diff --git a/core/embed/models/D002/memory.ld b/core/embed/models/D002/memory.ld index 3bed07fe2a..0b5fb6cb11 100644 --- a/core/embed/models/D002/memory.ld +++ b/core/embed/models/D002/memory.ld @@ -40,9 +40,7 @@ ASSETS_MAXSIZE = 0x10000; ASSETS_SECTOR_START = 0x1f8; ASSETS_SECTOR_END = 0x1ff; KERNEL_U_RAM_SIZE = 0x200; -KERNEL_SRAM1_SIZE = 0x0; KERNEL_SRAM2_SIZE = 0xfe00; -KERNEL_SRAM3_SIZE = 0x0; BOOTARGS_SIZE = 0x100; CODE_ALIGNMENT = 0x400; COREAPP_ALIGNMENT = 0x2000; diff --git a/core/embed/models/D002/model_D002.h b/core/embed/models/D002/model_D002.h index c428a53c8d..73f368569f 100644 --- a/core/embed/models/D002/model_D002.h +++ b/core/embed/models/D002/model_D002.h @@ -86,9 +86,7 @@ // RAM layout #define KERNEL_U_RAM_SIZE 512 -#define KERNEL_SRAM1_SIZE (0 * 1024) #define KERNEL_SRAM2_SIZE (64 * 1024 - 512) -#define KERNEL_SRAM3_SIZE (0 * 1024) #define BOOTARGS_SIZE 0x100 #define CODE_ALIGNMENT 0x400 diff --git a/core/embed/models/T3B1/memory.ld b/core/embed/models/T3B1/memory.ld index efb3aa5585..e77fe5b932 100644 --- a/core/embed/models/T3B1/memory.ld +++ b/core/embed/models/T3B1/memory.ld @@ -39,9 +39,8 @@ ASSETS_MAXSIZE = 0x10000; ASSETS_SECTOR_START = 0xf8; ASSETS_SECTOR_END = 0xff; KERNEL_U_RAM_SIZE = 0x200; -KERNEL_SRAM1_SIZE = 0x4000; -KERNEL_SRAM2_SIZE = 0x2000; -KERNEL_SRAM3_SIZE = 0x38400; +KERNEL_SRAM2_SIZE = 0x6000; +FRAMEBUFFER_SRAM_SIZE = 0x38400; BOOTARGS_SIZE = 0x100; CODE_ALIGNMENT = 0x200; COREAPP_ALIGNMENT = 0x2000; diff --git a/core/embed/models/T3B1/model_T3B1.h b/core/embed/models/T3B1/model_T3B1.h index ff90decd61..9b7ed11dfc 100644 --- a/core/embed/models/T3B1/model_T3B1.h +++ b/core/embed/models/T3B1/model_T3B1.h @@ -84,9 +84,8 @@ // RAM layout #define KERNEL_U_RAM_SIZE 512 -#define KERNEL_SRAM1_SIZE (16 * 1024) -#define KERNEL_SRAM2_SIZE (8 * 1024) -#define KERNEL_SRAM3_SIZE 0x38400 +#define KERNEL_SRAM2_SIZE (24 * 1024) +#define FRAMEBUFFER_SRAM_SIZE 0x38400 #define BOOTARGS_SIZE 0x100 #define CODE_ALIGNMENT 0x200 diff --git a/core/embed/models/T3T1/memory.ld b/core/embed/models/T3T1/memory.ld index efb3aa5585..e77fe5b932 100644 --- a/core/embed/models/T3T1/memory.ld +++ b/core/embed/models/T3T1/memory.ld @@ -39,9 +39,8 @@ ASSETS_MAXSIZE = 0x10000; ASSETS_SECTOR_START = 0xf8; ASSETS_SECTOR_END = 0xff; KERNEL_U_RAM_SIZE = 0x200; -KERNEL_SRAM1_SIZE = 0x4000; -KERNEL_SRAM2_SIZE = 0x2000; -KERNEL_SRAM3_SIZE = 0x38400; +KERNEL_SRAM2_SIZE = 0x6000; +FRAMEBUFFER_SRAM_SIZE = 0x38400; BOOTARGS_SIZE = 0x100; CODE_ALIGNMENT = 0x200; COREAPP_ALIGNMENT = 0x2000; diff --git