From 8e27be344beedb17b3b7a5299b673effc2ae3f8d Mon Sep 17 00:00:00 2001 From: Laukik Hase Date: Wed, 9 Apr 2025 18:35:54 +0530 Subject: [PATCH] refactor(esp_tee): Place the secure services `_ss_` layer in the flash by default --- .../esp_tee/subproject/main/CMakeLists.txt | 1 + .../main/core/esp_secure_services.c | 356 +---------------- .../main/core/esp_secure_services_iram.c | 370 ++++++++++++++++++ .../subproject/main/ld/esp32c6/esp_tee.ld.in | 4 +- 4 files changed, 377 insertions(+), 354 deletions(-) create mode 100644 components/esp_tee/subproject/main/core/esp_secure_services_iram.c diff --git a/components/esp_tee/subproject/main/CMakeLists.txt b/components/esp_tee/subproject/main/CMakeLists.txt index 145b8c4553..819fe00070 100644 --- a/components/esp_tee/subproject/main/CMakeLists.txt +++ b/components/esp_tee/subproject/main/CMakeLists.txt @@ -9,6 +9,7 @@ set(include) set(srcs "core/esp_tee_init.c" "core/esp_tee_intr.c" "core/esp_secure_services.c" + "core/esp_secure_services_iram.c" "core/esp_secure_dispatcher.c" "core/esp_secure_service_table.c") diff --git a/components/esp_tee/subproject/main/core/esp_secure_services.c b/components/esp_tee/subproject/main/core/esp_secure_services.c index 170fef6b70..b4c6292536 100644 --- a/components/esp_tee/subproject/main/core/esp_secure_services.c +++ b/components/esp_tee/subproject/main/core/esp_secure_services.c @@ -5,25 +5,15 @@ */ #include -#include "esp_cpu.h" -#include "esp_efuse.h" #include "esp_fault.h" -#include "esp_flash.h" +#include "soc/soc_caps.h" + +#include "esp_efuse.h" #include "esp_flash_encrypt.h" -#include "esp_rom_efuse.h" #include "hal/efuse_hal.h" -#include "hal/mmu_types.h" -#include "hal/mmu_hal.h" -#include "hal/wdt_hal.h" #include "hal/sha_hal.h" -#include "hal/spi_flash_hal.h" -#include "hal/spi_flash_types.h" -#include "spi_flash_chip_generic.h" -#include "memspi_host_driver.h" - -#include "soc/soc_caps.h" #include "aes/esp_aes.h" #include "sha/sha_core.h" #include "esp_hmac.h" @@ -33,14 +23,10 @@ #include "esp_tee.h" #include "esp_tee_memory_utils.h" -#include "esp_tee_intr.h" #include "esp_tee_aes_intr.h" -#include "esp_tee_rv_utils.h" -#include "esp_tee_flash.h" #include "esp_tee_sec_storage.h" #include "esp_tee_ota_ops.h" -#include "esp_attestation.h" static __attribute__((unused)) const char *TAG = "esp_tee_sec_srv"; @@ -49,65 +35,8 @@ void _ss_invalid_secure_service(void) assert(0); } -/* ---------------------------------------------- Interrupts ------------------------------------------------- */ - -void _ss_esp_rom_route_intr_matrix(int cpu_no, uint32_t model_num, uint32_t intr_num) -{ - return esp_tee_route_intr_matrix(cpu_no, model_num, intr_num); -} - -void _ss_rv_utils_intr_enable(uint32_t intr_mask) -{ - rv_utils_tee_intr_enable(intr_mask); -} - -void _ss_rv_utils_intr_disable(uint32_t intr_mask) -{ - rv_utils_tee_intr_disable(intr_mask); -} - -void _ss_rv_utils_intr_set_priority(int rv_int_num, int priority) -{ - rv_utils_tee_intr_set_priority(rv_int_num, priority); -} - -void _ss_rv_utils_intr_set_type(int intr_num, enum intr_type type) -{ - rv_utils_tee_intr_set_type(intr_num, type); -} - -void _ss_rv_utils_intr_set_threshold(int priority_threshold) -{ - rv_utils_tee_intr_set_threshold(priority_threshold); -} - -void _ss_rv_utils_intr_edge_ack(uint32_t