From 2afb708191279222da54f341f91f4934d8938f99 Mon Sep 17 00:00:00 2001 From: Alessandro Angelino Date: Mon, 12 Jun 2017 10:50:40 +0100 Subject: [PATCH 1/6] Update mbed OS --- mbed-os.lib | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mbed-os.lib b/mbed-os.lib index 706b7ae..628d333 100644 --- a/mbed-os.lib +++ b/mbed-os.lib @@ -1 +1 @@ -https://github.com/ARMmbed/mbed-os/#fc1836545dcc2fc86f03b01292b62bf2089f67c3 +https://github.com/ARMmbed/mbed-os/#92fbf2a9b3988d430482fc25a6077f2462e2a634 From 62775af7e46c2bb696d9c306a3d690f456871050 Mon Sep 17 00:00:00 2001 From: Alessandro Angelino Date: Thu, 25 May 2017 16:32:47 +0100 Subject: [PATCH 2/6] Reduce memory footprint of this app This will help supporting more targets. --- source/led1.cpp | 4 ++-- source/led2.cpp | 12 ++++++------ source/led3.cpp | 2 +- source/main.cpp | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/source/led1.cpp b/source/led1.cpp index 835c2d5..38edd69 100644 --- a/source/led1.cpp +++ b/source/led1.cpp @@ -18,7 +18,7 @@ static void led1_main(const void *); * We do not need large stacks in either the main nor the interrupt thread, as * we do not do anything special in them. */ UVISOR_BOX_NAMESPACE(NULL); -UVISOR_BOX_HEAPSIZE(3 * 1024); +UVISOR_BOX_HEAPSIZE(2 * 1024); UVISOR_BOX_MAIN(led1_main, osPriorityNormal, 512); UVISOR_BOX_CONFIG(box_led1, acl, 512, box_context); @@ -39,6 +39,6 @@ static void led1_main(const void *) led1 = !led1; ++uvisor_ctx->heartbeat; alloc_fill_wait_verify_free(size, seed, 211); - specific_alloc_fill_wait_verify_free(alloc, 5 * kB, seed, 107); + specific_alloc_fill_wait_verify_free(alloc, 1 * kB, seed, 107); } } diff --git a/source/led2.cpp b/source/led2.cpp index 123d645..c79c18a 100644 --- a/source/led2.cpp +++ b/source/led2.cpp @@ -18,7 +18,7 @@ static void led2_main(const void *); * We do not need large stacks in either the main nor the interrupt thread, as * we do not do anything special in them. */ UVISOR_BOX_NAMESPACE(NULL); -UVISOR_BOX_HEAPSIZE(3 * 1024); +UVISOR_BOX_HEAPSIZE(2 * 1024); UVISOR_BOX_MAIN(led2_main, osPriorityNormal, 512); UVISOR_BOX_CONFIG(box_led2, acl, 512, box_context); @@ -38,13 +38,13 @@ static void led2_main(const void *) * page heap! */ /* Allocate one page. */ - alloc = secure_allocator_create_with_pages(4 * kB, 1 * kB); + alloc = secure_allocator_create_with_pages(2 * kB, 1 * kB); /* Allocate another page. */ - SecureAllocator alloc2 = secure_allocator_create_with_pages(4 * kB, 1 * kB); + SecureAllocator alloc2 = secure_allocator_create_with_pages(8 * kB, 1 * kB); /* Deallocate alloc1 page, creating a hole. */ secure_allocator_destroy(alloc); /* Allocate two pages. */ - alloc = secure_allocator_create_with_pages(uvisor_get_page_size() + 3 * kB, 6 * kB); + alloc = secure_allocator_create_with_pages(4 * kB, 1 * kB); /* Deallocate alloc2 page, creating another hole. */ secure_allocator_destroy(alloc2); @@ -57,9 +57,9 @@ static void led2_main(const void *) alloc_fill_wait_verify_free(size, seed, 311); /* Allocate in first page */ - specific_alloc_fill_wait_verify_free(alloc, 6 * kB, seed, 0); + specific_alloc_fill_wait_verify_free(alloc, 1 * kB, seed, 0); /* Allocate in second page */ - specific_alloc_fill_wait_verify_free(alloc, 6 * kB, seed, 101); + specific_alloc_fill_wait_verify_free(alloc, 1 * kB, seed, 