Code Review / openocd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 1bce8d3)
flash/stm32l4x: introduce 'stm32l4x trustzone [enable|disable]' command 42/5542/19
authorTarek BOCHKATI <tarek.bouchkati@gmail.com>
Wed, 25 Mar 2020 21:47:08 +0000 (22:47 +0100)
committerOleksij Rempel <linux@rempel-privat.de>
Thu, 26 Aug 2021 06:17:12 +0000 (06:17 +0000)
this command will help to enable/disable or display the TrustZone security,
using the TZEN option bit.

Note: This command works only with devices with TrustZone, eg. STM32L5.
Note: This command will perform an OBL_Launch after modifying the TZEN.

Change-Id: I4aef15bf57d09c1658d37858143d23b1d43de1f0
Signed-off-by: Tarek BOCHKATI <tarek.bouchkati@gmail.com>
Reviewed-on: https://review.openocd.org/c/openocd/+/5542
Tested-by: jenkins
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>
Reviewed-by: Oleksij Rempel <linux@rempel-privat.de>
doc/openocd.texi patch | blob | history
src/flash/nor/stm32l4x.c patch | blob | history

diff --git a/doc/openocd.texi b/doc/openocd.texi
index 340e6b65b025a05a77487ff6c011a6e6d3f5a14a..33812499ac4dbff6cbbb4e0234469468ae5ee297 100644 (file)
--- a/doc/openocd.texi
+++ b/doc/openocd.texi
@@ -7400,6 +7400,14 @@ write protected areas in a specific @var{device_bank}
 Forces a re-load of the option byte registers. Will cause a system reset of the device.
 The @var{num} parameter is a value shown by @command{flash banks}.
 @end deffn
+
+@deffn Command {stm32l4x trustzone} num [@option{enable} | @option{disable}]
+Enables or disables Global TrustZone Security, using the TZEN option bit.
+If neither @option{enabled} nor @option{disable} are specified, the command will display
+the TrustZone status.
+@emph{Note:} This command works only with devices with TrustZone, eg. STM32L5.
+@emph{Note:} This command will perform an OBL_Launch after modifying the TZEN.
+@end deffn
 @end deffn
 
 @deffn {Flash Driver} {str7x}
diff --git a/src/flash/nor/stm32l4x.c b/src/flash/nor/stm32l4x.c
index 5287ff6b3a9b29378b63b7d9f76c444e8eb0b55b..6370d17becca58f0d19c26feaabe96ea01628a31 100644 (file)
--- a/src/flash/nor/stm32l4x.c
+++ b/src/flash/nor/stm32l4x.c
@@ -791,6 +791,42 @@ static int stm32l4_unlock_option_reg(struct flash_bank *bank)
        return ERROR_OK;
 }
 
+static int stm32l4_perform_obl_launch(struct flash_bank *bank)
+{
+       int retval, retval2;
+
+       retval = stm32l4_unlock_reg(bank);
+       if (retval != ERROR_OK)
+               goto err_lock;
+
+       retval = stm32l4_unlock_option_reg(bank);
+       if (retval != ERROR_OK)
+               goto err_lock;
+
+       /* Set OBL_LAUNCH bit in CR -> system reset and option bytes reload,
+        * but the RMs explicitly do *NOT* list this as power-on reset cause, and:
+        * "Note: If the read protection is set while the debugger is still
+        * connected through JTAG/SWD, apply a POR (power-on reset) instead of a system reset."
+        */
+
+       /* "Setting OBL_LAUNCH generates a reset so the option byte loading is performed under system reset" */
+       /* Due to this reset ST-Link reports an SWD_DP_ERROR, despite the write was successful,
+        * then just ignore the returned value */
+       stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_OBL_LAUNCH);
+
+       /* Need to re-probe after change */
+       struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv;
+       stm32l4_info->probed = false;
+
+err_lock:
+       retval2 = stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_LOCK | FLASH_OPTLOCK);
+
+       if (retval != ERROR_OK)
+               return retval;
+
+       return retval2;
+}
+
 static int stm32l4_write_option(struct flash_bank *bank, uint32_t reg_offset,
        uint32_t value, uint32_t mask)
 {
@@ -1775,9 +1811,9 @@ COMMAND_HANDLER(stm32l4_handle_option_write_command)
        return retval;
 }
 
-COMMAND_HANDLER(stm32l4_handle_option_load_command)
+COMMAND_HANDLER(stm32l4_handle_trustzone_command)
 {
-       if (CMD_ARGC != 1)
+       if (CMD_ARGC < 1 || CMD_ARGC > 2)
                return ERROR_COMMAND_SYNTAX_ERROR;
 
        struct flash_bank *bank;
@@ -1785,28 +1821,78 @@ COMMAND_HANDLER(stm32l4_handle_option_load_command)
        if (retval != ERROR_OK)
                return retval;
 
