Merge pull request #664 from danielinux/m33mu-tests

Add new emulator 'm33mu' update tests

Author: mattia-moffa

.github/workflows/trustzone-emulator-tests.yml

@@ -0,0 +1,50 @@
+name: trustzone-emulator-tests
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  trustzone-emulator-tests:
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/danielinux/m33mu-ci:1.2
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Init submodules
+        run: |
+          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+          git submodule update --init --single-branch
+
+      - name: Configure stm32h5 (TZ) and build wolfboot
+        run: |
+          cp config/examples/stm32h5-tz.config .config
+          make wolfboot.bin
+
+      - name: Run emu test (stm32h5)
+        working-directory: test-app/emu-test-apps
+        run: |
+          ./test.sh
+
+      - name: Clean and build stm32u5 (TZ + wolfcrypt)
+        run: |
+          make clean distclean
+          cp config/examples/stm32u5-wolfcrypt-tz.config .config
+          make wolfboot.bin
+
+      - name: Run emu test (stm32u5)
+        working-directory: test-app/emu-test-apps
+        run: |
+          TARGET=stm32u5 ./test.sh
+
+      - name: Clean and build stm32l5 (TZ + wolfcrypt)
+        run: |
+          make clean distclean
+          cp config/examples/stm32l5-wolfcrypt-tz.config .config
+          make wolfboot.bin
+
+      - name: Run emu test (stm32u5)
+        working-directory: test-app/emu-test-apps
+        run: |
+          TARGET=stm32l5 ./test.sh

.gitignore

@@ -45,6 +45,7 @@
 *.idb
 *.pdb
 *.gdb
+*.log
 
 # automatically generated keys
 *.der
@@ -91,6 +92,9 @@ tools/delta/bmpatch
 # otp-keystore-gen binary
 tools/keytools/otp/otp-keystore-gen
 
+# test-server binary
+test-app/emu-test-apps/*/test-update-server
+
 # Vim swap files
 .*.swp
 
@@ -300,3 +304,6 @@ language.settings.xml
 
 # PolarFire SoC Device Tree Binary
 hal/mpfs.dtb
+
+# Emulator test: generated linker scripts
+test-app/emu-test-apps/*/target.ld

.gitmodules

@@ -12,4 +12,4 @@
 	url = https://github.com/wolfssl/wolfhsm.git
 [submodule "lib/wolfPSA"]
 	path = lib/wolfPSA
-	url = git@github.com:wolfSSL/wolfPSA.git
+	url = https://github.com/wolfSSL/wolfPSA.git

Makefile

@@ -340,6 +340,9 @@ hal/$(TARGET).o:
 
 keytools_check: keytools
 
+test-emu:
+	$(MAKE) -C test-app/emu-test-apps WOLFBOOT_ROOT="$(CURDIR)" test-emu
+
 # Generate the initial signing key (only if not using user-provided keys)
 # - Creates wolfboot_signing_private_key.der when USER_PRIVATE_KEY is not set
 # - If CERT_CHAIN_VERIFY is enabled and USER_CERT_CHAIN not provided, also generates cert chain with leaf key

config/examples/stm32u5-wolfcrypt-tz.config

@@ -18,15 +18,15 @@ V?=0
 SPMATH?=1
 RAM_CODE?=0
 DUALBANK_SWAP?=0
-WOLFBOOT_PARTITION_SIZE?=0x1F800
-WOLFBOOT_SECTOR_SIZE?=0x800
+WOLFBOOT_PARTITION_SIZE?=0x20000
+WOLFBOOT_SECTOR_SIZE?=0x2000
 WOLFBOOT_KEYVAULT_ADDRESS?=0x0C020000
 WOLFBOOT_KEYVAULT_SIZE?=0x18000
 WOLFBOOT_NSC_ADDRESS?=0x0C038000
 WOLFBOOT_NSC_SIZE?=0x8000
 WOLFBOOT_PARTITION_BOOT_ADDRESS?=0x08040000
-WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x805F800
-WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x0807F000
+WOLFBOOT_PARTITION_UPDATE_ADDRESS?=0x08060000
+WOLFBOOT_PARTITION_SWAP_ADDRESS?=0x08080000
 FLAGS_HOME=0
 DISABLE_BACKUP=0
 WOLFCRYPT_TZ=1

config/examples/stm32u5.config

@@ -21,7 +21,7 @@ SPMATH?=1
 RAM_CODE?=0
 DUALBANK_SWAP?=0
 WOLFBOOT_PARTITION_SIZE?=0x1F800
-WOLFBOOT_SECTOR_SIZE?=0x800
+WOLFBOOT_SECTOR_SIZE?=0x2000
 WOLFBOOT_KEYVAULT_ADDRESS?=0x0C020000
 WOLFBOOT_KEYVAULT_SIZE?=0x18000
 WOLFBOOT_NSC_ADDRESS?=0x0C038000

hal/stm32_tz.c

@@ -29,7 +29,7 @@
     #include "hal/stm32u5.h"
 #endif
 
-#ifdef TARGET_stm32h5
+#if defined(TARGET_stm32h5)
     #include "hal/stm32h5.h"
 #endif
 
