#ifndef __TREZORHAL_TRUSTZONE__ #define __TREZORHAL_TRUSTZONE__ #ifdef BOARDLOADER #define CMSE_NS_CALL __attribute((cmse_nonsecure_call)) #define CMSE_NS_ENTRY __attribute((cmse_nonsecure_entry)) typedef void CMSE_NS_CALL (*funcptr)(void); /* typedef for non-secure callback functions */ typedef funcptr funcptr_NS; #include STM32_HAL_H /* //-------- <<< Use Configuration Wizard in Context Menu >>> ----------------- */ /* // Initialize Security Attribution Unit (SAU) CTRL register */ #define SAU_INIT_CTRL 1 /* // Enable SAU // Value for SAU->CTRL register bit ENABLE */ #define SAU_INIT_CTRL_ENABLE 0 /* // When SAU is disabled // <0=> All Memory is Secure // <1=> All Memory is Non-Secure // Value for SAU->CTRL register bit ALLNS // When all Memory is Non-Secure (ALLNS is 1), IDAU can override memory map configuration. */ #define SAU_INIT_CTRL_ALLNS 1 /* // */ /* // Initialize Security Attribution Unit (SAU) Address Regions // SAU configuration specifies regions to be one of: // - Secure and Non-Secure Callable // - Non-Secure // Note: All memory regions not configured by SAU are Secure */ #define SAU_REGIONS_MAX 8 /* Max. number of SAU regions */ /* // Initialize SAU Region 0 // Setup SAU Region 0 memory attributes */ #define SAU_INIT_REGION0 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START0 0x0C1FE000 /* start address of SAU region 0 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END0 0x0C1FFFFF /* end address of SAU region 0 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC0 1 /* // */ /* // Initialize SAU Region 1 // Setup SAU Region 1 memory attributes */ #define SAU_INIT_REGION1 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START1 0x08200000 /* start address of SAU region 1 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END1 0x083FFFFF /* end address of SAU region 1 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC1 0 /* // */ /* // Initialize SAU Region 2 // Setup SAU Region 2 memory attributes */ #define SAU_INIT_REGION2 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START2 0x200D0000 /* start address of SAU region 2 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END2 0x2026FFFF /* end address of SAU region 2 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC2 0 /* // */ /* // Initialize SAU Region 3 // Setup SAU Region 3 memory attributes */ #define SAU_INIT_REGION3 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START3 0x40000000 /* start address of SAU region 3 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END3 0x4FFFFFFF /* end address of SAU region 3 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC3 0 /* // */ /* // Initialize SAU Region 4 // Setup SAU Region 4 memory attributes */ #define SAU_INIT_REGION4 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START4 0x60000000 /* start address of SAU region 4 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END4 0xAFFFFFFF /* end address of SAU region 4 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC4 0 /* // */ /* // Initialize SAU Region 5 // Setup SAU Region 5 memory attributes */ #define SAU_INIT_REGION5 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START5 0x0BF90000 /* start address of SAU region 5 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END5 0x0BFA8FFF /* end address of SAU region 5 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC5 0 /* // */ /* // Initialize SAU Region 6 // Setup SAU Region 6 memory attributes */ #define SAU_INIT_REGION6 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START6 0x00000000 /* start address of SAU region 6 