aboutsummaryrefslogtreecommitdiff
path: root/platform
diff options
context:
space:
mode:
authorDamian Krolik <damian.krolik@nordicsemi.no>2021-08-11 11:42:45 +0200
committerDavid Hu <david.hu@arm.com>2021-09-17 09:01:01 +0200
commit960d63e0eddb2906d3937e48e7b260a9b64236ef (patch)
treece3d1332f93b169451f0154b492992ad4ce3f628 /platform
parent9e037fe27acb8f2f25ed53187d65143d5e65eaa6 (diff)
downloadtrusted-firmware-m-960d63e0eddb2906d3937e48e7b260a9b64236ef.tar.gz
platform: nordic_nrf: add non-secure storage partition
If the newly added CMake variable NRF_NS_STORAGE=ON, then configure the last 32KiB of the flash to be non-secure. This is to allow non-secure applications to use the non-volatile storage. Signed-off-by: Damian Krolik <damian.krolik@nordicsemi.no> Change-Id: I337a26706298aa56051afd8a9acdbc63208f0610
Diffstat (limited to 'platform')
-rw-r--r--platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld4
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt7
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf5340/config.cmake1
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h13
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h5
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c18
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h4
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt7
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf9160/config.cmake1
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h13
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h5
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c18
-rw-r--r--platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h4
13 files changed, 96 insertions, 4 deletions
diff --git a/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld b/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld
index 5b748626f5..663b3dd80d 100644
--- a/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld
+++ b/platform/ext/target/nordic_nrf/common/core/gcc/nordic_nrf_s.ld
@@ -642,5 +642,9 @@ VENEERS()
Load$$LR$$LR_SECONDARY_PARTITION$$Base = SECONDARY_PARTITION_START;
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+ Load$$LR$$LR_NRF_NS_STORAGE_PARTITION$$Base = NRF_NS_STORAGE_PARTITION_START;
+#endif /* NRF_NS_STORAGE */
+
PROVIDE(__stack = Image$$ER_INITIAL_PSP$$ZI$$Limit);
}
diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt b/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt
index 50bb1ee2d7..27c216b002 100644
--- a/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt
+++ b/platform/ext/target/nordic_nrf/common/nrf5340/CMakeLists.txt
@@ -88,3 +88,10 @@ if(BL2)
NRF5340_XXAA_APPLICATION
)
endif()
+
+#========================= Platform region defs ===============================#
+
+target_compile_definitions(platform_region_defs
+ INTERFACE
+ $<$<BOOL:${NRF_NS_STORAGE}>:NRF_NS_STORAGE>
+)
diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake b/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake
index b421d9ce15..306e7a8d63 100644
--- a/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake
+++ b/platform/ext/target/nordic_nrf/common/nrf5340/config.cmake
@@ -9,3 +9,4 @@
set(SECURE_UART1 ON CACHE BOOL "Enable secure UART1")
set(PSA_API_TEST_TARGET "nrf5340" CACHE STRING "PSA API test target")
set(ITS_NUM_ASSETS "5" CACHE STRING "The maximum number of assets to be stored in the Internal Trusted Storage area")
+set(NRF_NS_STORAGE OFF CACHE BOOL "Enable non-secure storage partition")
diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h b/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h
index adbd85473a..7be0bb8609 100644
--- a/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h
+++ b/platform/ext/target/nordic_nrf/common/nrf5340/partition/flash_layout.h
@@ -30,7 +30,9 @@
* 0x000f_0000 Protected Storage Area (16 KB)
* 0x000f_4000 Internal Trusted Storage Area (8 KB)
* 0x000f_6000 NV counters area (4 KB)
- * 0x000f_7000 Unused
+ * 0x000f_7000 Unused (4 KB)
+ * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON,
+ * otherwise unused (32 KB)
*
* Flash layout on NRF5340 Application MCU without BL2:
*
@@ -40,7 +42,9 @@
* 0x000f_0000 Protected Storage Area (16 KB)
* 0x000f_4000 Internal Trusted Storage Area (8 KB)
* 0x000f_6000 NV counters area (4 KB)
- * 0x000f_7000 Unused
+ * 0x000f_7000 Unused (4 KB)
+ * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON,
+ * otherwise unused (32 KB)
