9 #include "tfm_spm_hal.h"
10 #include "region_defs.h"
12 #include "tfm_hal_isolation.h"
19 #error TFM_LVL is not defined!
23 #define MEM_CHECK_MPU_READWRITE (1 << 0x0)
24 #define MEM_CHECK_AU_NONSECURE (1 << 0x1)
25 #define MEM_CHECK_MPU_UNPRIV (1 << 0x2)
26 #define MEM_CHECK_MPU_READ (1 << 0x3)
27 #define MEM_CHECK_MPU_NONSECURE (1 << 0x4)
28 #define MEM_CHECK_NONSECURE (MEM_CHECK_AU_NONSECURE | \
29 MEM_CHECK_MPU_NONSECURE)
44 static enum tfm_status_e check_address_range(
const void *p,
size_t s,
45 uintptr_t region_start,
46 uintptr_t region_limit)
48 int32_t range_in_region;
51 if ((uintptr_t)p > UINTPTR_MAX - s) {
58 range_in_region = ((uintptr_t)p >= region_start) &&
59 ((uintptr_t)((
char *) p + s - 1) <= region_limit);
60 if (range_in_region) {
72 if (check_address_range(p, s, NS_DATA_START,
78 if (check_address_range(p, s, NS_CODE_START,
84 if (check_address_range(p, s, S_DATA_START, S_DATA_LIMIT) ==
TFM_SUCCESS) {
89 if (check_address_range(p, s, S_CODE_START, S_CODE_LIMIT) ==
TFM_SUCCESS) {
115 if (check_address_range(p, s, S_DATA_START, S_DATA_LIMIT) ==
TFM_SUCCESS) {
120 p_attr->
is_xn =
true;
124 if (check_address_range(p, s, S_CODE_START, S_CODE_LIMIT) ==
TFM_SUCCESS) {
129 p_attr->
is_xn =
false;
135 uintptr_t base, limit;
141 base = (uintptr_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE, $$RO$$Base);
142 limit = (uintptr_t)®ION_NAME(Image$$, TFM_UNPRIV_CODE, $$RO$$Limit) - 1;
143 if (check_address_range(p, s, base, limit) ==
TFM_SUCCESS) {
148 p_attr->
is_xn =
false;
153 base = (uintptr_t)®ION_NAME(Image$$, TFM_UNPRIV_DATA, $$RW$$Base);
154 limit = (uintptr_t)®ION_NAME(Image$$, TFM_UNPRIV_DATA, $$ZI$$Limit) - 1;
155 if (check_address_range(p, s, base, limit) ==
TFM_SUCCESS) {
160 p_attr->
is_xn =
true;
165 base = (uintptr_t)®ION_NAME(Image$$, TFM_APP_CODE_START, $$Base);
166 limit = (uintptr_t)®ION_NAME(Image$$, TFM_APP_CODE_END, $$Base) - 1;
167 if (check_address_range(p, s, base, limit) ==
TFM_SUCCESS) {
172 p_attr->
is_xn =
false;
177 base = (uintptr_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_START, $$Base);
178 limit = (uintptr_t)®ION_NAME(Image$$, TFM_APP_RW_STACK_END, $$Base) - 1;
179 if (check_address_range(p, s, base, limit) ==
TFM_SUCCESS) {
184 p_attr->
is_xn =
true;
192 base = (uintptr_t)S_DATA_START;
193 limit = (uintptr_t)S_DATA_LIMIT;
194 if (check_address_range(p, s, base, limit) ==
TFM_SUCCESS) {
199 p_attr->
is_xn =
true;
203 base = (uintptr_t)S_CODE_START;
204 limit = (uintptr_t)S_CODE_LIMIT;
205 if (check_address_range(p, s, base, limit) ==
TFM_SUCCESS) {
210 p_attr->
is_xn =
false;
216 #error "Cannot support current TF-M isolation level"
226 if (check_address_range(p, s, NS_DATA_START,
232 p_attr->
is_xn =
true;
236 if (check_address_range(p, s, NS_CODE_START,
242 p_attr->
is_xn =
false;
273 p_attr->
is_xn =
true;
361 if ((flags & MEM_CHECK_MPU_READWRITE) &&
367 if ((flags & MEM_CHECK_MPU_READ) &&
416 return ns_mem_attr_check(attr, flags);
419 return secure_mem_attr_check(attr, flags);
432 if ((uintptr_t)p > (UINTPTR_MAX - s)) {
441 if (attr & TFM_HAL_ACCESS_UNPRIVILEGED) {
445 if (attr & TFM_HAL_ACCESS_NS) {
449 if ((attr & TFM_HAL_ACCESS_WRITABLE) && (attr & TFM_HAL_ACCESS_READABLE)) {
451 }
else if (attr & TFM_HAL_ACCESS_READABLE) {
454 return TFM_HAL_ERROR_INVALID_INPUT;
457 security_attr_init(&security_attr);
460 tfm_spm_hal_get_mem_security_attr(p, s, &security_attr);
462 if (security_attr_check(security_attr, flags) !=
TFM_SUCCESS) {
466 mem_attr_init(&mem_attr);
470 tfm_spm_hal_get_secure_access_attr(p, s, &mem_attr);
480 tfm_spm_hal_get_ns_access_attr(p, s, &mem_attr);
483 return (int32_t)mem_attr_check(mem_attr, flags);
void tfm_get_secure_mem_region_attr(const void *p, size_t s, struct mem_attr_info_t *p_attr)
Retrieve general secure memory protection configuration information of the target memory region accor...
void tfm_get_mem_region_security_attr(const void *p, size_t s, struct security_attr_info_t *p_attr)
Retrieve general security isolation configuration information of the target memory region according t...
#define MEM_CHECK_NONSECURE
int32_t tfm_has_access_to_region(const void *p, size_t s, uint32_t attr)
Check whether a memory access is allowed to access to a memory range.
REGION_DECLARE(Image $$, ARM_LIB_STACK_MSP,$$ZI $$Base)
void tfm_core_panic(void)
void tfm_get_ns_mem_region_attr(const void *p, size_t s, struct mem_attr_info_t *p_attr)
Retrieve general non-secure memory protection configuration information of the target memory region a...
#define MEM_CHECK_MPU_UNPRIV
#define MEM_CHECK_MPU_READWRITE
#define MEM_CHECK_MPU_READ