diff --git a/config/config_default.cmake b/config/config_default.cmake index 6fb4f24ff..8c4d9a778 100755 --- a/config/config_default.cmake +++ b/config/config_default.cmake @@ -61,7 +61,7 @@ set(CONFIG_TFM_LAZY_STACKING OFF CACHE BOOL "Enable/disa set(CONFIG_TFM_DOORBELL_API ON CACHE BOOL "Enable the doorbell APIs") -set(CONFIG_TFM_LOG_SHARE_UART OFF CACHE BOOL "Allow TF-M and the non-secure application to share the UART instance. TF-M will use ut during its boot, after which the non-secure application will use it until an eventual fatal error is handled and logged by TF-M. Logging from TF-M will therefore otherwise be suppressed") +set(CONFIG_TFM_LOG_SHARE_UART OFF CACHE BOOL "Allow TF-M and the non-secure application to share the UART instance. TF-M will use it while it is booting, after which the non-secure application will use it until an eventual fatal error is handled and logged by TF-M. Logging from TF-M will therefore otherwise be suppressed") ############################ Platform ########################################## set(TFM_MULTI_CORE_TOPOLOGY OFF CACHE BOOL "Whether to build for a dual-cpu architecture") diff --git a/platform/ext/target/nordic_nrf/common/core/CMakeLists.txt b/platform/ext/target/nordic_nrf/common/core/CMakeLists.txt index 1f2a36e70..f5fb94e50 100644 --- a/platform/ext/target/nordic_nrf/common/core/CMakeLists.txt +++ b/platform/ext/target/nordic_nrf/common/core/CMakeLists.txt @@ -109,6 +109,11 @@ if(TFM_SPM_LOG_RAW_ENABLED) cmsis_drivers/Driver_USART.c ${HAL_NORDIC_PATH}/nrfx/drivers/src/nrfx_uarte.c ) + + target_compile_definitions(platform_s + PUBLIC + NRF_SECURE_UART_INSTANCE=${NRF_SECURE_UART_INSTANCE} + ) endif() target_compile_options(platform_s diff --git a/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c b/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c index 78e3da4d0..0e5b7ddee 100644 --- a/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c +++ b/platform/ext/target/nordic_nrf/common/core/cmsis_drivers/Driver_USART.c @@ -22,6 +22,11 @@ #include #include +#if !(DOMAIN_NS == 1U) && defined(CONFIG_TFM_LOG_SHARE_UART) +#define SPU_CONFIGURE_UART +#include +#endif + #ifndef ARG_UNUSED #define ARG_UNUSED(arg) (void)arg #endif @@ -64,6 +69,11 @@ static int32_t ARM_USARTx_Initialize(ARM_USART_SignalEvent_t cb_event, { ARG_UNUSED(cb_event); +#ifdef SPU_CONFIGURE_UART + spu_peripheral_config_secure((uint32_t)uart_resources->uarte.p_reg, false); + NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET((uint32_t)uart_resources->uarte.p_reg)); +#endif + nrfx_err_t err_code = nrfx_uarte_init(&uart_resources->uarte, uart_resources->initial_config, NULL); @@ -85,6 +95,12 @@ static int32_t ARM_USARTx_Uninitialize(UARTx_Resources *uart_resources) nrfx_uarte_uninit(&uart_resources->uarte); uart_resources->initialized = false; + +#ifdef SPU_CONFIGURE_UART + spu_peripheral_config_non_secure((uint32_t)uart_resources->uarte.p_reg, false); + NVIC_SetTargetState(NRFX_IRQ_NUMBER_GET((uint32_t)uart_resources->uarte.p_reg)); +#endif + return ARM_DRIVER_OK; } diff --git a/platform/ext/target/nordic_nrf/common/core/config.cmake b/platform/ext/target/nordic_nrf/common/core/config.cmake index 1becea4ec..f37f2c569 100644 --- a/platform/ext/target/nordic_nrf/common/core/config.cmake +++ b/platform/ext/target/nordic_nrf/common/core/config.cmake @@ -27,3 +27,5 @@ set(NRF_HW_INIT_NRF_PERIPHERALS OFF CACHE BOOL "Initialize nRF peripherals at bo if (NRF_HW_INIT_NRF_PERIPHERALS AND NOT NRF_HW_INIT_RESET_ON_BOOT) message(FATAL_ERROR "NRF_HW_INIT_PERIPHERALS_ON_BOOT depends on NRF_HW_INIT_RESET_ON_BOOT") endif() + +set(NRF_SECURE_UART_INSTANCE 1 CACHE STRING "The UART instance number to use for secure UART") diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c index 3817558b3..a9d4a2b10 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c +++ b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.c @@ -614,8 +614,13 @@ enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void) NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET(NRF_SPU)); #ifdef SECURE_UART1 +#if NRF_SECURE_UART_INSTANCE == 0 + /* UARTE0 is a secure peripheral, so its IRQ has to target S state */ + NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET(NRF_UARTE0)); +#elif NRF_SECURE_UART_INSTANCE == 1 /* UARTE1 is a secure peripheral, so its IRQ has to target S state */ NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET(NRF_UARTE1)); +#endif #endif return TFM_PLAT_ERR_SUCCESS; @@ -711,11 +716,19 @@ enum tfm_plat_err_t spu_periph_init_cfg(void) * - TWISx * - UARTEx */ + + /* When UART0 is a secure peripheral we need to leave Serial-Box 0 as Secure. + * The