1 /*
2 * Copyright (c) 2018, Nordic Semiconductor ASA
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright notice, this
9 * list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * 3. Neither the name of the copyright holder nor the names of its
16 * contributors may be used to endorse or promote products derived from this
17 * software without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
23 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31
32 #ifndef NRF_SPU_H__
33 #define NRF_SPU_H__
34
35 #include <nrfx.h>
36
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40
41 /**
42 * @defgroup nrf_spu_hal SPU HAL
43 * @{
44 * @ingroup nrf_spu
45 * @brief Hardware access layer for managing the System Protection Unit (SPU) peripheral.
46 */
47
48 /** @brief SPU events. */
49 typedef enum
50 {
51 NRF_SPU_EVENT_RAMACCERR = offsetof(NRF_SPU_Type, EVENTS_RAMACCERR), ///< A security violation has been detected for the RAM memory space.
52 NRF_SPU_EVENT_FLASHACCERR = offsetof(NRF_SPU_Type, EVENTS_FLASHACCERR), ///< A security violation has been detected for the Flash memory space.
53 NRF_SPU_EVENT_PERIPHACCERR = offsetof(NRF_SPU_Type, EVENTS_PERIPHACCERR) ///< A security violation has been detected on one or several peripherals.
54 } nrf_spu_event_t;
55
56 /** @brief SPU interrupts. */
57 typedef enum
58 {
59 NRF_SPU_INT_RAMACCERR_MASK = SPU_INTENSET_RAMACCERR_Msk, ///< Interrupt on RAMACCERR event.
60 NRF_SPU_INT_FLASHACCERR_MASK = SPU_INTENSET_FLASHACCERR_Msk, ///< Interrupt on FLASHACCERR event.
61 NRF_SPU_INT_PERIPHACCERR_MASK = SPU_INTENSET_PERIPHACCERR_Msk ///< Interrupt on PERIPHACCERR event.
62 } nrf_spu_int_mask_t;
63
64 /** @brief SPU Non-Secure Callable (NSC) region size. */
65 typedef enum
66 {
67 NRF_SPU_NSC_SIZE_DISABLED = 0, ///< Not defined as a non-secure callable region.
68 NRF_SPU_NSC_SIZE_32B = 1, ///< Non-Secure Callable region with a 32-byte size
69 NRF_SPU_NSC_SIZE_64B = 2, ///< Non-Secure Callable region with a 64-byte size
70 NRF_SPU_NSC_SIZE_128B = 3, ///< Non-Secure Callable region with a 128-byte size
71 NRF_SPU_NSC_SIZE_256B = 4, ///< Non-Secure Callable region with a 256-byte size
72 NRF_SPU_NSC_SIZE_512B = 5, ///< Non-Secure Callable region with a 512-byte size
73 NRF_SPU_NSC_SIZE_1024B = 6, ///< Non-Secure Callable region with a 1024-byte size
74 NRF_SPU_NSC_SIZE_2048B = 7, ///< Non-Secure Callable region with a 2048-byte size
75 NRF_SPU_NSC_SIZE_4096B = 8 ///< Non-Secure Callable region with a 4096-byte size
76 } nrf_spu_nsc_size_t;
77
78 /** @brief SPU memory region permissions. */
79 typedef enum
80 {
81 NRF_SPU_MEM_PERM_EXECUTE = SPU_FLASHREGION_PERM_EXECUTE_Msk, ///< Allow code execution from particular memory region.
82 NRF_SPU_MEM_PERM_WRITE = SPU_FLASHREGION_PERM_WRITE_Msk, ///< Allow write operation on particular memory region.
83 NRF_SPU_MEM_PERM_READ = SPU_FLASHREGION_PERM_READ_Msk ///< Allow read operation from particular memory region.
84 } nrf_spu_mem_perm_t;
85
86 /**
87 * @brief Function for clearing a specific SPU event.
88 *
89 * @param[in] p_reg Pointer to the peripheral registers structure.
90 * @param[in] event Event to clear.
91 */
92 __STATIC_INLINE void nrf_spu_event_clear(NRF_SPU_Type * p_reg,
93 nrf_spu_event_t event);
94
95 /**
96 * @brief Function for checking the state of a specific SPU event.
97 *
98 * @param[in] p_reg Pointer to the peripheral registers structure.
99 * @param[in] event Event to check.
100 *
101 * @retval true If the event is set.
102 * @retval false If the event is not set.