-       retval = stm32l4_unlock_reg(bank);
+       struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv;
+       if (!(stm32l4_info->part_info->flags & F_HAS_TZ)) {
+               LOG_ERROR("This device does not have a TrustZone");
+               return ERROR_FAIL;
+       }
+
+       uint32_t optr;
+       retval = stm32l4_read_flash_reg_by_index(bank, STM32_FLASH_OPTR_INDEX, &optr);
        if (retval != ERROR_OK)
                return retval;
 
-       retval = stm32l4_unlock_option_reg(bank);
+       stm32l4_sync_rdp_tzen(bank, optr);
+
+       if (CMD_ARGC == 1) {
+               /* only display the TZEN value */
+               LOG_INFO("Global TrustZone Security is %s", stm32l4_info->tzen ? "enabled" : "disabled");
+               return ERROR_OK;
+       }
+
+       bool new_tzen;
+       COMMAND_PARSE_ENABLE(CMD_ARGV[1], new_tzen);
+
+       if (new_tzen == stm32l4_info->tzen) {
+               LOG_INFO("The requested TZEN is already programmed");
+               return ERROR_OK;
+       }
+
+       if (new_tzen) {
+               if (stm32l4_info->rdp != RDP_LEVEL_0) {
+                       LOG_ERROR("TZEN can be set only when RDP level is 0");
+                       return ERROR_FAIL;
+               }
+               retval = stm32l4_write_option(bank, stm32l4_info->flash_regs[STM32_FLASH_OPTR_INDEX],
+                               FLASH_TZEN, FLASH_TZEN);
+       } else {
+               /* Deactivation of TZEN (from 1 to 0) is only possible when the RDP is
+                * changing to level 0 (from level 1 to level 0 or from level 0.5 to level 0). */
+               if (stm32l4_info->rdp != RDP_LEVEL_1 && stm32l4_info->rdp != RDP_LEVEL_0_5) {
+                       LOG_ERROR("Deactivation of TZEN is only possible when the RDP is changing to level 0");
+                       return ERROR_FAIL;
+               }
+
+               retval = stm32l4_write_option(bank, stm32l4_info->flash_regs[STM32_FLASH_OPTR_INDEX],
+                               RDP_LEVEL_0, FLASH_RDP_MASK | FLASH_TZEN);
+       }
+
        if (retval != ERROR_OK)
                return retval;
 
-       /* Set OBL_LAUNCH bit in CR -> system reset and option bytes reload,
-        * but the RMs explicitly do *NOT* list this as power-on reset cause, and:
-        * "Note: If the read protection is set while the debugger is still
-        * connected through JTAG/SWD, apply a POR (power-on reset) instead of a system reset."
-        */
-       retval = stm32l4_write_flash_reg_by_index(bank, STM32_FLASH_CR_INDEX, FLASH_OBL_LAUNCH);
+       return stm32l4_perform_obl_launch(bank);
+}
 
-       command_print(CMD, "stm32l4x option load completed. Power-on reset might be required");
+COMMAND_HANDLER(stm32l4_handle_option_load_command)
+{
+       if (CMD_ARGC != 1)
+               return ERROR_COMMAND_SYNTAX_ERROR;
 
-       /* Need to re-probe after change */
-       struct stm32l4_flash_bank *stm32l4_info = bank->driver_priv;
-       stm32l4_info->probed = false;
+       struct flash_bank *bank;
+       int retval = CALL_COMMAND_HANDLER(flash_command_get_bank, 0, &bank);
+       if (retval != ERROR_OK)
+               return retval;
 
-       return retval;
+       retval = stm32l4_perform_obl_launch(bank);
+       if (retval != ERROR_OK) {
+               command_print(CMD, "stm32l4x option load failed");
+               return retval;
+       }
+
+
+       command_print(CMD, "stm32l4x option load completed. Power-on reset might be required");
+
+       return ERROR_OK;
 }
 
 COMMAND_HANDLER(stm32l4_handle_lock_command)
@@ -2013,6 +2099,13 @@ static const struct command_registration stm32l4_exec_command_handlers[] = {
                .usage = "bank_id reg_offset value mask",
                .help = "Write device option bit fields with provided value.",
        },
+       {
+               .name = "trustzone",
+               .handler = stm32l4_handle_trustzone_command,
+               .mode = COMMAND_EXEC,
+               .usage = "<bank_id> [enable|disable]",
+               .help = "Configure TrustZone security",
+       },
        {
                .name = "wrp_info",
                .handler = stm32l4_handle_wrp_info_command,
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)