patrick/zephyr
1
0
Fork 0
Code Issues Pull requests Actions 8 Packages Projects Releases Wiki Activity

tz: Remove unused trustzone driver

Browse source 
The arm_core_tz.c trustzone driver was developed by Nordic and was
previously used by Nordic, but it is not used by us any more. Since we
stopped using it I can see that it has bit rotted (the include path
for tz.h is not available), so no else has started using it either
evidently.

Remove the broken and dead code.

We keep the HAS_ARM_SAU Kconfig as it is selected by a myriad of
platforms and determines if __SAUREGION_PRESENT is defined. I have
been unable to prove that this define is also unused.

Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
This commit is contained in:
Sebastian Bøe 2023-12-06 13:01:36 +01:00 committed by Carles Cufí
parent 923ac2bb1b
commit 3b24ef305f
3 changed files with 0 additions and 510 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
arch/arm/core/cortex_m/tz/CMakeLists.txt
View file

@ -33,9 +33,3 @@ endif()
zephyr_link_libraries_ifdef(CONFIG_ARM_FIRMWARE_USES_SECURE_ENTRY_FUNCS
${CMAKE_BINARY_DIR}/${CONFIG_ARM_ENTRY_VENEERS_LIB_NAME}
)
if(CONFIG_ARM_SECURE_FIRMWARE)
zephyr_library()
zephyr_library_sources(arm_core_tz.c)
endif()

