nrf_spu.h 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450
  1. /**
  2. * Copyright (c) 2018 - 2019, Nordic Semiconductor ASA
  3. *
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without modification,
  7. * are permitted provided that the following conditions are met:
  8. *
  9. * 1. Redistributions of source code must retain the above copyright notice, this
  10. * list of conditions and the following disclaimer.
  11. *
  12. * 2. Redistributions in binary form, except as embedded into a Nordic
  13. * Semiconductor ASA integrated circuit in a product or a software update for
  14. * such product, must reproduce the above copyright notice, this list of
  15. * conditions and the following disclaimer in the documentation and/or other
  16. * materials provided with the distribution.
  17. *
  18. * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
  19. * contributors may be used to endorse or promote products derived from this
  20. * software without specific prior written permission.
  21. *
  22. * 4. This software, with or without modification, must only be used with a
  23. * Nordic Semiconductor ASA integrated circuit.
  24. *
  25. * 5. Any software provided in binary form under this license must not be reverse
  26. * engineered, decompiled, modified and/or disassembled.
  27. *
  28. * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
  29. * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  30. * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
  31. * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
  32. * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  33. * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
  34. * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  35. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  36. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  37. * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  38. *
  39. */
  40. #ifndef NRF_SPU_H__
  41. #define NRF_SPU_H__
  42. #include <nrfx.h>
  43. #ifdef __cplusplus
  44. extern "C" {
  45. #endif
  46. /**
  47. * @defgroup nrf_spu_hal SPU HAL
  48. * @{
  49. * @ingroup nrf_spu
  50. * @brief Hardware access layer for managing the System Protection Unit (SPU) peripheral.
  51. */
  52. /** @brief SPU events. */
  53. typedef enum
  54. {
  55. NRF_SPU_EVENT_RAMACCERR = offsetof(NRF_SPU_Type, EVENTS_RAMACCERR), ///< A security violation has been detected for the RAM memory space.
  56. NRF_SPU_EVENT_FLASHACCERR = offsetof(NRF_SPU_Type, EVENTS_FLASHACCERR), ///< A security violation has been detected for the Flash memory space.
  57. NRF_SPU_EVENT_PERIPHACCERR = offsetof(NRF_SPU_Type, EVENTS_PERIPHACCERR) ///< A security violation has been detected on one or several peripherals.
  58. } nrf_spu_event_t;
  59. /** @brief SPU interrupts. */
  60. typedef enum
  61. {
  62. NRF_SPU_INT_RAMACCERR_MASK = SPU_INTENSET_RAMACCERR_Msk, ///< Interrupt on RAMACCERR event.
  63. NRF_SPU_INT_FLASHACCERR_MASK = SPU_INTENSET_FLASHACCERR_Msk, ///< Interrupt on FLASHACCERR event.
  64. NRF_SPU_INT_PERIPHACCERR_MASK = SPU_INTENSET_PERIPHACCERR_Msk ///< Interrupt on PERIPHACCERR event.
  65. } nrf_spu_int_mask_t;
  66. /** @brief SPU Non-Secure Callable (NSC) region size. */
  67. typedef enum
  68. {
  69. NRF_SPU_NSC_SIZE_DISABLED = 0, ///< Not defined as a non-secure callable region.
  70. NRF_SPU_NSC_SIZE_32B = 1, ///< Non-Secure Callable region with a 32-byte size
  71. NRF_SPU_NSC_SIZE_64B = 2, ///< Non-Secure Callable region with a 64-byte size
  72. NRF_SPU_NSC_SIZE_128B = 3, ///< Non-Secure Callable region with a 128-byte size
  73. NRF_SPU_NSC_SIZE_256B = 4, ///< Non-Secure Callable region with a 256-byte size
  74. NRF_SPU_NSC_SIZE_512B = 5, ///< Non-Secure Callable region with a 512-byte size
  75. NRF_SPU_NSC_SIZE_1024B = 6, ///< Non-Secure Callable region with a 1024-byte size
  76. NRF_SPU_NSC_SIZE_2048B = 7, ///< Non-Secure Callable region with a 2048-byte size
  77. NRF_SPU_NSC_SIZE_4096B = 8 ///< Non-Secure Callable region with a 4096-byte size
  78. } nrf_spu_nsc_size_t;
  79. /** @brief SPU memory region permissions. */
  80. typedef enum
  81. {
  82. NRF_SPU_MEM_PERM_EXECUTE = SPU_FLASHREGION_PERM_EXECUTE_Msk, ///< Allow code execution from particular memory region.
