nRF5340 TrustZone

.github/workflows/test-configs.yml

@@ -136,6 +136,12 @@ jobs:
       arch: arm
       config-file: ./config/examples/nrf5340.config
 
+  nrf5340_app_tz_test:
+    uses: ./.github/workflows/test-build.yml
+    with:
+      arch: arm
+      config-file: ./config/examples/nrf5340-tz.config
+
   nrf5340_net_test:
     uses: ./.github/workflows/test-build.yml
     with:

arch.mk

@@ -690,6 +690,12 @@ ifeq ($(TARGET),mcxw)
       $(MCUXPRESSO_DRIVERS)/drivers/fsl_romapi.o
 endif
 
+ifeq ($(TARGET),nrf5340)
+  ifneq ($(TZEN), 1)
+    LSCRIPT_IN=hal/$(TARGET)-ns.ld
+  endif
+endif
+
 ifeq ($(TARGET),nrf5340_net)
   # Net core doesn't support DSP and FP
   CFLAGS+=-mcpu=cortex-m33+nodsp+nofp

config/examples/nrf5340-tz.config

@@ -0,0 +1,73 @@
+ARCH?=ARM
+TZEN?=1
+TARGET?=nrf5340
+SIGN?=ECC384
+HASH?=SHA384
+WOLFBOOT_VERSION?=1
+VTOR?=1
+CORTEX_M0?=0
+CORTEX_M33?=1
+NO_ASM?=0
+NO_MPU=1
+ALLOW_DOWNGRADE?=0
+NVM_FLASH_WRITEONCE?=0
+DELTA_UPDATES?=1
+
+SPMATH?=1
+RAM_CODE?=1
+
+DUALBANK_SWAP?=0
+FLAGS_HOME=0
+DISABLE_BACKUP=0
+EXT_FLASH?=1
+SPI_FLASH?=0
+QSPI_FLASH?=1
+
+# Flash is 4KB pages (app)
+WOLFBOOT_SECTOR_SIZE?=0x1000
+
+# Flash keyvault: 112K
+WOLFBOOT_KEYVAULT_ADDRESS?=0x20000
+WOLFBOOT_KEYVAULT_SIZE?=0x1C000
+
+# Flash NSC: 16K
+WOLFBOOT_NSC_ADDRESS?=0x3C000
+WOLFBOOT_NSC_SIZE?=0x04000
+
+# Application offset (reserve 256K for wolfBoot + keyvault + NSC)
+WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x40000
+
+# Application Partition Size (768KB)
+WOLFBOOT_PARTITION_SIZE?=0xC0000
+
+# External Flash offset for application update (1MB)
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x0
+
+# External Flash offset for network update at 0x100000 (size=256KB)
+
+# External Flash offset for swap (4KB)
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x140000
+
+V?=0
+DEBUG?=0
+DEBUG_UART?=1
+USE_GCC=1
+OPTIMIZATION_LEVEL=2
+
+# Optionally wait for network core to boot before starting application core
+CFLAGS_EXTRA+=-DNRF_SYNC_CORES
+
+# Use larger block size for swapping sectors (performance improvement)
+CFLAGS_EXTRA+=-DFLASHBUFFER_SIZE=0x1000
+
+# Enable optional power control pin (active low) P1.00
+#CFLAGS_EXTRA+=-DQSPI_PWR_CTRL_PORT=1 -DQSPI_PWR_CTRL_PIN=0
+
+# Use UART0 on P0.22
+#CFLAGS_EXTRA+=-DUART_PORT=0 -DUART_PIN=22
+
+#CFLAGS_EXTRA+=-DDEBUG_FLASH
+#CFLAGS_EXTRA+=-DDEBUG_QSPI=1
+
+# Hard fault debugging
+#CFLAGS_EXTRA+=-DDEBUG_HARDFAULT

docs/Targets.md

@@ -2425,7 +2425,7 @@ c
 NXP MCXW716 is a Cortex-M33 microcontroller running at 96MHz.
 The support has been tested using FRDM-MCXW716 with the onboard MCU-Link configured in JLink mode.
 
