Merge pull request ARMmbed#10 from niklas-arm/uvisor_supported

Add secure access to CMSIS and use in K64F HAL

Author: meriac

hal/targets/cmsis/TARGET_Freescale/TARGET_K64F/cmsis_nvic.c

@@ -32,11 +32,11 @@
 
 extern void InstallIRQHandler(IRQn_Type irq, uint32_t irqHandler);
 
-void NVIC_SetVector(IRQn_Type IRQn, uint32_t vector) {
+void __NVIC_SetVector(IRQn_Type IRQn, uint32_t vector) {
     InstallIRQHandler(IRQn, vector);
 }
 
-uint32_t NVIC_GetVector(IRQn_Type IRQn) {
+uint32_t __NVIC_GetVector(IRQn_Type IRQn) {
     uint32_t *vectors = (uint32_t*)SCB->VTOR;
     return vectors[IRQn + 16];
 }

hal/targets/cmsis/TARGET_Freescale/TARGET_K64F/cmsis_nvic.h

@@ -41,8 +41,8 @@
 extern "C" {
 #endif
 
-void NVIC_SetVector(IRQn_Type IRQn, uint32_t vector);
-uint32_t NVIC_GetVector(IRQn_Type IRQn);
+void __NVIC_SetVector(IRQn_Type IRQn, uint32_t vector);
+uint32_t __NVIC_GetVector(IRQn_Type IRQn);
 
 #ifdef __cplusplus
 }

hal/targets/cmsis/core_cm4.h

@@ -1502,6 +1502,35 @@ typedef struct
     @{
  */
 
+#ifdef CMSIS_NVIC_VIRTUAL
+  #ifndef CMSIS_NVIC_VIRTUAL_HEADER_FILE
+    #define CMSIS_NVIC_VIRTUAL_HEADER_FILE "cmsis_nvic_virtual.h"
+  #endif
+  #include CMSIS_NVIC_VIRTUAL_HEADER_FILE
+#else
+  #define NVIC_SetPriorityGrouping    __NVIC_SetPriorityGrouping
+  #define NVIC_GetPriorityGrouping    __NVIC_GetPriorityGrouping
+  #define NVIC_EnableIRQ              __NVIC_EnableIRQ
+  #define NVIC_DisableIRQ             __NVIC_DisableIRQ
+  #define NVIC_GetPendingIRQ          __NVIC_GetPendingIRQ
+  #define NVIC_SetPendingIRQ          __NVIC_SetPendingIRQ
+  #define NVIC_ClearPendingIRQ        __NVIC_ClearPendingIRQ
+  #define NVIC_GetActive              __NVIC_GetActive
+  #define NVIC_SetPriority            __NVIC_SetPriority
+  #define NVIC_GetPriority            __NVIC_GetPriority
+#endif /* CMSIS_NVIC_VIRTUAL */
+
+#ifdef CMSIS_VECTAB_VIRTUAL
+  #ifndef CMSIS_VECTAB_VIRTUAL_HEADER_FILE
+    #define CMSIS_VECTAB_VIRTUAL_HEADER_FILE "cmsis_vectab_virtual.h"
+  #endif
+  #include CMSIS_VECTAB_VIRTUAL_HEADER_FILE
+#else
+  #define NVIC_SetVector              __NVIC_SetVector
+  #define NVIC_GetVector              __NVIC_GetVector
+#endif  /* CMSIS_VECTAB_VIRTUAL */
+
+
 /** \brief  Set Priority Grouping
 
   The function sets the priority grouping field using the required unlock sequence.
@@ -1512,7 +1541,7 @@ typedef struct
 
     \param [in]      PriorityGroup  Priority grouping field.
  */
-__STATIC_INLINE void NVIC_SetPriorityGrouping(uint32_t PriorityGroup)
+__STATIC_INLINE void __NVIC_SetPriorityGrouping(uint32_t PriorityGroup)
 {
   uint32_t reg_value;
   uint32_t PriorityGroupTmp = (PriorityGroup & (uint32_t)0x07UL);             /* only values 0..7 are used          */
@@ -1532,7 +1561,7 @@ __STATIC_INLINE void NVIC_SetPriorityGrouping(uint32_t PriorityGroup)
 