166
arch/arm/core/cortex_m/tz/arm_core_tz.c
View file

@ -1,166 +0,0 @@
/*
* Copyright (c) 2018 Nordic Semiconductor ASA.
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <cmsis_core.h>
#include <cortex_m/tz.h>
#include <cortex_m/exc.h>
static void configure_nonsecure_vtor_offset(uint32_t vtor_ns)
{
SCB_NS->VTOR = vtor_ns;
}
static void configure_nonsecure_msp(uint32_t msp_ns)
{
__TZ_set_MSP_NS(msp_ns);
}
static void configure_nonsecure_psp(uint32_t psp_ns)
{
__TZ_set_PSP_NS(psp_ns);
}
static void configure_nonsecure_control(uint32_t spsel_ns, uint32_t npriv_ns)
{
uint32_t control_ns = __TZ_get_CONTROL_NS();
/* Only nPRIV and SPSEL bits are banked between security states. */
control_ns &= ~(CONTROL_SPSEL_Msk | CONTROL_nPRIV_Msk);
if (spsel_ns) {
control_ns |= CONTROL_SPSEL_Msk;
}
if (npriv_ns) {
control_ns |= CONTROL_nPRIV_Msk;
}
__TZ_set_CONTROL_NS(control_ns);
}
#if defined(CONFIG_ARMV8_M_MAINLINE)
/* Only ARMv8-M Mainline implementations have Non-Secure instances of
* Stack Pointer Limit registers.
*/
void tz_nonsecure_msplim_set(uint32_t val)
{
__TZ_set_MSPLIM_NS(val);
}
void tz_nonsecure_psplim_set(uint32_t val)
{
__TZ_set_PSPLIM_NS(val);
}
#endif /* CONFIG_ARMV8_M_MAINLINE */
void tz_nonsecure_state_setup(const tz_nonsecure_setup_conf_t *p_ns_conf)
{
configure_nonsecure_vtor_offset(p_ns_conf->vtor_ns);
configure_nonsecure_msp(p_ns_conf->msp_ns);
configure_nonsecure_psp(p_ns_conf->psp_ns);
/* Select which stack-pointer to use (MSP or PSP) and
* the privilege level for thread mode.
*/
configure_nonsecure_control(p_ns_conf->control_ns.spsel,
p_ns_conf->control_ns.npriv);
}
void tz_nbanked_exception_target_state_set(int secure_state)
{
uint32_t aircr_payload = SCB->AIRCR & (~(SCB_AIRCR_VECTKEY_Msk));
if (secure_state) {
aircr_payload &= ~(SCB_AIRCR_BFHFNMINS_Msk);
} else {
aircr_payload |= SCB_AIRCR_BFHFNMINS_Msk;
}
SCB->AIRCR = ((AIRCR_VECT_KEY_PERMIT_WRITE << SCB_AIRCR_VECTKEY_Pos)
& SCB_AIRCR_VECTKEY_Msk)
| aircr_payload;
}
void tz_nonsecure_exception_prio_config(int secure_boost)
{
uint32_t aircr_payload = SCB->AIRCR & (~(SCB_AIRCR_VECTKEY_Msk));
if (secure_boost) {
aircr_payload |= SCB_AIRCR_PRIS_Msk;
} else {
aircr_payload &= ~(SCB_AIRCR_PRIS_Msk);
}
SCB->AIRCR = ((AIRCR_VECT_KEY_PERMIT_WRITE << SCB_AIRCR_VECTKEY_Pos)
& SCB_AIRCR_VECTKEY_Msk)
| aircr_payload;
}
void tz_nonsecure_system_reset_req_block(int block)
{
uint32_t aircr_payload = SCB->AIRCR & (~(SCB_AIRCR_VECTKEY_Msk));
if (block) {
aircr_payload |= SCB_AIRCR_SYSRESETREQS_Msk;
} else {
aircr_payload &= ~(SCB_AIRCR_SYSRESETREQS_Msk);
}
SCB->AIRCR = ((0x5FAUL << SCB_AIRCR_VECTKEY_Pos)
& SCB_AIRCR_VECTKEY_Msk)
| aircr_payload;
}
#if defined(CONFIG_ARMV7_M_ARMV8_M_FP)
void tz_nonsecure_fpu_access_enable(void)
{
SCB->NSACR |=
(1UL << SCB_NSACR_CP10_Pos) | (1UL << SCB_NSACR_CP11_Pos);
}
#endif /* CONFIG_ARMV7_M_ARMV8_M_FP */
void tz_sau_configure(int enable, int allns)
{
if (enable) {
TZ_SAU_Enable();
} else {
TZ_SAU_Disable();
if (allns) {
SAU->CTRL |= SAU_CTRL_ALLNS_Msk;
} else {
SAU->CTRL &= ~(SAU_CTRL_ALLNS_Msk);
}
}
}
uint32_t tz_sau_number_of_regions_get(void)
{
return SAU->TYPE & SAU_TYPE_SREGION_Msk;
}
#if defined(CONFIG_CPU_HAS_ARM_SAU)
#if defined (__SAUREGION_PRESENT) && (__SAUREGION_PRESENT == 1U)
int tz_sau_region_configure_enable(tz_sau_conf_t *p_sau_conf)
{
uint32_t regions = tz_sau_number_of_regions_get();
if ((p_sau_conf->region_num == 0) ||
(p_sau_conf->region_num > (regions - 1))) {
return 0;
}
/* Valid region */
SAU->RNR = p_sau_conf->region_num & SAU_RNR_REGION_Msk;
if (p_sau_conf->enable) {
SAU->RLAR = SAU_RLAR_ENABLE_Msk
| (SAU_RLAR_LADDR_Msk & p_sau_conf->limit_addr)
| (p_sau_conf->nsc ? SAU_RLAR_NSC_Msk : 0);
SAU->RBAR = p_sau_conf->base_addr & SAU_RBAR_BADDR_Msk;
} else {
SAU->RLAR &= ~(SAU_RLAR_ENABLE_Msk);
}
return 1;
}
#else
#error "ARM SAU not implemented"
#endif
#endif /* CONFIG_CPU_HAS_ARM_SAU */

