mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-14 03:30:02 +00:00
Reworked memory protection unit
This commit is contained in:
parent
25e824aaa3
commit
68e02c94da
48
setup.c
48
setup.c
@ -141,11 +141,16 @@ void setupApp(void)
|
|||||||
gpio_set_af(GPIOA, GPIO_AF10, GPIO10);
|
gpio_set_af(GPIOA, GPIO_AF10, GPIO10);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define MPU_RASR_SIZE_32KB (0x0EUL << MPU_RASR_SIZE_LSB)
|
#define MPU_RASR_SIZE_1KB (0x09UL << MPU_RASR_SIZE_LSB)
|
||||||
#define MPU_RASR_SIZE_64KB (0x0FUL << MPU_RASR_SIZE_LSB)
|
#define MPU_RASR_SIZE_4KB (0x0bUL << MPU_RASR_SIZE_LSB)
|
||||||
|
#define MPU_RASR_SIZE_8KB (0x0cUL << MPU_RASR_SIZE_LSB)
|
||||||
|
#define MPU_RASR_SIZE_16KB (0x0dUL << MPU_RASR_SIZE_LSB)
|
||||||
|
#define MPU_RASR_SIZE_32KB (0x0eUL << MPU_RASR_SIZE_LSB)
|
||||||
|
#define MPU_RASR_SIZE_64KB (0x0fUL << MPU_RASR_SIZE_LSB)
|
||||||
#define MPU_RASR_SIZE_128KB (0x10UL << MPU_RASR_SIZE_LSB)
|
#define MPU_RASR_SIZE_128KB (0x10UL << MPU_RASR_SIZE_LSB)
|
||||||
#define MPU_RASR_SIZE_256KB (0x11UL << MPU_RASR_SIZE_LSB)
|
#define MPU_RASR_SIZE_256KB (0x11UL << MPU_RASR_SIZE_LSB)
|
||||||
#define MPU_RASR_SIZE_512MB (0x1CUL << MPU_RASR_SIZE_LSB)
|
#define MPU_RASR_SIZE_512KB (0x12UL << MPU_RASR_SIZE_LSB)
|
||||||
|
#define MPU_RASR_SIZE_512MB (0x1cUL << MPU_RASR_SIZE_LSB)
|
||||||
|
|
||||||
// http://infocenter.arm.com/help/topic/com.arm.doc.dui0552a/BABDJJGF.html
|
// http://infocenter.arm.com/help/topic/com.arm.doc.dui0552a/BABDJJGF.html
|
||||||
#define MPU_RASR_ATTR_FLASH (MPU_RASR_ATTR_C)
|
#define MPU_RASR_ATTR_FLASH (MPU_RASR_ATTR_C)
|
||||||
@ -161,29 +166,34 @@ void mpu_config(void)
|
|||||||
// Disable MPU
|
// Disable MPU
|
||||||
MPU_CTRL = 0;
|
MPU_CTRL = 0;
|
||||||
|
|
||||||
// Bootloader (0x08000000 - 0x08007FFF, 32 KiB, read-only, execute never)
|
// Note: later entries overwrite previous ones
|
||||||
|
// Flash (0x08000000 - 0x0807FFFF, 512 KiB, read-only, execute never)
|
||||||
MPU_RBAR = FLASH_BASE | MPU_RBAR_VALID | (0 << MPU_RBAR_REGION_LSB);
|
MPU_RBAR = FLASH_BASE | MPU_RBAR_VALID | (0 << MPU_RBAR_REGION_LSB);
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_32KB | MPU_RASR_ATTR_AP_PRO_URO | MPU_RASR_ATTR_XN;
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_512KB | MPU_RASR_ATTR_AP_PRO_URO;
|
||||||
|
|
||||||
// Metadata (0x08008000 - 0x0800FFFF, 32 KiB, read-write, execute never)
|
// Metadata in Flash is read-write when unlocked
|
||||||
MPU_RBAR = FLASH_BASE | 0x8000 | MPU_RBAR_VALID | (1 << MPU_RBAR_REGION_LSB);
|
// (0x08008000 - 0x0800FFFF, 32 KiB, read-write, execute never)
|
||||||
|
MPU_RBAR = (FLASH_BASE + 0x8000) | MPU_RBAR_VALID | (1 << MPU_RBAR_REGION_LSB);
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_32KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_32KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