     \return                Priority grouping field (SCB->AIRCR [10:8] PRIGROUP field).
  */
-__STATIC_INLINE uint32_t NVIC_GetPriorityGrouping(void)
+__STATIC_INLINE uint32_t __NVIC_GetPriorityGrouping(void)
 {
   return ((uint32_t)((SCB->AIRCR & SCB_AIRCR_PRIGROUP_Msk) >> SCB_AIRCR_PRIGROUP_Pos));
 }
@@ -1544,7 +1573,7 @@ __STATIC_INLINE uint32_t NVIC_GetPriorityGrouping(void)
 
     \param [in]      IRQn  External interrupt number. Value cannot be negative.
  */
-__STATIC_INLINE void NVIC_EnableIRQ(IRQn_Type IRQn)
+__STATIC_INLINE void __NVIC_EnableIRQ(IRQn_Type IRQn)
 {
   NVIC->ISER[(((uint32_t)(int32_t)IRQn) >> 5UL)] = (uint32_t)(1UL << (((uint32_t)(int32_t)IRQn) & 0x1FUL));
 }
@@ -1556,7 +1585,7 @@ __STATIC_INLINE void NVIC_EnableIRQ(IRQn_Type IRQn)
 
     \param [in]      IRQn  External interrupt number. Value cannot be negative.
  */
-__STATIC_INLINE void NVIC_DisableIRQ(IRQn_Type IRQn)
+__STATIC_INLINE void __NVIC_DisableIRQ(IRQn_Type IRQn)
 {
   NVIC->ICER[(((uint32_t)(int32_t)IRQn) >> 5UL)] = (uint32_t)(1UL << (((uint32_t)(int32_t)IRQn) & 0x1FUL));
 }
@@ -1572,7 +1601,7 @@ __STATIC_INLINE void NVIC_DisableIRQ(IRQn_Type IRQn)
     \return             0  Interrupt status is not pending.
     \return             1  Interrupt status is pending.
  */
-__STATIC_INLINE uint32_t NVIC_GetPendingIRQ(IRQn_Type IRQn)
+__STATIC_INLINE uint32_t __NVIC_GetPendingIRQ(IRQn_Type IRQn)
 {
   return((uint32_t)(((NVIC->ISPR[(((uint32_t)(int32_t)IRQn) >> 5UL)] & (1UL << (((uint32_t)(int32_t)IRQn) & 0x1FUL))) != 0UL) ? 1UL : 0UL));
 }
@@ -1584,7 +1613,7 @@ __STATIC_INLINE uint32_t NVIC_GetPendingIRQ(IRQn_Type IRQn)
 
     \param [in]      IRQn  Interrupt number. Value cannot be negative.
  */
-__STATIC_INLINE void NVIC_SetPendingIRQ(IRQn_Type IRQn)
+__STATIC_INLINE void __NVIC_SetPendingIRQ(IRQn_Type IRQn)
 {
   NVIC->ISPR[(((uint32_t)(int32_t)IRQn) >> 5UL)] = (uint32_t)(1UL << (((uint32_t)(int32_t)IRQn) & 0x1FUL));
 }
@@ -1596,7 +1625,7 @@ __STATIC_INLINE void NVIC_SetPendingIRQ(IRQn_Type IRQn)
 
