From e3a0b6e7b4bc244e43f47e06682c1c420e6c6fa2 Mon Sep 17 00:00:00 2001 From: Saleem Rashid Date: Tue, 13 Feb 2018 18:18:19 +0000 Subject: [PATCH] setup: Switch to unprivileged execution --- firmware/trezor.c | 4 ++-- setup.c | 3 +++ util.h | 6 ++++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/firmware/trezor.c b/firmware/trezor.c index e7e011fdcc..8c5d55a9a7 100644 --- a/firmware/trezor.c +++ b/firmware/trezor.c @@ -102,13 +102,13 @@ int main(void) } #endif + timer_init(); + #ifdef APPVER // enable MPU (Memory Protection Unit) mpu_config(); #endif - timer_init(); - #if DEBUG_LINK oledSetDebugLink(1); storage_wipe(); diff --git a/setup.c b/setup.c index 8329b42362..0cd7f43d78 100644 --- a/setup.c +++ b/setup.c @@ -193,4 +193,7 @@ void mpu_config(void) __asm__ volatile("dsb"); __asm__ volatile("isb"); + + // Switch to unprivileged software execution to prevent access to MPU + set_mode_unprivileged(); } diff --git a/util.h b/util.h index 05d9c9a739..de3f9d5e0b 100644 --- a/util.h +++ b/util.h @@ -66,6 +66,12 @@ static inline void __attribute__((noreturn)) load_vector_table(const vector_tabl // Prevent compiler from generating stack protector code (which causes CPU fault because the stack is moved) for (;;); } + +static inline void set_mode_unprivileged(void) +{ + // http://infocenter.arm.com/help/topic/com.arm.doc.dui0552a/CHDBIBGJ.html + __asm__ volatile("msr control, %0" :: "r" (0x1)); +} #endif #endif