Browse Source

move TZ functions and add NSACR write

pull/30/head
Andrea Barisani 3 weeks ago
parent
commit
60c33cfb0e
  1. 28
      arm/arm.go
  2. 9
      arm/arm.s
  3. 55
      arm/tz.go
  4. 26
      arm/tz.s

28
arm/arm.go

@ -17,12 +17,6 @@
// https://github.com/f-secure-foundry/tamago.
package arm
import (
"runtime"
"github.com/f-secure-foundry/tamago/internal/reg"
)
// ARM processor modes
// Table B1-1 ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition
const (
@ -60,7 +54,6 @@ type CPU struct {
// defined in arm.s
func read_cpsr() uint32
func read_scr() uint32
// Init performs initialization of an ARM core instance.
func (cpu *CPU) Init() {
@ -98,24 +91,3 @@ func ModeName(mode int) string {
return "Unknown"
}
// NonSecure returns whether the processor security mode is non-secure (e.g.
// TrustZone Normal World.
func (cpu *CPU) NonSecure() bool {
ramStart, _ := runtime.MemRegion()
vecTable := ramStart + vecTableOffset + 8*4
undefinedHandler := reg.Read(vecTable + UNDEFINED)
// NonSecure World cannot read the NS bit, the only way to infer it
// status is to trap the exception while attempting to read it.
reg.Write(vecTable+UNDEFINED, vector(nullHandler))
defer reg.Write(vecTable+UNDEFINED, undefinedHandler)
return read_scr()&1 == 1
}
// Secure returns whether the processor security mode is secure (e.g. TrustZone
// Secure World).
func (cpu *CPU) Secure() bool {
return !cpu.NonSecure()
}

9
arm/arm.s

@ -15,12 +15,3 @@ TEXT ·read_cpsr(SB),$0-4
MOVW R0, ret+0(FP)
RET
// func read_scr() uint32
TEXT ·read_scr(SB),$0-4
// ARM Architecture Reference Manual - ARMv7-A and ARMv7-R edition
// B4.1.129 SCR, Secure Configuration Register, Security Extensions
MRC 15, 0, R0, C1, C1, 0
MOVW R0, ret+0(FP)
RET

55
arm/tz.go

@ -0,0 +1,55 @@
// ARM processor support
// https://github.com/f-secure-foundry/tamago
//
// Copyright (c) F-Secure Corporation
// https://foundry.f-secure.com
//
// Use of this source code is governed by the license
// that can be found in the LICENSE file.
package arm
import (
"runtime"
"github.com/f-secure-foundry/tamago/internal/reg"
)
// defined in tz.s
func read_scr() uint32
func write_nsacr(uint32)
// NonSecure returns whether the processor security mode is non-secure (e.g.
// TrustZone Normal World.
func (cpu *CPU) NonSecure() bool {
if !cpu.security {
return false
}
ramStart, _ := runtime.MemRegion()
vecTable := ramStart + vecTableOffset + 8*4
undefinedHandler := reg.Read(vecTable + UNDEFINED)
// NonSecure World cannot read the NS bit, the only way to infer it
// status is to trap the exception while attempting to read it.
reg.Write(vecTable+UNDEFINED, vector(nullHandler))
defer reg.Write(vecTable+UNDEFINED, undefinedHandler)
return read_scr()&1 == 1
}
// Secure returns whether the processor security mode is secure (e.g. TrustZone
// Secure World).
func (cpu *CPU) Secure() bool {
return !cpu.NonSecure()
}
// NonSecureAccessControl sets the NSACR register value, which defines the
// Non-Secure access permissions to coprocessors.
func (cpu *CPU) NonSecureAccessControl(nsacr uint32) {
if !cpu.security {
return
}
write_nsacr(nsacr)
}

26
arm/tz.s

@ -0,0 +1,26 @@
// ARM processor support
// https://github.com/f-secure-foundry/tamago
//
// Copyright (c) F-Secure Corporation
// https://foundry.f-secure.com
//
// Use of this source code is governed by the license
// that can be found in the LICENSE file.
// func read_scr() uint32
TEXT ·read_scr(SB),$0-4
// ARM Architecture Reference Manual - ARMv7-A and ARMv7-R edition
// B4.1.129 SCR, Secure Configuration Register, Security Extensions
MRC 15, 0, R0, C1, C1, 0
MOVW R0, ret+0(FP)
RET
// func write_nsacr(scr uint32)
TEXT ·write_nsacr(SB),$0-4
// ARM Architecture Reference Manual - ARMv7-A and ARMv7-R edition
// B4.1.111 NSACR, Non-Secure Access Control Register, Security Extensions
MOVW scr+0(FP), R0
MCR 15, 0, R0, C1, C1, 2
RET
Loading…
Cancel
Save