Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Non-Secure Callable improvements #16055

Merged
merged 2 commits into from
May 30, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions arch/arm/core/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,4 @@ add_subdirectory_ifdef(CONFIG_CPU_CORTEX_M cortex_m)
add_subdirectory_ifdef(CONFIG_ARM_MPU cortex_m/mpu)
add_subdirectory_ifdef(CONFIG_CPU_CORTEX_M_HAS_CMSE cortex_m/cmse)
add_subdirectory_ifdef(CONFIG_ARM_SECURE_FIRMWARE cortex_m/tz)
add_subdirectory_ifdef(CONFIG_ARM_NONSECURE_FIRMWARE cortex_m/tz)
oyvindronningstad marked this conversation as resolved.
Show resolved Hide resolved
31 changes: 24 additions & 7 deletions arch/arm/core/Kconfig
Original file line number Diff line number Diff line change
Expand Up @@ -92,11 +92,19 @@ config ARM_NONSECURE_FIRMWARE
resources of the Cortex-M MCU, and, therefore, it shall avoid
accessing them.

menu "ARM Secure Firmware Options"
depends on ARM_SECURE_FIRMWARE

menu "ARM TrustZone Options"
depends on ARM_SECURE_FIRMWARE || ARM_NONSECURE_FIRMWARE

comment "Secure firmware"
depends on ARM_SECURE_FIRMWARE

comment "Non-secure firmware"
depends on !ARM_SECURE_FIRMWARE

config ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS
bool "Secure Firmware has Secure Entry functions"
depends on ARM_SECURE_FIRMWARE
help
Option indicates that ARM Secure Firmware contains
Secure Entry functions that may be called from
Expand All @@ -120,15 +128,24 @@ config ARM_NSC_REGION_BASE_ADDRESS
a Non-Secure Callable section, depending on the available
security attribution unit (SAU or IDAU) for a given SOC.

config ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS
bool "Non-Secure Firmware uses Secure Entry functions"
depends on ARM_NONSECURE_FIRMWARE
help
Option indicates that ARM Non-Secure Firmware uses Secure
Entry functions provided by the Secure Firmware. The Secure
Firmware must be configured to provide these functions.

config ARM_ENTRY_VENEERS_LIB_NAME
string "Entry Veneers symbol file"
depends on ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS
depends on ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS \
|| ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS
default "libentryveneers.a"
help
Library file to store the symbol table for
the entry veneers. The library may be used
for building a Non-Secure firmware with
access to Secure Entry functions.
Library file to find the symbol table for the entry veneers.
The library will typically come from building the Secure
Firmware that contains secure entry functions, and allows
the Non-Secure Firmware to call into the Secure Firmware.

endmenu

Expand Down
28 changes: 20 additions & 8 deletions arch/arm/core/cortex_m/tz/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -2,22 +2,34 @@

# '-mcmse' enables the generation of code for the Secure state of the ARMv8-M
# Security Extensions. This option is required when building a Secure firmware.
zephyr_compile_options(-mcmse)
zephyr_compile_options_ifdef(CONFIG_ARM_SECURE_FIRMWARE -mcmse)

if(CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS)

# --out-implib and --cmse-implib instruct the linker to produce
# an import library that consists of a relocatable file containing
# only a symbol table with the entry veneers. The library may be used
# when building a Non-Secure image which shall have access to Secure
# Entry functions.
# --out-implib and --cmse-implib instruct the linker to produce
# an import library that consists of a relocatable file containing
# only a symbol table with the entry veneers. The library may be used
# when building a Non-Secure image which shall have access to Secure
# Entry functions.
zephyr_ld_options(
${LINKERFLAGPREFIX},--out-implib=${CONFIG_ARM_ENTRY_VENEERS_LIB_NAME}
${LINKERFLAGPREFIX},--out-implib=${CMAKE_BINARY_DIR}/${CONFIG_ARM_ENTRY_VENEERS_LIB_NAME}
)

zephyr_ld_options(
${LINKERFLAGPREFIX},--cmse-implib
)