*/
/* This header file is included from linker scatter file as well, where only a
@@ -155,6 +159,11 @@
FLASH_ITS_AREA_SIZE)
#define FLASH_NV_COUNTERS_AREA_SIZE (FLASH_AREA_IMAGE_SECTOR_SIZE)
+/* Non-secure storage region */
+#define NRF_FLASH_NS_STORAGE_AREA_OFFSET (FLASH_TOTAL_SIZE - \
+ NRF_FLASH_NS_STORAGE_AREA_SIZE)
+#define NRF_FLASH_NS_STORAGE_AREA_SIZE (0x8000) /* 32 KB */
+
/* PSA MMIO Area definitions */
#define FLASH_MMIO_AREA_OFFSET (FLASH_NV_COUNTERS_AREA_OFFSET + \
FLASH_NV_COUNTERS_AREA_SIZE)
diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h b/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h
index 99dcf7e703..0fa00d79da 100644
--- a/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h
+++ b/platform/ext/target/nordic_nrf/common/nrf5340/partition/region_defs.h
@@ -148,6 +148,11 @@
#define SECONDARY_PARTITION_SIZE (FLASH_S_PARTITION_SIZE + \
FLASH_NS_PARTITION_SIZE)
+/* Non-secure storage region */
+#define NRF_NS_STORAGE_PARTITION_START \
+ (NS_ROM_ALIAS(NRF_FLASH_NS_STORAGE_AREA_OFFSET))
+#define NRF_NS_STORAGE_PARTITION_SIZE (NRF_FLASH_NS_STORAGE_AREA_SIZE)
+
#ifdef BL2
/* Bootloader regions */
#define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET))
diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c
index b6553c286a..527b6d8671 100644
--- a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c
+++ b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c
@@ -70,6 +70,9 @@ REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
#ifdef BL2
REGION_DECLARE(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base);
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+REGION_DECLARE(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base);
+#endif /* NRF_NS_STORAGE */
const struct memory_region_limits memory_regions = {
.non_secure_code_start =
@@ -97,6 +100,14 @@ const struct memory_region_limits memory_regions = {
(uint32_t)&REGION_NAME(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base) +
SECONDARY_PARTITION_SIZE - 1,
#endif /* BL2 */
+
+#ifdef NRF_NS_STORAGE
+ .non_secure_storage_partition_base =
+ (uint32_t)&REGION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base),
+ .non_secure_storage_partition_limit =
+ (uint32_t)&REGION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base) +
+ NRF_NS_STORAGE_PARTITION_SIZE - 1,
+#endif /* NRF_NS_STORAGE */
};
/* To write into AIRCR register, 0x5FA value must be write to the VECTKEY field,
@@ -231,6 +242,13 @@ enum tfm_plat_err_t spu_init_cfg(void)
memory_regions.secondary_partition_limit);
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+ /* Configures storage partition to be non-secure */
+ spu_regions_flash_config_non_secure(
+ memory_regions.non_secure_storage_partition_base,
+ memory_regions.non_secure_storage_partition_limit);
+#endif /* NRF_NS_STORAGE */
+
return TFM_PLAT_ERR_SUCCESS;
}
diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h
index ab0434aeb0..f590bb4e6f 100644
--- a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h
+++ b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h
@@ -50,6 +50,10 @@ struct memory_region_limits {
uint32_t secondary_partition_base;
uint32_t secondary_partition_limit;
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+ uint32_t non_secure_storage_partition_base;
+ uint32_t non_secure_storage_partition_limit;
+#endif /* NRF_NS_STORAGE */
};
/**
diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt b/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt
index 29f8759453..fbbd567002 100644
--- a/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt
+++ b/platform/ext/target/nordic_nrf/common/nrf9160/CMakeLists.txt
@@ -88,3 +88,10 @@ if(BL2)
NRF9160_XXAA
)
endif()
+
+#========================= Platform region defs ===============================#
+
+target_compile_definitions(platform_region_defs
+ INTERFACE
+ $<$<BOOL:${NRF_NS_STORAGE}>:NRF_NS_STORAGE>
+)
diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake b/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake
index d0131a38e9..a5d3a7020a 100644
--- a/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake
+++ b/platform/ext/target/nordic_nrf/common/nrf9160/config.cmake
@@ -9,3 +9,4 @@
set(SECURE_UART1 ON CACHE BOOL "Enable secure UART1")
set(PSA_API_TEST_TARGET "nrf9160" CACHE STRING "PSA API test target")
