diff options
author | Damian Krolik <damian.krolik@nordicsemi.no> | 2021-08-11 11:42:45 +0200 |
---|---|---|
committer | David Hu <david.hu@arm.com> | 2021-09-17 09:01:01 +0200 |
commit | 960d63e0eddb2906d3937e48e7b260a9b64236ef (patch) | |
tree | ce3d1332f93b169451f0154b492992ad4ce3f628 /platform | |
parent | 9e037fe27acb8f2f25ed53187d65143d5e65eaa6 (diff) | |
download | trusted-firmware-m-960d63e0eddb2906d3937e48e7b260a9b64236ef.tar.gz |
platform: nordic_nrf: add non-secure storage partition
If the newly added CMake variable NRF_NS_STORAGE=ON, then
configure the last 32KiB of the flash to be non-secure.
This is to allow non-secure applications to use the
non-volatile storage.
Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no>
Change-Id: I337a26706298aa56051afd8a9acdbc63208f0610
Diffstat (limited to 'platform')
13 files changed, 96 insertions, 4 deletions
diff --git a/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld b/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld index 5b748626f5..663b3dd80d 100644 --- a/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld +++ b/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld @@ -642,5 +642,9 @@ VENEERS() Load$$LR$$LR_SECONDARY_PARTITION$$Base = SECONDARY_PARTITION_START; #endif /* BL2 */ +#ifdef NRF_NS_STORAGE + Load$$LR$$LR_NRF_NS_STORAGE_PARTITION$$Base = NRF_NS_STORAGE_PARTITION_START; +#endif /* NRF_NS_STORAGE */ + PROVIDE(__stack = Image$$ER_INITIAL_PSP$$ZI$$Limit); } diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt b/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt index 50bb1ee2d7..27c216b002 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt +++ b/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt @@ -88,3 +88,10 @@ if(BL2) NRF5340_XXAA_APPLICATION ) endif() + +#========================= Platform region defs ===============================# + +target_compile_definitions(platform_region_defs + INTERFACE + $<$<BOOL:${NRF_NS_STORAGE}>:NRF_NS_STORAGE> +) diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake b/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake index b421d9ce15..306e7a8d63 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake +++ b/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake @@ -9,3 +9,4 @@ set(SECURE_UART1 ON CACHE BOOL "Enable secure UART1") set(PSA_API_TEST_TARGET "nrf5340" CACHE STRING "PSA API test target") set(ITS_NUM_ASSETS "5" CACHE STRING "The maximum number of assets to be stored in the Internal Trusted Storage area") +set(NRF_NS_STORAGE OFF CACHE BOOL "Enable non-secure storage partition") diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h b/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h index adbd85473a..7be0bb8609 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h +++ b/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h @@ -30,7 +30,9 @@ * 0x000f_0000 Protected Storage Area (16 KB) * 0x000f_4000 Internal Trusted Storage Area (8 KB) * 0x000f_6000 NV counters area (4 KB) - * 0x000f_7000 Unused + * 0x000f_7000 Unused (4 KB) + * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON, + * otherwise unused (32 KB) * * Flash layout on NRF5340 Application MCU without BL2: * @@ -40,7 +42,9 @@ * 0x000f_0000 Protected Storage Area (16 KB) * 0x000f_4000 Internal Trusted Storage Area (8 KB) * 0x000f_6000 NV counters area (4 KB) - * 0x000f_7000 Unused + * 0x000f_7000 Unused (4 KB) + * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON, + * otherwise unused (32 KB) */ /* This header file is included from linker scatter file as well, where only a @@ -155,6 +159,11 @@ FLASH_ITS_AREA_SIZE) #define FLASH_NV_COUNTERS_AREA_SIZE (FLASH_AREA_IMAGE_SECTOR_SIZE) +/* Non-secure storage region */ +#define NRF_FLASH_NS_STORAGE_AREA_OFFSET (FLASH_TOTAL_SIZE - \ + NRF_FLASH_NS_STORAGE_AREA_SIZE) +#define NRF_FLASH_NS_STORAGE_AREA_SIZE (0x8000) /* 32 KB */ + /* PSA MMIO Area definitions */ #define FLASH_MMIO_AREA_OFFSET (FLASH_NV_COUNTERS_AREA_OFFSET + \ FLASH_NV_COUNTERS_AREA_SIZE) diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h b/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h index 99dcf7e703..0fa00d79da 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h +++ b/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h @@ -148,6 +148,11 @@ #define SECONDARY_PARTITION_SIZE (FLASH_S_PARTITION_SIZE + \ FLASH_NS_PARTITION_SIZE) +/* Non-secure storage region */ +#define NRF_NS_STORAGE_PARTITION_START \ + (NS_ROM_ALIAS(NRF_FLASH_NS_STORAGE_AREA_OFFSET)) +#define NRF_NS_STORAGE_PARTITION_SIZE (NRF_FLASH_NS_STORAGE_AREA_SIZE) + #ifdef BL2 /* Bootloader regions */ #define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET)) diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c index b6553c286a..527b6d8671 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c +++ b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c @@ -70,6 +70,9 @@ REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit); #ifdef BL2 REGION_DECLARE(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base); #endif /* BL2 */ +#ifdef NRF_NS_STORAGE +REGION_DECLARE(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base); +#endif /* NRF_NS_STORAGE */ const struct memory_region_limits memory_regions = { .non_secure_code_start = @@ -97,6 +100,14 @@ const struct memory_region_limits memory_regions = { (uint32_t)®ION_NAME(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base) + SECONDARY_PARTITION_SIZE - 1, #endif /* BL2 */ + +#ifdef NRF_NS_STORAGE + .non_secure_storage_partition_base = + (uint32_t)®ION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base), + .non_secure_storage_partition_limit = + (uint32_t)®ION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base) + + NRF_NS_STORAGE_PARTITION_SIZE - 1, +#endif /* NRF_NS_STORAGE */ }; /* To write into AIRCR register, 0x5FA value must be write to the VECTKEY field, @@ -231,6 +242,13 @@ enum tfm_plat_err_t spu_init_cfg(void) memory_regions.secondary_partition_limit); #endif /* BL2 */ +#ifdef NRF_NS_STORAGE + /* Configures storage partition to be non-secure */ + spu_regions_flash_config_non_secure( + memory_regions.non_secure_storage_partition_base, + memory_regions.non_secure_storage_partition_limit); +#endif /* NRF_NS_STORAGE */ + return TFM_PLAT_ERR_SUCCESS; } diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h index ab0434aeb0..f590bb4e6f 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h +++ b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h @@ -50,6 +50,10 @@ struct memory_region_limits { uint32_t secondary_partition_base; uint32_t secondary_partition_limit; #endif /* BL2 */ +#ifdef NRF_NS_STORAGE + uint32_t non_secure_storage_partition_base; + uint32_t non_secure_storage_partition_limit; +#endif /* NRF_NS_STORAGE */ }; /** diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt b/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt index 29f8759453..fbbd567002 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt +++ b/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt @@ -88,3 +88,10 @@ if(BL2) NRF9160_XXAA ) endif() + +#========================= Platform region defs ===============================# + +target_compile_definitions(platform_region_defs + INTERFACE + $<$<BOOL:${NRF_NS_STORAGE}>:NRF_NS_STORAGE> +) diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake b/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake index d0131a38e9..a5d3a7020a 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake +++ b/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake @@ -9,3 +9,4 @@ set(SECURE_UART1 ON CACHE BOOL "Enable secure UART1") set(PSA_API_TEST_TARGET "nrf9160" CACHE STRING "PSA API test target") set(ITS_NUM_ASSETS "5" CACHE STRING "The maximum number of assets to be stored in the Internal Trusted Storage area") +set(NRF_NS_STORAGE OFF CACHE BOOL "Enable non-secure storage partition") diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h b/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h index a1c78ac6ad..5a6b275c0d 