103 */
104 __STATIC_INLINE bool nrf_spu_event_check(NRF_SPU_Type const * p_reg,
105 nrf_spu_event_t event);
106
107 /**
108 * @brief Function for enabling specified interrupts.
109 *
110 * @param[in] p_reg Pointer to the peripheral registers structure.
111 * @param[in] mask Interrupts to enable.
112 */
113 __STATIC_INLINE void nrf_spu_int_enable(NRF_SPU_Type * p_reg,
114 uint32_t mask);
115
116 /**
117 * @brief Function for disabling specified interrupts.
118 *
119 * @param[in] p_reg Pointer to the peripheral registers structure.
120 * @param[in] mask Interrupts to disable.
121 */
122 __STATIC_INLINE void nrf_spu_int_disable(NRF_SPU_Type * p_reg,
123 uint32_t mask);
124
125 /**
126 * @brief Function for retrieving the state of a given interrupt.
127 *
128 * @param[in] p_reg Pointer to the peripheral registers structure.
129 * @param[in] spu_int Interrupt to check.
130 *
131 * @retval true If the interrupt is enabled.
132 * @retval false If the interrupt is not enabled.
133 */
134 __STATIC_INLINE bool nrf_spu_int_enable_check(NRF_SPU_Type const * p_reg,
135 uint32_t spu_int);
136
137 /**
138 * @brief Function for setting up publication configuration of a given SPU event.
139 *
140 * @param[in] p_reg Pointer to the peripheral registers structure.
141 * @param[in] event Event to configure.
142 * @param[in] channel Channel to connect with published event.
143 */
144 __STATIC_INLINE void nrf_spu_publish_set(NRF_SPU_Type * p_reg,
145 nrf_spu_event_t event,
146 uint32_t channel);
147
148 /**
149 * @brief Function for clearing publication configuration of a given SPU event.
150 *
151 * @param[in] p_reg Pointer to the peripheral registers structure.
152 * @param[in] event Event to clear.
153 */
154 __STATIC_INLINE void nrf_spu_publish_clear(NRF_SPU_Type * p_reg,
155 nrf_spu_event_t event);
156
157 /**
158 * @brief Function for retrieving the capabilities of the current device.
159 *
160 * @param[in] p_reg Pointer to the peripheral registers structure.
161 *
162 * @retval true If ARM TrustZone support is available.
163 * @retval false If ARM TrustZone support is not available.
164 */
165 __STATIC_INLINE bool nrf_spu_tz_is_available(NRF_SPU_Type const * p_reg);
166
167 /**
168 * @brief Function for configuring the DPPI channels to be available in particular domains.
169 *
170 * Channels are configured as bitmask. Set one in bitmask to make channels available only in secure
171 * domain. Set zero to make it available in secure and non-secure domains.
172 *
173 * @param[in] p_reg Pointer to the peripheral registers structure.
174 * @param[in] dppi_id DPPI peripheral id.
175 * @param[in] channels_mask Bitmask with channels configuration.
176 * @param[in] lock_conf Lock configuration until next SoC reset.
177 */
178 __STATIC_INLINE void nrf_spu_dppi_config_set(NRF_SPU_Type * p_reg,
179 uint8_t dppi_id,
180 uint32_t channels_mask,
181 bool lock_conf);
182
183 /**
184 * @brief Function for configuring the GPIO pins to be available in particular domains.
185 *
186 * GPIO pins are configured as bitmask. Set one in bitmask to make particular pin available only
187 * in secure domain. Set zero to make it available in secure and non-secure domains.
188 *
189 * @param[in] p_reg Pointer to the peripheral registers structure.
190 * @param[in] gpio_port Port number.
191 * @param[in] gpio_mask Bitmask with gpio configuration.
192 * @param[in] lock_conf Lock configuration until next SoC reset.
193 */
194 __STATIC_INLINE void nrf_spu_gpio_config_set(NRF_SPU_Type * p_reg,
195 uint8_t gpio_port,
196 uint32_t gpio_mask,
197 bool lock_conf);
198
199 /**
200 * @brief Function for configuring non-secure callable flash region.
201 *
202 * @param[in] p_reg Pointer to the peripheral registers structure.
203 * @param[in] flash_nsc_id Non-secure callable flash region ID.
204 * @param[in] flash_nsc_size Non-secure callable flash region size.
205 * @param[in] region_number Flash region number.
206 * @param[in] lock_conf Lock configuration until next SoC reset.
