Platform: stm32l5xx: Fix for ARMCLANG and IAR build
Change-Id: I911408ebccf22873be0d09ef6a873a699dff33c7
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
diff --git a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c
index 5ae1ab5..d387184 100644
--- a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c
+++ b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_com.c
@@ -159,12 +159,12 @@
static uint32_t USART0_GetTxCount(void)
{
- return ARM_DRIVER_ERROR_UNSUPPORTED;
+ return 0;
}
static uint32_t USART0_GetRxCount(void)
{
- return ARM_DRIVER_ERROR_UNSUPPORTED;
+ return 0;
}
static int32_t USART0_Control(uint32_t control, uint32_t arg)
{
diff --git a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c
index 1b43332..dd55ce4 100644
--- a/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c
+++ b/platform/ext/target/stm/stm32l5xx/CMSIS_Driver/low_level_flash.c
@@ -25,7 +25,7 @@
#ifndef ARG_UNUSED
#define ARG_UNUSED(arg) ((void)arg)
#endif /* ARG_UNUSED */
-
+void NMI_Handler(void);
/* config for flash driver */
#define FLASH0_SECTOR_SIZE 0x1000
#define FLASH0_PAGE_SIZE 0x800
diff --git a/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h b/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h
index c793aec..9a1b2ab 100644
--- a/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h
+++ b/platform/ext/target/stm/stm32l5xx/Device/Include/stm32l5xx.h
@@ -54,7 +54,9 @@
#endif /* STM32L5 */
#if defined(__DOMAIN_NS) && (__DOMAIN_NS == 1)
-#undef __ARM_FEATURE_CMSE
+#if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3)
+#error "non secure build with secure option"
+#endif
#endif
/* Uncomment the line below according to the target STM32L5 device used in your
diff --git a/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c b/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c
index f364bf4..4ac9fec 100644
--- a/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c
+++ b/platform/ext/target/stm/stm32l5xx/bl2/tfm_low_level_security.c
@@ -492,7 +492,7 @@
SAU->RNR = 3;
SAU->RBAR = ((uint32_t)FLASH_BASE_NS + FLASH_AREA_1_OFFSET) & SAU_RBAR_BADDR_Msk;
SAU->RLAR = (((uint32_t)FLASH_BASE_NS + FLASH_AREA_3_OFFSET
- + FLASH_AREA_3_SIZE) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
+ + FLASH_AREA_3_SIZE - 1) & SAU_RLAR_LADDR_Msk) | SAU_RLAR_ENABLE_Msk;
/* Force memory writes before continuing */
__DSB();
/* Flush and refill pipeline with updated permissions */
@@ -520,10 +520,10 @@
/* descriptor 0 is set execute readonly before jumping in Secure application */
region_cfg.region_nr = 0;
region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_0_OFFSET ;
- region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE;
+ region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -531,10 +531,10 @@
}
region_cfg.region_nr = 1;
region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_1_OFFSET ;
- region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE;
+ region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -545,7 +545,7 @@
region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_BL2_OFFSET - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -556,7 +556,7 @@
region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -565,10 +565,10 @@
/* Forbid execuction on full SRAM area */
region_cfg.region_nr = 4;
region_cfg.region_base = SRAM1_BASE_S ;
- region_cfg.region_limit = SRAM1_BASE_S + TOTAL_RAM_SIZE;
+ region_cfg.region_limit = SRAM1_BASE_S + TOTAL_RAM_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -580,7 +580,7 @@
region_cfg.region_limit = PERIPH_BASE_S + 0xFFFFFFF;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -594,10 +594,10 @@
/* reduced execution to all flash during control */
region_cfg.region_nr = 0;
region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_1_OFFSET;