intr_num) -{ - rv_utils_tee_intr_edge_ack(intr_num); -} - -void _ss_rv_utils_intr_global_enable(void) -{ - rv_utils_tee_intr_global_enable(); -} - /* ---------------------------------------------- eFuse ------------------------------------------------- */ -uint32_t _ss_efuse_hal_chip_revision(void) -{ - return efuse_hal_chip_revision(); -} - -uint32_t _ss_efuse_hal_get_chip_ver_pkg(void) -{ - return efuse_hal_get_chip_ver_pkg(); -} - -bool _ss_efuse_hal_get_disable_wafer_version_major(void) -{ - return efuse_hal_get_disable_wafer_version_major(); -} - void _ss_efuse_hal_get_mac(uint8_t *mac) { bool valid_addr = ((esp_tee_ptr_in_ree((void *)mac)) & @@ -154,18 +83,6 @@ bool _ss_esp_flash_encryption_enabled(void) return enabled; } -/* ---------------------------------------------- RTC_WDT ------------------------------------------------- */ - -void _ss_wdt_hal_init(wdt_hal_context_t *hal, wdt_inst_t wdt_inst, uint32_t prescaler, bool enable_intr) -{ - wdt_hal_init(hal, wdt_inst, prescaler, enable_intr); -} - -void _ss_wdt_hal_deinit(wdt_hal_context_t *hal) -{ - wdt_hal_deinit(hal); -} - /* ---------------------------------------------- AES ------------------------------------------------- */ void _ss_esp_aes_intr_alloc(void) @@ -502,79 +419,6 @@ esp_err_t _ss_esp_tee_sec_storage_gen_key(uint16_t slot_id, uint8_t key_type) return esp_tee_sec_storage_gen_key(slot_id, key_type); } -esp_err_t _ss_esp_tee_sec_storage_get_signature(uint16_t slot_id, esp_tee_sec_storage_type_t key_type, uint8_t *hash, size_t hlen, esp_tee_sec_storage_sign_t *out_sign) -{ - bool valid_addr = ((esp_tee_ptr_in_ree((void *)hash) && esp_tee_ptr_in_ree((void *)out_sign)) && - (esp_tee_ptr_in_ree((void *)(hash + hlen)) && - esp_tee_ptr_in_ree((void *)((char *)out_sign + sizeof(esp_tee_sec_storage_sign_t))))); - - if (!valid_addr) { - return ESP_ERR_INVALID_ARG; - } - ESP_FAULT_ASSERT(valid_addr); - - return esp_tee_sec_storage_get_signature(slot_id, key_type, hash, hlen, out_sign); -} - -esp_err_t _ss_esp_tee_sec_storage_get_pubkey(uint16_t slot_id, esp_tee_sec_storage_type_t key_type, esp_tee_sec_storage_pubkey_t *pubkey) -{ - bool valid_addr = ((esp_tee_ptr_in_ree((void *)pubkey)) && - (esp_tee_ptr_in_ree((void *)((char *)pubkey + sizeof(esp_tee_sec_storage_pubkey_t))))); - - if (!valid_addr) { - return ESP_ERR_INVALID_ARG; - } - ESP_FAULT_ASSERT(valid_addr); - - return esp_tee_sec_storage_get_pubkey(slot_id, key_type, pubkey); -} - -esp_err_t _ss_esp_tee_sec_storage_encrypt(uint16_t slot_id, uint8_t *input, uint8_t len, uint8_t *aad, - uint16_t aad_len, uint8_t *tag, uint16_t tag_len, uint8_t *output) -{ - bool valid_addr = (esp_tee_ptr_in_ree((void *)input) && - esp_tee_ptr_in_ree((void *)tag) && - esp_tee_ptr_in_ree((void *)output)); - - valid_addr &= (esp_tee_ptr_in_ree((void *)(input + len)) && - esp_tee_ptr_in_ree((void *)(tag + tag_len)) && - esp_tee_ptr_in_ree((void *)(output + len))); - - if (aad) { - valid_addr &= (esp_tee_ptr_in_ree((void *)aad) && esp_tee_ptr_in_ree((void *)(aad + aad_len))); - } - - if (!valid_addr) { - return ESP_ERR_INVALID_ARG; - } - ESP_FAULT_ASSERT(valid_addr); - - return esp_tee_sec_storage_encrypt(slot_id, input, len, aad, aad_len, tag, tag_len, output); -} - -esp_err_t _ss_esp_tee_sec_storage_decrypt(uint16_t slot_id, uint8_t *input, uint8_t len, uint8_t *aad, - uint16_t aad_len, uint8_t *tag, uint16_t tag_len, uint8_t *output) -{ - bool valid_addr = (esp_tee_ptr_in_ree((void *)input) && - esp_tee_ptr_in_ree((void *)tag) && - esp_tee_ptr_in_ree((void *)output)); - - valid_addr &= (esp_tee_ptr_in_ree((void *)(input + len)) && - esp_tee_ptr_in_ree((void *)(tag + tag_len)) && - esp_tee_ptr_in_ree((void *)(output + len))); - - if (aad) { - valid_addr &= (esp_tee_ptr_in_ree((void *)aad) && esp_tee_ptr_in_ree((void *)(aad + aad_len))); - } - - if (!valid_addr) { - return ESP_ERR_INVALID_ARG; - } - ESP_FAULT_ASSERT(valid_addr); - - return esp_tee_sec_storage_decrypt(slot_id, input, len, aad, aad_len, tag, tag_len, output); -} - bool _ss_esp_tee_sec_storage_is_slot_empty(uint16_t slot_id) { return esp_tee_sec_storage_is_slot_empty(slot_id); @@ -584,197 +428,3 @@ esp_err_t _ss_esp_tee_sec_storage_clear_slot(uint16_t slot_id) { return esp_tee_sec_storage_clear_slot(slot_id); } - -/* ---------------------------------------------- MMU HAL ------------------------------------------------- */ - -void _ss_mmu_hal_map_region(uint32_t mmu_id, mmu_target_t mem_type, uint32_t vaddr, - uint32_t paddr, uint32_t len, uint32_t *out_len) -{ - bool vaddr_chk = esp_tee_flash_check_vaddr_in_tee_region(vaddr); - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(paddr); - if (vaddr_chk || paddr_chk) { - return; - } - ESP_FAULT_ASSERT(!vaddr_chk && !paddr_chk); - - mmu_hal_map_region(mmu_id, mem_type, vaddr, paddr, len, out_len); -} - -void _ss_mmu_hal_unmap_region(uint32_t mmu_id, uint32_t vaddr, uint32_t len) -{ - bool vaddr_chk = esp_tee_flash_check_vaddr_in_tee_region(vaddr); - if (vaddr_chk) { - return; - } - ESP_FAULT_ASSERT(!vaddr_chk); - - mmu_hal_unmap_region(mmu_id, vaddr, len); -} - -bool _ss_mmu_hal_vaddr_to_paddr(uint32_t mmu_id, uint32_t vaddr, uint32_t *out_paddr, mmu_target_t *out_target) -{ - bool vaddr_chk = esp_tee_flash_check_vaddr_in_tee_region(vaddr); - if (vaddr_chk) { - return false; - } - ESP_FAULT_ASSERT(!vaddr_chk); - return mmu_hal_vaddr_to_paddr(mmu_id, vaddr, out_paddr, out_target); -} - -bool _ss_mmu_hal_paddr_to_vaddr(uint32_t mmu_id, uint32_t paddr, mmu_target_t target, mmu_vaddr_t type, uint32_t *out_vaddr) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(paddr); - if (paddr_chk) { - return false; - } - ESP_FAULT_ASSERT(!paddr_chk); - return mmu_hal_paddr_to_vaddr(mmu_id, paddr, target, type, out_vaddr); -} - -#if CONFIG_SECURE_TEE_EXT_FLASH_MEMPROT_SPI1 -/* ---------------------------------------------- SPI Flash HAL ------------------------------------------------- */ - -uint32_t _ss_spi_flash_hal_check_status(spi_flash_host_inst_t *host) -{ - return spi_flash_hal_check_status(host); -} - -esp_err_t _ss_spi_flash_hal_common_command(spi_flash_host_inst_t *host, spi_flash_trans_t *trans) -{ - return spi_flash_hal_common_command(host, trans); -} - -esp_err_t _ss_spi_flash_hal_device_config(spi_flash_host_inst_t *host) -{ - return spi_flash_hal_device_config(host); -} - -void _ss_spi_flash_hal_erase_block(spi_flash_host_inst_t *host, uint32_t start_address) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(start_address); - if (paddr_chk) { - ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, start_address); - return; - } - ESP_FAULT_ASSERT(!paddr_chk); - spi_flash_hal_erase_block(host, start_address); -} - -void _ss_spi_flash_hal_erase_chip(spi_flash_host_inst_t *host) -{ - spi_flash_hal_erase_chip(host); -} - -void _ss_spi_flash_hal_erase_sector(spi_flash_host_inst_t *host, uint32_t start_address) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(start_address); - if (paddr_chk) { - ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, start_address); - return; - } - ESP_FAULT_ASSERT(!paddr_chk); - spi_flash_hal_erase_sector(host, start_address); -} - -void _ss_spi_flash_hal_program_page(spi_flash_host_inst_t *host, const void *buffer, uint32_t address, uint32_t length) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(address); - if (paddr_chk) { - ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, address); - return; - } - - bool buf_addr_chk = ((esp_tee_ptr_in_ree((void *)buffer) && esp_tee_ptr_in_ree((void *)(buffer + length)))); - if (!buf_addr_chk) { - return; - } - - ESP_FAULT_ASSERT(!paddr_chk && buf_addr_chk); - spi_flash_hal_program_page(host, buffer, address, length); -} - -esp_err_t _ss_spi_flash_hal_read(spi_flash_host_inst_t *host, void *buffer, uint32_t address, uint32_t read_len) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(address); - if (paddr_chk) { - ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, address); - return ESP_FAIL; - } - - bool buf_addr_chk = ((esp_tee_ptr_in_ree((void *)buffer) && esp_tee_ptr_in_ree((void *)(buffer + read_len)))); - if (!buf_addr_chk) { - return ESP_FAIL; - } - - ESP_FAULT_ASSERT(!paddr_chk && buf_addr_chk); - return spi_flash_hal_read(host, buffer, address, read_len); -} - -void _ss_spi_flash_hal_resume(spi_flash_host_inst_t *host) -{ - spi_flash_hal_resume(host); -} - -esp_err_t _ss_spi_flash_hal_set_write_protect(spi_flash_host_inst_t *host, bool wp) -{ - return spi_flash_hal_set_write_protect(host, wp); -} - -esp_err_t _ss_spi_flash_hal_setup_read_suspend(spi_flash_host_inst_t *host, const spi_flash_sus_cmd_conf *sus_conf) -{ - return spi_flash_hal_setup_read_suspend(host, sus_conf); -} - -bool _ss_spi_flash_hal_supports_direct_read(spi_flash_host_inst_t *host, const void *p) -{ - return spi_flash_hal_supports_direct_read(host, p); -} - -bool _ss_spi_flash_hal_supports_direct_write(spi_flash_host_inst_t *host, const void *p) -{ - return spi_flash_hal_supports_direct_write(host, p); -} - -void _ss_spi_flash_hal_suspend(spi_flash_host_inst_t *host) -{ - spi_flash_hal_suspend(host); -} - -/* ---------------------------------------------- SPI Flash Extras ------------------------------------------------- */ - -extern uint32_t bootloader_flash_execute_command_common(uint8_t command, uint32_t addr_len, uint32_t address, - uint8_t dummy_len, uint8_t mosi_len, uint32_t mosi_data, - uint8_t miso_len); - -uint32_t _ss_bootloader_flash_execute_command_common( - uint8_t command, - uint32_t addr_len, uint32_t address, - uint8_t dummy_len, - uint8_t mosi_len, uint32_t mosi_data, - uint8_t miso_len) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(address); - if (paddr_chk) { - ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, address); - return ESP_FAIL; - } - ESP_FAULT_ASSERT(!paddr_chk); - return bootloader_flash_execute_command_common(command, addr_len, address, dummy_len, - mosi_len, mosi_data, miso_len); -} - -esp_err_t _ss_memspi_host_flush_cache(spi_flash_host_inst_t *host, uint32_t addr, uint32_t size) -{ - bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(addr); - if (paddr_chk) { - return ESP_FAIL; - } - ESP_FAULT_ASSERT(!paddr_chk); - return memspi_host_flush_cache(host, addr, size); -} - -esp_err_t _ss_spi_flash_chip_generic_config_host_io_mode(esp_flash_t *chip, uint32_t flags) -{ - return spi_flash_chip_generic_config_host_io_mode(chip, flags); -} -#endif diff --git a/components/esp_tee/subproject/main/core/esp_secure_services_iram.c b/components/esp_tee/subproject/main/core/esp_secure_services_iram.c new file mode 100644 index 0000000000..50e8bf257b --- /dev/null +++ b/components/esp_tee/subproject/main/core/esp_secure_services_iram.c @@ -0,0 +1,370 @@ +/* + * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ +#include + +#include "esp_log.h" +#include "esp_fault.h" + +#include "hal/efuse_hal.h" +#include "hal/mmu_types.h" +#include "hal/mmu_hal.h" +#include "hal/wdt_hal.h" + +#include "hal/spi_flash_hal.h" +#include "hal/spi_flash_types.h" +#include "spi_flash_chip_generic.h" +#include "memspi_host_driver.h" +#include "esp_flash.h" + +#include "esp_tee.h" +#include "esp_tee_memory_utils.h" +#include "esp_tee_intr.h" +#include "esp_tee_rv_utils.h" + +#include "esp_tee_flash.h" +#include "esp_tee_sec_storage.h" + +static __attribute__((unused)) const char *TAG = "esp_tee_sec_srv_iram"; + +/* ---------------------------------------------- Interrupts ------------------------------------------------- */ + +void _ss_esp_rom_route_intr_matrix(int cpu_no, uint32_t model_num, uint32_t intr_num) +{ + return esp_tee_route_intr_matrix(cpu_no, model_num, intr_num); +} + +void _ss_rv_utils_intr_enable(uint32_t intr_mask) +{ + rv_utils_tee_intr_enable(intr_mask); +} + +void _ss_rv_utils_intr_disable(uint32_t intr_mask) +{ + rv_utils_tee_intr_disable(intr_mask); +} + +void _ss_rv_utils_intr_set_priority(int rv_int_num, int priority) +{ + rv_utils_tee_intr_set_priority(rv_int_num, priority); +} + +void _ss_rv_utils_intr_set_type(int intr_num, enum intr_type type) +{ + rv_utils_tee_intr_set_type(intr_num, type); +} + +void _ss_rv_utils_intr_set_threshold(int priority_threshold) +{ + rv_utils_tee_intr_set_threshold(priority_threshold); +} + +void _ss_rv_utils_intr_edge_ack(uint32_t intr_num) +{ + rv_utils_tee_intr_edge_ack(intr_num); +} + +void _ss_rv_utils_intr_global_enable(void) +{ + rv_utils_tee_intr_global_enable(); +} + +/* ---------------------------------------------- eFuse ------------------------------------------------- */ + +uint32_t _ss_efuse_hal_chip_revision(void) +{ + return efuse_hal_chip_revision(); +} + +uint32_t _ss_efuse_hal_get_chip_ver_pkg(void) +{ + return efuse_hal_get_chip_ver_pkg(); +} + +bool _ss_efuse_hal_get_disable_wafer_version_major(void) +{ + return efuse_hal_get_disable_wafer_version_major(); +} + +/* ---------------------------------------------- RTC_WDT ------------------------------------------------- */ + +void _ss_wdt_hal_init(wdt_hal_context_t *hal, wdt_inst_t wdt_inst, uint32_t prescaler, bool enable_intr) +{ + wdt_hal_init(hal, wdt_inst, prescaler, enable_intr); +} + +void _ss_wdt_hal_deinit(wdt_hal_context_t *hal) +{ + wdt_hal_deinit(hal); +} + +/* ---------------------------------------------- Secure