207 */
208 __STATIC_INLINE void nrf_spu_flashnsc_set(NRF_SPU_Type * p_reg,
209 uint8_t flash_nsc_id,
210 nrf_spu_nsc_size_t flash_nsc_size,
211 uint8_t region_number,
212 bool lock_conf);
213
214 /**
215 * @brief Function for configuring non-secure callable RAM region.
216 *
217 * @param[in] p_reg Pointer to the peripheral registers structure.
218 * @param[in] ram_nsc_id Non-secure callable RAM region ID.
219 * @param[in] ram_nsc_size Non-secure callable RAM region size.
220 * @param[in] region_number RAM region number.
221 * @param[in] lock_conf Lock configuration until next SoC reset.
222 */
223 __STATIC_INLINE void nrf_spu_ramnsc_set(NRF_SPU_Type * p_reg,
224 uint8_t ram_nsc_id,
225 nrf_spu_nsc_size_t ram_nsc_size,
226 uint8_t region_number,
227 bool lock_conf);
228
229 /**
230 * @brief Function for configuring security for a particular flash region.
231 *
232 * Permissions parameter must be set by using the logical OR on the @ref nrf_spu_mem_perm_t values.
233 *
234 * @param[in] p_reg Pointer to the peripheral registers structure.
235 * @param[in] region_id Flash region index.
236 * @param[in] secure_attr Set region attribute to secure.
237 * @param[in] permissions Flash region permissions.
238 * @param[in] lock_conf Lock configuration until next SoC reset.
239 */
240 __STATIC_INLINE void nrf_spu_flashregion_set(NRF_SPU_Type * p_reg,
241 uint8_t region_id,
242 bool secure_attr,
243 uint32_t permissions,
244 bool lock_conf);
245
246 /**
247 * @brief Function for configuring security for the RAM region.
248 *
249 * Permissions parameter must be set by using the logical OR on the @ref nrf_spu_mem_perm_t values.
250 *
251 * @param[in] p_reg Pointer to the peripheral registers structure.
252 * @param[in] region_id RAM region index.
253 * @param[in] secure_attr Set region attribute to secure.
254 * @param[in] permissions RAM region permissions.
255 * @param[in] lock_conf Lock configuration until next SoC reset.
256 */
257 __STATIC_INLINE void nrf_spu_ramregion_set(NRF_SPU_Type * p_reg,
258 uint8_t region_id,
259 bool secure_attr,
260 uint32_t permissions,
261 bool lock_conf);
262
263 /**
264 * @brief Function for configuring access permissions of the peripheral.
265 *
266 * @param[in] p_reg Pointer to the peripheral registers structure.
267 * @param[in] peripheral_id ID number of a particular peripheral.
268 * @param[in] secure_attr Peripheral registers accessible only from secure domain.
269 * @param[in] secure_dma DMA transfers possible only from RAM memory in secure domain.
270 * @param[in] lock_conf Lock configuration until next SoC reset.
271 */
272 __STATIC_INLINE void nrf_spu_peripheral_set(NRF_SPU_Type * p_reg,
273 uint32_t peripheral_id,
274 bool secure_attr,
275 bool secure_dma,
276 bool lock_conf);
277
278
279 #ifndef SUPPRESS_INLINE_IMPLEMENTATION
280
nrf_spu_event_clear(NRF_SPU_Type * p_reg,nrf_spu_event_t event)281 __STATIC_INLINE void nrf_spu_event_clear(NRF_SPU_Type * p_reg,
282 nrf_spu_event_t event)
283 {
284 *((volatile uint32_t *)((uint8_t *)p_reg + (uint32_t)event)) = 0x0UL;
