From c9d40366ad55ea3a83f2ff438aab1e62da653169 Mon Sep 17 00:00:00 2001 From: Tarek BOCHKATI Date: Thu, 12 Nov 2020 17:19:40 +0100 Subject: [PATCH] flash/stm32l4x: STM32L5 support programming when TZEN=1 and RDP=0xAA STM32L5 flash memory is aliased to 0x0C000000, this address mapping is used for secure applications. (0x08000000 for non-secure) this change allows the programming of secure and non-secure flash when trustzone is enabled and RDP level is 0 Change-Id: I89d1f1b5d493cf01a142ca4dbfef5a3731cab96e Signed-off-by: Tarek BOCHKATI Reviewed-on: https://review.openocd.org/c/openocd/+/5936 Tested-by: jenkins Reviewed-by: Antonio Borneo Reviewed-by: Oleksij Rempel --- src/flash/nor/stm32l4x.c | 141 +++++++++++++++++++++++++++++++++++++-- src/flash/nor/stm32l4x.h | 8 +++ tcl/target/stm32l5x.cfg | 89 ++++++++++++++++++++---- 3 files changed, 220 insertions(+), 18 deletions(-) diff --git a/src/flash/nor/stm32l4x.c b/src/flash/nor/stm32l4x.c index 06d4ac1ea..db8d5e78d 100644 --- a/src/flash/nor/stm32l4x.c +++ b/src/flash/nor/stm32l4x.c @@ -127,6 +127,8 @@ #define F_USE_ALL_WRPXX BIT(1) /* this flag indicates if the device embeds a TrustZone security feature */ #define F_HAS_TZ BIT(2) +/* this flag indicates if the device has the same flash registers as STM32L5 */ +#define F_HAS_L5_FLASH_REGS BIT(3) /* end of STM32L4 flags ******************************************************/ @@ -166,10 +168,23 @@ static const uint32_t stm32l4_flash_regs[STM32_FLASH_REG_INDEX_NUM] = { static const uint32_t stm32l5_ns_flash_regs[STM32_FLASH_REG_INDEX_NUM] = { [STM32_FLASH_ACR_INDEX] = 0x000, - [STM32_FLASH_KEYR_INDEX] = 0x008, + [STM32_FLASH_KEYR_INDEX] = 0x008, /* NSKEYR */ [STM32_FLASH_OPTKEYR_INDEX] = 0x010, - [STM32_FLASH_SR_INDEX] = 0x020, - [STM32_FLASH_CR_INDEX] = 0x028, + [STM32_FLASH_SR_INDEX] = 0x020, /* NSSR */ + [STM32_FLASH_CR_INDEX] = 0x028, /* NSCR */ + [STM32_FLASH_OPTR_INDEX] = 0x040, + [STM32_FLASH_WRP1AR_INDEX] = 0x058, + [STM32_FLASH_WRP1BR_INDEX] = 0x05C, + [STM32_FLASH_WRP2AR_INDEX] = 0x068, + [STM32_FLASH_WRP2BR_INDEX] = 0x06C, +}; + +static const uint32_t stm32l5_s_flash_regs[STM32_FLASH_REG_INDEX_NUM] = { + [STM32_FLASH_ACR_INDEX] = 0x000, + [STM32_FLASH_KEYR_INDEX] = 0x00C, /* SECKEYR */ + [STM32_FLASH_OPTKEYR_INDEX] = 0x010, + [STM32_FLASH_SR_INDEX] = 0x024, /* SECSR */ + [STM32_FLASH_CR_INDEX] = 0x02C, /* SECCR */ [STM32_FLASH_OPTR_INDEX] = 0x040, [STM32_FLASH_WRP1AR_INDEX] = 0x058, [STM32_FLASH_WRP1BR_INDEX] = 0x05C, @@ -205,6 +220,7 @@ struct stm32l4_flash_bank { uint32_t user_bank_size; uint32_t wrpxxr_mask; const struct stm32l4_part_info *part_info; + uint32_t flash_regs_base; const uint32_t *flash_regs; bool otp_enabled; enum stm32l4_rdp rdp; @@ -444,7 +460,7 @@ static const struct stm32l4_part_info stm32l4_parts[] = { .num_revs = ARRAY_SIZE(stm32_472_revs), .device_str = "STM32L55/L56xx", .max_flash_size_kb = 512, - .flags = F_HAS_DUAL_BANK | F_USE_ALL_WRPXX | F_HAS_TZ, + .flags = F_HAS_DUAL_BANK | F_USE_ALL_WRPXX | F_HAS_TZ | F_HAS_L5_FLASH_REGS, .flash_regs_base = 0x40022000, .default_flash_regs = stm32l5_ns_flash_regs, .fsize_addr = 0x0BFA05E0, @@ -653,7 +669,7 @@ static void stm32l4_sync_rdp_tzen(struct