338
arch/arm/include/cortex_m/tz.h
View file

@ -1,338 +0,0 @@
/*
* Copyright (c) 2018 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: Apache-2.0
*/
/**
* @file
* @brief TrustZone API
*
* TrustZone API for Cortex-M23/M33 CPUs implementing the Security Extension.
*/
#ifndef ZEPHYR_ARCH_ARM_INCLUDE_AARCH32_CORTEX_M_TZ_H_
#define ZEPHYR_ARCH_ARM_INCLUDE_AARCH32_CORTEX_M_TZ_H_
#ifdef _ASMLANGUAGE
/* nothing */
#else
#include <arm_cmse.h>
#include <zephyr/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/**
*
* @brief Initial Non-Secure state configuration
*
* A convenient struct to include all required Non-Secure
* state configuration.
*/
typedef struct tz_nonsecure_setup_conf {
uint32_t msp_ns;
uint32_t psp_ns;
uint32_t vtor_ns;
struct {
uint32_t npriv:1;
uint32_t spsel:1;
uint32_t reserved:30;
} control_ns;
} tz_nonsecure_setup_conf_t;
/**
*
* @brief Setup Non-Secure state core registers
*
* Configure the Non-Secure instances of the VTOR, MSP, PSP,
* and CONTROL register.
*
* @param p_ns_conf Pointer to a structure holding the desired configuration.
*
* Notes:
*
* This function shall only be called from Secure state, otherwise the
* Non-Secure instances of the core registers are RAZ/WI.
*
* This function shall be called before the Secure Firmware may transition
* to Non-Secure state.
*
*/
void tz_nonsecure_state_setup(const tz_nonsecure_setup_conf_t *p_ns_conf);
#if defined(CONFIG_ARMV8_M_MAINLINE)
/**
*
* @brief Setup Non-Secure Main Stack Pointer limit register
*
* Configure the Non-Secure instance of the MSPLIM register.
*
* @param val value to configure the MSPLIM_NS register with.
*
* Notes:
*
* This function shall only be called from Secure state.
* Only ARMv8-M Mainline implementations have Non-Secure MSPLIM instance.
*
*/
void tz_nonsecure_msplim_set(uint32_t val);
/**
*
* @brief Setup Non-Secure Process Stack Pointer limit register
*
* Configure the Non-Secure instance of the PSPLIM register.
*
* @param val value to configure the PSPLIM_NS register with.
*
* Notes:
*
* This function shall only be called from Secure state.
* Only ARMv8-M Mainline implementations have Non-Secure PSPLIM instance.
*
*/
void tz_nonsecure_psplim_set(uint32_t val);
#endif /* CONFIG_ARMV8_M_MAINLINE */
/**
* @brief Block or permit Non-Secure System Reset Requests
*
* Function allows the user to configure the system to block or
* permit the Non-Secure domain to issue System Reset Requests.
*
* @param block Flag indicating whether Non-Secure System Reset
* Requests shall be blocked (1), or permitted (0).
*
* Note:
*
* This function shall only be called from Secure state.
*/
void tz_nonsecure_system_reset_req_block(int block);
/**
* @brief Prioritize Secure exceptions
*
* Function allows the user to prioritize Secure exceptions over Non-Secure,
* enabling Secure exception priority boosting.
*
* @param secure_boost Flag indicating whether Secure priority boosting
* is desired; select 1 for priority boosting, otherwise 0.
*
* Note:
*
* This function shall only be called from Secure state.
*/
void tz_nonsecure_exception_prio_config(int secure_boost);
/**
* @brief Set target state for exceptions not banked between security states
*
* Function sets the security state (Secure or Non-Secure) target
* for ARMv8-M HardFault, NMI, and BusFault exception.
*
* @param secure_state 1 if target state is Secure, 0 if target state
* is Non-Secure.
*
* Secure state: BusFault, HardFault, and NMI are Secure.
* Non-Secure state: BusFault and NMI are Non-Secure and exceptions can
* target Non-Secure HardFault.
*
* Notes:
*
* - This function shall only be called from Secure state.
* - NMI and BusFault are not banked between security states; they
* shall either target Secure or Non-Secure state based on user selection.
* - HardFault exception generated through escalation will target the
* security state of the original fault before its escalation to HardFault.
* - If secure_state is set to 1 (Secure), all Non-Secure HardFaults are
* escalated to Secure HardFaults.
* - BusFault is present only if the Main Extension is implemented.
*/
void tz_nbanked_exception_target_state_set(int secure_state);
#if defined(CONFIG_ARMV7_M_ARMV8_M_FP)
/**
* @brief Allow Non-Secure firmware to access the FPU
*
* Function allows the Non-Secure firmware to access the Floating Point Unit.
*
* Relevant for ARMv8-M MCUs supporting the Floating Point Extension.
*
* Note:
*
* This function shall only be called from Secure state.
*/