# Indicate that the entry veneers library file is created during linking of this firmware.
set_property(
GLOBAL APPEND PROPERTY
extra_post_build_byproducts
${CMAKE_BINARY_DIR}/${CONFIG_ARM_ENTRY_VENEERS_LIB_NAME}
)
endif()

zephyr_sources(arm_core_tz.c)
# Link the entry veneers library file with the Non-Secure Firmware that needs it.
zephyr_link_libraries_ifdef(CONFIG_ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS
oyvindronningstad marked this conversation as resolved.
Show resolved Hide resolved
${CMAKE_BINARY_DIR}/${CONFIG_ARM_ENTRY_VENEERS_LIB_NAME}
)

zephyr_sources_ifdef(CONFIG_ARM_SECURE_FIRMWARE arm_core_tz.c)
ioannisg marked this conversation as resolved.
Show resolved Hide resolved
54 changes: 38 additions & 16 deletions include/arch/arm/cortex_m/scripts/linker.ld
Original file line number Diff line number Diff line change
Expand Up @@ -264,22 +264,6 @@ SECTIONS
. = ALIGN(4);
} GROUP_LINK_IN(ROMABLE_REGION)

#if defined CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS
#if CONFIG_ARM_NSC_REGION_BASE_ADDRESS != 0
SECTION_PROLOGUE(.gnu.sgstubs,CONFIG_ARM_NSC_REGION_BASE_ADDRESS,)
#else
SECTION_PROLOGUE(.gnu.sgstubs,,)
#endif /* CONFIG_ARM_NSC_REGION_BASE_ADDRESS != 0 */
{
. = ALIGN(4);
__sg_start = .;
*(.gnu*)
. = ALIGN(4);
__sg_end = .;
__sg_size = __sg_end - __sg_start;
} GROUP_LINK_IN(ROMABLE_REGION)
#endif /* CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS */

_image_rodata_end = .;
MPU_ALIGN(_image_rodata_end -_image_rom_start);
_image_rom_end = .;
Expand Down Expand Up @@ -450,6 +434,44 @@ SECTIONS
KEEP(*(.gnu.attributes))
}

#if defined(CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS)
#if CONFIG_ARM_NSC_REGION_BASE_ADDRESS != 0
#define NSC_ALIGN . = ABSOLUTE(CONFIG_ARM_NSC_REGION_BASE_ADDRESS)
#elif defined(CONFIG_CPU_HAS_NRF_IDAU)
/* The nRF9160 needs the NSC region to be at the end of a 32 kB region. */
#define NSC_ALIGN . = ALIGN(0x8000) - (1 << LOG2CEIL(__sg_size))
#else
#define NSC_ALIGN . = ALIGN(4)
#endif

#ifdef CONFIG_CPU_HAS_NRF_IDAU
#define NSC_ALIGN_END . = ALIGN(0x8000)
#else
#define NSC_ALIGN_END . = ALIGN(4)
#endif

SECTION_PROLOGUE(.gnu.sgstubs,,)
{
NSC_ALIGN;
__sg_start = .;
/* No input section necessary, since the Secure Entry Veneers are
automatically placed after the .gnu.sgstubs output section. */
} GROUP_LINK_IN(ROMABLE_REGION)
__sg_end = .;
__sg_size = __sg_end - __sg_start;
NSC_ALIGN_END;
__nsc_size = . - __sg_start;

#ifdef CONFIG_CPU_HAS_NRF_IDAU
ASSERT(1 << LOG2CEIL(0x8000 - (__sg_start % 0x8000))
== (0x8000 - (__sg_start % 0x8000))
&& (0x8000 - (__sg_start % 0x8000)) >= 32
&& (0x8000 - (__sg_start % 0x8000)) <= 4096,
"The Non-Secure Callable region size must be a power of 2 \
between 32 and 4096 bytes.")
#endif
#endif /* CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS */

/* Must be last in romable region */
SECTION_PROLOGUE(.last_section,(NOLOAD),)
{
Expand Down