  83. NRF_SPU_MEM_PERM_WRITE = SPU_FLASHREGION_PERM_WRITE_Msk, ///< Allow write operation on particular memory region.
  84. NRF_SPU_MEM_PERM_READ = SPU_FLASHREGION_PERM_READ_Msk ///< Allow read operation from particular memory region.
  85. } nrf_spu_mem_perm_t;
  86. /**
  87. * @brief Function for clearing a specific SPU event.
  88. *
  89. * @param[in] p_reg Pointer to the peripheral registers structure.
  90. * @param[in] event Event to clear.
  91. */
  92. __STATIC_INLINE void nrf_spu_event_clear(NRF_SPU_Type * p_reg,
  93. nrf_spu_event_t event);
  94. /**
  95. * @brief Function for checking the state of a specific SPU event.
  96. *
  97. * @param[in] p_reg Pointer to the peripheral registers structure.
  98. * @param[in] event Event to check.
  99. *
  100. * @retval true If the event is set.
  101. * @retval false If the event is not set.
  102. */
  103. __STATIC_INLINE bool nrf_spu_event_check(NRF_SPU_Type const * p_reg,
  104. nrf_spu_event_t event);
  105. /**
  106. * @brief Function for enabling specified interrupts.
  107. *
  108. * @param[in] p_reg Pointer to the peripheral registers structure.
  109. * @param[in] mask Interrupts to enable.
  110. */
  111. __STATIC_INLINE void nrf_spu_int_enable(NRF_SPU_Type * p_reg,
  112. uint32_t mask);
  113. /**
  114. * @brief Function for disabling specified interrupts.
  115. *
  116. * @param[in] p_reg Pointer to the peripheral registers structure.
  117. * @param[in] mask Interrupts to disable.
  118. */
  119. __STATIC_INLINE void nrf_spu_int_disable(NRF_SPU_Type * p_reg,
  120. uint32_t mask);
  121. /**
  122. * @brief Function for retrieving the state of a given interrupt.
  123. *
  124. * @param[in] p_reg Pointer to the peripheral registers structure.
  125. * @param[in] spu_int Interrupt to check.
  126. *
  127. * @retval true If the interrupt is enabled.
  128. * @retval false If the interrupt is not enabled.
  129. */
  130. __STATIC_INLINE bool nrf_spu_int_enable_check(NRF_SPU_Type const * p_reg,
  131. uint32_t spu_int);
  132. /**
  133. * @brief Function for setting up publication configuration of a given SPU event.
  134. *
  135. * @param[in] p_reg Pointer to the peripheral registers structure.
  136. * @param[in] event Event to configure.
  137. * @param[in] channel Channel to connect with published event.
  138. */
  139. __STATIC_INLINE void nrf_spu_publish_set(NRF_SPU_Type * p_reg,
  140. nrf_spu_event_t event,
  141. uint32_t channel);
  142. /**
  143. * @brief Function for clearing publication configuration of a given SPU event.
  144. *
  145. * @param[in] p_reg Pointer to the peripheral registers structure.
  146. * @param[in] event Event to clear.
  147. */
  148. __STATIC_INLINE void nrf_spu_publish_clear(NRF_SPU_Type * p_reg,
  149. nrf_spu_event_t event);
  150. /**
  151. * @brief Function for retrieving the capabilities of the current device.
  152. *
  153. * @param[in] p_reg Pointer to the peripheral registers structure.
  154. *
  155. * @retval true If ARM TrustZone support is available.
  156. * @retval false If ARM TrustZone support is not available.
  157. */
  158. __STATIC_INLINE bool nrf_spu_tz_is_available(NRF_SPU_Type const * p_reg);
  159. /**
  160. * @brief Function for configuring the DPPI channels to be available in particular domains.
  161. *
  162. * Channels are configured as bitmask. Set one in bitmask to make channels available only in secure
  163. * domain. Set zero to make it available in secure and non-secure domains.
  164. *
  165. * @param[in] p_reg Pointer to the peripheral registers structure.
  166. * @param[in] dppi_id DPPI peripheral id.
  167. * @param[in] channels_mask Bitmask with channels configuration.
  168. * @param[in] lock_conf Lock configuration until next SoC reset.