-This requires the MCXW SDK from the NXP MCUXpresso SDK Builder. We tested using [mcux-sdk](https://github.com/nxp-mcuxpresso/mcux-sdk) and [CMSIS_5](https://github.com/nxp-mcuxpresso/CMSIS_5)`
+This requires the MCXW SDK from the NXP MCUXpresso SDK Builder. We tested using [mcux-sdk](https://github.com/nxp-mcuxpresso/mcux-sdk) and [CMSIS_5](https://github.com/nxp-mcuxpresso/CMSIS_5)
 placed under "../NXP". Adjust the MCUXPRESSO and MCUXPRESSO_CMSIS variables in your .config file according to your paths.
 
 ### MCX W: Configuring and compiling
@@ -2549,6 +2549,13 @@ Tested with the Nordic nRF5340-DK. This device has two cores:
 1) Application core: Cortex-M33 at 128MHz, w/TrustZone, 1MB flash, 512KB RAM
 2) Network core: Cortex-M33 at 64MHz, 256KB Flash and 64KB RAM
 
+Three different configurations are available at `config/examples`:
+- `nrf5340.config`: for the app core; does not make use of TrustZone, i.e. it
+  always runs in secure mode.
+- `nrf5340-tz.config`: for the app core; makes use of TrustZone, i.e. boots the
+  application as non-secure code.
+- `nrf5340_net.config`: for the net core.
+
 The DK board has two virtual COM ports. Application core and Network core will each output to different VCOM ports.
 The cores communicate firmware updates using shared memory hosted on application core.
 

hal/nrf5340-ns.ld

@@ -0,0 +1,53 @@
+MEMORY
+{
+    FLASH (rx) :     ORIGIN = @ARCH_FLASH_OFFSET@, LENGTH = @BOOTLOADER_PARTITION_SIZE@
+    FLASH_NET (rx) : ORIGIN = 0x01000000, LENGTH = 256K
+    RAM (rwx) :      ORIGIN = 0x20000000, LENGTH = 64K
+}
+
+SECTIONS
+{
+    .text :
+    {
+        _start_text = .;
+        KEEP(*(.isr_vector))
+        *(.boot*)
+        *(.text*)
+        *(.rodata*)
+        *(.init*)
+        *(.fini*)
+        . = ALIGN(4);
+        _end_text = .;
+    } > FLASH
+
+    .edidx :
+    {
+        . = ALIGN(4);
+        *(.ARM.exidx*)
+    } > FLASH
+
+    _stored_data = .;
+
+    .data : AT (_stored_data)
+    {
+        _start_data = .;
+        KEEP(*(.data*))
+        . = ALIGN(4);
+        _end_data = .;
+    } > RAM
+
+    .bss (NOLOAD) :
+    {
+        _start_bss = .;
+        __bss_start__ = .;
+        *(.bss*)
+        *(COMMON)
+        . = ALIGN(4);
+        _end_bss = .;
+        __bss_end__ = .;
+        _end = .;
+    } > RAM
+    . = ALIGN(4);
+}
+
+END_STACK = ORIGIN(RAM) + LENGTH(RAM);

hal/nrf5340.c

@@ -29,6 +29,8 @@
 #include "printf.h"
 #include "nrf5340.h"
 #include "spi_flash.h"
+#include "hal/armv8m_tz.h"
+#include "target.h"
 
 /* TODO:
  * Key Storage: See 7.1.18.4.2 Key storage:
@@ -133,6 +135,50 @@ static SharedMem_t*  shm = (SharedMem_t*)&shm_shadow;
     #endif
 #endif
 