     \param [in]      IRQn  External interrupt number. Value cannot be negative.
  */
-__STATIC_INLINE void NVIC_ClearPendingIRQ(IRQn_Type IRQn)
+__STATIC_INLINE void __NVIC_ClearPendingIRQ(IRQn_Type IRQn)
 {
   NVIC->ICPR[(((uint32_t)(int32_t)IRQn) >> 5UL)] = (uint32_t)(1UL << (((uint32_t)(int32_t)IRQn) & 0x1FUL));
 }
@@ -1611,7 +1640,7 @@ __STATIC_INLINE void NVIC_ClearPendingIRQ(IRQn_Type IRQn)
     \return             0  Interrupt status is not active.
     \return             1  Interrupt status is active.
  */
-__STATIC_INLINE uint32_t NVIC_GetActive(IRQn_Type IRQn)
+__STATIC_INLINE uint32_t __NVIC_GetActive(IRQn_Type IRQn)
 {
   return((uint32_t)(((NVIC->IABR[(((uint32_t)(int32_t)IRQn) >> 5UL)] & (1UL << (((uint32_t)(int32_t)IRQn) & 0x1FUL))) != 0UL) ? 1UL : 0UL));
 }
@@ -1626,7 +1655,7 @@ __STATIC_INLINE uint32_t NVIC_GetActive(IRQn_Type IRQn)
     \param [in]      IRQn  Interrupt number.
     \param [in]  priority  Priority to set.
  */
-__STATIC_INLINE void NVIC_SetPriority(IRQn_Type IRQn, uint32_t priority)
+__STATIC_INLINE void __NVIC_SetPriority(IRQn_Type IRQn, uint32_t priority)
 {
   if((int32_t)IRQn < 0) {
     SCB->SHP[(((uint32_t)(int32_t)IRQn) & 0xFUL)-4UL] = (uint8_t)((priority << (8 - __NVIC_PRIO_BITS)) & (uint32_t)0xFFUL);
@@ -1648,7 +1677,7 @@ __STATIC_INLINE void NVIC_SetPriority(IRQn_Type IRQn, uint32_t priority)
     \return             Interrupt Priority. Value is aligned automatically to the implemented
                         priority bits of the microcontroller.
  */
-__STATIC_INLINE uint32_t NVIC_GetPriority(IRQn_Type IRQn)
+__STATIC_INLINE uint32_t __NVIC_GetPriority(IRQn_Type IRQn)
 {
 