  169. */
  170. __STATIC_INLINE void nrf_spu_dppi_config_set(NRF_SPU_Type * p_reg,
  171. uint8_t dppi_id,
  172. uint32_t channels_mask,
  173. bool lock_conf);
  174. /**
  175. * @brief Function for configuring the GPIO pins to be available in particular domains.
  176. *
  177. * GPIO pins are configured as bitmask. Set one in bitmask to make particular pin available only
  178. * in secure domain. Set zero to make it available in secure and non-secure domains.
  179. *
  180. * @param[in] p_reg Pointer to the peripheral registers structure.
  181. * @param[in] gpio_port Port number.
  182. * @param[in] gpio_mask Bitmask with gpio configuration.
  183. * @param[in] lock_conf Lock configuration until next SoC reset.
  184. */
  185. __STATIC_INLINE void nrf_spu_gpio_config_set(NRF_SPU_Type * p_reg,
  186. uint8_t gpio_port,
  187. uint32_t gpio_mask,
  188. bool lock_conf);
  189. /**
  190. * @brief Function for configuring non-secure callable flash region.
  191. *
  192. * @param[in] p_reg Pointer to the peripheral registers structure.
  193. * @param[in] flash_nsc_id Non-secure callable flash region ID.
  194. * @param[in] flash_nsc_size Non-secure callable flash region size.
  195. * @param[in] region_number Flash region number.
  196. * @param[in] lock_conf Lock configuration until next SoC reset.
  197. */
  198. __STATIC_INLINE void nrf_spu_flashnsc_set(NRF_SPU_Type * p_reg,
  199. uint8_t flash_nsc_id,
  200. nrf_spu_nsc_size_t flash_nsc_size,
  201. uint8_t region_number,
  202. bool lock_conf);
  203. /**
  204. * @brief Function for configuring non-secure callable RAM region.
  205. *
  206. * @param[in] p_reg Pointer to the peripheral registers structure.
  207. * @param[in] ram_nsc_id Non-secure callable RAM region ID.
  208. * @param[in] ram_nsc_size Non-secure callable RAM region size.
  209. * @param[in] region_number RAM region number.
  210. * @param[in] lock_conf Lock configuration until next SoC reset.
  211. */
  212. __STATIC_INLINE void nrf_spu_ramnsc_set(NRF_SPU_Type * p_reg,
  213. uint8_t ram_nsc_id,
  214. nrf_spu_nsc_size_t ram_nsc_size,
  215. uint8_t region_number,
  216. bool lock_conf);
  217. /**
  218. * @brief Function for configuring security for a particular flash region.
  219. *
  220. * Permissions parameter must be set by using the logical OR on the @ref nrf_spu_mem_perm_t values.
  221. *
  222. * @param[in] p_reg Pointer to the peripheral registers structure.
  223. * @param[in] region_id Flash region index.
  224. * @param[in] secure_attr Set region attribute to secure.
  225. * @param[in] permissions Flash region permissions.
  226. * @param[in] lock_conf Lock configuration until next SoC reset.
  227. */
  228. __STATIC_INLINE void nrf_spu_flashregion_set(NRF_SPU_Type * p_reg,
  229. uint8_t region_id,
  230. bool secure_attr,
  231. uint32_t permissions,
  232. bool lock_conf);
  233. /**
  234. * @brief Function for configuring security for the RAM region.
  235. *
  236. * Permissions parameter must be set by using the logical OR on the @ref nrf_spu_mem_perm_t values.
  237. *
  238. * @param[in] p_reg Pointer to the peripheral registers structure.
  239. * @param[in] region_id RAM region index.
  240. * @param[in] secure_attr Set region attribute to secure.
  241. * @param[in] permissions RAM region permissions.
  242. * @param[in] lock_conf Lock configuration until next SoC reset.
  243. */
  244. __STATIC_INLINE void nrf_spu_ramregion_set(NRF_SPU_Type * p_reg,
  245. uint8_t region_id,
  246. bool secure_attr,
  247. uint32_t permissions,
  248. bool lock_conf);
  249. /**
  250. * @brief Function for configuring access permissions of the peripheral.
  251. *
  252. * @param[in] p_reg Pointer to the peripheral registers structure.
  253. * @param[in] peripheral_id ID number of a particular peripheral.
  254. * @param[in] secure_attr Peripheral registers accessible only from secure domain.
  255. * @param[in] secure_dma DMA transfers possible only from RAM memory in secure domain.
