core/embed: switch to unprivileged in main.c

4 years ago · 3de1b3aa54
parent 7a2e0c3412
commit 3de1b3aa54
8 changed files with 14 additions and 32 deletions
--- a/core/embed/extmod/modtrezorutils/modtrezorutils.c
+++ b/core/embed/extmod/modtrezorutils/modtrezorutils.c
@ -105,20 +105,6 @@ STATIC mp_obj_t mod_trezorutils_halt(size_t n_args, const mp_obj_t *args) {
 STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorutils_halt_obj, 0, 1,
                                           mod_trezorutils_halt);

-/// def set_mode_unprivileged() -> None:
-///     """
-///     Set unprivileged mode.
-///     """
-STATIC mp_obj_t mod_trezorutils_set_mode_unprivileged(void) {
-#ifndef TREZOR_EMULATOR
-  __asm__ volatile("msr control, %0" ::"r"(0x1));
-  __asm__ volatile("isb");
-#endif
-  return mp_const_none;
-}
-STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorutils_set_mode_unprivileged_obj,
-                                 mod_trezorutils_set_mode_unprivileged);
-
 #define PASTER(s) MP_QSTR_##s
 #define MP_QSTR(s) PASTER(s)

@ -134,8 +120,6 @@ STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = {
    {MP_ROM_QSTR(MP_QSTR_consteq), MP_ROM_PTR(&mod_trezorutils_consteq_obj)},
    {MP_ROM_QSTR(MP_QSTR_memcpy), MP_ROM_PTR(&mod_trezorutils_memcpy_obj)},
    {MP_ROM_QSTR(MP_QSTR_halt), MP_ROM_PTR(&mod_trezorutils_halt_obj)},
-    {MP_ROM_QSTR(MP_QSTR_set_mode_unprivileged),
-     MP_ROM_PTR(&mod_trezorutils_set_mode_unprivileged_obj)},
    // various built-in constants
    {MP_ROM_QSTR(MP_QSTR_GITREV), MP_ROM_QSTR(MP_QSTR(GITREV))},
    {MP_ROM_QSTR(MP_QSTR_VERSION_MAJOR), MP_ROM_INT(VERSION_MAJOR)},
--- a/core/embed/firmware/main.c
+++ b/core/embed/firmware/main.c
@ -75,6 +75,11 @@ int main(void) {
  touch_init();
  touch_power_on();

+  // jump to unprivileged mode
+  // http://infocenter.arm.com/help/topic/com.arm.doc.dui0552a/CHDBIBGJ.html
+  __asm__ volatile("msr control, %0" ::"r"(0x1));
+  __asm__ volatile("isb");
+
  display_clear();
 #endif

--- a/core/embed/trezorhal/mpu.c
+++ b/core/embed/trezorhal/mpu.c
@ -168,4 +168,7 @@ void mpu_config_firmware(void) {

  // Enable MPU
  HAL_MPU_Enable(LL_MPU_CTRL_HARDFAULT_NMI);
+
+  __asm__ volatile("dsb");
+  __asm__ volatile("isb");
 }
--- a/core/embed/trezorhal/supervise.h
+++ b/core/embed/trezorhal/supervise.h
@ -33,7 +33,7 @@ static inline void svc_setpriority(uint32_t IRQn, uint32_t priority) {
    register uint32_t r0 __asm__("r0") = IRQn;
    register uint32_t r1 __asm__("r1") = priority;
    __asm__ __volatile__("svc %0" ::"i"(SVC_SET_PRIORITY), "r"(r0), "r"(r1)
-                        : "memory");
+                         : "memory");
  } else {
    NVIC_SetPriority(IRQn, priority);
  }
--- a/core/embed/trezorhal/usbd_conf.c
+++ b/core/embed/trezorhal/usbd_conf.c
@ -55,6 +55,7 @@
 #include "usbd_core.h"
 #include "usb.h"
 #include "irq.h"
+#include "supervise.h"

 /* Private typedef -----------------------------------------------------------*/
 /* Private define ------------------------------------------------------------*/
@ -117,10 +118,10 @@ void HAL_PCD_MspInit(PCD_HandleTypeDef *hpcd)
    __HAL_RCC_USB_OTG_FS_CLK_ENABLE();

    /* Set USBFS Interrupt priority */
-    NVIC_SetPriority(OTG_FS_IRQn, IRQ_PRI_OTG_FS);
+    svc_setpriority(OTG_FS_IRQn, IRQ_PRI_OTG_FS);

    /* Enable USBFS Interrupt */
-    HAL_NVIC_EnableIRQ(OTG_FS_IRQn);
+    svc_enableIRQ(OTG_FS_IRQn);
  }
 #if defined(USE_USB_HS)
  else if(hpcd->Instance == USB_OTG_HS)
@ -226,10 +227,10 @@ void HAL_PCD_MspInit(PCD_HandleTypeDef *hpcd)
 #endif // !USE_USB_HS_IN_FS

    /* Set USBHS Interrupt to the lowest priority */
-    NVIC_SetPriority(OTG_HS_IRQn, IRQ_PRI_OTG_HS);
+    svc_setpriority(OTG_HS_IRQn, IRQ_PRI_OTG_HS);

    /* Enable USBHS Interrupt */
-    HAL_NVIC_EnableIRQ(OTG_HS_IRQn);
+    svc_enableIRQ(OTG_HS_IRQn);
  }
 #endif  // USE_USB_HS
 }
--- a/core/mocks/generated/trezorutils.pyi
+++ b/core/mocks/generated/trezorutils.pyi
@ -27,13 +27,6 @@ def halt(msg: str = None) -> None:
    """
    Halts execution.
    """
-
-
-# extmod/modtrezorutils/modtrezorutils.c
-def set_mode_unprivileged() -> None:
-    """
-    Set unprivileged mode.
-    """
 GITREV: str
 VERSION_MAJOR: int
 VERSION_MINOR: int
--- a/core/src/main.py
+++ b/core/src/main.py
@ -12,9 +12,6 @@ from trezor import loop, utils, wire, workflow
 # start the USB
 usb.bus.open()

-# switch into unprivileged mode, as we don't need the extra permissions anymore
-utils.set_mode_unprivileged()
-

 def _boot_apps() -> None:
    # load applications
--- a/core/src/trezor/utils.py
+++ b/core/src/trezor/utils.py
@ -11,7 +11,6 @@ from trezorutils import (  # type: ignore[attr-defined] # noqa: F401
    consteq,
    halt,
    memcpy,
-    set_mode_unprivileged,
 )

 DISABLE_ANIMATION = 0