101); } } diff --git a/source/led3.cpp b/source/led3.cpp index 01e41dd..2b390ad 100644 --- a/source/led3.cpp +++ b/source/led3.cpp @@ -18,7 +18,7 @@ static void led3_main(const void *); * We need at least 1kB in the main thread as we use printf in it. The interrupt * stack size can be smaller as we do not do anything special in them. */ UVISOR_BOX_NAMESPACE(NULL); -UVISOR_BOX_HEAPSIZE(3 * 1024); +UVISOR_BOX_HEAPSIZE(2 * 1024); UVISOR_BOX_MAIN(led3_main, osPriorityNormal, 1024); UVISOR_BOX_CONFIG(box_led3, acl, 512, box_context); diff --git a/source/main.cpp b/source/main.cpp index 2fd2feb..82d8104 100644 --- a/source/main.cpp +++ b/source/main.cpp @@ -25,7 +25,7 @@ MAIN_ACL(g_main_acl); /* Enable uVisor. */ UVISOR_SET_MODE_ACL(UVISOR_ENABLED, g_main_acl); -UVISOR_SET_PAGE_HEAP(8 * 1024, 5); +UVISOR_SET_PAGE_HEAP(2 * 1024, 8); static void main_alloc(void) { @@ -35,7 +35,7 @@ static void main_alloc(void) while (1) { alloc_fill_wait_verify_free(50, seed, 577); - specific_alloc_fill_wait_verify_free(alloc, 5 * kB, seed, 97); + specific_alloc_fill_wait_verify_free(alloc, 1 * kB, seed, 97); seed++; } } From 27e4811e9c27b77891a1368fbeffcc579982dfcc Mon Sep 17 00:00:00 2001 From: Alessandro Angelino Date: Thu, 25 May 2017 16:33:09 +0100 Subject: [PATCH 3/6] Add linker script memory filler for ARMv7-M MPU The code snippet added here has been auto-generated by uVisor when running the app in debug mode. The additional reserved space is needed as a result of an ARMv7-M MPU limitation. --- source/main.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source/main.cpp b/source/main.cpp index 82d8104..05b1e7e 100644 --- a/source/main.cpp +++ b/source/main.cpp @@ -27,6 +27,12 @@ MAIN_ACL(g_main_acl); UVISOR_SET_MODE_ACL(UVISOR_ENABLED, g_main_acl); UVISOR_SET_PAGE_HEAP(2 * 1024, 8); +/* Targets with an ARMv7-M MPU needs this space adjustment to prevent a runtime + * memory overflow error. The code below has been output directly by uVisor. */ +#if defined(TARGET_EFM32GG_STK3700) || defined(TARGET_DISCO_F429ZI) +uint8_t __attribute__((section(".keep.uvisor.bss.boxes"), aligned(32))) __boxes_overhead[32640]; +#endif + static void main_alloc(void) { const uint32_t kB = 1024; From 102be721c8bfb72d5eaca01f53bebbd2b342b432 Mon Sep 17 00:00:00 2001 From: Alessandro Angelino Date: Thu, 25 May 2017 15:33:38 +0100 Subject: [PATCH 4/6] led3 box: Remove redundant thread --- source/led3.cpp | 7 ------- 1 file changed, 7 deletions(-) diff --git a/source/led3.cpp b/source/led3.cpp index 2b390ad..77a61b2 100644 --- a/source/led3.cpp +++ b/source/led3.cpp @@ -59,13 +59,6 @@ static void led3_main(const void *) uvisor_error(USER_NOT_ALLOWED); } - Thread thread2(osPriorityNormal, 512, NULL); - status = thread2.start(run_3); - if (status != osOK) { - printf("Could not start box_led3 thread2.\r\n"); - uvisor_error(USER_NOT_ALLOWED); - } - /* Create page-backed allocator. */ const uint32_t kB = 1024; SecureAllocator alloc = secure_allocator_create_with_pages(4 * kB, 1 * kB); From 996164cb049863fc9eb982a36f32c587a4414993 Mon Sep 17 00:00:00 2001 From: Alessandro Angelino Date: Tue, 6 Dec 2016 10:48:52 +0000 Subject: [PATCH 5/6] Add support for the STM32F429ZI target Fixes #33 "mbed-os-example-uvisor-thread doesn't work on DISCO_F429ZI" --- README.md | 8 +++++--- source/main-hw.h | 32 +++++++++++++++++++++++++++++++- test/filters.json | 2 +- 3 files changed, 37 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 6888241..61f444b 100644 --- a/README.md +++ b/README.md @@ -4,9 +4,11 @@ This is a simple example to show how to write a uVisor-secured threaded applicat Supported devices: -| Target | Toolchain | Baud rate | -|--------|-----------|-----------| -| `K64F` | `GCC_ARM` | 9600 | +| Target | Toolchain | Baud rate | +|-------------------|-----------|-----------| +| `K64F` | `GCC_ARM` | 9600 | +| `DISCO_F429ZI` | `GCC_ARM` | 9600 | +| `EFM32GG_STK3700` | `GCC_ARM` | 9600 | Latest release: [mbed-os-5.4.x](https://github.com/ARMmbed/mbed-os-example-uvisor/releases/latest). Tested with [mbed-cli v1.0.0](https://github.com/ARMmbed/mbed-cli/releases/tag/1.0.0). diff --git a/source/main-hw.h b/source/main-hw.h index 02ae91b..32a745e 100644 --- a/source/main-hw.h +++ b/source/main-hw.h @@ -45,7 +45,7 @@ {SPI0, sizeof(*SPI0), UVISOR_TACLDEF_PERIPH}, \ } -#elif defined (TARGET_EFM32GG_STK3700) +#elif defined(TARGET_EFM32GG_STK3700) #define MAIN_LED LED1 #define SECURE_LED LED2 @@ -65,6 +65,36 @@ {(void *) 0x42000000, 0x2000000, UVISOR_TACLDEF_PERIPH}, \ } +#elif defined(TARGET_DISCO_F429ZI) + +#define MAIN_LED LED1 +#define SECURE_LED LED2 +#define LED_ON true +#define LED_OFF false +#define SECURE_SWITCH USER_BUTTON +#define SECURE_SWITCH_PULL PullDown + +#define MAIN_ACL(acl_list_name) \ + static const UvisorBoxAclItem acl_list_name[] = { \ + {GPIOA, sizeof(*GPIOA), UVISOR_TACLDEF_PERIPH}, \ + {GPIOB, sizeof(*GPIOB), UVISOR_TACLDEF_PERIPH}, \ + {GPIOC, sizeof(*GPIOC), UVISOR_TACLDEF_PERIPH}, \ + {GPIOD, sizeof(*GPIOD), UVISOR_TACLDEF_PERIPH}, \ + {GPIOE, sizeof(*GPIOE), UVISOR_TACLDEF_PERIPH}, \ + {RTC, sizeof(*RTC), UVISOR_TACLDEF_PERIPH}, \ + {TIM5, sizeof(*TIM5), UVISOR_TACLDEF_PERIPH}, \ + {USART1, sizeof(*USART1), UVISOR_TACLDEF_PERIPH}, \ + {I2C1, sizeof(*I2C1), UVISOR_TACLDEF_PERIPH}, \ + {SPI1, sizeof(*SPI1), UVISOR_TACLDEF_PERIPH}, \ + {RCC, sizeof(*RCC), UVISOR_TACLDEF_PERIPH}, \ + {FLASH, sizeof(*FLASH), UVISOR_TACLDEF_PERIPH}, \ + {PWR, sizeof(*PWR), UVISOR_TACLDEF_PERIPH}, \ + {EXTI, sizeof(*EXTI), UVISOR_TACLDEF_PERIPH}, \ + {GPIOG, sizeof(*GPIOG), UVISOR_TACLDEF_PERIPH}, \ + {SYSCFG, sizeof(*SYSCFG), UVISOR_TACLDEF_PERIPH}, \ + {(void *) 0x42000000, 0x01000000, UVISOR_TACLDEF_PERIPH}, \ + } + #else /* Target-specific settings */ #error "Unsupported target. Checkout the README.md file for the list of supported targets for this app." diff --git a/test/filters.json b/test/filters.json index 055b5c0..9c5cf04 100644 --- a/test/filters.json +++ b/test/filters.json @@ -1,6 +1,6 @@ { "blacklist" : [ { - "platforms" : ["DISCO_F429ZI"] + "platforms" : [] } ] } From 8bd29b65a78d80dc2e1692b160ed134867ebfa8b Mon Sep 17 00:00:00 2001 From: Alessandro Angelino Date: Thu, 25 May 2017 14:52:49 +0100 Subject: [PATCH 6/6] EFM32GG_STK3700: Fix push-button pin name --- source/main-hw.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/main-hw.h b/source/main-hw.h index 32a745e..1ba4764 100644 --- a/source/main-hw.h +++ b/source/main-hw.h @@ -51,7 +51,7 @@ #define SECURE_LED LED2 #define LED_ON true #define LED_OFF false -#define SECURE_SWITCH SW2 +#define SECURE_SWITCH SW0 #define SECURE_SWITCH_PULL PullUp #define MAIN_ACL(acl_list_name) \