UART Driver will configure it as non-secure when it uninitializes. + */ +#if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 0) spu_peripheral_config_non_secure((uint32_t)NRF_SPIM0, false); -#ifndef SECURE_UART1 - /* UART1 is a secure peripheral, so we need to leave Serial-Box 1 as Secure */ +#endif + + /* When UART1 is a secure peripheral we need to leave Serial-Box 1 as Secure */ +#if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 1) spu_peripheral_config_non_secure((uint32_t)NRF_SPIM1, false); #endif + spu_peripheral_config_non_secure((uint32_t)NRF_SPIM4, false); spu_peripheral_config_non_secure((uint32_t)NRF_SPIM2, false); spu_peripheral_config_non_secure((uint32_t)NRF_SPIM3, false); diff --git a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h index f590bb4e6..52d42173b 100644 --- a/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h +++ b/platform/ext/target/nordic_nrf/common/nrf5340/target_cfg.h @@ -34,7 +34,11 @@ #include "tfm_plat_defs.h" +#if NRF_SECURE_UART_INSTANCE == 0 +#define TFM_DRIVER_STDIO Driver_USART0 +#elif NRF_SECURE_UART_INSTANCE == 1 #define TFM_DRIVER_STDIO Driver_USART1 +#endif #define NS_DRIVER_STDIO Driver_USART0 /** diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c index 90f65e033..0d536fb04 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c +++ b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.c @@ -489,8 +489,13 @@ enum tfm_plat_err_t nvic_interrupt_target_state_cfg(void) NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET(NRF_SPU)); #ifdef SECURE_UART1 +#if NRF_SECURE_UART_INSTANCE == 0 + /* UARTE0 is a secure peripheral, so its IRQ has to target S state */ + NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET(NRF_UARTE0)); +#elif NRF_SECURE_UART_INSTANCE == 1 /* UARTE1 is a secure peripheral, so its IRQ has to target S state */ NVIC_ClearTargetState(NRFX_IRQ_NUMBER_GET(NRF_UARTE1)); +#endif #endif return TFM_PLAT_ERR_SUCCESS; @@ -580,11 +585,19 @@ enum tfm_plat_err_t spu_periph_init_cfg(void) * - TWISx * - UARTEx */ + + /* When UART0 is a secure peripheral we need to leave Serial-Box 0 as Secure. + * The UART Driver will configure it as non-secure when it uninitializes. + */ +#if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 0) spu_peripheral_config_non_secure((uint32_t)NRF_SPIM0, false); -#ifndef SECURE_UART1 - /* UART1 is a secure peripheral, so we need to leave Serial-Box 1 as Secure */ +#endif + + /* When UART0 is a secure peripheral we need to leave Serial-Box 1 as Secure. */ +#if !(defined(SECURE_UART1) && NRF_SECURE_UART_INSTANCE == 1) spu_peripheral_config_non_secure((uint32_t)NRF_SPIM1, false); #endif + spu_peripheral_config_non_secure((uint32_t)NRF_SPIM2, false); spu_peripheral_config_non_secure((uint32_t)NRF_SPIM3, false); spu_peripheral_config_non_secure((uint32_t)NRF_SAADC, false); diff --git a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h index c8a83359e..003bc3136 100644 --- a/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h +++ b/platform/ext/target/nordic_nrf/common/nrf9160/target_cfg.h @@ -33,7 +33,11 @@ #include "tfm_plat_defs.h" +#if NRF_SECURE_UART_INSTANCE == 0 +#define TFM_DRIVER_STDIO Driver_USART0 +#elif NRF_SECURE_UART_INSTANCE == 1 #define TFM_DRIVER_STDIO Driver_USART1 +#endif #define NS_DRIVER_STDIO Driver_USART0 /** diff --git a/platform/ext/target/nordic_nrf/nrf5340dk_nrf5340_cpuapp/tfm_peripherals_config.h b/platform/ext/target/nordic_nrf/nrf5340dk_nrf5340_cpuapp/tfm_peripherals_config.h index b56fe2df7..a5d3c8216 100644 --- a/platform/ext/target/nordic_nrf/nrf5340dk_nrf5340_cpuapp/tfm_peripherals_config.h +++ b/platform/ext/target/nordic_nrf/nrf5340dk_nrf5340_cpuapp/tfm_peripherals_config.h @@ -13,8 +13,12 @@ extern "C" { #endif #ifdef SECURE_UART1 +#if NRF_SECURE_UART_INSTANCE == 0 +#define TFM_PERIPHERAL_UARTE0_SECURE 1 +#elif NRF_SECURE_UART_INSTANCE == 1 #define TFM_PERIPHERAL_UARTE1_SECURE 1 #endif +#endif #if TEST_NS_SLIH_IRQ || TEST_NS_FLIH_IRQ #define TFM_PERIPHERAL_TIMER0_SECURE 1 diff --git a/platform/ext/target/nordic_nrf/nrf9160dk_nrf9160/tfm_peripherals_config.h b/platform/ext/target/nordic_nrf/nrf9160dk_nrf9160/tfm_peripherals_config.h index 190ea2797..3760e0050 100644 --- a/platform/ext/target/nordic_nrf/nrf9160dk_nrf9160/tfm_peripherals_config.h +++ b/platform/ext/target/nordic_nrf/nrf9160dk_nrf9160/tfm_peripherals_config.h @@ -13,8 +13,12 @@ extern "C" { #endif #ifdef SECURE_UART1 +#if NRF_SECURE_UART_INSTANCE == 0 +#define TFM_PERIPHERAL_UARTE0_SECURE 1 +#elif NRF_SECURE_UART_INSTANCE == 1 #define TFM_PERIPHERAL_UARTE1_SECURE 1 #endif +#endif #if TEST_NS_SLIH_IRQ || TEST_NS_FLIH_IRQ #define TFM_PERIPHERAL_TIMER0_SECURE 1