nordic-dev.net/embassy
2
0
Fork 0
mirror of https://github.com/embassy-rs/embassy.git synced 2024-11-22 14:53:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for using secure registers

Browse Source
This commit is contained in:
Warren Campbell 2024-04-15 17:32:44 -04:00
parent 2fa0bb7d6e
commit c5119c6318
3 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
embassy-stm32/Cargo.toml
View File

@ -115,6 +115,9 @@ low-power-debug-with-sleep = []
## Automatically generate `memory.x` file using [`stm32-metapac`](https://docs.rs/stm32-metapac/) ## Automatically generate `memory.x` file using [`stm32-metapac`](https://docs.rs/stm32-metapac/)
memory-x = ["stm32-metapac/memory-x"] memory-x = ["stm32-metapac/memory-x"]
## Use secure registers when TrustZone is enabled
trustzone-secure = []
## Re-export stm32-metapac at `embassy_stm32::pac`. ## Re-export stm32-metapac at `embassy_stm32::pac`.
## This is unstable because semver-minor (non-breaking) releases of embassy-stm32 may major-bump (breaking) the stm32-metapac version. ## This is unstable because semver-minor (non-breaking) releases of embassy-stm32 may major-bump (breaking) the stm32-metapac version.
## If this is an issue for you, you're encouraged to directly depend on a fixed version of the PAC. ## If this is an issue for you, you're encouraged to directly depend on a fixed version of the PAC.

39
embassy-stm32/src/flash/u5.rs
View File

@ -14,10 +14,19 @@ pub(crate) const fn get_flash_regions() -> &'static [&'static FlashRegion] {
} }
pub(crate) unsafe fn lock() { pub(crate) unsafe fn lock() {
#[cfg(feature = "trustzone-secure")]
pac::FLASH.seccr().modify(|w| w.set_lock(true));
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH.nscr().modify(|w| w.set_lock(true)); pac::FLASH.nscr().modify(|w| w.set_lock(true));
} }
pub(crate) unsafe fn unlock() { pub(crate) unsafe fn unlock() {
#[cfg(feature = "trustzone-secure")]
if pac::FLASH.seccr().read().lock() {
pac::FLASH.seckeyr().write_value(0x4567_0123);
pac::FLASH.seckeyr().write_value(0xCDEF_89AB);
}
#[cfg(not(feature = "trustzone-secure"))]
if pac::FLASH.nscr().read().lock() { if pac::FLASH.nscr().read().lock() {
pac::FLASH.nskeyr().write_value(0x4567_0123); pac::FLASH.nskeyr().write_value(0x4567_0123);
pac::FLASH.nskeyr().write_value(0xCDEF_89AB); pac::FLASH.nskeyr().write_value(0xCDEF_89AB);
@ -27,12 +36,20 @@ pub(crate) unsafe fn unlock() {
pub(crate) unsafe fn enable_blocking_write() { pub(crate) unsafe fn enable_blocking_write() {
assert_eq!(0, WRITE_SIZE % 4); assert_eq!(0, WRITE_SIZE % 4);
#[cfg(feature = "trustzone-secure")]
pac::FLASH.seccr().write(|w| {
w.set_pg(pac::flash::vals::SeccrPg::B_0X1);
});
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH.nscr().write(|w| { pac::FLASH.nscr().write(|w| {
w.set_pg(pac::flash::vals::NscrPg::B_0X1); w.set_pg(pac::flash::vals::NscrPg::B_0X1);
}); });
} }
pub(crate) unsafe fn disable_blocking_write() { pub(crate) unsafe fn disable_blocking_write() {
#[cfg(feature = "trustzone-secure")]
pac::FLASH.seccr().write(|w| w.set_pg(pac::flash::vals::SeccrPg::B_0X0));
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH.nscr().write(|w| w.set_pg(pac::flash::vals::NscrPg::B_0X0)); pac::FLASH.nscr().write(|w| w.set_pg(pac::flash::vals::NscrPg::B_0X0));
} }
@ -50,16 +67,32 @@ pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE])
} }
pub(crate) unsafe fn blocking_erase_sector(sector: &FlashSector) -> Result<(), Error> { pub(crate) unsafe fn blocking_erase_sector(sector: &FlashSector) -> Result<(), Error> {
#[cfg(feature = "trustzone-secure")]
pac::FLASH.seccr().modify(|w| {
w.set_per(pac::flash::vals::SeccrPer::B_0X1);
w.set_pnb(sector.index_in_bank)
});
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH.nscr().modify(|w| { pac::FLASH.nscr().modify(|w| {
w.set_per(pac::flash::vals::NscrPer::B_0X1); w.set_per(pac::flash::vals::NscrPer::B_0X1);
w.set_pnb(sector.index_in_bank) w.set_pnb(sector.index_in_bank)
}); });
#[cfg(feature = "trustzone-secure")]
pac::FLASH.seccr().modify(|w| {
w.set_strt(true);
});
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH.nscr().modify(|w| { pac::FLASH.nscr().modify(|w| {
w.set_strt(true); w.set_strt(true);
}); });
let ret: Result<(), Error> = blocking_wait_ready(); let ret: Result<(), Error> = blocking_wait_ready();
#[cfg(feature = "trustzone-secure")]
pac::FLASH
.seccr()
.modify(|w| w.set_per(pac::flash::vals::SeccrPer::B_0X0));
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH pac::FLASH
.nscr() .nscr()
.modify(|w| w.set_per(pac::flash::vals::NscrPer::B_0X0)); .modify(|w| w.set_per(pac::flash::vals::NscrPer::B_0X0));
@ -70,11 +103,17 @@ pub(crate) unsafe fn blocking_erase_sector(sector: &FlashSector) -> Result<(), E
pub(crate) unsafe fn clear_all_err() { pub(crate) unsafe fn clear_all_err() {
// read and write back the same value. // read and write back the same value.
// This clears all "write 1 to clear" bits. // This clears all "write 1 to clear" bits.
#[cfg(feature = "trustzone-secure")]
pac::FLASH.secsr().modify(|_| {});
#[cfg(not(feature = "trustzone-secure"))]
pac::FLASH.nssr().modify(|_| {}); pac::FLASH.nssr().modify(|_| {});
} }
unsafe fn blocking_wait_ready() -> Result<(), Error> { unsafe fn blocking_wait_ready() -> Result<(), Error> {
loop { loop {
#[cfg(feature = "trustzone-secure")]
let sr = pac::FLASH.secsr().read();
#[cfg(not(feature = "trustzone-secure"))]
let sr = pac::FLASH.nssr().read(); let sr = pac::FLASH.nssr().read();
if !sr.bsy() { if !sr.bsy() {

4
examples/stm32u5/Cargo.toml
View File

@ -24,5 +24,9 @@ heapless = { version = "0.8", default-features = false }
micromath = "2.0.0" micromath = "2.0.0"
[features]
## Use secure registers when TrustZone is enabled
trustzone-secure = ["embassy-stm32/trustzone-secure"]
[profile.release] [profile.release]
debug = 2 debug = 2