void tz_nonsecure_fpu_access_enable(void);
#endif /* CONFIG_ARMV7_M_ARMV8_M_FP */
/**
*
* @brief Configure SAU
*
* Configure (enable or disable) the ARMv8-M Security Attribution Unit.
*
* @param enable SAU enable flag: 1 if SAU is to be enabled, 0 if SAU is
* to be disabled.
* @param allns SAU_CTRL.ALLNS flag: select 1 to set SAU_CTRL.ALLNS, 0
* to clear SAU_CTRL.ALLNS.
*
* Notes:
*
* SAU_CTRL.ALLNS bit: All Non-secure. When SAU_CTRL.ENABLE is 0
* this bit controls if the memory is marked as Non-secure or Secure.
* Values:
* Secure (not Non-Secure Callable): 0
* Non-Secure: 1
*
* This function shall only be called from Secure state, otherwise the
* Non-Secure instance of SAU_CTRL register is RAZ/WI.
*
* This function shall be called before the Secure Firmware may transition
* to Non-Secure state.
*
*/
void tz_sau_configure(int enable, int allns);
/**
*
* @brief Get number of SAU regions
*
* Get the number of regions implemented by the Security Attribution Unit,
* indicated by SAU_TYPE.SREGION (read-only) register field.
*
* Notes:
*
* The SREGION field reads as an IMPLEMENTATION DEFINED value.
*
* This function shall only be called from Secure state, otherwise the
* Non-Secure instance of SAU_TYPE register is RAZ.
*
* @return The number of configured SAU regions.
*/
uint32_t tz_sau_number_of_regions_get(void);
#if defined(CONFIG_CPU_HAS_ARM_SAU)
/**
*
* @brief SAU Region configuration
*
* A convenient struct to include all required elements
* for a SAU region configuration.
*/
typedef struct {
uint8_t region_num;
uint8_t enable:1;
uint8_t nsc:1;
uint32_t base_addr;
uint32_t limit_addr;
} tz_sau_conf_t;
/**
*
* @brief Configure SAU Region
*
* Configure an existing ARMv8-M SAU region.
*
* @param p_sau_conf pointer to a tz_sau_conf_t structure
*
* This function shall only be called from Secure state, otherwise the
* Non-Secure instances of SAU RNR, RLAR, RBAR registers are RAZ/WI.
*
* This function shall be called before the Secure Firmware may transition
* to Non-Secure state.
*
* @return 1 if configuration is successful, otherwise 0.
*/
int tz_sau_region_configure(tz_sau_conf_t *p_sau_conf);
#endif /* CONFIG_CPU_HAS_ARM_SAU */
/**
* @brief Non-Secure function type
*
* Defines a function pointer type to implement a non-secure function call,
* i.e. a function call that switches state from Secure to Non-secure.
*
* Note:
*
* A non-secure function call can only happen through function pointers.
* This is a consequence of separating secure and non-secure code into
* separate executable files.
*/
typedef void __attribute__((cmse_nonsecure_call)) (*tz_ns_func_ptr_t) (void);
/* Required for C99 compilation (required for GCC-8.x version,
* where typeof is used instead of __typeof__)
*/
#ifndef typeof
#define typeof __typeof__
#endif
#if defined(CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS)
/**
* @brief Non-Secure entry function attribute.
*
* Declares a non-secure entry function that may be called from Non-Secure
* or from Secure state using the CMSE _cmse_nonsecure_entry intrinsic.
*
* Note:
*
* The function must reside in Non-Secure Callable memory region.
*/
#define __TZ_NONSECURE_ENTRY_FUNC \
__attribute__((cmse_nonsecure_entry, noinline))
#endif /* CONFIG_ARM_FIRMWARE_HAS_SECURE_ENTRY_FUNCS */
/**
* @brief Declare a pointer of non-secure function type
*
* Note:
*
* A non-secure function type must only be used as a base type of pointer.
*/
#define TZ_NONSECURE_FUNC_PTR_DECLARE(fptr) tz_ns_func_ptr_t fptr
/**
* @brief Define a non-secure function pointer
*
* A non-secure function pointer is a function pointer that has its LSB unset.
* The macro uses the CMSE intrinsic: cmse_nsfptr_create(p) to return the
* value of a pointer with its LSB cleared.
*/
#define TZ_NONSECURE_FUNC_PTR_CREATE(fptr) \
((tz_ns_func_ptr_t)(cmse_nsfptr_create(fptr)))
/**
* @brief Check if pointer can be of non-secure function type
*
* A non-secure function pointer is a function pointer that has its LSB unset.
* The macro uses the CMSE intrinsic: cmse_is_nsfptr(p) to evaluate whether
* the supplied pointer has its LSB cleared and, thus, can be of non-secure
* function type.
*
* @param fptr supplied pointer to be checked
*
* @return non-zero if pointer can be of non-secure function type
* (i.e. with LSB unset), zero otherwise.
*/
#define TZ_NONSECURE_FUNC_PTR_IS_NS(fptr) \
cmse_is_nsfptr(fptr)
#ifdef __cplusplus
}
#endif
#endif /* _ASMLANGUAGE */
#endif /* ZEPHYR_ARCH_ARM_INCLUDE_AARCH32_CORTEX_M_TZ_H_ */