commit 3ede971de5d707bf1dbe0c551fed69861b8ad0fc
author Jamie Fox <jamie.fox@arm.com> Mon Sep 28 23:14:54 2020 +0100
committer Ken Liu <ken.liu@arm.com> Tue Oct 13 07:53:43 2020 +0000
tree 9a99737fc9b28df3cbd9bb23cc384d1b73261ff3
parent b78795ade2c43a4d1904b8a8a0bd881a4aef64a4

Arch: Explicitly set the priority of faults

Explicitly set the priority of faults that may indicate corruption of
secure state to less than 0x80, to prevent Non-secure from pre-empting
them. The priority is set to the highest, which is also the reset
value, so behaviour should be unchanged.

Change-Id: Icbf7315298ed0c418ee068b98ddad6db85c914c9
Signed-off-by: Jamie Fox <jamie.fox@arm.com>

secure_fw/spm/cmsis_func/arch.c

diff --git a/secure_fw/spm/cmsis_func/arch.c b/secure_fw/spm/cmsis_func/arch.c
index a44e5fc..0f5a937 100644
--- a/secure_fw/spm/cmsis_func/arch.c
+++ b/secure_fw/spm/cmsis_func/arch.c
@@ -256,6 +256,23 @@
 }
 #endif
 
+void tfm_arch_set_fault_priority(void)
+{
+    /* For Armv8-M, set fault priority to less than 0x80 (with AIRCR.PRIS set)
+     * to prevent Non-secure from pre-empting faults that may indicate
+     * corruption of Secure state. For Armv7-M, also set fault priority to the
+     * highest for consistent behaviour.
+     */
+#if defined(__ARM_ARCH_8_1M_MAIN__) || defined(__ARM_ARCH_8M_MAIN__) || \
+    defined(__ARM_ARCH_7M__) || defined(__ARM_ARCH_7EM__)
+    NVIC_SetPriority(MemoryManagement_IRQn, 0);
+    NVIC_SetPriority(BusFault_IRQn, 0);
+#endif
+#if defined(__ARM_ARCH_8_1M_MAIN__) || defined(__ARM_ARCH_8M_MAIN__)
+    NVIC_SetPriority(SecureFault_IRQn, 0);
+#endif
+}
+
 void tfm_arch_configure_coprocessors(void)
 {
 #if defined (__FPU_PRESENT) && (__FPU_PRESENT == 1U)