+#ifdef TZEN
+static void hal_spu_init(void) {
+    uint8_t nsc_size_index;
+    uint8_t region;
+    uint8_t start_region;
+    uint8_t end_region;
+
+    /* Make sure SAU is disabled, configure everything through SPU */
+    SAU_CTRL = SAU_INIT_CTRL_ALLNS;
+
+    /* Flash: Non-Secure Callable */
+    nsc_size_index = (WOLFBOOT_NSC_SIZE > 2048) ? 8 :
+                     (WOLFBOOT_NSC_SIZE > 1024) ? 7 :
+                     (WOLFBOOT_NSC_SIZE > 512)  ? 6 :
+                     (WOLFBOOT_NSC_SIZE > 256)  ? 5 :
+                     (WOLFBOOT_NSC_SIZE > 128)  ? 4 :
+                     (WOLFBOOT_NSC_SIZE > 64)   ? 3 :
+                     (WOLFBOOT_NSC_SIZE > 32)   ? 2 :
+                     (WOLFBOOT_NSC_SIZE > 0)    ? 1 : 0;
+
+    SPU_FLASHNSC_REGION(0) = ((WOLFBOOT_NSC_ADDRESS / SPU_FLASH_BLOCK_SIZE) &
+            SPU_FLASHNSC_REGION_MASK) | SPU_FLASHNSC_REGION_LOCK;
+    SPU_FLASHNSC_SIZE(0) = nsc_size_index | SPU_FLASHNSC_SIZE_LOCK;
+
+    /* Flash: non-secure application area */
+    start_region = WOLFBOOT_PARTITION_BOOT_ADDRESS / SPU_FLASH_BLOCK_SIZE;
+    end_region = (WOLFBOOT_PARTITION_BOOT_ADDRESS + WOLFBOOT_PARTITION_SIZE) / SPU_FLASH_BLOCK_SIZE;
+
+    for (region = start_region; region < end_region; region++) {
+        SPU_FLASHREGION_PERM(region) = (SPU_FLASHREGION_PERM(region) &
+                ~SPU_FLASHREGION_PERM_SECATTR) | SPU_FLASHREGION_PERM_LOCK;
+    }
+
+    /* RAM: non-secure application area */
+    start_region = 0x20000 / SPU_RAM_BLOCK_SIZE;
+    end_region = 0x24000 / SPU_RAM_BLOCK_SIZE;
+
+    for (region = start_region; region < end_region; region++) {
+        SPU_RAMREGION_PERM(region) = (SPU_RAMREGION_PERM(region) &
+                ~SPU_RAMREGION_PERM_SECATTR) | SPU_RAMREGION_PERM_LOCK;
+    }
+}
+#endif
+
 void uart_init(void)
 {
     /* nRF5340-DK: (P0.20 or P1.01)
@@ -220,8 +266,9 @@ int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len)
                       ((((uint32_t)data) + i) & 0x03) == 0)) {
             src = (uint32_t *)data;
             dst = (uint32_t *)address;
-            /* set both secure and non-secure registers */
+#if TZ_SECURE() || defined(TARGET_nrf5340_net)
             NVMC_CONFIG = NVMC_CONFIG_WEN;
+#endif
             NVMC_CONFIGNS = NVMC_CONFIG_WEN;
             while (NVMC_READY == 0);
             dst[i >> 2] = src[i >> 2];
@@ -234,8 +281,9 @@ int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len)
             dst = (uint32_t *)(address - off);
             val = dst[i >> 2];
             vbytes[off] = data[i];
-            /* set both secure and non-secure registers */
+#if TZ_SECURE() || defined(TARGET_nrf5340_net)
             NVMC_CONFIG = NVMC_CONFIG_WEN;
+#endif
             NVMC_CONFIGNS = NVMC_CONFIG_WEN;
             while (NVMC_READY == 0);
             dst[i >> 2] = val;
@@ -257,7 +305,9 @@ int RAMFUNCTION hal_flash_erase(uint32_t address, int len)
     address &= ~(FLASH_PAGE_SIZE-1);
     for (p = address; p <= end; p += FLASH_PAGE_SIZE) {
         /* set both secure and non-secure registers */
+#if TZ_SECURE() || defined(TARGET_nrf5340_net)
         NVMC_CONFIG = NVMC_CONFIG_EEN;
+#endif
         NVMC_CONFIGNS = NVMC_CONFIG_EEN;
         while (NVMC_READY == 0);
         *(volatile uint32_t *)p = 0xFFFFFFFF;
@@ -716,6 +766,10 @@ void hal_init(void)
 
