Support for SPU to write protect bootloader flash region on application startup.

dgarske · dgarske · commit 422f9e8da018 · 2024-10-08T16:31:46.000-07:00
diff --git a/Makefile b/Makefile
@@ -28,6 +28,7 @@ BIG_ENDIAN?=0
 USE_GCC?=1
 USE_GCC_HEADLESS?=1
 FLASH_OTP_KEYSTORE?=0
+BOOTLOADER_PARTITION_SIZE?=$$(( $(WOLFBOOT_PARTITION_BOOT_ADDRESS) - $(ARCH_FLASH_OFFSET)))
 
 OBJS:= \
 	./src/string.o \
@@ -141,7 +142,6 @@ ifeq ($(FLASH_OTP_KEYSTORE),1)
 endif
 
 ASFLAGS:=$(CFLAGS)
-BOOTLOADER_PARTITION_SIZE?=$$(( $(WOLFBOOT_PARTITION_BOOT_ADDRESS) - $(ARCH_FLASH_OFFSET)))
 
 all: $(MAIN_TARGET)
 
diff --git a/hal/nrf5340.c b/hal/nrf5340.c
@@ -700,13 +700,40 @@ void hal_init(void)
     hal_net_check_version();
 }
 
+/* enable write protection for the region of flash specified */
+int hal_flash_protect(uint32_t start, uint32_t len)
+{
+    /* only application core supports SPU */
+#ifdef TARGET_nrf5340_app
+    uint32_t region, n, i;
+
+    /* limit check */
+    if (start > FLASH_SIZE)
+        return -1;
+    /* truncate if exceeds flash size */
+    if (start + len > FLASH_SIZE)
+        len = FLASH_SIZE - start;
+
+    region = (start / SPU_BLOCK_SIZE);
+    n = (len / SPU_BLOCK_SIZE);
+
+    for (i = 0; i < n; i++) {
+        /* do not allow write to this region and lock till next reset */
+        SPU_FLASHREGION_PERM(region+i) = (
+            SPU_FLASHREGION_PERM_EXEC |
+            SPU_FLASHREGION_PERM_READ |
+            SPU_FLASHREGION_PERM_SECATTR |
+            SPU_FLASHREGION_PERM_LOCK
+        );
+    }
+#endif
+    return 0;
+}
 
 void hal_prepare_boot(void)
 {
-    /* TODO: Protect bootloader region of flash using SPU_FLASHREGION_PERM */
-    //WOLFBOOT_ORIGIN
-    //BOOTLOADER_PARTITION_SIZE
-    //FLASHREGION[n].PERM
+    /* Write protect bootloader region of flash */
+    hal_flash_protect(WOLFBOOT_ORIGIN, BOOTLOADER_PARTITION_SIZE);
 
     if (enableShm) {
     #ifdef TARGET_nrf5340_net
diff --git a/hal/nrf5340.h b/hal/nrf5340.h
@@ -106,11 +106,11 @@ void sleep_us(uint32_t usec);
 
     #define SPU_BLOCK_SIZE (16 * 1024)
     #define SPU_FLASHREGION_PERM(n) *((volatile uint32_t *)(SPU_BASE + 0x600 + (((n) & 0x3F) * 0x4)))
-    #define SPU_FLASHREGION_PERM_EXEC    (1 << 0)
-    #define SPU_FLASHREGION_PERM_WRITE   (1 << 1)
-    #define SPU_FLASHREGION_PERM_READ    (1 << 2)
-    #define SPU_FLASHREGION_PERM_SECATTR (1 << 4)
-    #define SPU_FLASHREGION_PERM_LOCK    (1 << 8)
+    #define SPU_FLASHREGION_PERM_EXEC    (1 << 0) /* Allow instruction fetches from flash region */
+    #define SPU_FLASHREGION_PERM_WRITE   (1 << 1) /* Allow write operation to region */
+    #define SPU_FLASHREGION_PERM_READ    (1 << 2) /* Allow read operation from flash region */
+    #define SPU_FLASHREGION_PERM_SECATTR (1 << 4) /* Flash region n security attribute is secure */
+    #define SPU_FLASHREGION_PERM_LOCK    (1 << 8) /* The content of this register can't be changed until the next reset */
 #endif
 
 /* OTP */