a/core/embed/models/T3T1/model_T3T1.h b/core/embed/models/T3T1/model_T3T1.h index 2d5d48e5d7..c1a9cb3d60 100644 --- a/core/embed/models/T3T1/model_T3T1.h +++ b/core/embed/models/T3T1/model_T3T1.h @@ -84,9 +84,8 @@ // RAM layout #define KERNEL_U_RAM_SIZE 512 -#define KERNEL_SRAM1_SIZE (16 * 1024) -#define KERNEL_SRAM2_SIZE (8 * 1024) -#define KERNEL_SRAM3_SIZE 0x38400 +#define KERNEL_SRAM2_SIZE (24 * 1024) +#define FRAMEBUFFER_SRAM_SIZE 0x38400 #define BOOTARGS_SIZE 0x100 #define CODE_ALIGNMENT 0x200 diff --git a/core/embed/models/T3W1/memory.ld b/core/embed/models/T3W1/memory.ld index 3bed07fe2a..0b5fb6cb11 100644 --- a/core/embed/models/T3W1/memory.ld +++ b/core/embed/models/T3W1/memory.ld @@ -40,9 +40,7 @@ ASSETS_MAXSIZE = 0x10000; ASSETS_SECTOR_START = 0x1f8; ASSETS_SECTOR_END = 0x1ff; KERNEL_U_RAM_SIZE = 0x200; -KERNEL_SRAM1_SIZE = 0x0; KERNEL_SRAM2_SIZE = 0xfe00; -KERNEL_SRAM3_SIZE = 0x0; BOOTARGS_SIZE = 0x100; CODE_ALIGNMENT = 0x400; COREAPP_ALIGNMENT = 0x2000; diff --git a/core/embed/models/T3W1/model_T3W1.h b/core/embed/models/T3W1/model_T3W1.h index 8c26a86fd1..5f941e25ac 100644 --- a/core/embed/models/T3W1/model_T3W1.h +++ b/core/embed/models/T3W1/model_T3W1.h @@ -92,9 +92,7 @@ // RAM layout #define KERNEL_U_RAM_SIZE 512 -#define KERNEL_SRAM1_SIZE (0 * 1024) #define KERNEL_SRAM2_SIZE (64 * 1024 - 512) -#define KERNEL_SRAM3_SIZE (0 * 1024) #define BOOTARGS_SIZE 0x100 #define CODE_ALIGNMENT 0x400 diff --git a/core/embed/projects/bootloader/messages.c b/core/embed/projects/bootloader/messages.c index a7f84fd583..78cad1d48a 100644 --- a/core/embed/projects/bootloader/messages.c +++ b/core/embed/projects/bootloader/messages.c @@ -651,7 +651,10 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size, IMAGE_HASH_FINAL(&ctx, hash); // the firmware must be the same as confirmed by the user - if (memcmp(bootargs_get_args()->hash, hash, sizeof(hash)) != 0) { + boot_args_t args = {0}; + bootargs_get_args(&args); + + if (memcmp(args.hash, hash, sizeof(hash)) != 0) { MSG_SEND_INIT(Failure); MSG_SEND_ASSIGN_VALUE(code, FailureType_Failure_ProcessError); MSG_SEND_ASSIGN_STRING(message, "Firmware mismatch"); diff --git a/core/embed/sys/linker/stm32u58/firmware.ld b/core/embed/sys/linker/stm32u58/firmware.ld index e3a8b752b2..3148a9c522 100644 --- a/core/embed/sys/linker/stm32u58/firmware.ld +++ b/core/embed/sys/linker/stm32u58/firmware.ld @@ -4,9 +4,9 @@ ENTRY(reset_handler) MEMORY { FLASH (rx) : ORIGIN = KERNEL_START, LENGTH = FIRMWARE_MAXSIZE - SRAM1 (wal) : ORIGIN = MCU_SRAM1, LENGTH = MCU_SRAM1_SIZE - KERNEL_SRAM1_SIZE - SRAM2 (wal) : ORIGIN = MCU_SRAM2 + KERNEL_SRAM2_SIZE, LENGTH = MCU_SRAM2_SIZE - KERNEL_SRAM2_SIZE - SRAM3 (wal) : ORIGIN = MCU_SRAM3, LENGTH = MCU_SRAM3_SIZE - KERNEL_SRAM3_SIZE + SRAM1 (wal) : ORIGIN = MCU_SRAM1, LENGTH = MCU_SRAM1_SIZE - 512 + SRAM2 (wal) : ORIGIN = MCU_SRAM2 + KERNEL_SRAM2_SIZE + KERNEL_U_RAM_SIZE, LENGTH = MCU_SRAM2_SIZE - KERNEL_SRAM2_SIZE - KERNEL_U_RAM_SIZE + SRAM3 (wal) : ORIGIN = MCU_SRAM3, LENGTH = MCU_SRAM3_SIZE - FRAMEBUFFER_SRAM_SIZE SRAM5 (wal) : ORIGIN = MCU_SRAM5, LENGTH = 0K /* SRAM5 is not available */ SRAM6 (wal) : ORIGIN = MCU_SRAM6, LENGTH = 0K /* SRAM6 is not available */ SRAM4 (wal) : ORIGIN = MCU_SRAM4, LENGTH = 0K /* not allocated to coreapp */ diff --git a/core/embed/sys/linker/stm32u58/kernel.ld b/core/embed/sys/linker/stm32u58/kernel.ld index 7f8e3f6c03..24f2cf0875 100644 --- a/core/embed/sys/linker/stm32u58/kernel.ld +++ b/core/embed/sys/linker/stm32u58/kernel.ld @@ -4,11 +4,11 @@ ENTRY(reset_handler) MEMORY { FLASH (rx) : ORIGIN = KERNEL_START, LENGTH = KERNEL_MAXSIZE - SRAM1 (wal) : ORIGIN = MCU_SRAM2 - KERNEL_SRAM1_SIZE, LENGTH = KERNEL_SRAM1_SIZE - BOOTARGS_SIZE - BOOT_ARGS (wal) : ORIGIN = MCU_SRAM2 - BOOTARGS_SIZE, LENGTH = BOOTARGS_SIZE - SRAM2 (wal) : ORIGIN = MCU_SRAM2, LENGTH = KERNEL_SRAM2_SIZE - KERNEL_U_RAM_SIZE - SRAM2_U (wal) : ORIGIN = MCU_SRAM2 + KERNEL_SRAM2_SIZE - KERNEL_U_RAM_SIZE, LENGTH = KERNEL_U_RAM_SIZE - SRAM3 (wal) : ORIGIN = MCU_SRAM3 + MCU_SRAM3_SIZE - KERNEL_SRAM3_SIZE, LENGTH = KERNEL_SRAM3_SIZE + SRAM1 (wal) : ORIGIN = MCU_SRAM2, LENGTH = 0K + BOOT_ARGS (wal) : ORIGIN = MCU_SRAM2 - BOOTARGS_SIZE, LENGTH = BOOTARGS_SIZE + SRAM2 (wal) : ORIGIN = MCU_SRAM2, LENGTH = KERNEL_SRAM2_SIZE + SRAM2_U (wal) : ORIGIN = MCU_SRAM2 + KERNEL_SRAM2_SIZE, LENGTH = KERNEL_U_RAM_SIZE + SRAM3 (wal) : ORIGIN = MCU_SRAM3 + MCU_SRAM3_SIZE - FRAMEBUFFER_SRAM_SIZE, LENGTH = FRAMEBUFFER_SRAM_SIZE SRAM5 (wal) : ORIGIN = MCU_SRAM5, LENGTH = 0K /* SRAM5 is not available */ SRAM6 (wal) : ORIGIN = MCU_SRAM6, LENGTH = 0K /* SRAM6 is not available */ SRAM4 (wal) : ORIGIN = MCU_SRAM4, LENGTH = MCU_SRAM4_SIZE @@ -44,7 +44,7 @@ _startup_clear_ram_2_end = MCU_SRAM4 + MCU_SRAM4_SIZE; /* used by the jump code to wipe memory */ _handoff_clear_ram_0_start = MCU_SRAM1; -_handoff_clear_ram_0_end = MCU_SRAM1 + MCU_SRAM1_SIZE - BOOTARGS_SIZE; +_handoff_clear_ram_0_end = MCU_SRAM1 + MCU_SRAM1_SIZE - 512; _handoff_clear_ram_1_start = MCU_SRAM2; _handoff_clear_ram_1_end = MCU_SRAM6 + MCU_SRAM6_SIZE; _handoff_clear_ram_2_start = MCU_SRAM4; @@ -62,9 +62,9 @@ _shutdown_clear_ram_3_end = 0; /* used by applet cleaning code */ _coreapp_clear_ram_0_start = MCU_SRAM1; -_coreapp_clear_ram_0_size = MCU_SRAM1_SIZE - KERNEL_SRAM1_SIZE; -_coreapp_clear_ram_1_start = MCU_SRAM2 + KERNEL_SRAM2_SIZE; -_coreapp_clear_ram_1_size = MCU_SRAM2_SIZE - KERNEL_SRAM2_SIZE + MCU_SRAM3_SIZE - KERNEL_SRAM3_SIZE; +_coreapp_clear_ram_0_size = MCU_SRAM1_SIZE - 512; +_coreapp_clear_ram_1_start = MCU_SRAM2 + KERNEL_SRAM2_SIZE + KERNEL_U_RAM_SIZE; +_coreapp_clear_ram_1_size = MCU_SRAM2_SIZE - KERNEL_SRAM2_SIZE - KERNEL_U_RAM_SIZE + MCU_SRAM3_SIZE - FRAMEBUFFER_SRAM_SIZE; sram_u_start = ORIGIN(SRAM2_U); sram_u_end = ORIGIN(SRAM2_U) + LENGTH(SRAM2_U); @@ -102,10 +102,14 @@ SECTIONS { . = ALIGN(512); } >FLASH AT>FLASH + .stack : ALIGN(8) { + . = 6K; /* Overflow causes UsageFault */ + } >SRAM2 + .data : ALIGN(4) { *(.data*); . = ALIGN(512); - } >SRAM1 AT>FLASH + } >SRAM2 AT>FLASH /DISCARD/ : { *(.ARM.exidx*); @@ -116,10 +120,6 @@ SECTIONS { *(.buf*); *(.bss*); . = ALIGN(4); - } >SRAM1 - - .stack : ALIGN(8) { - . = 6K; /* Overflow causes UsageFault */ } >SRAM2 /* unprivileged data and stack for SAES */ diff --git a/core/embed/sys/mpu/inc/sys/mpu.h b/core/embed/sys/mpu/inc/sys/mpu.h index aaafa81480..aac6448fe2 100644 --- a/core/embed/sys/mpu/inc/sys/mpu.h +++ b/core/embed/sys/mpu/inc/sys/mpu.h @@ -36,6 +36,7 @@ typedef enum { MPU_MODE_DEFAULT, // Default MPU_MODE_BOARDCAPS, // + boardloader capabilities (privileged RO) MPU_MODE_BOOTUPDATE, // + bootloader area (privileged RW) + MPU_MODE_BOOTARGS, // + boot arguments (privileged RW) MPU_MODE_OTP, // + OTP (privileged RW) MPU_MODE_FSMC_REGS, // + FSMC control registers (privileged RW) MPU_MODE_FLASHOB, // + Option bytes mapping (privileged RW) diff --git a/core/embed/sys/mpu/stm32u5/mpu.c b/core/embed/sys/mpu/stm32u5/mpu.c index 50900cd3a6..07562c47fe 100644 --- a/core/embed/sys/mpu/stm32u5/mpu.c +++ b/core/embed/sys/mpu/stm32u5/mpu.c @@ -128,47 +128,27 @@ _Static_assert(NORCOW_SECTOR_SIZE == STORAGE_1_MAXSIZE, "norcow misconfigured"); _Static_assert(NORCOW_SECTOR_SIZE == STORAGE_2_MAXSIZE, "norcow misconfigured"); #ifdef STM32U585xx -// Two frame buffers at the end of SRAM3 -#define GRAPHICS_START (SRAM3_BASE + SRAM3_SIZE - KERNEL_SRAM3_SIZE) -#define GRAPHICS_SIZE KERNEL_SRAM3_SIZE // Extended peripheral block to cover FMC1 that's used for display // 512M of periherals + 16M for FMC1 area that follows #define PERIPH_SIZE (SIZE_512M + SIZE_16M) #else -#define GRAPHICS_START GFXMMU_VIRTUAL_BUFFERS_BASE -#define GRAPHICS_SIZE SIZE_16M #define PERIPH_SIZE SIZE_512M #endif #define OTP_AND_ID_SIZE 0x800 // clang-format on +extern uint8_t boot_args_start; +#define BOOTARGS_START ((uint32_t) & boot_args_start) #ifdef KERNEL -#ifdef STM32U585xx -#define KERNEL_RAM_START (SRAM2_BASE - KERNEL_SRAM1_SIZE) -#define KERNEL_RAM_SIZE \ - ((KERNEL_SRAM1_SIZE + KERNEL_SRAM2_SIZE) - KERNEL_U_RAM_SIZE) -#else -_Static_assert(KERNEL_SRAM1_SIZE == 0, "SRAM1 not supported in kernel"); -_Static_assert(KERNEL_SRAM3_SIZE == 0, "SRAM3 not supported in kernel"); -#define KERNEL_RAM_START (SRAM2_BASE - BOOTARGS_SIZE) -#define KERNEL_RAM_SIZE (BOOTARGS_SIZE + KERNEL_SRAM2_SIZE) -#endif -#ifdef SYSCALL_DISPATCH extern uint8_t _uflash_start; extern uint8_t _uflash_end; #define KERNEL_RAM_U_START (KERNEL_RAM_START + KERNEL_RAM_SIZE) #define KERNEL_RAM_U_SIZE KERNEL_U_RAM_SIZE #define KERNEL_FLASH_U_START (uint32_t) & _uflash_start #define KERNEL_FLASH_U_SIZE ((uint32_t) & _uflash_end - KERNEL_FLASH_U_START) -#else -#define KERNEL_RAM_U_START 0 -#define KERNEL_RAM_U_SIZE 0 -#define KERNEL_FLASH_U_START 0 -#define KERNEL_FLASH_U_SIZE 0 -#endif extern uint32_t _codelen; #define KERNEL_SIZE (uint32_t) & _codelen @@ -181,13 +161,17 @@ extern uint32_t _codelen; #define COREAPP_FLASH_SIZE \ (FIRMWARE_MAXSIZE - (COREAPP_FLASH_START - KERNEL_FLASH_START)) +#define KERNEL_RAM_START (SRAM2_BASE) +#define KERNEL_RAM_SIZE (KERNEL_SRAM2_SIZE) + #ifdef STM32U585xx #define COREAPP_RAM1_START SRAM1_BASE -#define COREAPP_RAM1_SIZE (SRAM1_SIZE - KERNEL_SRAM1_SIZE) +#define COREAPP_RAM1_SIZE (SRAM1_SIZE - 512) -#define COREAPP_RAM2_START (SRAM2_BASE + KERNEL_SRAM2_SIZE) -#define COREAPP_RAM2_SIZE \ - (SRAM2_SIZE - KERNEL_SRAM2_SIZE + SRAM3_SIZE - KERNEL_SRAM3_SIZE) +#define COREAPP_RAM2_START (SRAM2_BASE + KERNEL_SRAM2_SIZE + KERNEL_U_RAM_SIZE) +#define COREAPP_RAM2_SIZE \ + (SRAM2_SIZE - KERNEL_SRAM2_SIZE - KERNEL_U_RAM_SIZE + SRAM3_SIZE - \ + FRAMEBUFFER_SRAM_SIZE) #else #define COREAPP_RAM1_START SRAM5_BASE #define COREAPP_RAM1_SIZE SRAM5_SIZE @@ -199,7 +183,7 @@ extern uint32_t _codelen; #define MAIN_SRAM_START SRAM2_BASE #define MAIN_SRAM_SIZE SRAM2_SIZE #define AUX_SRAM_START SRAM1_BASE -#define AUX_SRAM_SIZE SRAM1_SIZE +#define AUX_SRAM_SIZE (SRAM1_SIZE - BOOTARGS_SIZE) #else #define MAIN_SRAM_START SRAM2_BASE #define MAIN_SRAM_SIZE SRAM2_SIZE @@ -401,6 +385,9 @@ mpu_mode_t mpu_reconfig(mpu_mode_t mode) { case MPU_MODE_APP: SET_REGION( 6, ASSETS_START, ASSETS_MAXSIZE, FLASH_DATA, NO, YES ); break; + case MPU_MODE_BOOTARGS: + SET_REGRUN( 6, BOOTARGS_START, BOOTARGS_SIZE, SRAM, YES, NO ); + break; default: DIS_REGION( 6 ); break; diff --git a/core/embed/sys/startup/inc/sys/bootargs.h b/core/embed/sys/startup/inc/sys/bootargs.h index 422fee0e47..92fc79d2bc 100644 --- a/core/embed/sys/startup/inc/sys/bootargs.h +++ b/core/embed/sys/startup/inc/sys/bootargs.h @@ -50,7 +50,7 @@ void bootargs_set(boot_command_t command, const void* args, size_t args_size); // Returns the last boot command saved during bootloader startup boot_command_t bootargs_get_command(); -// Returns the pointer to boot arguments -const boot_args_t* bootargs_get_args(); +// Copies the boot arguments to the destination buffer +void bootargs_get_args(boot_args_t* dest); #endif // TREZORHAL_BOOTARGS_H diff --git a/core/embed/sys/startup/stm32/bootutils.c b/core/embed/sys/startup/stm32/bootutils.c index ed0b1a6620..ec1e85045b 100644 --- a/core/embed/sys/startup/stm32/bootutils.c +++ b/core/embed/sys/startup/stm32/bootutils.c @@ -47,6 +47,8 @@ static boot_command_t g_boot_command = BOOT_COMMAND_NONE; static boot_args_t __attribute__((section(".boot_args"))) g_boot_args; void bootargs_set(boot_command_t command, const void* args, size_t args_size) { + mpu_mode_t mode = mpu_reconfig(MPU_MODE_BOOTARGS); + // save boot command g_boot_command = command; @@ -62,6 +64,8 @@ void bootargs_set(boot_command_t command, const void* args, size_t args_size) { if (clear_size > 0) { memset(&g_boot_args.raw[copy_size], 0, clear_size); } + + mpu_restore(mode); } #ifdef BOOTLOADER @@ -70,7 +74,13 @@ boot_command_t g_boot_command_saved; boot_command_t bootargs_get_command() { return g_boot_command_saved; } -const boot_args_t* bootargs_get_args() { return &g_boot_args; } +void bootargs_get_args(boot_args_t* dest) { + mpu_mode_t mode = mpu_reconfig(MPU_MODE_BOOTARGS); + + memcpy(dest, g_boot_args.raw, BOOT_ARGS_MAX_SIZE); + + mpu_restore(mode); +} #endif // Deletes all secrets and SRAM2 where stack is located diff --git a/core/embed/sys/startup/unix/bootutils.c b/core/embed/sys/startup/unix/bootutils.c index b3b36e46e6..12824d0c00 100644 --- a/core/embed/sys/startup/unix/bootutils.c +++ b/core/embed/sys/startup/unix/bootutils.c @@ -51,7 +51,9 @@ void bootargs_set(boot_command_t command, const void* args, size_t args_size) { boot_command_t bootargs_get_command() { return g_boot_command; } -const boot_args_t* bootargs_get_args() { return &g_boot_args; } +void bootargs_get_args(boot_args_t* dest) { + memcpy(dest, &g_boot_args, sizeof(boot_args_t)); +} void __attribute__((noreturn)) secure_shutdown(void) { printf("SHUTDOWN\n");