +492,7 @@ static void sau_and_idau_cfg(void) SAU->RNR = 3; SAU->RBAR = ((uint32_t)FLASH_BASE_NS + FLASH_AREA_1_OFFSET) & SAU_RBAR_BADDR_Msk; SAU->RLAR = (((uint32_t)FLASH_BASE_NS + FLASH_AREA_3_OFFSET - + FLASH_AREA_3_SIZE) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk; + + FLASH_AREA_3_SIZE - 1) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk; /* Force memory writes before continuing */ __DSB(); /* Flush and refill pipeline with updated permissions */ @@ -520,10 +520,10 @@ static void mpu_init_cfg(void) /* descriptor 0 is set execute readonly before jumping in Secure application */ region_cfg.region_nr = 0; region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_0_OFFSET ; - region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE; + region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -531,10 +531,10 @@ static void mpu_init_cfg(void) } region_cfg.region_nr = 1; region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_1_OFFSET ; - region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE; + region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -545,7 +545,7 @@ static void mpu_init_cfg(void) region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_BL2_OFFSET - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -556,7 +556,7 @@ static void mpu_init_cfg(void) region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -565,10 +565,10 @@ static void mpu_init_cfg(void) /* Forbid execuction on full SRAM area */ region_cfg.region_nr = 4; region_cfg.region_base = SRAM1_BASE_S ; - region_cfg.region_limit = SRAM1_BASE_S + TOTAL_RAM_SIZE; + region_cfg.region_limit = SRAM1_BASE_S + TOTAL_RAM_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -580,7 +580,7 @@ static void mpu_init_cfg(void) region_cfg.region_limit = PERIPH_BASE_S + 0xFFFFFFF; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -594,10 +594,10 @@ static void mpu_init_cfg(void) /* reduced execution to all flash during control */ region_cfg.region_nr = 0; region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_1_OFFSET; - region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE; + region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; - region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -605,10 +605,10 @@ static void mpu_init_cfg(void) } region_cfg.region_nr = 1; region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_2_OFFSET; - region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE; + region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; - region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -621,10 +621,10 @@ static void mpu_init_cfg(void) #else region_cfg.region_base = SRAM1_BASE_NS ; #endif /* TFM_ERROR_HANDLER_NON_SECURE */ - region_cfg.region_limit = SRAM1_BASE_NS + TOTAL_RAM_SIZE; + region_cfg.region_limit = SRAM1_BASE_NS + TOTAL_RAM_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; - region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -635,8 +635,8 @@ static void mpu_init_cfg(void) region_cfg.region_base = PERIPH_BASE_NS; region_cfg.region_limit = PERIPH_BASE_NS + 0xFFFFFFF; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX; - region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX; + region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER; if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -665,16 +665,17 @@ __attribute__((section(".BL2_NoHdp_Code"))) static void mpu_appli_cfg(void) { #ifdef TFM_BOOT_MPU_PROTECTION - struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE }; - struct mpu_armv8m_dev_t dev_mpu_ns = { MPU_BASE_NS}; + /* static variables are used to ensure rodata placement in the specific section */ + static struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE }; + static struct mpu_armv8m_dev_t dev_mpu_ns = { MPU_BASE_NS}; struct mpu_armv8m_region_cfg_t region_cfg; /* region 0 is now enable for execution */ region_cfg.region_nr = 0; region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_0_OFFSET ; - region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE; + region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK; if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK) { @@ -683,15 +684,30 @@ static void mpu_appli_cfg(void) /* region 0 is now enable for execution */ region_cfg.region_nr = 0; region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_1_OFFSET; - region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE; + region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE - 1; region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; - region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_ONLY; - region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; + region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK; + if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK) + { + Error_Handler(); + } +#ifdef TFM_ERROR_HANDLER_NON_SECURE + region_cfg.region_base = SRAM1_BASE_NS ; + /* Forbid execution on full SRAM area */ + region_cfg.region_nr = 4; + region_cfg.region_base = SRAM1_BASE_NS ; + region_cfg.region_limit = SRAM1_BASE_NS + (~MPU_RBAR_BASE_Msk); + region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX; + region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV; + region_cfg.attr_sh = MPU_ARMV8M_SH_NONE; region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK; if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK) { Error_Handler(); } +#endif /* TFM_ERROR_HANDLER_NON_SECURE */ #endif /* TFM_BOOT_MPU_PROTECTION */ } diff --git a/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h b/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h index 9264a4d24c..414724c40c 100644 --- a/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h +++ b/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h @@ -162,10 +162,6 @@ #define SECONDARY_PARTITION_SIZE (FLASH_AREA_2_SIZE) #ifdef BL2 -/* Personalized region */ -#define PERSO_START (S_ROM_ALIAS(FLASH_AREA_PERSO_OFFSET)) -#define PERSO_SIZE (FLASH_AREA_PERSO_SIZE) -#define PERSO_LIMIT (PERSO_START + PERSO_SIZE - 1) /* Bootloader region protected by hdp */ #define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET)) |