flash_bank *bank) static inline uint32_t stm32l4_get_flash_reg(struct flash_bank *bank, uint32_t reg_offset) { struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv; - return stm32l4_info->part_info->flash_regs_base + reg_offset; + return stm32l4_info->flash_regs_base + reg_offset; } static inline uint32_t stm32l4_get_flash_reg_by_index(struct flash_bank *bank, @@ -725,6 +741,49 @@ static int stm32l4_wait_status_busy(struct flash_bank *bank, int timeout) return retval; } +/** set all FLASH_SECBB registers to the same value */ +static int stm32l4_set_secbb(struct flash_bank *bank, uint32_t value) +{ + /* This function should be used only with device with TrustZone, do just a security check */ + struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv; + assert(stm32l4_info->part_info->flags & F_HAS_TZ); + + /* based on RM0438 Rev6 for STM32L5x devices: + * to modify a page block-based security attribution, it is recommended to + * 1- check that no flash operation is ongoing on the related page + * 2- add ISB instruction after modifying the page security attribute in SECBBxRy + * this step is not need in case of JTAG direct access + */ + int retval = stm32l4_wait_status_busy(bank, FLASH_ERASE_TIMEOUT); + if (retval != ERROR_OK) + return retval; + + /* write SECBBxRy registers */ + LOG_DEBUG("setting secure block-based areas registers (SECBBxRy) to 0x%08x", value); + + const uint8_t secbb_regs[] = { + FLASH_SECBB1(1), FLASH_SECBB1(2), FLASH_SECBB1(3), FLASH_SECBB1(4), /* bank 1 SECBB register offsets */ + FLASH_SECBB2(1), FLASH_SECBB2(2), FLASH_SECBB2(3), FLASH_SECBB2(4) /* bank 2 SECBB register offsets */ + }; + + + unsigned int num_secbb_regs = ARRAY_SIZE(secbb_regs); + + /* in single bank mode, it's useless to modify FLASH_SECBB2Rx registers + * then consider only the first half of secbb_regs + */ + if (!stm32l4_info->dual_bank_mode) + num_secbb_regs /= 2; + + for (unsigned int i = 0; i < num_secbb_regs; i++) { + retval = stm32l4_write_flash_reg(bank, secbb_regs[i], value); + if (retval != ERROR_OK) + return retval; + } + + return ERROR_OK; +} + static int stm32l4_unlock_reg(struct flash_bank *bank) { uint32_t ctrl; @@ -831,6 +890,7 @@ err_lock: static int stm32l4_write_option(struct flash_bank *bank, uint32_t reg_offset, uint32_t value, uint32_t mask) { + struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv; uint32_t optiondata; int retval, retval2; @@ -838,6 +898,12 @@ static int stm32l4_write_option(struct flash_bank *bank, uint32_t reg_offset, if (retval != ERROR_OK) return retval; + /* for STM32L5 and similar devices, use always non-secure + * registers for option bytes programming */ + const uint32_t *saved_flash_regs = stm32l4_info->flash_regs; + if (stm32l4_info->part_info->flags & F_HAS_L5_FLASH_REGS) + stm32l4_info->flash_regs = stm32l5_ns_flash_regs; + retval = stm32l4_unlock_reg(bank); if (retval != ERROR_OK) goto err_lock; @@ -860,6 +926,7 @@ static int stm32l4_write_option(struct flash_bank *bank, uint32_t reg_offset, err_lock: retval2 = stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_LOCK | FLASH_OPTLOCK); + stm32l4_info->flash_regs = saved_flash_regs; if (retval != ERROR_OK) return retval; @@ -1007,6 +1074,16 @@ static int stm32l4_erase(struct flash_bank *bank, unsigned int first, return ERROR_TARGET_NOT_HALTED; } + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + /* set all FLASH pages as secure */ + retval = stm32l4_set_secbb(bank, FLASH_SECBB_SECURE); + if (retval != ERROR_OK) { + /* restore all FLASH pages as non-secure */ + stm32l4_set_secbb(bank, FLASH_SECBB_NON_SECURE); /* ignore the return value */ + return retval; + } + } + retval = stm32l4_unlock_reg(bank); if (retval != ERROR_OK) goto err_lock; @@ -1044,6 +1121,13 @@ static int stm32l4_erase(struct flash_bank *bank, unsigned int first, err_lock: retval2 = stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_LOCK); + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + /* restore all FLASH pages as non-secure */ + int retval3 = stm32l4_set_secbb(bank, FLASH_SECBB_NON_SECURE); + if (retval3 != ERROR_OK) + return retval3; + } + if (retval != ERROR_OK) return retval; @@ -1281,6 +1365,7 @@ static int stm32l4_write_block(struct flash_bank *bank, const uint8_t *buffer, static int stm32l4_write(struct flash_bank *bank, const uint8_t *buffer, uint32_t offset, uint32_t count) { + struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv; int retval = ERROR_OK, retval2; if (stm32l4_is_otp(bank) && !stm32l4_otp_is_enabled(bank)) { @@ -1335,6 +1420,16 @@ static int stm32l4_write(struct flash_bank *bank, const uint8_t *buffer, if (retval != ERROR_OK) return retval; + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + /* set all FLASH pages as secure */ + retval = stm32l4_set_secbb(bank, FLASH_SECBB_SECURE); + if (retval != ERROR_OK) { + /* restore all FLASH pages as non-secure */ + stm32l4_set_secbb(bank, FLASH_SECBB_NON_SECURE); /* ignore the return value */ + return retval; + } + } + retval = stm32l4_unlock_reg(bank); if (retval != ERROR_OK) goto err_lock; @@ -1344,6 +1439,13 @@ static int stm32l4_write(struct flash_bank *bank, const uint8_t *buffer, err_lock: retval2 = stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_LOCK); + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + /* restore all FLASH pages as non-secure */ + int retval3 = stm32l4_set_secbb(bank, FLASH_SECBB_NON_SECURE); + if (retval3 != ERROR_OK) + return retval3; + } + if (retval != ERROR_OK) { LOG_ERROR("block write failed"); return retval; @@ -1426,6 +1528,7 @@ static int stm32l4_probe(struct flash_bank *bank) LOG_INFO("device idcode = 0x%08" PRIx32 " (%s - Rev %s : 0x%04x)", stm32l4_info->idcode, part_info->device_str, rev_str, rev_id); + stm32l4_info->flash_regs_base = stm32l4_info->part_info->flash_regs_base; stm32l4_info->flash_regs = stm32l4_info->part_info->default_flash_regs; /* read flash option register */ @@ -1461,7 +1564,7 @@ static int stm32l4_probe(struct flash_bank *bank) stm32l4_info->probed = true; return ERROR_OK; - } else if (bank->base != STM32_FLASH_BANK_BASE) { + } else if (bank->base != STM32_FLASH_BANK_BASE && bank->base != STM32_FLASH_S_BANK_BASE) { LOG_ERROR("invalid bank base address"); return ERROR_FAIL; } @@ -1589,6 +1692,15 @@ static int stm32l4_probe(struct flash_bank *bank) num_pages = flash_size_kb / page_size_kb; stm32l4_info->bank1_sectors = num_pages / 2; } + + /** + * by default use the non-secure registers, + * switch secure registers if TZ is enabled and RDP is LEVEL_0 + */ + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + stm32l4_info->flash_regs_base |= 0x10000000; + stm32l4_info->flash_regs = stm32l5_s_flash_regs; + } break; case 0x495: /* STM32WB5x */ case 0x496: /* STM32WB3x */ @@ -1714,6 +1826,16 @@ static int stm32l4_mass_erase(struct flash_bank *bank) return ERROR_TARGET_NOT_HALTED; } + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + /* set all FLASH pages as secure */ + retval = stm32l4_set_secbb(bank, FLASH_SECBB_SECURE); + if (retval != ERROR_OK) { + /* restore all FLASH pages as non-secure */ + stm32l4_set_secbb(bank, FLASH_SECBB_NON_SECURE); /* ignore the return value */ + return retval; + } + } + retval = stm32l4_unlock_reg(bank); if (retval != ERROR_OK) goto err_lock; @@ -1736,6 +1858,13 @@ static int stm32l4_mass_erase(struct flash_bank *bank) err_lock: retval2 = stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_LOCK); + if (stm32l4_info->tzen && (stm32l4_info->rdp == RDP_LEVEL_0)) { + /* restore all FLASH pages as non-secure */ + int retval3 = stm32l4_set_secbb(bank, FLASH_SECBB_NON_SECURE); + if (retval3 != ERROR_OK) + return retval3; + } + if (retval != ERROR_OK) return retval; diff --git a/src/flash/nor/stm32l4x.h b/src/flash/nor/stm32l4x.h index 41b5ff82d..ebc6ed95a 100644 --- a/src/flash/nor/stm32l4x.h +++ b/src/flash/nor/stm32l4x.h @@ -60,11 +60,19 @@ #define FLASH_RDP_MASK 0xFF #define FLASH_TZEN (1 << 31) +/* FLASH secure block based bank 1/2 register offsets */ +#define FLASH_SECBB1(X) (0x80 + 4 * (X - 1)) +#define FLASH_SECBB2(X) (0xA0 + 4 * (X - 1)) + +#define FLASH_SECBB_SECURE 0xFFFFFFFF +#define FLASH_SECBB_NON_SECURE 0 + /* other registers */ #define DBGMCU_IDCODE_G0 0x40015800 #define DBGMCU_IDCODE_L4_G4 0xE0042000 #define DBGMCU_IDCODE_L5 0xE0044000 #define STM32_FLASH_BANK_BASE 0x08000000 +#define STM32_FLASH_S_BANK_BASE 0x0C000000 #endif diff --git a/tcl/target/stm32l5x.cfg b/tcl/target/stm32l5x.cfg index 92083b9e0..02297e369 100644 --- a/tcl/target/stm32l5x.cfg +++ b/tcl/target/stm32l5x.cfg @@ -52,9 +52,10 @@ target create $_TARGETNAME cortex_m -endian $_ENDIAN -dap $_CHIPNAME.dap # use non-secure RAM by default $_TARGETNAME configure -work-area-phys 0x20000000 -work-area-size $_WORKAREASIZE -work-area-backup 0 -# declare non-secure flash -flash bank $_CHIPNAME.flash_ns stm32l4x 0x08000000 0 0 0 $_TARGETNAME -flash bank $_CHIPNAME.otp stm32l4x 0x0BFA0000 0 0 0 $_TARGETNAME +# create sec/ns flash and otp memories (sizes will be probed) +flash bank $_CHIPNAME.flash_ns stm32l4x 0x08000000 0 0 0 $_TARGETNAME +flash bank $_CHIPNAME.flash_alias_s stm32l4x 0x0C000000 0 0 0 $_TARGETNAME +flash bank $_CHIPNAME.otp stm32l4x 0x0BFA0000 0 0 0 $_TARGETNAME # Common knowledges tells JTAG speed should be <= F_CPU/6. # F_CPU after reset is MSI 4MHz, so use F_JTAG = 500 kHz to stay on @@ -77,30 +78,47 @@ if {![using_hla]} { cortex_m reset_config sysresetreq } +proc is_secure {} { + # read Debug Security Control and Status Regsiter (DSCSR) and check CDS (bit 16) + set DSCSR [mrw 0xE000EE08] + return [expr {($DSCSR & (1 << 16)) != 0}] +} + proc clock_config_110_mhz {} { + set offset [expr {[is_secure] ? 