From efa2a9516311f249500b7065e58ee9f3cc1d74e2 Mon Sep 17 00:00:00 2001 From: Michael Jung Date: Thu, 25 May 2023 07:34:21 +0200 Subject: [PATCH] Update stm32l562e-dk:nsh - Update TrustedFirmare-M instructions to latest version of STM32CubeL5 - Increase idle thread stack size to not overflow during system init - Select ARCH_HAVE_TRUSTZONE for STM32L5 - Set CONFIG_ARCH_TRUSTZONE_NONSECURE for stm32l562e-dk:nsh, since NuttX is running in the Non-secure world. See https://github.com/apache/nuttx/issues/9316 Signed-off-by: Michael Jung --- arch/arm/Kconfig | 1 + boards/arm/stm32l5/stm32l562e-dk/README.txt | 24 +++++++++++++++---- .../stm32l562e-dk/configs/nsh/defconfig | 2 ++ 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 75525cb4fb..114ed5fd92 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -489,6 +489,7 @@ config ARCH_CHIP_STM32L5 select ARCH_HAVE_PROGMEM select ARCH_HAVE_SPI_BITORDER select ARCH_HAVE_TICKLESS + select ARCH_HAVE_TRUSTZONE select ARM_HAVE_MPU_UNIFIED select ARMV8M_HAVE_STACKCHECK ---help--- diff --git a/boards/arm/stm32l5/stm32l562e-dk/README.txt b/boards/arm/stm32l5/stm32l562e-dk/README.txt index d8743f3954..463cbbfc78 100644 --- a/boards/arm/stm32l5/stm32l562e-dk/README.txt +++ b/boards/arm/stm32l5/stm32l562e-dk/README.txt @@ -107,15 +107,15 @@ TrustedFirmware-M ================= You should study [UM2671] STMicroelectronics. UM2671: Getting started with - STM32CubeL5 TFM application, 2nd edition, July 2020. + STM32CubeL5 TFM application, 3rd edition, June 2021. - I was using STM32CubeL5 v1.3.1 - (https://github.com/STMicroelectronics/STM32CubeL5/tree/v1.3.1). + I was using STM32CubeL5 v1.5.0 + (https://github.com/STMicroelectronics/STM32CubeL5/tree/v1.5.0). Changes required to STM32CubeL5's TFM ------------------------------------- - The following two changes to TFM have to be applied to be able to run NuttX. + The following three changes to TFM have to be applied to be able to run NuttX. The first one is required since NuttX issues SVC instructions while interrupts are disabled, which causes HardFaults. NuttX then detects this situation in @@ -146,6 +146,22 @@ TrustedFirmware-M return TFM_PLAT_ERR_SUCCESS; } + The third chage is required, since current NuttX does not support lazy FPU + register stacking any longer. Thus, this must be disabled for the TF-M secure + code as well: + + --- a/Projects/STM32L562E-DK/Applications/TFM/TFM_Appli/Secure/Src/target_cfg.c + +++ b/Projects/STM32L562E-DK/Applications/TFM/TFM_Appli/Secure/Src/target_cfg.c + @@ -134,7 +134,7 @@ void sau_and_idau_cfg(void) + SCB->NSACR = (SCB->NSACR & ~(SCB_NSACR_CP10_Msk | SCB_NSACR_CP11_Msk)) | + ((SCB_NSACR_CP10_11_VAL << SCB_NSACR_CP10_Pos) & (SCB_NSACR_CP10_Msk | SCB_NSACR_CP11_Msk)); + + - FPU->FPCCR = (FPU->FPCCR & ~(FPU_FPCCR_TS_Msk | FPU_FPCCR_CLRONRETS_Msk | FPU_FPCCR_CLRONRET_Msk)) | + + FPU->FPCCR = (FPU->FPCCR & ~(FPU_FPCCR_TS_Msk | FPU_FPCCR_CLRONRETS_Msk | FPU_FPCCR_CLRONRET_Msk | FPU_FPCCR_LSPEN_Msk)) | + ((FPU_FPCCR_TS_VAL << FPU_FPCCR_TS_Pos) & FPU_FPCCR_TS_Msk) | + ((FPU_FPCCR_CLRONRETS_VAL << FPU_FPCCR_CLRONRETS_Pos) & FPU_FPCCR_CLRONRETS_Msk) | + ((FPU_FPCCR_CLRONRET_VAL << FPU_FPCCR_CLRONRET_Pos) & FPU_FPCCR_CLRONRET_Msk); + Encrypting and Signing the NuttX Binary --------------------------------------- diff --git a/boards/arm/stm32l5/stm32l562e-dk/configs/nsh/defconfig b/boards/arm/stm32l5/stm32l562e-dk/configs/nsh/defconfig index 4e7d2fd619..ae3a461cf3 100644 --- a/boards/arm/stm32l5/stm32l562e-dk/configs/nsh/defconfig +++ b/boards/arm/stm32l5/stm32l562e-dk/configs/nsh/defconfig @@ -18,6 +18,7 @@ CONFIG_ARCH_CHIP_STM32L5=y CONFIG_ARCH_INTERRUPTSTACK=2048 CONFIG_ARCH_IRQBUTTONS=y CONFIG_ARCH_STACKDUMP=y +CONFIG_ARCH_TRUSTZONE_NONSECURE=y CONFIG_ARMV8M_STACKCHECK=y CONFIG_BOARD_LOOPSPERMSEC=8499 CONFIG_BUILTIN=y @@ -31,6 +32,7 @@ CONFIG_FS_PROCFS=y CONFIG_FS_PROCFS_REGISTER=y CONFIG_HAVE_CXX=y CONFIG_HAVE_CXXINITIALIZE=y +CONFIG_IDLETHREAD_STACKSIZE=2048 CONFIG_INIT_ENTRYPOINT="nsh_main" CONFIG_NSH_ARCHINIT=y CONFIG_NSH_BUILTIN_APPS=y