   if((int32_t)IRQn < 0) {

hal/targets/cmsis/core_cmSecureAccess.h

@@ -0,0 +1,201 @@
+/**************************************************************************//**
+ * @file     core_cmSecureAccess.h
+ * @brief    CMSIS Cortex-M Core Secure Access Header File
+ * @version  XXX
+ * @date     10. June 2016
+ *
+ * @note
+ *
+ ******************************************************************************/
+/* Copyright (c) 2016 ARM LIMITED
+
+   All rights reserved.
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions are met:
+   - Redistributions of source code must retain the above copyright
+     notice, this list of conditions and the following disclaimer.
+   - Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in the
+     documentation and/or other materials provided with the distribution.
+   - Neither the name of ARM nor the names of its contributors may be used
+     to endorse or promote products derived from this software without
+     specific prior written permission.
+   *
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+   AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+   ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDERS AND CONTRIBUTORS BE
+   LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+   CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+   SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+   CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+   ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+   POSSIBILITY OF SUCH DAMAGE.
+   ---------------------------------------------------------------------------*/
+
+
+#ifndef __CORE_CM_SECURE_ACCESS_H
+#define __CORE_CM_SECURE_ACCESS_H
+
+
+/* ###########################  Core Secure Access  ########################### */
+
+#ifdef FEATURE_UVISOR
+#include "uvisor-lib.h"
+
+/* Secure uVisor implementation. */
+
+/** Set the value at the target address.
+ *
+ * Equivalent to: `*address = value`.
+ * @param address[in]  Target address
+ * @param value[in]    Value to write at the address location.
+ */
+#define SECURE_WRITE(address, value) \
+    uvisor_write(main, UVISOR_RGW_SHARED, address, value, UVISOR_RGW_OP_WRITE, 0xFFFFFFFFUL)
+
+/** Get the value at the target address.
+ *
+ * @param address[in]  Target address
+ * @returns The value `*address`.
+ */
+#define SECURE_READ(address) \
+    uvisor_read(main, UVISOR_RGW_SHARED, address, UVISOR_RGW_OP_READ, 0xFFFFFFFFUL)
+
+/** Get the selected bits at the target address.
+ *
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ * @returns The value `*address & mask`.
+ */
+#define SECURE_BITS_GET(address, mask) \
+    UVISOR_BITS_GET(main, UVISOR_RGW_SHARED, address, mask)
+
+/** Check the selected bits at the target address.
+ *
+ * @param address[in]  Address at which to check the bits
+ * @param mask[in]     Bits to select out of the target address
+ * @returns The value `((*address & mask) == mask)`.
+ */
+#define SECURE_BITS_CHECK(address, mask) \
+    UVISOR_BITS_CHECK(main, UVISOR_RGW_SHARED, address, mask)
+
+/** Set the selected bits to 1 at the target address.
+ *
+ * Equivalent to: `*address |= mask`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ */
+#define SECURE_BITS_SET(address, mask) \
+    UVISOR_BITS_SET(main, UVISOR_RGW_SHARED, address, mask)
+
+/** Clear the selected bits at the target address.
+ *
+ * Equivalent to: `*address &= ~mask`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ */
+#define SECURE_BITS_CLEAR(address, mask) \
+    UVISOR_BITS_CLEAR(main, UVISOR_RGW_SHARED, address, mask)
+
+/** Set the selected bits at the target address to the given value.
+ *
+ * Equivalent to: `*address = (*address & ~mask) | (value & mask)`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ * @param value[in]    Value to write at the address location. Note: The value
+ *                     must be already shifted to the correct bit position
+ */
+#define SECURE_BITS_SET_VALUE(address, mask, value) \
+    UVISOR_BITS_SET_VALUE(main, UVISOR_RGW_SHARED, address, mask, value)
+
+/** Toggle the selected bits at the target address.
+ *
+ * Equivalent to: `*address ^= mask`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ */
+#define SECURE_BITS_TOGGLE(address, mask) \
+    UVISOR_BITS_TOGGLE(main, UVISOR_RGW_SHARED, address, mask)
+
+#else
+
+/* Insecure fallback implementation. */
+
+/** Set the value at the target address.
+ *
+ * Equivalent to: `*address = value`.
+ * @param address[in]  Target address
+ * @param value[in]    Value to write at the address location.
+ */
+#define SECURE_WRITE(address, value) \
+    *(address) = (value)
+
+/** Get the value at the target address.
+ *
+ * @param address[in]  Target address
+ * @returns The value `*address`.
+ */
+#define SECURE_READ(address) \
+    (*(address))
+
+/** Get the selected bits at the target address.
+ *
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ * @returns The value `*address & mask`.
+ */
+#define SECURE_BITS_GET(address, mask) \
+    (*(address) & (mask))
+
+/** Check the selected bits at the target address.
+ *
+ * @param address[in]  Address at which to check the bits
+ * @param mask[in]     Bits to select out of the target address
+ * @returns The value `((*address & mask) == mask)`.
+ */
+#define SECURE_BITS_CHECK(address, mask) \
+    ((*(address) & (mask)) == (mask))
+
+/** Set the selected bits to 1 at the target address.
+ *
+ * Equivalent to: `*address |= mask`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ */
+#define SECURE_BITS_SET(address, mask) \
+    *(address) |= (mask)
+
+/** Clear the selected bits at the target address.
+ *
+ * Equivalent to: `*address &= ~mask`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ */
+#define SECURE_BITS_CLEAR(address, mask) \
+    *(address) &= ~(mask)
+
+/** Set the selected bits at the target address to the given value.
+ *
+ * Equivalent to: `*address = (*address & ~mask) | (value & mask)`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ * @param value[in]    Value to write at the address location. Note: The value
+ *                     must be already shifted to the correct bit position
+ */
+#define SECURE_BITS_SET_VALUE(address, mask, value) \
+    *(address) = (*(address) & ~(mask)) | ((value) & (mask))
+
+/** Toggle the selected bits at the target address.
+ *
+ * Equivalent to: `*address ^= mask`.
+ * @param address[in]  Target address
+ * @param mask[in]     Bits to select out of the target address
+ */
+#define SECURE_BITS_TOGGLE(address, mask) \
+    *(address) ^= (mask)
+
+#endif
+
+#endif /* __CORE_CM_SECURE_ACCESS_H */