/******************************************************************************
* @file tz_context.c
* @brief Context Management for Armv8-M TrustZone - Sample implementation
* @version V1.1.1
* @date 10. January 2018
******************************************************************************/
/*
* Copyright (c) 2016-2018 Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "RTE_Components.h"
#include CMSIS_device_header
#include "tz_context.h"
/// Number of process slots (threads may call secure library code)
#ifndef TZ_PROCESS_STACK_SLOTS
#define TZ_PROCESS_STACK_SLOTS 8U
#endif
/// Stack size of the secure library code
#ifndef TZ_PROCESS_STACK_SIZE
#define TZ_PROCESS_STACK_SIZE 256U
#endif
typedef struct {
uint32_t sp_top; // stack space top
uint32_t sp_limit; // stack space limit
uint32_t sp; // current stack pointer
} stack_info_t;
static stack_info_t ProcessStackInfo [TZ_PROCESS_STACK_SLOTS];
static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][TZ_PROCESS_STACK_SIZE/8U];
static uint32_t ProcessStackFreeSlot = 0xFFFFFFFFU;
/// Initialize secure context memory system
/// \return execution status (1: success, 0: error)
__attribute__((cmse_nonsecure_entry))
uint32_t TZ_InitContextSystem_S (void) {
uint32_t n;
if (__get_IPSR() == 0U) {
return 0U; // Thread Mode
}
for (n = 0U; n < TZ_PROCESS_STACK_SLOTS; n++) {
ProcessStackInfo[n].sp = 0U;
ProcessStackInfo[n].sp_limit = (uint32_t)&ProcessStackMemory[n];
ProcessStackInfo[n].sp_top = (uint32_t)&ProcessStackMemory[n] + TZ_PROCESS_STACK_SIZE;
*((uint32_t *)ProcessStackMemory[n]) = n + 1U;
}
*((uint32_t *)ProcessStackMemory[--n]) = 0xFFFFFFFFU;
ProcessStackFreeSlot = 0U;
// Default process stack pointer and stack limit
__set_PSPLIM((uint32_t)ProcessStackMemory);
__set_PSP ((uint32_t)ProcessStackMemory);
// Privileged Thread Mode using PSP
__set_CONTROL(0x02U);
return 1U; // Success
}
/// Allocate context memory for calling secure software modules in TrustZone
/// \param[in] module identifies software modules called from non-secure mode
/// \return value != 0 id TrustZone memory slot identifier
/// \return value 0 no memory available or internal error
__attribute__((cmse_nonsecure_entry))
TZ_MemoryId_t TZ_AllocModuleContext_S (TZ_ModuleId_t module) {
uint32_t slot;
(void)module; // Ignore (fixed Stack size)
if (__get_IPSR() == 0U) {
return 0U; // Thread Mode
}
if (ProcessStackFreeSlot == 0xFFFFFFFFU) {
return 0U; // No slot available
}
slot = ProcessStackFreeSlot;
ProcessStackFreeSlot = *((uint32_t *)ProcessStackMemory[slot]);
ProcessStackInfo[slot].sp = ProcessStackInfo[slot].sp_top;
return (slot + 1U);
}
/// Free context memory that was previously allocated with \ref TZ_AllocModuleContext_S
/// \param[in] id TrustZone memory slot identifier
/// \return execution status (1: success, 0: error)
__attribute__((cmse_nonsecure_entry))
uint32_t TZ_FreeModuleContext_S (TZ_MemoryId_t id) {
uint32_t slot;
if (__get_IPSR() == 0U) {
return 0U; // Thread Mode
}
if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) {
return 0U; // Invalid ID
}
slot = id - 1U;
if (ProcessStackInfo[slot].sp == 0U) {
return 0U; // Inactive slot
}
ProcessStackInfo[slot].sp = 0U;
*((uint32_t *)ProcessStackMemory[slot]) = ProcessStackFreeSlot;
ProcessStackFreeSlot = slot;
return 1U; // Success
}
/// Load secure context (called on RTOS thread context switch)
/// \param[in] id TrustZone memory slot identifier
/// \return execution status (1: success, 0: error)
__attribute__((cmse_nonsecure_entry))
uint32_t TZ_LoadContext_S (TZ_MemoryId_t id) {
uint32_t slot;
if ((__get_IPSR() == 0U) || ((__get_CONTROL() & 2U) == 0U)) {
return 0U; // Thread Mode or using Main Stack for threads
}
if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) {
return 0U; // Invalid ID
}
slot = id - 1U;
if (ProcessStackInfo[slot].sp == 0U) {
return 0U; // Inactive slot
}
// Setup process stack pointer and stack limit
__set_PSPLIM(ProcessStackInfo[slot].sp_limit);
__set_PSP (ProcessStackInfo[slot].sp);
return 1U; // Success
}
/// Store secure context (called on RTOS thread context switch)
/// \param[in] id TrustZone memory slot identifier
/// \return execution status (1: success, 0: error)
__attribute__((cmse_nonsecure_entry))
uint32_t TZ_StoreContext_S (TZ_MemoryId_t id) {
uint32_t slot;
uint32_t sp;
if ((__get_IPSR() == 0U) || ((__get_CONTROL() & 2U) == 0U)) {
return 0U; // Thread Mode or using Main Stack for threads
}
if ((id == 0U) || (id > TZ_PROCESS_STACK_SLOTS)) {
return 0U; // Invalid ID
}
slot = id - 1U;
if (ProcessStackInfo[slot].sp == 0U) {
return 0U; // Inactive slot
}
sp = __get_PSP();
if ((sp < ProcessStackInfo[slot].sp_limit) ||
(sp > ProcessStackInfo[slot].sp_top)) {
return 0U; // SP out of range
}
ProcessStackInfo[slot].sp = sp;
// Default process stack pointer and stack limit
__set_PSPLIM((uint32_t)ProcessStackMemory);
__set_PSP ((uint32_t)ProcessStackMemory);
return 1U; // Success
}