285 volatile uint32_t dummy = *((volatile uint32_t *)((uint8_t *)p_reg + (uint32_t)event));
286 (void)dummy;
287 }
288
nrf_spu_event_check(NRF_SPU_Type const * p_reg,nrf_spu_event_t event)289 __STATIC_INLINE bool nrf_spu_event_check(NRF_SPU_Type const * p_reg,
290 nrf_spu_event_t event)
291 {
292 return (bool)*(volatile uint32_t *)((uint8_t *)p_reg + (uint32_t)event);
293 }
294
nrf_spu_int_enable(NRF_SPU_Type * p_reg,uint32_t mask)295 __STATIC_INLINE void nrf_spu_int_enable(NRF_SPU_Type * p_reg,
296 uint32_t mask)
297 {
298 p_reg->INTENSET = mask;
299 }
300
nrf_spu_int_disable(NRF_SPU_Type * p_reg,uint32_t mask)301 __STATIC_INLINE void nrf_spu_int_disable(NRF_SPU_Type * p_reg,
302 uint32_t mask)
303 {
304 p_reg->INTENCLR = mask;
305 }
306
nrf_spu_int_enable_check(NRF_SPU_Type const * p_reg,uint32_t spu_int)307 __STATIC_INLINE bool nrf_spu_int_enable_check(NRF_SPU_Type const * p_reg,
308 uint32_t spu_int)
309 {
310 return (bool)(p_reg->INTENSET & spu_int);
311 }
312
nrf_spu_publish_set(NRF_SPU_Type * p_reg,nrf_spu_event_t event,uint32_t channel)313 __STATIC_INLINE void nrf_spu_publish_set(NRF_SPU_Type * p_reg,
314 nrf_spu_event_t event,
315 uint32_t channel)
316 {
317 *((volatile uint32_t *) ((uint8_t *) p_reg + (uint32_t) event + 0x80uL)) =
318 (channel | (SPU_PUBLISH_RAMACCERR_EN_Msk));
319 }
320
nrf_spu_publish_clear(NRF_SPU_Type * p_reg,nrf_spu_event_t event)321 __STATIC_INLINE void nrf_spu_publish_clear(NRF_SPU_Type * p_reg,
322 nrf_spu_event_t event)
323 {
324 *((volatile uint32_t *) ((uint8_t *) p_reg + (uint32_t) event + 0x80uL)) = 0;
325 }
326
nrf_spu_tz_is_available(NRF_SPU_Type const * p_reg)327 __STATIC_INLINE bool nrf_spu_tz_is_available(NRF_SPU_Type const * p_reg)
328 {
329 return (p_reg->CAP & SPU_CAP_TZM_Msk ? true : false);
330 }
331
nrf_spu_dppi_config_set(NRF_SPU_Type * p_reg,uint8_t dppi_id,uint32_t channels_mask,bool lock_conf)332 __STATIC_INLINE void nrf_spu_dppi_config_set(NRF_SPU_Type * p_reg,
333 uint8_t dppi_id,
334 uint32_t channels_mask,
335 bool lock_conf)
336 {
337 NRFX_ASSERT(!(p_reg->DPPI[dppi_id].LOCK & SPU_DPPI_LOCK_LOCK_Msk));
338
339 p_reg->DPPI[dppi_id].PERM = channels_mask;
340
341 if (lock_conf)
342 {
343 p_reg->DPPI[dppi_id].LOCK = (SPU_DPPI_LOCK_LOCK_Msk);
344 }
345 }
346
nrf_spu_gpio_config_set(NRF_SPU_Type * p_reg,uint8_t gpio_port,uint32_t gpio_mask,bool lock_conf)347 __STATIC_INLINE void nrf_spu_gpio_config_set(NRF_SPU_Type * p_reg,
348 uint8_t gpio_port,
349 uint32_t gpio_mask,
350 bool lock_conf)
351 {
352 NRFX_ASSERT(!(p_reg->GPIOPORT[gpio_port].LOCK & SPU_GPIOPORT_LOCK_LOCK_Msk));
353
354 p_reg->GPIOPORT[gpio_port].PERM = gpio_mask;
355
356 if (lock_conf)
357 {
358 p_reg->GPIOPORT[gpio_port].LOCK = (SPU_GPIOPORT_LOCK_LOCK_Msk);
359 }
360 }
361
nrf_spu_flashnsc_set(NRF_SPU_Type * p_reg,uint8_t flash_nsc_id,nrf_spu_nsc_size_t flash_nsc_size,uint8_t region_number,bool lock_conf)362 __STATIC_INLINE void nrf_spu_flashnsc_set(NRF_SPU_Type * p_reg,
363 uint8_t flash_nsc_id,
364 nrf_spu_nsc_size_t flash_nsc_size,
365 uint8_t region_number,
366 bool lock_conf)