Storage ------------------------------------------------- */ + +esp_err_t _ss_esp_tee_sec_storage_get_signature(uint16_t slot_id, esp_tee_sec_storage_type_t key_type, uint8_t *hash, size_t hlen, esp_tee_sec_storage_sign_t *out_sign) +{ + bool valid_addr = ((esp_tee_ptr_in_ree((void *)hash) && esp_tee_ptr_in_ree((void *)out_sign)) & + (esp_tee_ptr_in_ree((void *)(hash + hlen)) && + esp_tee_ptr_in_ree((void *)((char *)out_sign + sizeof(esp_tee_sec_storage_sign_t))))); + + if (!valid_addr) { + return ESP_ERR_INVALID_ARG; + } + ESP_FAULT_ASSERT(valid_addr); + + return esp_tee_sec_storage_get_signature(slot_id, key_type, hash, hlen, out_sign); +} + +esp_err_t _ss_esp_tee_sec_storage_get_pubkey(uint16_t slot_id, esp_tee_sec_storage_type_t key_type, esp_tee_sec_storage_pubkey_t *pubkey) +{ + bool valid_addr = ((esp_tee_ptr_in_ree((void *)pubkey)) & + (esp_tee_ptr_in_ree((void *)((char *)pubkey + sizeof(esp_tee_sec_storage_pubkey_t))))); + + if (!valid_addr) { + return ESP_ERR_INVALID_ARG; + } + ESP_FAULT_ASSERT(valid_addr); + + return esp_tee_sec_storage_get_pubkey(slot_id, key_type, pubkey); +} + +esp_err_t _ss_esp_tee_sec_storage_encrypt(uint16_t slot_id, uint8_t *input, uint8_t len, uint8_t *aad, + uint16_t aad_len, uint8_t *tag, uint16_t tag_len, uint8_t *output) +{ + bool valid_addr = (esp_tee_ptr_in_ree((void *)input) && + esp_tee_ptr_in_ree((void *)tag) && + esp_tee_ptr_in_ree((void *)output)); + + valid_addr &= (esp_tee_ptr_in_ree((void *)(input + len)) && + esp_tee_ptr_in_ree((void *)(tag + tag_len)) && + esp_tee_ptr_in_ree((void *)(output + len))); + + if (aad) { + valid_addr &= (esp_tee_ptr_in_ree((void *)aad) && esp_tee_ptr_in_ree((void *)(aad + aad_len))); + } + + if (!valid_addr) { + return ESP_ERR_INVALID_ARG; + } + ESP_FAULT_ASSERT(valid_addr); + + return esp_tee_sec_storage_encrypt(slot_id, input, len, aad, aad_len, tag, tag_len, output); +} + +esp_err_t _ss_esp_tee_sec_storage_decrypt(uint16_t slot_id, uint8_t *input, uint8_t len, uint8_t *aad, + uint16_t aad_len, uint8_t *tag, uint16_t tag_len, uint8_t *output) +{ + bool valid_addr = (esp_tee_ptr_in_ree((void *)input) && + esp_tee_ptr_in_ree((void *)tag) && + esp_tee_ptr_in_ree((void *)output)); + + valid_addr &= (esp_tee_ptr_in_ree((void *)(input + len)) && + esp_tee_ptr_in_ree((void *)(tag + tag_len)) && + esp_tee_ptr_in_ree((void *)(output + len))); + + if (aad) { + valid_addr &= (esp_tee_ptr_in_ree((void *)aad) && esp_tee_ptr_in_ree((void *)(aad + aad_len))); + } + + if (!valid_addr) { + return ESP_ERR_INVALID_ARG; + } + ESP_FAULT_ASSERT(valid_addr); + + return esp_tee_sec_storage_decrypt(slot_id, input, len, aad, aad_len, tag, tag_len, output); +} + +/* ---------------------------------------------- MMU HAL ------------------------------------------------- */ + +void _ss_mmu_hal_map_region(uint32_t mmu_id, mmu_target_t mem_type, uint32_t vaddr, + uint32_t paddr, uint32_t len, uint32_t *out_len) +{ + bool vaddr_chk = esp_tee_flash_check_vaddr_in_tee_region(vaddr); + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(paddr); + if (vaddr_chk || paddr_chk) { + return; + } + ESP_FAULT_ASSERT(!vaddr_chk && !paddr_chk); + + mmu_hal_map_region(mmu_id, mem_type, vaddr, paddr, len, out_len); +} + +void _ss_mmu_hal_unmap_region(uint32_t mmu_id, uint32_t vaddr, uint32_t len) +{ + bool vaddr_chk = esp_tee_flash_check_vaddr_in_tee_region(vaddr); + if (vaddr_chk) { + return; + } + ESP_FAULT_ASSERT(!vaddr_chk); + + mmu_hal_unmap_region(mmu_id, vaddr, len); +} + +bool _ss_mmu_hal_vaddr_to_paddr(uint32_t mmu_id, uint32_t vaddr, uint32_t *out_paddr, mmu_target_t *out_target) +{ + bool vaddr_chk = esp_tee_flash_check_vaddr_in_tee_region(vaddr); + if (vaddr_chk) { + return false; + } + ESP_FAULT_ASSERT(!vaddr_chk); + return mmu_hal_vaddr_to_paddr(mmu_id, vaddr, out_paddr, out_target); +} + +bool _ss_mmu_hal_paddr_to_vaddr(uint32_t mmu_id, uint32_t paddr, mmu_target_t target, mmu_vaddr_t type, uint32_t *out_vaddr) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(paddr); + if (paddr_chk) { + return false; + } + ESP_FAULT_ASSERT(!paddr_chk); + return mmu_hal_paddr_to_vaddr(mmu_id, paddr, target, type, out_vaddr); +} + +#if CONFIG_SECURE_TEE_EXT_FLASH_MEMPROT_SPI1 +/* ---------------------------------------------- SPI Flash HAL ------------------------------------------------- */ + +uint32_t _ss_spi_flash_hal_check_status(spi_flash_host_inst_t *host) +{ + return spi_flash_hal_check_status(host); +} + +esp_err_t _ss_spi_flash_hal_common_command(spi_flash_host_inst_t *host, spi_flash_trans_t *trans) +{ + return spi_flash_hal_common_command(host, trans); +} + +esp_err_t _ss_spi_flash_hal_device_config(spi_flash_host_inst_t *host) +{ + return spi_flash_hal_device_config(host); +} + +void _ss_spi_flash_hal_erase_block(spi_flash_host_inst_t *host, uint32_t start_address) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(start_address); + if (paddr_chk) { + ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, start_address); + return; + } + ESP_FAULT_ASSERT(!paddr_chk); + spi_flash_hal_erase_block(host, start_address); +} + +void _ss_spi_flash_hal_erase_chip(spi_flash_host_inst_t *host) +{ + spi_flash_hal_erase_chip(host); +} + +void _ss_spi_flash_hal_erase_sector(spi_flash_host_inst_t *host, uint32_t start_address) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(start_address); + if (paddr_chk) { + ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, start_address); + return; + } + ESP_FAULT_ASSERT(!paddr_chk); + spi_flash_hal_erase_sector(host, start_address); +} + +void _ss_spi_flash_hal_program_page(spi_flash_host_inst_t *host, const void *buffer, uint32_t address, uint32_t length) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(address); + if (paddr_chk) { + ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, address); + return; + } + + bool buf_addr_chk = ((esp_tee_ptr_in_ree((void *)buffer) && esp_tee_ptr_in_ree((void *)(buffer + length)))); + if (!buf_addr_chk) { + return; + } + + ESP_FAULT_ASSERT(!paddr_chk && buf_addr_chk); + spi_flash_hal_program_page(host, buffer, address, length); +} + +esp_err_t _ss_spi_flash_hal_read(spi_flash_host_inst_t *host, void *buffer, uint32_t address, uint32_t read_len) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(address); + if (paddr_chk) { + ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, address); + return ESP_FAIL; + } + + bool buf_addr_chk = ((esp_tee_ptr_in_ree((void *)buffer) && esp_tee_ptr_in_ree((void *)(buffer + read_len)))); + if (!buf_addr_chk) { + return ESP_FAIL; + } + + ESP_FAULT_ASSERT(!paddr_chk && buf_addr_chk); + return