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h +++ b/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h @@ -30,7 +30,9 @@ * 0x000f_0000 Protected Storage Area (20 KB) * 0x000f_4000 Internal Trusted Storage Area (16 KB) * 0x000f_6000 NV counters area (4 KB) - * 0x000f_7000 Unused + * 0x000f_7000 Unused (4 KB) + * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON, + * otherwise unused (32 KB) * * Flash layout on NRF9160 without BL2: * @@ -40,7 +42,9 @@ * 0x000f_0000 Protected Storage Area (16 KB) * 0x000f_4000 Internal Trusted Storage Area (8 KB) * 0x000f_6000 NV counters area (4 KB) - * 0x000f_7000 Unused + * 0x000f_7000 Unused (4 KB) + * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON, + * otherwise unused (32 KB) */ /* This header file is included from linker scatter file as well, where only a @@ -156,6 +160,11 @@ FLASH_ITS_AREA_SIZE) #define FLASH_NV_COUNTERS_AREA_SIZE (FLASH_AREA_IMAGE_SECTOR_SIZE) +/* Non-secure storage region */ +#define NRF_FLASH_NS_STORAGE_AREA_OFFSET (FLASH_TOTAL_SIZE - \ + NRF_FLASH_NS_STORAGE_AREA_SIZE) +#define NRF_FLASH_NS_STORAGE_AREA_SIZE (0x8000) /* 32 KB */ + /* PSA MMIO Area definitions */ #define FLASH_MMIO_AREA_OFFSET (FLASH_NV_COUNTERS_AREA_OFFSET + \ FLASH_NV_COUNTERS_AREA_SIZE) diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h b/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h index f670370e37..8a08e59163 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h +++ b/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h @@ -151,6 +151,11 @@ #define SECONDARY_PARTITION_SIZE (FLASH_S_PARTITION_SIZE + \ FLASH_NS_PARTITION_SIZE) +/* Non-secure storage region */ +#define NRF_NS_STORAGE_PARTITION_START \ + (NS_ROM_ALIAS(NRF_FLASH_NS_STORAGE_AREA_OFFSET)) +#define NRF_NS_STORAGE_PARTITION_SIZE (NRF_FLASH_NS_STORAGE_AREA_SIZE) + #ifdef BL2 /* Bootloader regions */ #define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET)) diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c index 7365bb8f53..ccd32edc03 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c +++ b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c @@ -68,6 +68,9 @@ REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit); #ifdef BL2 REGION_DECLARE(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base); #endif /* BL2 */ +#ifdef NRF_NS_STORAGE +REGION_DECLARE(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base); +#endif /* NRF_NS_STORAGE */ const struct memory_region_limits memory_regions = { .non_secure_code_start = @@ -95,6 +98,14 @@ const struct memory_region_limits memory_regions = { (uint32_t)®ION_NAME(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base) + SECONDARY_PARTITION_SIZE - 1, #endif /* BL2 */ + +#ifdef NRF_NS_STORAGE + .non_secure_storage_partition_base = + (uint32_t)®ION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base), + .non_secure_storage_partition_limit = + (uint32_t)®ION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base) + + NRF_NS_STORAGE_PARTITION_SIZE - 1, +#endif /* NRF_NS_STORAGE */ }; /* To write into AIRCR register, 0x5FA value must be write to the VECTKEY field, @@ -211,6 +222,13 @@ enum tfm_plat_err_t spu_init_cfg(void) memory_regions.secondary_partition_limit); #endif /* BL2 */ +#ifdef NRF_NS_STORAGE + /* Configures storage partition to be non-secure */ + spu_regions_flash_config_non_secure( + memory_regions.non_secure_storage_partition_base, + memory_regions.non_secure_storage_partition_limit); +#endif /* NRF_NS_STORAGE */ + return TFM_PLAT_ERR_SUCCESS; } diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h index 3261c7c3d1..c8a83359e6 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h +++ b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h @@ -49,6 +49,10 @@ struct memory_region_limits { uint32_t secondary_partition_base; uint32_t secondary_partition_limit; #endif /* BL2 */ +#ifdef NRF_NS_STORAGE + uint32_t non_secure_storage_partition_base; + uint32_t non_secure_storage_partition_limit; +#endif }; /** |