367 {
368 NRFX_ASSERT(!(p_reg->FLASHNSC[flash_nsc_id].REGION & SPU_FLASHNSC_REGION_LOCK_Msk));
369 NRFX_ASSERT(!(p_reg->FLASHNSC[flash_nsc_id].SIZE & SPU_FLASHNSC_SIZE_LOCK_Msk));
370
371 p_reg->FLASHNSC[flash_nsc_id].REGION = (uint32_t)region_number |
372 (lock_conf ? SPU_FLASHNSC_REGION_LOCK_Msk : 0);
373 p_reg->FLASHNSC[flash_nsc_id].SIZE = (uint32_t)flash_nsc_size |
374 (lock_conf ? SPU_FLASHNSC_SIZE_LOCK_Msk : 0);
375 }
376
nrf_spu_ramnsc_set(NRF_SPU_Type * p_reg,uint8_t ram_nsc_id,nrf_spu_nsc_size_t ram_nsc_size,uint8_t region_number,bool lock_conf)377 __STATIC_INLINE void nrf_spu_ramnsc_set(NRF_SPU_Type * p_reg,
378 uint8_t ram_nsc_id,
379 nrf_spu_nsc_size_t ram_nsc_size,
380 uint8_t region_number,
381 bool lock_conf)
382 {
383 NRFX_ASSERT(!(p_reg->RAMNSC[ram_nsc_id].REGION & SPU_RAMNSC_REGION_LOCK_Msk));
384 NRFX_ASSERT(!(p_reg->RAMNSC[ram_nsc_id].SIZE & SPU_RAMNSC_SIZE_LOCK_Msk));
385
386 p_reg->RAMNSC[ram_nsc_id].REGION = (uint32_t)region_number |
387 (lock_conf ? SPU_RAMNSC_REGION_LOCK_Msk : 0);
388 p_reg->RAMNSC[ram_nsc_id].SIZE = (uint32_t)ram_nsc_size |
389 (lock_conf ? SPU_RAMNSC_SIZE_LOCK_Msk : 0);
390 }
391
nrf_spu_flashregion_set(NRF_SPU_Type * p_reg,uint8_t region_id,bool secure_attr,uint32_t permissions,bool lock_conf)392 __STATIC_INLINE void nrf_spu_flashregion_set(NRF_SPU_Type * p_reg,
393 uint8_t region_id,
394 bool secure_attr,
395 uint32_t permissions,
396 bool lock_conf)
397 {
398 NRFX_ASSERT(!(p_reg->FLASHREGION[region_id].PERM & SPU_FLASHREGION_PERM_LOCK_Msk));
399
400 p_reg->FLASHREGION[region_id].PERM = permissions |
401 (secure_attr ? SPU_FLASHREGION_PERM_SECATTR_Msk : 0) |
402 (lock_conf ? SPU_FLASHREGION_PERM_LOCK_Msk : 0);
403 }
404
nrf_spu_ramregion_set(NRF_SPU_Type * p_reg,uint8_t region_id,bool secure_attr,uint32_t permissions,bool lock_conf)405 __STATIC_INLINE void nrf_spu_ramregion_set(NRF_SPU_Type * p_reg,
406 uint8_t region_id,
407 bool secure_attr,
408 uint32_t permissions,
409 bool lock_conf)
410 {
411 NRFX_ASSERT(!(p_reg->RAMREGION[region_id].PERM & SPU_RAMREGION_PERM_LOCK_Msk));
412
413 p_reg->RAMREGION[region_id].PERM = permissions |
414 (secure_attr ? SPU_RAMREGION_PERM_SECATTR_Msk : 0) |
415 (lock_conf ? SPU_RAMREGION_PERM_LOCK_Msk : 0);
416 }
417
nrf_spu_peripheral_set(NRF_SPU_Type * p_reg,uint32_t peripheral_id,bool secure_attr,bool secure_dma,bool lock_conf)418 __STATIC_INLINE void nrf_spu_peripheral_set(NRF_SPU_Type * p_reg,
419 uint32_t peripheral_id,
420 bool secure_attr,
421 bool secure_dma,
422 bool lock_conf)
423 {
424 NRFX_ASSERT(p_reg->PERIPHID[peripheral_id].PERM & SPU_PERIPHID_PERM_PRESENT_Msk);
425 NRFX_ASSERT(!(p_reg->PERIPHID[peripheral_id].PERM & SPU_PERIPHID_PERM_LOCK_Msk));
426
427 p_reg->PERIPHID[peripheral_id].PERM =
428 (secure_attr ? SPU_PERIPHID_PERM_SECATTR_Msk : 0) |
429 (secure_dma ? SPU_PERIPHID_PERM_DMASEC_Msk : 0) |
430 (lock_conf ? SPU_PERIPHID_PERM_LOCK_Msk : 0);
431 }
432
433 #endif // SUPPRESS_INLINE_IMPLEMENTATION
434
435 /** @} */
436
437 #ifdef __cplusplus
438 }
439 #endif
440
441 #endif // NRF_SPU_H__
442