Support for SPU to write protect bootloader flash region on application startup.

2024-10-08 16:31:46 -07:00 · 2024-10-08 16:31:46 -07:00 · 63dd623ac8
parent 3e87c70fa2
commit 63dd623ac8
3 changed files with 37 additions and 10 deletions
--- a/2
+++ b/2
@ -28,6 +28,7 @@ BIG_ENDIAN?=0
 USE_GCC?=1
 USE_GCC_HEADLESS?=1
 FLASH_OTP_KEYSTORE?=0
+BOOTLOADER_PARTITION_SIZE?=$$(( $(WOLFBOOT_PARTITION_BOOT_ADDRESS) - $(ARCH_FLASH_OFFSET)))

 OBJS:= \
 	./src/string.o \
@ -141,7 +142,6 @@ ifeq ($(FLASH_OTP_KEYSTORE),1)
 endif

 ASFLAGS:=$(CFLAGS)
-BOOTLOADER_PARTITION_SIZE?=$$(( $(WOLFBOOT_PARTITION_BOOT_ADDRESS) - $(ARCH_FLASH_OFFSET)))

 all: $(MAIN_TARGET)

--- a/hal/nrf5340.c
+++ b/hal/nrf5340.c
@ -700,13 +700,40 @@ void hal_init(void)
    hal_net_check_version();
 }

+/* enable write protection for the region of flash specified */
+int hal_flash_protect(uint32_t start, uint32_t len)
+{
+    /* only application core supports SPU */
+#ifdef TARGET_nrf5340_app
+    uint32_t region, n, i;
+
+    /* limit check */
+    if (start > FLASH_SIZE)
+        return -1;
+    /* truncate if exceeds flash size */
+    if (start + len > FLASH_SIZE)
+        len = FLASH_SIZE - start;
+
+    region = (start / SPU_BLOCK_SIZE);
+    n = (len / SPU_BLOCK_SIZE);
+
+    for (i = 0; i < n; i++) {
+        /* do not allow write to this region and lock till next reset */
+        SPU_FLASHREGION_PERM(region+i) = (
+            SPU_FLASHREGION_PERM_EXEC |
+            SPU_FLASHREGION_PERM_READ |
+            SPU_FLASHREGION_PERM_SECATTR |
+            SPU_FLASHREGION_PERM_LOCK
+        );
+    }
+#endif
+    return 0;
+}

 void hal_prepare_boot(void)
 {
-    /* TODO: Protect bootloader region of flash using SPU_FLASHREGION_PERM */
-    //WOLFBOOT_ORIGIN
-    //BOOTLOADER_PARTITION_SIZE
-    //FLASHREGION[n].PERM
+    /* Write protect bootloader region of flash */
+    hal_flash_protect(WOLFBOOT_ORIGIN, BOOTLOADER_PARTITION_SIZE);

    if (enableShm) {
    #ifdef TARGET_nrf5340_net
--- a/hal/nrf5340.h
+++ b/hal/nrf5340.h
@ -106,11 +106,11 @@ void sleep_us(uint32_t usec);

    #define SPU_BLOCK_SIZE (16 * 1024)
    #define SPU_FLASHREGION_PERM(n) *((volatile uint32_t *)(SPU_BASE + 0x600 + (((n) & 0x3F) * 0x4)))
-    #define SPU_FLASHREGION_PERM_EXEC    (1 << 0)
-    #define SPU_FLASHREGION_PERM_WRITE   (1 << 1)
-    #define SPU_FLASHREGION_PERM_READ    (1 << 2)
-    #define SPU_FLASHREGION_PERM_SECATTR (1 << 4)
-    #define SPU_FLASHREGION_PERM_LOCK    (1 << 8)
+    #define SPU_FLASHREGION_PERM_EXEC    (1 << 0) /* Allow instruction fetches from flash region */
+    #define SPU_FLASHREGION_PERM_WRITE   (1 << 1) /* Allow write operation to region */
+    #define SPU_FLASHREGION_PERM_READ    (1 << 2) /* Allow read operation from flash region */
+    #define SPU_FLASHREGION_PERM_SECATTR (1 << 4) /* Flash region n security attribute is secure */
+    #define SPU_FLASHREGION_PERM_LOCK    (1 << 8) /* The content of this register can't be changed until the next reset */
 #endif

 /* OTP */