- region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE;
+ region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -605,10 +605,10 @@
}
region_cfg.region_nr = 1;
region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_2_OFFSET;
- region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE;
+ region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_3_OFFSET + FLASH_AREA_3_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -621,10 +621,10 @@
#else
region_cfg.region_base = SRAM1_BASE_NS ;
#endif /* TFM_ERROR_HANDLER_NON_SECURE */
- region_cfg.region_limit = SRAM1_BASE_NS + TOTAL_RAM_SIZE;
+ region_cfg.region_limit = SRAM1_BASE_NS + TOTAL_RAM_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -635,8 +635,8 @@
region_cfg.region_base = PERIPH_BASE_NS;
region_cfg.region_limit = PERIPH_BASE_NS + 0xFFFFFFF;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DEVICE_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_NEVER;
if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -665,16 +665,17 @@
static void mpu_appli_cfg(void)
{
#ifdef TFM_BOOT_MPU_PROTECTION
- struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
- struct mpu_armv8m_dev_t dev_mpu_ns = { MPU_BASE_NS};
+ /* static variables are used to ensure rodata placement in the specific section */
+ static struct mpu_armv8m_dev_t dev_mpu_s = { MPU_BASE };
+ static struct mpu_armv8m_dev_t dev_mpu_ns = { MPU_BASE_NS};
struct mpu_armv8m_region_cfg_t region_cfg;
/* region 0 is now enable for execution */
region_cfg.region_nr = 0;
region_cfg.region_base = FLASH_BASE_S + FLASH_AREA_0_OFFSET ;
- region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE;
+ region_cfg.region_limit = FLASH_BASE_S + FLASH_AREA_0_OFFSET + FLASH_AREA_0_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
if (mpu_armv8m_region_enable(&dev_mpu_s, ®ion_cfg) != MPU_ARMV8M_OK)
{
@@ -683,15 +684,30 @@
/* region 0 is now enable for execution */
region_cfg.region_nr = 0;
region_cfg.region_base = FLASH_BASE_NS + FLASH_AREA_1_OFFSET;
- region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE;
+ region_cfg.region_limit = FLASH_BASE_NS + FLASH_AREA_1_OFFSET + FLASH_AREA_1_SIZE - 1;
region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
- region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_ONLY;
- region_cfg.attr_sh = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RO_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
{
Error_Handler();
}
+#ifdef TFM_ERROR_HANDLER_NON_SECURE
+ region_cfg.region_base = SRAM1_BASE_NS ;
+ /* Forbid execution on full SRAM area */
+ region_cfg.region_nr = 4;
+ region_cfg.region_base = SRAM1_BASE_NS ;
+ region_cfg.region_limit = SRAM1_BASE_NS + (~MPU_RBAR_BASE_Msk);
+ region_cfg.region_attridx = MPU_ARMV8M_MAIR_ATTR_DATA_IDX;
+ region_cfg.attr_access = MPU_ARMV8M_AP_RW_PRIV_UNPRIV;
+ region_cfg.attr_sh = MPU_ARMV8M_SH_NONE;
+ region_cfg.attr_exec = MPU_ARMV8M_XN_EXEC_OK;
+ if (mpu_armv8m_region_enable(&dev_mpu_ns, ®ion_cfg) != MPU_ARMV8M_OK)
+ {
+ Error_Handler();
+ }
+#endif /* TFM_ERROR_HANDLER_NON_SECURE */
#endif /* TFM_BOOT_MPU_PROTECTION */
}
diff --git a/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h b/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h
index 9264a4d..414724c 100644
--- a/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h
+++ b/platform/ext/target/stm/stm32l5xx/boards/stm32l562e_dk/region_defs.h
@@ -162,10 +162,6 @@
#define SECONDARY_PARTITION_SIZE (FLASH_AREA_2_SIZE)
#ifdef BL2
-/* Personalized region */
-#define PERSO_START (S_ROM_ALIAS(FLASH_AREA_PERSO_OFFSET))
-#define PERSO_SIZE (FLASH_AREA_PERSO_SIZE)
-#define PERSO_LIMIT (PERSO_START + PERSO_SIZE - 1)
/* Bootloader region protected by hdp */
#define BL2_CODE_START (S_ROM_ALIAS(FLASH_AREA_BL2_OFFSET))