Contiki-NG
Loading...
Searching...
No Matches
spu.h
1/*
2 * Copyright (c) 2020 Nordic Semiconductor ASA. All rights reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/* This file has been modified for use in the Contiki-NG operating system. */
18
19#ifndef __SPU_H__
20#define __SPU_H__
21
22#include <stddef.h>
23#include <stdint.h>
24#include <stdbool.h>
25
26#include <hal/nrf_spu.h>
27
28
29/**
30 * \brief SPU interrupt enabling
31 *
32 * Enable security violations outside the Cortex-M33
33 * to trigger SPU interrupts.
34 */
35void spu_enable_interrupts(void);
36
37/**
38 * \brief SPU event clearing
39 *
40 * Clear SPU event registers
41 */
42void spu_clear_events(void);
43
44/**
45 * \brief Reset all memory regions to being Secure
46 *
47 * Reset all (Flash or SRAM) memory regions to being Secure
48 * and have default (i.e. Read-Write-Execute allow) access policy
49 *
50 * \note region lock is not applied to allow modifying the configuration.
51 */
52void spu_regions_reset_all_secure(void);
53
54/**
55 * \brief Configure Flash memory regions as Non-Secure
56 *
57 * Configure a range of Flash memory regions as Non-Secure
58 *
59 * \note region lock is applied to prevent further modification during
60 * the current reset cycle.
61 */
62void spu_regions_flash_config_non_secure( uint32_t start_addr, uint32_t limit_addr);
63
64/**
65 * \brief Configure SRAM memory regions as Non-Secure
66 *
67 * Configure a range of SRAM memory regions as Non-Secure
68 *
69 * \note region lock is applied to prevent further modification during
70 * the current reset cycle.
71 */
72void spu_regions_sram_config_non_secure( uint32_t start_addr, uint32_t limit_addr);
73
74/**
75 * \brief Configure Non-Secure Callable area
76 *
77 * Configure a single region in Secure Flash as Non-Secure Callable
78 * (NSC) area.
79 *
80 * \note Any Secure Entry functions, exposing secure services to the
81 * Non-Secure firmware, shall be located inside this NSC area.
82 *
83 * If the start address of the NSC area is hard-coded, it must follow
84 * the HW restrictions: The size must be a power of 2 between 32 and
85 * 4096, and the end address must fall on a SPU region boundary.
86 *
87 * \note region lock is applied to prevent further modification during
88 * the current reset cycle.
89 */
90void spu_regions_flash_config_non_secure_callable(uint32_t start_addr, uint32_t limit_addr);
91
92/**
93 * \brief Restrict access to peripheral to secure
94 *
95 * Configure a device peripheral to be accessible from Secure domain only.
96 *
97 * \param periph_base_addr peripheral base address
98 * (must correspond to a valid peripheral ID)
99 * \param periph_lock Variable indicating whether to lock peripheral security
100 *
101 * \note
102 * - peripheral shall not be a Non-Secure only peripheral
103 * - DMA transactions are configured as Secure
104 */
105void spu_peripheral_config_secure(uint32_t periph_base_addr, bool periph_lock);
106
107/**
108 * Configure a device peripheral to be accessible from Non-Secure domain.
109 *
110 * \param periph_base_addr peripheral base address
111 * (must correspond to a valid peripheral ID)
112 * \param periph_lock Variable indicating whether to lock peripheral security
113 *
114 * \note
115 * - peripheral shall not be a Secure-only peripheral
116 * - DMA transactions are configured as Non-Secure
117 */
118void spu_peripheral_config_non_secure(uint32_t periph_base_addr, bool periph_lock);
119
120/**
121 * Configure DPPI channels to be accessible from Non-Secure domain.
122 *
123 * \param dppi_lock Variable indicating whether to lock DPPI channel security
124 *
125 * \note all channels are configured as Non-Secure
126 */
127static inline void spu_dppi_config_non_secure(bool dppi_lock)
128{
129 nrf_spu_dppi_config_set(NRF_SPU, 0, 0x0, dppi_lock);
130}
131
132/**
133 * Configure GPIO pins to be accessible from Non-Secure domain.
134 *
135 * \param port_number GPIO Port number
136 * \param gpio_lock Variable indicating whether to lock GPIO port security
137 *
138 * \note all pins are configured as Non-Secure
139 */
140static inline void spu_gpio_config_non_secure(uint8_t port_number,
141 bool gpio_lock)
142{
143 nrf_spu_gpio_config_set(NRF_SPU, port_number, 0x0, gpio_lock);
144}
145
146/**
147 * \brief Return base address of a Flash SPU regions
148 *
149 * Get the base (lowest) address of a particular Flash SPU region
150 *
151 * \param region_id Valid flash SPU region ID
152 *
153 * \return the base address of the given flash SPU region
154 */
155uint32_t spu_regions_flash_get_base_address_in_region(uint32_t region_id);
156
157/**
158 * \brief Return last address of a Flash SPU regions
159 *
160 * Get the last (highest) address of a particular Flash SPU region
161 *
162 * \param region_id Valid flash SPU region ID
163 *
164 * \return the last address of the given flash SPU region
165 */
166uint32_t spu_regions_flash_get_last_address_in_region(uint32_t region_id);
167
168/**
169 * \brief Return the ID of the first Flash SPU region
170 *
171 * \return the first Flash region ID
172 */
173uint32_t spu_regions_flash_get_start_id(void);
174
175/**
176 * \brief Return the ID of the last Flash SPU region
177 *
178 * \return the last Flash region ID
179 */
180uint32_t spu_regions_flash_get_last_id(void);
181
182/**
183 * \brief Return the size of Flash SPU regions
184 *
185 * \return the size of Flash SPU regions
186 */
187uint32_t spu_regions_flash_get_region_size(void);
188
189/**
190 * \brief Return base address of a SRAM SPU regions
191 *
192 * Get the base (lowest) address of a particular SRAM SPU region
193 *
194 * \param region_id Valid SRAM SPU region ID
195 *
196 * \return the base address of the given SRAM SPU region
197 */
198uint32_t spu_regions_sram_get_base_address_in_region(uint32_t region_id);
199
200/**
201 * \brief Return last address of a SRAM SPU regions
202 *
203 * Get the last (highest) address of a particular SRAM SPU region
204 *
205 * \param region_id Valid SRAM SPU region ID
206 *
207 * \return the last address of the given SRAM SPU region
208 */
209uint32_t spu_regions_sram_get_last_address_in_region(uint32_t region_id);
210
211/**
212 * \brief Return the ID of the first SRAM SPU region
213 *
214 * \return the first SRAM region ID
215 */
216uint32_t spu_regions_sram_get_start_id(void);
217
218/**
219 * \brief Return the ID of the last SRAM SPU region
220 *
221 * \return the last SRAM region ID
222 */
223uint32_t spu_regions_sram_get_last_id(void);
224
225/**
226 * \brief Return the size of SRAM SPU regions
227 *
228 * \return the size of SRAM SPU regions
229 */
230uint32_t spu_regions_sram_get_region_size(void);
231
232#endif