  256. * @param[in] lock_conf Lock configuration until next SoC reset.
  257. */
  258. __STATIC_INLINE void nrf_spu_peripheral_set(NRF_SPU_Type * p_reg,
  259. uint32_t peripheral_id,
  260. bool secure_attr,
  261. bool secure_dma,
  262. bool lock_conf);
  263. #ifndef SUPPRESS_INLINE_IMPLEMENTATION
  264. __STATIC_INLINE void nrf_spu_event_clear(NRF_SPU_Type * p_reg,
  265. nrf_spu_event_t event)
  266. {
  267. *((volatile uint32_t *)((uint8_t *)p_reg + (uint32_t)event)) = 0x0UL;
  268. volatile uint32_t dummy = *((volatile uint32_t *)((uint8_t *)p_reg + (uint32_t)event));
  269. (void)dummy;
  270. }
  271. __STATIC_INLINE bool nrf_spu_event_check(NRF_SPU_Type const * p_reg,
  272. nrf_spu_event_t event)
  273. {
  274. return (bool)*(volatile uint32_t *)((uint8_t *)p_reg + (uint32_t)event);
  275. }
  276. __STATIC_INLINE void nrf_spu_int_enable(NRF_SPU_Type * p_reg,
  277. uint32_t mask)
  278. {
  279. p_reg->INTENSET = mask;
  280. }
  281. __STATIC_INLINE void nrf_spu_int_disable(NRF_SPU_Type * p_reg,
  282. uint32_t mask)
  283. {
  284. p_reg->INTENCLR = mask;
  285. }
  286. __STATIC_INLINE bool nrf_spu_int_enable_check(NRF_SPU_Type const * p_reg,
  287. uint32_t spu_int)
  288. {
  289. return (bool)(p_reg->INTENSET & spu_int);
  290. }
  291. __STATIC_INLINE void nrf_spu_publish_set(NRF_SPU_Type * p_reg,
  292. nrf_spu_event_t event,
  293. uint32_t channel)
  294. {
  295. *((volatile uint32_t *) ((uint8_t *) p_reg + (uint32_t) event + 0x80uL)) =
  296. (channel | (SPU_PUBLISH_RAMACCERR_EN_Msk));
  297. }
  298. __STATIC_INLINE void nrf_spu_publish_clear(NRF_SPU_Type * p_reg,
  299. nrf_spu_event_t event)
  300. {
  301. *((volatile uint32_t *) ((uint8_t *) p_reg + (uint32_t) event + 0x80uL)) = 0;
  302. }
  303. __STATIC_INLINE bool nrf_spu_tz_is_available(NRF_SPU_Type const * p_reg)
  304. {
  305. return (p_reg->CAP & SPU_CAP_TZM_Msk ? true : false);
  306. }
  307. __STATIC_INLINE void nrf_spu_dppi_config_set(NRF_SPU_Type * p_reg,
  308. uint8_t dppi_id,
  309. uint32_t channels_mask,
  310. bool lock_conf)
  311. {
  312. NRFX_ASSERT(!(p_reg->DPPI[dppi_id].LOCK & SPU_DPPI_LOCK_LOCK_Msk));
  313. p_reg->DPPI[dppi_id].PERM = channels_mask;
  314. if (lock_conf)
  315. {
  316. p_reg->DPPI[dppi_id].LOCK = (SPU_DPPI_LOCK_LOCK_Msk);
  317. }
  318. }
  319. __STATIC_INLINE void nrf_spu_gpio_config_set(NRF_SPU_Type * p_reg,
  320. uint8_t gpio_port,
  321. uint32_t gpio_mask,
  322. bool lock_conf)
  323. {
  324. NRFX_ASSERT(!(p_reg->GPIOPORT[gpio_port].LOCK & SPU_GPIOPORT_LOCK_LOCK_Msk));
  325. p_reg->GPIOPORT[gpio_port].PERM = gpio_mask;
  326. if (lock_conf)
  327. {
  328. p_reg->GPIOPORT[gpio_port].LOCK = (SPU_GPIOPORT_LOCK_LOCK_Msk);
  329. }
  330. }
  331. __STATIC_INLINE void nrf_spu_flashnsc_set(NRF_SPU_Type * p_reg,
  332. uint8_t flash_nsc_id,