set(ITS_NUM_ASSETS "5" CACHE STRING "The maximum number of assets to be stored in the Internal Trusted Storage area")
+set(NRF_NS_STORAGE OFF CACHE BOOL "Enable non-secure storage partition")
diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h b/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h
index a1c78ac6ad..5a6b275c0d 100644
--- a/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h
+++ b/platform/ext/target/nordic_nrf/common/nrf9160/partition/flash_layout.h
@@ -30,7 +30,9 @@
* 0x000f_0000 Protected Storage Area (20 KB)
* 0x000f_4000 Internal Trusted Storage Area (16 KB)
* 0x000f_6000 NV counters area (4 KB)
- * 0x000f_7000 Unused
+ * 0x000f_7000 Unused (4 KB)
+ * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON,
+ * otherwise unused (32 KB)
*
* Flash layout on NRF9160 without BL2:
*
@@ -40,7 +42,9 @@
* 0x000f_0000 Protected Storage Area (16 KB)
* 0x000f_4000 Internal Trusted Storage Area (8 KB)
* 0x000f_6000 NV counters area (4 KB)
- * 0x000f_7000 Unused
+ * 0x000f_7000 Unused (4 KB)
+ * 0x000f_8000 Non-secure storage, used when built with NRF_NS_STORAGE=ON,
+ * otherwise unused (32 KB)
*/
/* This header file is included from linker scatter file as well, where only a
@@ -156,6 +160,11 @@
FLASH_ITS_AREA_SIZE)
#define FLASH_NV_COUNTERS_AREA_SIZE (FLASH_AREA_IMAGE_SECTOR_SIZE)
+/* Non-secure storage region */
+#define NRF_FLASH_NS_STORAGE_AREA_OFFSET (FLASH_TOTAL_SIZE - \
+ NRF_FLASH_NS_STORAGE_AREA_SIZE)
+#define NRF_FLASH_NS_STORAGE_AREA_SIZE (0x8000) /* 32 KB */
+
/* PSA MMIO Area definitions */
#define FLASH_MMIO_AREA_OFFSET (FLASH_NV_COUNTERS_AREA_OFFSET + \
FLASH_NV_COUNTERS_AREA_SIZE)
diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h b/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h
index f670370e37..8a08e59163 100644
--- a/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h
+++ b/platform/ext/target/nordic_nrf/common/nrf9160/partition/region_defs.h
@@ -151,6 +151,11 @@
#define SECONDARY_PARTITION_SIZE (FLASH_S_PARTITION_SIZE + \
FLASH_NS_PARTITION_SIZE)
+/* Non-secure storage region */
+#define NRF_NS_STORAGE_PARTITION_START \
+ (NS_ROM_ALIAS(NRF_FLASH_NS_STORAGE_AREA_OFFSET))
+#define NRF_NS_STORAGE_PARTITION_SIZE (NRF_FLASH_NS_STORAGE_AREA_SIZE)
+
#ifdef BL2
/* Bootloader regions */
#define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET))
diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c
index 7365bb8f53..ccd32edc03 100644
--- a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c
+++ b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c
@@ -68,6 +68,9 @@ REGION_DECLARE(Load$$LR$$, LR_VENEER, $$Limit);
#ifdef BL2
REGION_DECLARE(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base);
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+REGION_DECLARE(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base);
+#endif /* NRF_NS_STORAGE */
const struct memory_region_limits memory_regions = {
.non_secure_code_start =
@@ -95,6 +98,14 @@ const struct memory_region_limits memory_regions = {
(uint32_t)&REGION_NAME(Load$$LR$$, LR_SECONDARY_PARTITION, $$Base) +
SECONDARY_PARTITION_SIZE - 1,
#endif /* BL2 */
+
+#ifdef NRF_NS_STORAGE
+ .non_secure_storage_partition_base =
+ (uint32_t)&REGION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base),
+ .non_secure_storage_partition_limit =
+ (uint32_t)&REGION_NAME(Load$$LR$$, LR_NRF_NS_STORAGE_PARTITION, $$Base) +
+ NRF_NS_STORAGE_PARTITION_SIZE - 1,
+#endif /* NRF_NS_STORAGE */
};
/* To write into AIRCR register, 0x5FA value must be write to the VECTKEY field,
@@ -211,6 +222,13 @@ enum tfm_plat_err_t spu_init_cfg(void)
memory_regions.secondary_partition_limit);
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+ /* Configures storage partition to be non-secure */
+ spu_regions_flash_config_non_secure(
+ memory_regions.non_secure_storage_partition_base,
+ memory_regions.non_secure_storage_partition_limit);
+#endif /* NRF_NS_STORAGE */
+
return TFM_PLAT_ERR_SUCCESS;
}
diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h
index 3261c7c3d1..c8a83359e6 100644
--- a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h
+++ b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h
@@ -49,6 +49,10 @@ struct memory_region_limits {
uint32_t secondary_partition_base;
uint32_t secondary_partition_limit;
#endif /* BL2 */
+#ifdef NRF_NS_STORAGE
+ uint32_t non_secure_storage_partition_base;
+ uint32_t non_secure_storage_partition_limit;
+#endif
};
/**