@@ -60,29 +60,67 @@ static void RAMFUNCTION hal_flash_nonsecure_lock(void)
6060 FLASH_NS_CR |= FLASH_CR_LOCK ;
6161}
6262
63+ static int is_range_nonsecure (uint32_t address , int len )
64+ {
65+ #ifndef DUALBANK_SWAP
66+ /* The non secure area begins at the BOOT partition */
67+ uint32_t min = WOLFBOOT_PARTITION_BOOT_ADDRESS ;
68+ uint32_t max = FLASH_TOP + 1 ;
69+ uint32_t end ;
70+ if (len < 0 )
71+ return 0 ;
72+ end = (uint32_t )(address + len );
73+ if ((address >= min ) && (end <= max ))
74+ return 1 ;
75+ return 0 ;
76+ #else
77+ /* In this case, the secure area is in the lower side of both banks. */
78+ uint32_t boot_offset = WOLFBOOT_PARTITION_BOOT_ADDRESS - ARCH_FLASH_OFFSET ;
79+ uint32_t min1 = WOLFBOOT_PARTITION_BOOT_ADDRESS ;
80+ uint32_t max1 = FLASH_BANK2_BASE + 1 ;
81+ uint32_t min2 = WOLFBOOT_PARTITION_UPDATE_ADDRESS ;
82+ uint32_t max2 = FLASH_TOP + 1 ;
83+ uint32_t end ;
84+ if (len < 0 )
85+ return 0 ;
86+ end = (uint32_t )(address + len );
87+ if (((address >= min1 ) && (end <= max1 )) ||
88+ ((address >= min2 ) && (end <= max2 )) )
89+ return 1 ;
90+ return 0 ;
91+ #endif
92+ }
93+
94+
6395void hal_tz_claim_nonsecure_area (uint32_t address , int len )
6496{
6597 int page_n , reg_idx ;
6698 uint32_t reg ;
6799 uint32_t end = address + len ;
100+ uint32_t bank = 0 ;
101+ int pos ;
68102
69-
70- if (address < FLASH_BANK2_BASE )
103+ if (!is_range_nonsecure (address , len ))
71104 return ;
72- if (end > (FLASH_TOP + 1 ))
73- return ;
74-
75- hal_flash_wait_complete (0 );
76- hal_flash_clear_errors (0 );
77105 while (address < end ) {
78- page_n = (address - FLASH_BANK2_BASE ) / FLASH_PAGE_SIZE ;
106+ if (address < FLASH_BANK2_BASE ) {
107+ page_n = (address - ARCH_FLASH_OFFSET ) / FLASH_PAGE_SIZE ;
108+ bank = 1 ;
109+ } else {
110+ page_n = (address - FLASH_BANK2_BASE ) / FLASH_PAGE_SIZE ;
111+ bank = 2 ;
112+ }
79113 reg_idx = page_n / 32 ;
80- int pos ;
81114 pos = page_n % 32 ;
115+ hal_flash_wait_complete (bank );
116+ hal_flash_clear_errors (bank );
82117 hal_flash_nonsecure_unlock ();
83- FLASH_SECBB2 [reg_idx ] |= ( 1 << pos );
118+ if (bank == 1 )
119+ FLASH_SECBB1 [reg_idx ] |= ( 1 << pos );
120+ else
121+ FLASH_SECBB2 [reg_idx ] |= ( 1 << pos );
84122 ISB ();
85- hal_flash_wait_complete (0 );
123+ hal_flash_wait_complete (bank );
86124 hal_flash_nonsecure_lock ();
87125 /* Erase claimed non-secure page, in secure mode */
88126#ifndef PLATFORM_stm32h5
@@ -96,7 +134,7 @@ void hal_tz_claim_nonsecure_area(uint32_t address, int len)
96134 DMB ();
97135 FLASH_CR |= FLASH_CR_STRT ;
98136 ISB ();
99- hal_flash_wait_complete (0 );
137+ hal_flash_wait_complete (bank );
100138 address += FLASH_PAGE_SIZE ;
101139 }
102140#ifndef PLATFORM_stm32h5
@@ -198,15 +236,15 @@ void hal_gtzc_init(void)
198236void hal_tz_sau_init (void )
199237{
200238 uint32_t page_n = 0 ;
201- /* WIP: SAU is set up before staging */
239+ /* SAU is set up before staging. Set up all areas as secure. */
202240 /* Non-secure callable: NSC functions area */
203241 sau_init_region (0 , 0x0C038000 , 0x0C040000 , 1 );
204242
205243 /* Non-Secure: application flash area (first bank) */
206- sau_init_region (1 , 0x08040000 , 0x080FFFFF , 0 );
244+ sau_init_region (1 , WOLFBOOT_PARTITION_BOOT_ADDRESS , FLASH_BANK2_BASE - 1 , 0 );
207245
208246 /* Non-Secure: application flash area (second bank) */
209- sau_init_region (2 , 0x08140000 , 0x081FFFFF , 0 );
247+ sau_init_region (2 , WOLFBOOT_PARTITION_UPDATE_ADDRESS , FLASH_TOP - 1 , 0 );
210248
211249 /* Secure RAM regions in SRAM1/SRAM2 */
212250 sau_init_region (3 , 0x30000000 , 0x3004FFFF , 1 );
@@ -217,6 +255,9 @@ void hal_tz_sau_init(void)
217255 /* Non-secure: internal peripherals */
218256 sau_init_region (5 , 0x40000000 , 0x4FFFFFFF , 0 );
219257
258+ /* Set as non-secure: OTP + RO area */
259+ sau_init_region (6 , 0x08FFF000 , 0x08FFFFFF , 0 );
260+
220261 /* Enable SAU */
221262 SAU_CTRL = SAU_INIT_CTRL_ENABLE ;
222263
0 commit comments