  333. nrf_spu_nsc_size_t flash_nsc_size,
  334. uint8_t region_number,
  335. bool lock_conf)
  336. {
  337. NRFX_ASSERT(!(p_reg->FLASHNSC[flash_nsc_id].REGION & SPU_FLASHNSC_REGION_LOCK_Msk));
  338. NRFX_ASSERT(!(p_reg->FLASHNSC[flash_nsc_id].SIZE & SPU_FLASHNSC_SIZE_LOCK_Msk));
  339. p_reg->FLASHNSC[flash_nsc_id].REGION = (uint32_t)region_number |
  340. (lock_conf ? SPU_FLASHNSC_REGION_LOCK_Msk : 0);
  341. p_reg->FLASHNSC[flash_nsc_id].SIZE = (uint32_t)flash_nsc_size |
  342. (lock_conf ? SPU_FLASHNSC_SIZE_LOCK_Msk : 0);
  343. }
  344. __STATIC_INLINE void nrf_spu_ramnsc_set(NRF_SPU_Type * p_reg,
  345. uint8_t ram_nsc_id,
  346. nrf_spu_nsc_size_t ram_nsc_size,
  347. uint8_t region_number,
  348. bool lock_conf)
  349. {
  350. NRFX_ASSERT(!(p_reg->RAMNSC[ram_nsc_id].REGION & SPU_RAMNSC_REGION_LOCK_Msk));
  351. NRFX_ASSERT(!(p_reg->RAMNSC[ram_nsc_id].SIZE & SPU_RAMNSC_SIZE_LOCK_Msk));
  352. p_reg->RAMNSC[ram_nsc_id].REGION = (uint32_t)region_number |
  353. (lock_conf ? SPU_RAMNSC_REGION_LOCK_Msk : 0);
  354. p_reg->RAMNSC[ram_nsc_id].SIZE = (uint32_t)ram_nsc_size |
  355. (lock_conf ? SPU_RAMNSC_SIZE_LOCK_Msk : 0);
  356. }
  357. __STATIC_INLINE void nrf_spu_flashregion_set(NRF_SPU_Type * p_reg,
  358. uint8_t region_id,
  359. bool secure_attr,
  360. uint32_t permissions,
  361. bool lock_conf)
  362. {
  363. NRFX_ASSERT(!(p_reg->FLASHREGION[region_id].PERM & SPU_FLASHREGION_PERM_LOCK_Msk));
  364. p_reg->FLASHREGION[region_id].PERM = permissions |
  365. (secure_attr ? SPU_FLASHREGION_PERM_SECATTR_Msk : 0) |
  366. (lock_conf ? SPU_FLASHREGION_PERM_LOCK_Msk : 0);
  367. }
  368. __STATIC_INLINE void nrf_spu_ramregion_set(NRF_SPU_Type * p_reg,
  369. uint8_t region_id,
  370. bool secure_attr,
  371. uint32_t permissions,
  372. bool lock_conf)
  373. {
  374. NRFX_ASSERT(!(p_reg->RAMREGION[region_id].PERM & SPU_RAMREGION_PERM_LOCK_Msk));
  375. p_reg->RAMREGION[region_id].PERM = permissions |
  376. (secure_attr ? SPU_RAMREGION_PERM_SECATTR_Msk : 0) |
  377. (lock_conf ? SPU_RAMREGION_PERM_LOCK_Msk : 0);
  378. }
  379. __STATIC_INLINE void nrf_spu_peripheral_set(NRF_SPU_Type * p_reg,
  380. uint32_t peripheral_id,
  381. bool secure_attr,
  382. bool secure_dma,
  383. bool lock_conf)
  384. {
  385. NRFX_ASSERT(p_reg->PERIPHID[peripheral_id].PERM & SPU_PERIPHID_PERM_PRESENT_Msk);
  386. NRFX_ASSERT(!(p_reg->PERIPHID[peripheral_id].PERM & SPU_PERIPHID_PERM_LOCK_Msk));
  387. p_reg->PERIPHID[peripheral_id].PERM =
  388. (secure_attr ? SPU_PERIPHID_PERM_SECATTR_Msk : 0) |
  389. (secure_dma ? SPU_PERIPHID_PERM_DMASEC_Msk : 0) |
  390. (lock_conf ? SPU_PERIPHID_PERM_LOCK_Msk : 0);
  391. }
  392. #endif // SUPPRESS_INLINE_IMPLEMENTATION
  393. /** @} */
  394. #ifdef __cplusplus
  395. }
  396. #endif
  397. #endif // NRF_SPU_H__