0x10000000 : 0}] # MCU clock is MSI (4MHz) after reset, set MCU freq at 110 MHz with PLL # RCC_APB1ENR1 = PWREN - mww 0x40021058 0x10000000 + mww [expr {0x40021058 + $offset}] 0x10000000 # delay for register clock enable (read back reg) - mrw 0x40021058 + mrw [expr {0x40021058 + $offset}] # PWR_CR1 : VOS Range 0 - mww 0x40007000 0 + mww [expr {0x40007000 + $offset}] 0 # while (PWR_SR2 & VOSF) - while {([mrw 0x40007014] & 0x0400)} {} + while {([mrw [expr {0x40007014 + $offset}]] & 0x0400)} {} # FLASH_ACR : 5 WS for 110 MHz HCLK mww 0x40022000 0x00000005 # RCC_PLLCFGR = PLLP=PLLQ=0, PLLR=00=2, PLLREN=1, PLLN=55, PLLM=0000=1, PLLSRC=MSI 4MHz # fVCO = 4 x 55 /1 = 220 # SYSCLOCK = fVCO/PLLR = 220/2 = 110 MHz - mww 0x4002100C 0x01003711 + mww [expr {0x4002100C + $offset}] 0x01003711 # RCC_CR |= PLLON - mmw 0x40021000 0x01000000 0 + mmw [expr {0x40021000 + $offset}] 0x01000000 0 # while !(RCC_CR & PLLRDY) - while {!([mrw 0x40021000] & 0x02000000)} {} + while {!([mrw [expr {0x40021000 + $offset}]] & 0x02000000)} {} # RCC_CFGR |= SW_PLL - mmw 0x40021008 0x00000003 0 + mmw [expr {0x40021008 + $offset}] 0x00000003 0 # while ((RCC_CFGR & SWS) != PLL) - while {([mrw 0x40021008] & 0x0C) != 0x0C} {} + while {([mrw [expr {0x40021008 + $offset}]] & 0x0C) != 0x0C} {} +} + +proc ahb_ap_non_secure_access {} { + # SPROT=1=Non Secure access, Priv=1 + [[target current] cget -dap] apcsw 0x4B000000 0x4F000000 +} + +proc ahb_ap_secure_access {} { + # SPROT=0=Secure access, Priv=1 + [[target current] cget -dap] apcsw 0x0B000000 0x4F000000 } $_TARGETNAME configure -event reset-init { @@ -123,6 +141,53 @@ $_TARGETNAME configure -event examine-end { mmw 0xE0044008 0x00001800 0 } +$_TARGETNAME configure -event halted { + set secure [is_secure] + + if {$secure} { + set secure_str "Secure" + ahb_ap_secure_access + } else { + set secure_str "Non-Secure" + ahb_ap_non_secure_access + } + + # print the secure state only when it changes + set _TARGETNAME [target current] + global $_TARGETNAME.secure + + if {![info exists $_TARGETNAME.secure] || $secure != [set $_TARGETNAME.secure]} { + echo "CPU in $secure_str state" + # update saved security state + set $_TARGETNAME.secure $secure + } +} + +$_TARGETNAME configure -event gdb-flash-erase-start { + set use_secure_workarea 0 + # check if FLASH_OPTR.TZEN is enabled + set FLASH_OPTR [mrw 0x40022040] + if {[expr {$FLASH_OPTR & 0x80000000}] == 0} { + echo "TZEN option bit disabled" + ahb_ap_non_secure_access + } { + ahb_ap_secure_access + echo "TZEN option bit enabled" + set use_secure_workarea 1 + } + + set workarea_addr [$_TARGETNAME cget -work-area-phys] + echo "workarea_addr $workarea_addr" + + if {$use_secure_workarea} { + set workarea_addr [expr {$workarea_addr | 0x10000000}] + } { + set workarea_addr [expr {$workarea_addr & ~0x10000000}] + } + + $_TARGETNAME configure -work-area-phys $workarea_addr +} + $_TARGETNAME configure -event trace-config { # Set TRACE_IOEN; TRACE_MODE is set to async; when using sync # change this value accordingly to configure trace pins