@@ -225,6 +225,38 @@ void hal_gtzc_init(void)
     }
 }
 
+#elif defined(TARGET_stm32u5)
+
+#define GTZC_MPCBB1_S_BASE        (0x50032C00)
+#define GTZC_MPCBB1_S_VCTR_BASE   (GTZC_MPCBB1_S_BASE + 0x100)
+
+#define GTZC_MPCBB2_S_BASE        (0x50033000)
+#define GTZC_MPCBB2_S_VCTR_BASE   (GTZC_MPCBB2_S_BASE + 0x100)
+
+#define SET_GTZC_MPCBBx_S_VCTR(bank,n,val) \
+    (*((volatile uint32_t *)(GTZC_MPCBB##bank##_S_VCTR_BASE ) + n ))= val
+
+void hal_gtzc_init(void)
+{
+   int i;
+   /* One bit in the bitmask: 512B (STM32U5) */
+
+   /* Configure SRAM1 lower 128 KB as secure (0x20000000 - 0x2001FFFF). */
+   for (i = 0; i < 8; i++) {
+       SET_GTZC_MPCBBx_S_VCTR(1, i, 0xFFFFFFFF);
+   }
+
+   /* Configure SRAM1 upper 128 KB as non-secure (0x20020000 - 0x2003FFFF). */
+   for (i = 8; i < 16; i++) {
+       SET_GTZC_MPCBBx_S_VCTR(1, i, 0x0);
+   }
+
+   /* Configure SRAM2 as non-secure (0x20030000 - 0x2003FFFF). */
+   for (i = 0; i < 4; i++) {
+       SET_GTZC_MPCBBx_S_VCTR(2, i, 0x0);
+   }
+}
+
 #else
 
 #define GTZC_MPCBB1_S_BASE        (0x50032C00)

hal/stm32l5.c

@@ -25,7 +25,6 @@
 
 #include "hal.h"
 #include "hal/stm32l5.h"
-#include "printf.h"
 
 
 static void RAMFUNCTION flash_set_waitstates(unsigned int waitstates)
@@ -152,13 +151,6 @@ int RAMFUNCTION hal_flash_erase(uint32_t address, int len)
     uint32_t end_address;
     uint32_t p;
 
-    if (address < WOLFBOOT_PARTITION_BOOT_ADDRESS) {
-        wolfBoot_printf("hal_flash_erase: addr=0x%08x len=%d (below boot)\n",
-            address, len);
-    } else {
-        wolfBoot_printf("hal_flash_erase: addr=0x%08x len=%d\n", address, len);
-    }
-
     hal_flash_clear_errors(0);
     if (len == 0)
         return -1;

hal/stm32u5.c

@@ -489,6 +489,35 @@ static void led_unsecure()
 #endif
 }
 
+#if TZ_SECURE()
+#define TZSC1_BASE 0x50032400u
+#define TZSC_SECCFGR1 (*(volatile uint32_t *)(TZSC1_BASE + 0x10u))
+#define TZSC_SECCFGR1_USART3SEC (1u << 10)
+
+static void periph_unsecure(void)
+{
+    volatile uint32_t reg;
+
+    /* Enable clock for GPIO D (USART3 pins PD8/PD9) */
+    RCC_AHB2ENR1_CLOCK_ER |= GPIOD_AHB2ENR1_CLOCK_ER;
+
+    /* Enable clock for USART3 */
+    RCC_APB1ENR |= (1u << 18);
+
+    /* Unsecure USART3 pins (PD8 TX, PD9 RX) */
+    GPIOD_SECCFGR &= ~(1u << 8);
+    GPIOD_SECCFGR &= ~(1u << 9);
+
+    /* Unsecure USART3 peripheral in GTZC TZSC */
+    reg = TZSC_SECCFGR1;
+    if (reg & TZSC_SECCFGR1_USART3SEC) {
+        reg &= ~TZSC_SECCFGR1_USART3SEC;
+        DMB();
+        TZSC_SECCFGR1 = reg;
+    }
+}
+#endif
+
 #if defined(DUALBANK_SWAP) && defined(__WOLFBOOT)
 static uint8_t bootloader_copy_mem[BOOTLOADER_SIZE];
 static void RAMFUNCTION fork_bootloader(void)
@@ -530,6 +559,7 @@ void hal_prepare_boot(void)
     clock_pll_off();
 #endif
 #if TZ_SECURE()
+    periph_unsecure();
     led_unsecure();
 #endif
 }

hal/stm32u5.h

@@ -119,6 +119,8 @@
 
 #define RCC_AHB3ENR             (*(volatile uint32_t *)(RCC_BASE + 0x94)) /* RM0456 - Table 108 */
 #define RCC_AHB3ENR_GTZC2EN     (1 << 12)
+
+#define RCC_APB1ENR             (*(volatile uint32_t *)(RCC_BASE + 0x9C)) /* RM0456 - Table 108 */
 #define RCC_AHB3ENR_PWREN       (1 << 2)
 
 #define RCC_ICSCR1             (*(volatile uint32_t *)(RCC_BASE + 0x08))
@@ -249,10 +251,12 @@
 
 /* GPIO*/
 #define GPIOC_BASE 0x52020800
+#define GPIOD_BASE 0x52020C00
 #define GPIOG_BASE 0x52021800
 #define GPIOH_BASE 0x52021C00
 
 #define GPIOC_SECCFGR (*(volatile uint32_t *)(GPIOC_BASE + 0x30))
+#define GPIOD_SECCFGR (*(volatile uint32_t *)(GPIOD_BASE + 0x30))
 #define GPIOG_SECCFGR (*(volatile uint32_t *)(GPIOG_BASE + 0x30))
 #define GPIOH_SECCFGR (*(volatile uint32_t *)(GPIOH_BASE + 0x30))
 
@@ -266,6 +270,7 @@
 
 #define RCC_AHB2ENR1_CLOCK_ER (*(volatile uint32_t *)(RCC_BASE + 0x8C ))
 #define GPIOC_AHB2ENR1_CLOCK_ER (1 << 2)
+#define GPIOD_AHB2ENR1_CLOCK_ER (1 << 3)
 #define GPIOG_AHB2ENR1_CLOCK_ER (1 << 6)
 #define GPIOH_AHB2ENR1_CLOCK_ER (1 << 7)
 #define TRNG_AHB2_CLOCK_ER      (1 << 18)