From c9124db822b401846f15b69075efb6fe6a6bfa73 Mon Sep 17 00:00:00 2001 From: Kristine Jassmann Date: Tue, 10 Nov 2020 15:04:07 +0000 Subject: [PATCH] Implement stack sealing for TrustZone context: https://developer.arm.com/documentation/100720/0300 --- CMSIS/Core/Template/ARMv8-M/tz_context.c | 9 ++++++++- .../RTX/Examples/TrustZoneV8M/RTOS/CM33_s/tz_context.c | 9 ++++++++- .../TrustZoneV8M/RTOS_Faults/CM33_s/tz_context.c | 9 ++++++++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/CMSIS/Core/Template/ARMv8-M/tz_context.c b/CMSIS/Core/Template/ARMv8-M/tz_context.c index e2e82942f8..b43f402778 100644 --- a/CMSIS/Core/Template/ARMv8-M/tz_context.c +++ b/CMSIS/Core/Template/ARMv8-M/tz_context.c @@ -36,6 +36,10 @@ #define TZ_PROCESS_STACK_SIZE 256U #endif +#define TZ_PROCESS_STACK_SEAL_SIZE 8U + +#define TZ_PROCESS_STACK_SEAL_VALUE 0xFEF5EDA5FEF5EDA5UL + typedef struct { uint32_t sp_top; // stack space top uint32_t sp_limit; // stack space limit @@ -43,7 +47,7 @@ typedef struct { } stack_info_t; static stack_info_t ProcessStackInfo [TZ_PROCESS_STACK_SLOTS]; -static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][TZ_PROCESS_STACK_SIZE/8U]; +static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][(TZ_PROCESS_STACK_SIZE + TZ_PROCESS_STACK_SEAL_SIZE)/8U]; static uint32_t ProcessStackFreeSlot = 0xFFFFFFFFU; @@ -62,6 +66,9 @@ uint32_t TZ_InitContextSystem_S (void) { ProcessStackInfo[n].sp_limit = (uint32_t)&ProcessStackMemory[n]; ProcessStackInfo[n].sp_top = (uint32_t)&ProcessStackMemory[n] + TZ_PROCESS_STACK_SIZE; *((uint32_t *)ProcessStackMemory[n]) = n + 1U; + + /* Seal each process stack. */ + ProcessStackMemory[n][TZ_PROCESS_STACK_SIZE/8U] = TZ_PROCESS_STACK_SEAL_VALUE; } *((uint32_t *)ProcessStackMemory[--n]) = 0xFFFFFFFFU; diff --git a/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS/CM33_s/tz_context.c b/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS/CM33_s/tz_context.c index f315289097..eaea165301 100644 --- a/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS/CM33_s/tz_context.c +++ b/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS/CM33_s/tz_context.c @@ -39,6 +39,10 @@ #define TZ_PROCESS_STACK_SIZE 256U #endif +#define TZ_PROCESS_STACK_SEAL_SIZE 8U + +#define TZ_PROCESS_STACK_SEAL_VALUE 0xFEF5EDA5FEF5EDA5UL + typedef struct { uint32_t sp_top; // stack space top uint32_t sp_limit; // stack space limit @@ -46,7 +50,7 @@ typedef struct { } stack_info_t; static stack_info_t ProcessStackInfo [TZ_PROCESS_STACK_SLOTS]; -static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][TZ_PROCESS_STACK_SIZE/8U]; +static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][(TZ_PROCESS_STACK_SIZE + TZ_PROCESS_STACK_SEAL_SIZE)/8U]; static uint32_t ProcessStackFreeSlot = 0xFFFFFFFFU; @@ -65,6 +69,9 @@ uint32_t TZ_InitContextSystem_S (void) { ProcessStackInfo[n].sp_limit = (uint32_t)&ProcessStackMemory[n]; ProcessStackInfo[n].sp_top = (uint32_t)&ProcessStackMemory[n] + TZ_PROCESS_STACK_SIZE; *((uint32_t *)ProcessStackMemory[n]) = n + 1U; + + /* Seal each process stack. */ + ProcessStackMemory[n][TZ_PROCESS_STACK_SIZE/8U] = TZ_PROCESS_STACK_SEAL_VALUE; } *((uint32_t *)ProcessStackMemory[--n]) = 0xFFFFFFFFU; diff --git a/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS_Faults/CM33_s/tz_context.c b/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS_Faults/CM33_s/tz_context.c index f315289097..eaea165301 100644 --- a/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS_Faults/CM33_s/tz_context.c +++ b/CMSIS/RTOS2/RTX/Examples/TrustZoneV8M/RTOS_Faults/CM33_s/tz_context.c @@ -39,6 +39,10 @@ #define TZ_PROCESS_STACK_SIZE 256U #endif +#define TZ_PROCESS_STACK_SEAL_SIZE 8U + +#define TZ_PROCESS_STACK_SEAL_VALUE 0xFEF5EDA5FEF5EDA5UL + typedef struct { uint32_t sp_top; // stack space top uint32_t sp_limit; // stack space limit @@ -46,7 +50,7 @@ typedef struct { } stack_info_t; static stack_info_t ProcessStackInfo [TZ_PROCESS_STACK_SLOTS]; -static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][TZ_PROCESS_STACK_SIZE/8U]; +static uint64_t ProcessStackMemory[TZ_PROCESS_STACK_SLOTS][(TZ_PROCESS_STACK_SIZE + TZ_PROCESS_STACK_SEAL_SIZE)/8U]; static uint32_t ProcessStackFreeSlot = 0xFFFFFFFFU; @@ -65,6 +69,9 @@ uint32_t TZ_InitContextSystem_S (void) { ProcessStackInfo[n].sp_limit = (uint32_t)&ProcessStackMemory[n]; ProcessStackInfo[n].sp_top = (uint32_t)&ProcessStackMemory[n] + TZ_PROCESS_STACK_SIZE; *((uint32_t *)ProcessStackMemory[n]) = n + 1U; + + /* Seal each process stack. */ + ProcessStackMemory[n][TZ_PROCESS_STACK_SIZE/8U] = TZ_PROCESS_STACK_SEAL_VALUE; } *((uint32_t *)ProcessStackMemory[--n]) = 0xFFFFFFFFU;