spi_flash_hal_read(host, buffer, address, read_len); +} + +void _ss_spi_flash_hal_resume(spi_flash_host_inst_t *host) +{ + spi_flash_hal_resume(host); +} + +esp_err_t _ss_spi_flash_hal_set_write_protect(spi_flash_host_inst_t *host, bool wp) +{ + return spi_flash_hal_set_write_protect(host, wp); +} + +esp_err_t _ss_spi_flash_hal_setup_read_suspend(spi_flash_host_inst_t *host, const spi_flash_sus_cmd_conf *sus_conf) +{ + return spi_flash_hal_setup_read_suspend(host, sus_conf); +} + +bool _ss_spi_flash_hal_supports_direct_read(spi_flash_host_inst_t *host, const void *p) +{ + return spi_flash_hal_supports_direct_read(host, p); +} + +bool _ss_spi_flash_hal_supports_direct_write(spi_flash_host_inst_t *host, const void *p) +{ + return spi_flash_hal_supports_direct_write(host, p); +} + +void _ss_spi_flash_hal_suspend(spi_flash_host_inst_t *host) +{ + spi_flash_hal_suspend(host); +} + +/* ---------------------------------------------- SPI Flash Extras ------------------------------------------------- */ + +extern uint32_t bootloader_flash_execute_command_common(uint8_t command, uint32_t addr_len, uint32_t address, + uint8_t dummy_len, uint8_t mosi_len, uint32_t mosi_data, + uint8_t miso_len); + +uint32_t _ss_bootloader_flash_execute_command_common( + uint8_t command, + uint32_t addr_len, uint32_t address, + uint8_t dummy_len, + uint8_t mosi_len, uint32_t mosi_data, + uint8_t miso_len) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(address); + if (paddr_chk) { + ESP_LOGD(TAG, "[%s] Illegal flash access at 0x%08x", __func__, address); + return ESP_FAIL; + } + ESP_FAULT_ASSERT(!paddr_chk); + return bootloader_flash_execute_command_common(command, addr_len, address, dummy_len, + mosi_len, mosi_data, miso_len); +} + +esp_err_t _ss_memspi_host_flush_cache(spi_flash_host_inst_t *host, uint32_t addr, uint32_t size) +{ + bool paddr_chk = esp_tee_flash_check_paddr_in_tee_region(addr); + if (paddr_chk) { + return ESP_FAIL; + } + ESP_FAULT_ASSERT(!paddr_chk); + return memspi_host_flush_cache(host, addr, size); +} + +esp_err_t _ss_spi_flash_chip_generic_config_host_io_mode(esp_flash_t *chip, uint32_t flags) +{ + return spi_flash_chip_generic_config_host_io_mode(chip, flags); +} +#endif diff --git a/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in b/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in index d9efea5591..e6717b2b52 100644 --- a/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in +++ b/components/esp_tee/subproject/main/ld/esp32c6/esp_tee.ld.in @@ -106,7 +106,7 @@ SECTIONS *libtee_flash_mgr.a:*(.rodata .srodata .rodata.* .srodata.*) *libbootloader_support.a:bootloader_flash.*(.rodata .srodata .rodata.* .srodata.*) /* Secure services */ - *libmain.a:esp_secure_services.c.*(.rodata .srodata .rodata.* .srodata.*) + *libmain.a:esp_secure_services_iram.c.*(.rodata .srodata .rodata.* .srodata.*) *libmain.a:esp_secure_dispatcher.c.*(.rodata .srodata .rodata.* .srodata.*) /* Panic handler */ *libmain.a:panic_helper_riscv.*(.rodata .srodata .rodata.* .srodata.*) @@ -192,6 +192,8 @@ SECTIONS .flash.text : { _tee_xip_text_start = ABSOLUTE(.); + /* Secure Services */ + *libmain.a:esp_secure_services.c*(.literal .text .literal.* .text.*) /* HAL */ *libhal.a:aes_hal.c*(.literal .text .literal.* .text.*) *libhal.a:sha_hal.c*(.literal .text .literal.* .text.*)