||||||
|
|
||||||
// Firmware (0x08010000 - 0x0807FFFF, 64 + 3 * 128 KiB = 64 + 128 + 256 KiB = 448 KiB, read-only)
|
|
||||||
MPU_RBAR = FLASH_BASE | 0x10000 | MPU_RBAR_VALID | (2 << MPU_RBAR_REGION_LSB);
|
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_64KB | MPU_RASR_ATTR_AP_PRO_URO;
|
|
||||||
MPU_RBAR = FLASH_BASE | 0x20000 | MPU_RBAR_VALID | (3 << MPU_RBAR_REGION_LSB);
|
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_128KB | MPU_RASR_ATTR_AP_PRO_URO;
|
|
||||||
MPU_RBAR = FLASH_BASE | 0x40000 | MPU_RBAR_VALID | (4 << MPU_RBAR_REGION_LSB);
|
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_FLASH | MPU_RASR_SIZE_256KB | MPU_RASR_ATTR_AP_PRO_URO;
|
|
||||||
|
|
||||||
// SRAM (0x20000000 - 0x2001FFFF, read-write, execute never)
|
// SRAM (0x20000000 - 0x2001FFFF, read-write, execute never)
|
||||||
MPU_RBAR = SRAM_BASE | MPU_RBAR_VALID | (5 << MPU_RBAR_REGION_LSB);
|
MPU_RBAR = SRAM_BASE | MPU_RBAR_VALID | (2 << MPU_RBAR_REGION_LSB);
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_SRAM | MPU_RASR_SIZE_128KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_SRAM | MPU_RASR_SIZE_128KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
||||||
|
|
||||||
// Peripherals (0x40000000 - 0x5FFFFFFF, read-write, execute never)
|
// Peripherals (0x40000000 - 0x4001FFFF, read-write, execute never)
|
||||||
MPU_RBAR = PERIPH_BASE | MPU_RBAR_VALID | (6 << MPU_RBAR_REGION_LSB);
|
MPU_RBAR = PERIPH_BASE | MPU_RBAR_VALID | (3 << MPU_RBAR_REGION_LSB);
|
||||||
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_PERIPH | MPU_RASR_SIZE_512MB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_PERIPH | MPU_RASR_SIZE_128KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
||||||
|
// Peripherals (0x40020000 - 0x40023FFF, read-write, execute never)
|
||||||
|
MPU_RBAR = 0x40020000 | MPU_RBAR_VALID | (4 << MPU_RBAR_REGION_LSB);
|
||||||
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_PERIPH | MPU_RASR_SIZE_16KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
||||||
|
// Flash controller is protected
|
||||||
|
// (0x40023C00 - 0x40023FFF, privileged read-write, user no, execute never)
|
||||||
|
MPU_RBAR = 0x40023c00 | MPU_RBAR_VALID | (5 << MPU_RBAR_REGION_LSB);
|
||||||
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_PERIPH | MPU_RASR_SIZE_1KB | MPU_RASR_ATTR_AP_PRW_UNO | MPU_RASR_ATTR_XN;
|
||||||
|
// Don't enable DMA controller access
|
||||||
|
// Peripherals (0x50000000 - 0x5007ffff, read-write, execute never)
|
||||||
|
MPU_RBAR = 0x50000000 | MPU_RBAR_VALID | (6 << MPU_RBAR_REGION_LSB);
|
||||||
|
MPU_RASR = MPU_RASR_ENABLE | MPU_RASR_ATTR_PERIPH | MPU_RASR_SIZE_512KB | MPU_RASR_ATTR_AP_PRW_URW | MPU_RASR_ATTR_XN;
|
||||||
|
|
||||||
// Enable MPU
|
// Enable MPU
|
||||||
MPU_CTRL = MPU_CTRL_ENABLE;
|
MPU_CTRL = MPU_CTRL_ENABLE;
|
||||||
|
Loading…
Reference in New Issue
Block a user