aboutsummaryrefslogtreecommitdiff
path: root/bl2
diff options
context:
space:
mode:
authorMichel Jaouen <michel.jaouen@st.com>2020-06-17 18:58:00 +0200
committerMáté Tóth-Pál <Mate.Toth-Pal@arm.com>2020-06-22 07:03:53 +0000
commit3ecd6221ccecfb0279c1a7ddb94ab917e3e0dc09 (patch)
treeecc24906b2082cfdb0307f9401497fcbda08ef49 /bl2
parent9fc0b5de33c1b16836d45de029792d12d1edc88d (diff)
downloadtrusted-firmware-m-3ecd6221ccecfb0279c1a7ddb94ab917e3e0dc09.tar.gz
Boot: Add boot_plaftorm_quit to boot_hal template
This enables specific platform operations before launching the secure application. Change-Id: I6c87662aefadac6552e0b65f35000cfc73735fd2 Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Diffstat (limited to 'bl2')
-rw-r--r--bl2/ext/mcuboot/bl2_main.c74
-rw-r--r--bl2/include/boot_hal.h22
2 files changed, 28 insertions, 68 deletions
diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index 391a996cd..b7dd03ec9 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c
@@ -54,60 +54,9 @@ extern ARM_DRIVER_FLASH FLASH_DEV_NAME;
/* Static buffer to be used by mbedtls for memory allocation */
static uint8_t mbedtls_mem_buf[BL2_MBEDTLS_MEM_BUF_LEN];
-struct arm_vector_table {
- uint32_t msp;
- uint32_t reset;
-};
-
-/*!
- * \brief Chain-loading the next image in the boot sequence.
- *
- * This function calls the Reset_Handler of the next image in the boot sequence,
- * usually it is the secure firmware. Before passing the execution to next image
- * there is conditional rule to remove the secrets from the memory. This must be
- * done if the following conditions are satisfied:
- * - Memory is shared between SW components at different stages of the trusted
- * boot process.
- * - There are secrets in the memory: KDF parameter, symmetric key,
- * manufacturer sensitive code/data, etc.
- */
-#if defined(__ICCARM__)
-#pragma required = boot_clear_bl2_ram_area
-#endif
-
-__attribute__((naked)) void boot_jump_to_next_image(uint32_t reset_handler_addr)
-{
- __ASM volatile(
-#if !defined(__ICCARM__)
- ".syntax unified \n"
-#endif
- "mov r7, r0 \n"
- "bl boot_clear_bl2_ram_area \n" /* Clear RAM before jump */
- "movs r0, #0 \n" /* Clear registers: R0-R12, */
- "mov r1, r0 \n" /* except R7 */
- "mov r2, r0 \n"
- "mov r3, r0 \n"
- "mov r4, r0 \n"
- "mov r5, r0 \n"
- "mov r6, r0 \n"
- "mov r8, r0 \n"
- "mov r9, r0 \n"
- "mov r10, r0 \n"
- "mov r11, r0 \n"
- "mov r12, r0 \n"
- "mov lr, r0 \n"
- "bx r7 \n" /* Jump to Reset_handler */
- );
-}
-
static void do_boot(struct boot_rsp *rsp)
{
- /* Clang at O0, stores variables on the stack with SP relative addressing.
- * When manually set the SP then the place of reset vector is lost.
- * Static variables are stored in 'data' or 'bss' section, change of SP has
- * no effect on them.
- */
- static struct arm_vector_table *vt;
+ struct boot_arm_vector_table *vt;
uintptr_t flash_base;
int rc;
@@ -123,15 +72,14 @@ static void do_boot(struct boot_rsp *rsp)
/* The image has been copied to SRAM, find the vector table
* at the load address instead of image's address in flash
*/
- vt = (struct arm_vector_table *)(rsp->br_hdr->ih_load_addr +
+ vt = (struct boot_arm_vector_table *)(rsp->br_hdr->ih_load_addr +
rsp->br_hdr->ih_hdr_size);
} else {
/* Using the flash address as not executing in SRAM */
- vt = (struct arm_vector_table *)(flash_base +
+ vt = (struct boot_arm_vector_table *)(flash_base +
rsp->br_image_off +
rsp->br_hdr->ih_hdr_size);
}
-
rc = FLASH_DEV_NAME.Uninitialize();
if(rc != ARM_DRIVER_OK) {
BOOT_LOG_ERR("Error while uninitializing Flash Interface");
@@ -140,20 +88,10 @@ static void do_boot(struct boot_rsp *rsp)
#if MCUBOOT_LOG_LEVEL > MCUBOOT_LOG_LEVEL_OFF
stdio_uninit();
#endif
-
-#if defined(__ARM_ARCH_8M_MAIN__) || defined(__ARM_ARCH_8M_BASE__)
- /* Restore the Main Stack Pointer Limit register's reset value
- * before passing execution to runtime firmware to make the
- * bootloader transparent to it.
+ /* This function never returns, because it calls the secure application
+ * Reset_Handler()
*/
- __set_MSPLIM(0);
-#endif
-
- __set_MSP(vt->msp);
- __DSB();
- __ISB();
-
- boot_jump_to_next_image(vt->reset);
+ boot_platform_quit(vt);
}
int main(void)
diff --git a/bl2/include/boot_hal.h b/bl2/include/boot_hal.h
index 03ff53bfa..eaf4368e8 100644
--- a/bl2/include/boot_hal.h
+++ b/bl2/include/boot_hal.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020 STMicroelectronics. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -14,6 +15,11 @@
extern "C" {
#endif
+struct boot_arm_vector_table {
+ uint32_t msp;
+ uint32_t reset;
+};
+
/*
* \brief It clears that part of the RAM which was used by MCUBoot, expect the
* TFM_SHARED_DATA area, which is used to pass data to the TF-M runtime.
@@ -32,6 +38,14 @@ extern "C" {
*/
void boot_clear_bl2_ram_area(void);
+/*
+ * \brief Chain-loading the next image in the boot sequence.
+ * Can be overridden for platform specific initialization.
+ * \param[in] reset_handler_addr Address of next image's Reset_Handler() in
+ the boot chain (TF-M SPE, etc.)
+ */
+void boot_jump_to_next_image(uint32_t reset_handler_addr);
+
/**
* \brief Platform peripherals and devices initialization.
* Can be overridden for platform specific initialization.
@@ -40,6 +54,14 @@ void boot_clear_bl2_ram_area(void);
*/
int32_t boot_platform_init(void);
+/**
+ * \brief Platform operation to start secure image.
+ * Can be overridden for platform specific initialization.
+ *
+ * \param[in] vt pointer to secure application vector table descriptor
+ */
+void boot_platform_quit(struct boot_arm_vector_table *vt);
+
#ifdef __cplusplus
}
#endif