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END6 0x00000000 /* end address of SAU region 6 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC6 0 /* // */ /* // Initialize SAU Region 7 // Setup SAU Region 7 memory attributes */ #define SAU_INIT_REGION7 0 /* // Start Address <0-0xFFFFFFE0> */ #define SAU_INIT_START7 0x00000000 /* start address of SAU region 7 */ /* // End Address <0x1F-0xFFFFFFFF> */ #define SAU_INIT_END7 0x00000000 /* end address of SAU region 7 */ /* // Region is // <0=>Non-Secure // <1=>Secure, Non-Secure Callable */ #define SAU_INIT_NSC7 0 /* // */ /* // */ /* // Setup behaviour of Sleep and Exception Handling */ #define SCB_CSR_AIRCR_INIT 0 /* // Deep Sleep can be enabled by // <0=>Secure and Non-Secure state // <1=>Secure state only // Value for SCB->CSR register bit DEEPSLEEPS */ #define SCB_CSR_DEEPSLEEPS_VAL 0 /* // System reset request accessible from // <0=> Secure and Non-Secure state // <1=> Secure state only // Value for SCB->AIRCR register bit SYSRESETREQS */ #define SCB_AIRCR_SYSRESETREQS_VAL 0 /* // Priority of Non-Secure exceptions is // <0=> Not altered // <1=> Lowered to 0x04-0x07 // Value for SCB->AIRCR register bit PRIS */ #define SCB_AIRCR_PRIS_VAL 0 /* // BusFault, HardFault, and NMI target // <0=> Secure state // <1=> Non-Secure state // Value for SCB->AIRCR register bit BFHFNMINS */ #define SCB_AIRCR_BFHFNMINS_VAL 0 /* // */ /* // Setup behaviour of Floating Point Unit */ #define TZ_FPU_NS_USAGE 1 /* // Floating Point Unit usage // <0=> Secure state only // <3=> Secure and Non-Secure state // Value for SCB->NSACR register bits CP10, CP11 */ #define SCB_NSACR_CP10_11_VAL 3 /* // Treat floating-point registers as Secure // <0=> Disabled // <1=> Enabled // Value for FPU->FPCCR register bit TS */ #define FPU_FPCCR_TS_VAL 0 /* // Clear on return (CLRONRET) accessibility // <0=> Secure and Non-Secure state // <1=> Secure state only // Value for FPU->FPCCR register bit CLRONRETS */ #define FPU_FPCCR_CLRONRETS_VAL 0 /* // Clear floating-point caller saved registers on exception return // <0=> Disabled // <1=> Enabled // Value for FPU->FPCCR register bit CLRONRET */ #define FPU_FPCCR_CLRONRET_VAL 1 /* // */ /* // Setup Interrupt Target */ /* // Initialize ITNS 0 (Interrupts 0..31) */ #define NVIC_INIT_ITNS0 1 /* // Interrupts 0..31 // WWDG_IRQn <0=> Secure state <1=> Non-Secure state // PVD_PVM_IRQn <0=> Secure state <1=> Non-Secure state // RTC_IRQn <0=> Secure state <1=> Non-Secure state // RTC_S_IRQn <0=> Secure state <1=> Non-Secure state // TAMP_IRQn <0=> Secure state <1=> Non-Secure state // RAMCFG_IRQn <0=> Secure state <1=> Non-Secure state // FLASH_IRQn <0=> Secure state <1=> Non-Secure state // FLASH_S_IRQn <0=> Secure state <1=> Non-Secure state // GTZC_IRQn <0=> Secure state <1=> Non-Secure state // RCC_IRQn <0=> Secure state <1=> Non-Secure state // RCC_S_IRQn <0=> Secure state <1=> Non-Secure state // EXTI0_IRQn <0=> Secure state <1=> Non-Secure state // EXTI1_IRQn <0=> Secure state <1=> Non-Secure state // EXTI2_IRQn <0=> Secure state <1=> Non-Secure state // EXTI3_IRQn <0=> Secure state <1=> Non-Secure state // EXTI4_IRQn <0=> Secure state <1=> Non-Secure state // EXTI5_IRQn <0=> Secure state <1=> Non-Secure state // EXTI6_IRQn <0=> Secure state <1=> Non-Secure state // EXTI7_IRQn <0=> Secure state <1=> Non-Secure state // EXTI8_IRQn <0=> Secure state <1=> Non-Secure state // EXTI9_IRQn <0=> Secure state <1=> Non-Secure state // EXTI10_IRQn <0=> Secure state <1=> Non-Secure state // EXTI11_IRQn <0=> Secure state <1=> Non-Secure state // EXTI12_IRQn <0=> Secure state <1=> Non-Secure state // EXTI13_IRQn <0=> Secure state <1=> Non-Secure state // EXTI14_IRQn <0=> Secure state <1=> Non-Secure state // EXTI15_IRQn <0=> Secure state <1=> Non-Secure state // IWDG_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel0_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel1_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel2_IRQn <0=> Secure state <1=> Non-Secure state */ #define NVIC_INIT_ITNS0_VAL 0x00000000 /* // */ /* // Initialize ITNS 1 (Interrupts 32..63) */ #define NVIC_INIT_ITNS1 1 /* // Interrupts 32..63 // GPDMA1_Channel3_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel4_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel5_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel6_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel7_IRQn <0=> Secure state <1=> Non-Secure state // ADC1_IRQn <0=> Secure state <1=> Non-Secure state // DAC1_IRQn <0=> Secure state <1=> Non-Secure state // FDCAN1_IT0_IRQn <0=> Secure state <1=> Non-Secure state // FDCAN1_IT1_IRQn <0=> Secure state <1=> Non-Secure state // TIM1_BRK_IRQn <0=> Secure state <1=> Non-Secure state // TIM1_UP_IRQn <0=> Secure state <1=> Non-Secure state // TIM1_TRG_COM_IRQn <0=> Secure state <1=> Non-Secure state // TIM1_CC_IRQn <0=> Secure state <1=> Non-Secure state // TIM2_IRQn <0=> Secure state <1=> Non-Secure state // TIM3_IRQn <0=> Secure state <1=> Non-Secure state // TIM4_IRQn <0=> Secure state <1=> Non-Secure state // TIM5_IRQn <0=> Secure state <1=> Non-Secure state // TIM6_IRQn <0=> Secure state <1=> Non-Secure state // TIM7_IRQn <0=> Secure state <1=> Non-Secure state // TIM8_BRK_IRQn <0=> Secure state <1=> Non-Secure state // TIM8_UP_IRQn <0=> Secure state <1=> Non-Secure state // TIM8_TRG_COM_IRQn <0=> Secure state <1=> Non-Secure state // TIM8_CC_IRQn <0=> Secure state <1=> Non-Secure state // I2C1_EV_IRQn <0=> Secure state <1=> Non-Secure state // I2C1_ER_IRQn <0=> Secure state <1=> Non-Secure state // I2C2_EV_IRQn <0=> Secure state <1=> Non-Secure state // I2C2_ER_IRQn <0=> Secure state <1=> Non-Secure state // SPI1_IRQn <0=> Secure state <1=> Non-Secure state // SPI2_IRQn <0=> Secure state <1=> Non-Secure state // USART1_IRQn <0=> Secure state <1=> Non-Secure state // USART2_IRQn <0=> Secure state <1=> Non-Secure state // USART3_IRQn <0=> Secure state <1=> Non-Secure state */ #define NVIC_INIT_ITNS1_VAL 0x00000000 /* // */ /* // Initialize ITNS 2 (Interrupts 64..95) */ #define NVIC_INIT_ITNS2 1 /* // Interrupts 64..95 // UART4_IRQn <0=> Secure state <1=> Non-Secure state // UART5_IRQn <0=> Secure state <1=> Non-Secure state // LPUART1_IRQn <0=> Secure state <1=> Non-Secure state // LPTIM1_IRQn <0=> Secure state <1=> Non-Secure state // LPTIM2_IRQn <0=> Secure state <1=> Non-Secure state // TIM15_IRQn <0=> Secure state <1=> Non-Secure state // TIM16_IRQn <0=> Secure state <1=> Non-Secure state // TIM17_IRQn <0=> Secure state <1=> Non-Secure state // COMP_IRQn <0=> Secure state <1=> Non-Secure state // OTG_HS_IRQn <0=> Secure state <1=> Non-Secure state // CRS_IRQn <0=> Secure state <1=> Non-Secure state // FMC_IRQn <0=> Secure state <1=> Non-Secure state // OCTOSPI1_IRQn <0=> Secure state <1=> Non-Secure state // PWR_S3WU_IRQn <0=> Secure state <1=> Non-Secure state // SDMMC1_IRQn <0=> Secure state <1=> Non-Secure state // SDMMC2_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel8_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel9_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel10_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel11_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel12_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel13_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel14_IRQn <0=> Secure state <1=> Non-Secure state // GPDMA1_Channel15_IRQn <0=> Secure state <1=> Non-Secure state // I2C3_EV_IRQn <0=> Secure state <1=> Non-Secure state // I2C3_ER_IRQn <0=> Secure state <1=> Non-Secure state // SAI1_IRQn <0=> Secure state <1=> Non-Secure state // SAI2_IRQn <0=> Secure state <1=> Non-Secure state // TSC_IRQn <0=> Secure state <1=> Non-Secure state // RNG_IRQn <0=> Secure state <1=> Non-Secure state // FPU_IRQn <0=> Secure state <1=> Non-Secure state */ #define NVIC_INIT_ITNS2_VAL 0x00000000 /* // */ /* // Initialize ITNS 3 (Interrupts 96..127) */ #define NVIC_INIT_ITNS3 1 /* // Interrupts 96..127 // HASH_IRQn <0=> Secure state <1=> Non-Secure state // LPTIM3_IRQn <0=> Secure state <1=> Non-Secure state // SPI3_IRQn <0=> Secure state <1=> Non-Secure state // I2C4_ER_IRQn <0=> Secure state <1=> Non-Secure state // I2C4_EV_IRQn <0=> Secure state <1=> Non-Secure state // MDF1_FLT0_IRQn <0=> Secure state <1=> Non-Secure state // MDF1_FLT1_IRQn <0=> Secure state <1=> Non-Secure state // MDF1_FLT2_IRQn <0=> Secure state <1=> Non-Secure state // MDF1_FLT3_IRQn <0=> Secure state <1=> Non-Secure state // UCPD1_IRQn <0=> Secure state <1=> Non-Secure state // ICACHE_IRQn <0=> Secure state <1=> Non-Secure state // LPTIM4_IRQn <0=> Secure state <1=> Non-Secure state // DCACHE1_IRQn <0=> Secure state <1=> Non-Secure state // ADF1_IRQn <0=> Secure state <1=> Non-Secure state // ADC4_IRQn <0=> Secure state <1=> Non-Secure state // LPDMA1_Channel0_IRQn <0=> Secure state <1=> Non-Secure state // LPDMA1_Channel1_IRQn <0=> Secure state <1=> Non-Secure state // LPDMA1_Channel2_IRQn <0=> Secure state <1=> Non-Secure state // LPDMA1_Channel3_IRQn <0=> Secure state <1=> Non-Secure state // DMA2D_IRQn <0=> Secure state <1=> Non-Secure state // DCMI_PSSI_IRQn <0=> Secure state <1=> Non-Secure state // OCTOSPI2_IRQn <0=> Secure state <1=> Non-Secure state // MDF1_FLT4_IRQn <0=> Secure state <1=> Non-Secure state // MDF1_FLT5_IRQn <0=> Secure state <1=> Non-Secure state // CORDIC_IRQn <0=> Secure state <1=> Non-Secure state // FMAC_IRQn <0=> Secure state <1=> Non-Secure state // USART6_IRQn <0=> Secure state <1=> Non-Secure state // I2C5_ER_IRQn <0=> Secure state <1=> Non-Secure state */ #define NVIC_INIT_ITNS3_VAL 0x00000000 /* // */ /* // Initialize ITNS 4 (Interrupts 109..138) */ #define NVIC_INIT_ITNS4 1 /* // Interrupts 96..138 // I2C5_EV_IRQn <0=> Secure state <1=> Non-Secure state // I2C6_ER_IRQn <0=> Secure state <1=> Non-Secure state // I2C6_EV_IRQn <0=> Secure state <1=> Non-Secure state // HSPI1_IRQn <0=> Secure state <1=> Non-Secure state // GPU2D_IRQn <0=> Secure state <1=> Non-Secure state // GPU2D_ER_IRQn <0=> Secure state <1=> Non-Secure state // GFXMMU_IRQn <0=> Secure state <1=> Non-Secure state // LTDC_IRQn <0=> Secure state <1=> Non-Secure state // LTDC_ER_IRQn <0=> Secure state <1=> Non-Secure state // DSI_IRQn <0=> Secure state <1=> Non-Secure state // DCACHE2_IRQn <0=> Secure state <1=> Non-Secure state */ #define NVIC_INIT_ITNS4_VAL 0x00000000 /* // */ /* // */ /* max 8 SAU regions. SAU regions are defined in partition.h */ #define SAU_INIT_REGION(n) \ SAU->RNR = (n & SAU_RNR_REGION_Msk); \ SAU->RBAR = (SAU_INIT_START##n & SAU_RBAR_BADDR_Msk); \ SAU->RLAR = (SAU_INIT_END##n & SAU_RLAR_LADDR_Msk) | \ ((SAU_INIT_NSC##n << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk) | 1U extern void trustzone_init(void); extern void trustzone_run(void); #endif #endif