     hal_net_check_version();
 #endif
+
+#ifdef TZEN
+    hal_spu_init();
+#endif
 }
 
 #ifdef __WOLFBOOT
@@ -733,8 +787,8 @@ int hal_flash_protect(uint32_t start, uint32_t len)
     if (start + len > FLASH_SIZE)
         len = FLASH_SIZE - start;
 
-    region = (start / SPU_BLOCK_SIZE);
-    n = (len / SPU_BLOCK_SIZE);
+    region = (start / SPU_FLASH_BLOCK_SIZE);
+    n = (len / SPU_FLASH_BLOCK_SIZE);
 
     for (i = 0; i < n; i++) {
         /* do not allow write to this region and lock till next reset */
@@ -749,6 +803,28 @@ int hal_flash_protect(uint32_t start, uint32_t len)
     return 0;
 }
 
+#ifdef TZEN
+static void periph_unsecure() {
+    /* Unsecure both GPIO ports */
+    SPU_PERIPHID_PERM(GPIO_PERIPHID) &= ~SPU_PERIPHID_PERM_SECATTR;
+    SPU_GPIOPORT_PERM(0) = 0;
+    SPU_GPIOPORT_PERM(1) = 0;
+
+    /* Assign LED2 GPIO pin to net core; cannot be done by app because MCUSEL
+     * is only accessible from secure code */
+    GPIO_PIN_CNF(0, 29) = (GPIO_CNF_OUT | GPIO_CNF_MCUSEL(1));
+
+    /* Unsecure UARTE0 */
+    SPU_PERIPHID_PERM(SERIAL0_PERIPHID) &= ~SPU_PERIPHID_PERM_SECATTR;
+
+    /* Unsecure NVMC */
+    SPU_PERIPHID_PERM(KMU_NVMC_PERIPHID) &= ~SPU_PERIPHID_PERM_SECATTR;
+
+    /* Unsecure RTC0 */
+    SPU_PERIPHID_PERM(RTC0_PERIPHID) &= ~SPU_PERIPHID_PERM_SECATTR;
+}
+#endif
+
 void hal_prepare_boot(void)
 {
     /* Write protect bootloader region of flash */
@@ -771,16 +847,28 @@ void hal_prepare_boot(void)
     #endif
 
     #if defined(TARGET_nrf5340_app) && defined(NRF_SYNC_CORES)
-        /* if core synchronization enabled,
-         * then wait for update_done or do_boot (5 seconds, 30 for update) */
+        /* If core synchronization enabled,
+         * then wait for update_done or do_boot (5 seconds, 30 for update).
+         * Longer wait in DEBUG mode because the net core boots much
+         * slower. */
         wolfBoot_printf("Waiting for network core...\n");
+#ifndef DEBUG
         (void)hal_shm_status_wait(&shm->core.net,
             (SHARED_STATUS_UPDATE_DONE | SHARED_STATUS_DO_BOOT),
             doUpdateNet ? 30*1000 : 5*1000);
+#else
+        (void)hal_shm_status_wait(&shm->core.net,
+            (SHARED_STATUS_UPDATE_DONE | SHARED_STATUS_DO_BOOT),
+            doUpdateNet ? 45*1000 : 20*1000);
+#endif
     #endif
     }
 
     hal_shm_cleanup();
+
+#ifdef TZEN
+    periph_unsecure();
+#endif
 }
 #endif /* __WOLFBOOT */