static void vmpu_load_boxes(void) { int i, count; const UvisorBoxAclItem *region; const UvisorBoxConfig **box_cfgtbl; uint8_t box_id; /* Check heap start and end addresses. */ if (!__uvisor_config.heap_start || !vmpu_sram_addr((uint32_t) __uvisor_config.heap_start)) { HALT_ERROR(SANITY_CHECK_FAILED, "Heap start pointer (0x%08x) is not in SRAM memory.\n", (uint32_t) __uvisor_config.heap_start); } if (!__uvisor_config.heap_end || !vmpu_sram_addr((uint32_t) __uvisor_config.heap_end)) { HALT_ERROR(SANITY_CHECK_FAILED, "Heap end pointer (0x%08x) is not in SRAM memory.\n", (uint32_t) __uvisor_config.heap_end); } if (__uvisor_config.heap_end < __uvisor_config.heap_start) { HALT_ERROR(SANITY_CHECK_FAILED, "Heap end pointer (0x%08x) is smaller than heap start pointer (0x%08x).\n", (uint32_t) __uvisor_config.heap_end, (uint32_t) __uvisor_config.heap_start); } /* Enumerate boxes. */ g_vmpu_box_count = (uint32_t) (__uvisor_config.cfgtbl_ptr_end - __uvisor_config.cfgtbl_ptr_start); if (g_vmpu_box_count >= UVISOR_MAX_BOXES) { HALT_ERROR(SANITY_CHECK_FAILED, "box number overflow\n"); } g_vmpu_boxes_counted = TRUE; /* Initialize boxes. */ box_id = 0; for (box_cfgtbl = (const UvisorBoxConfig * *) __uvisor_config.cfgtbl_ptr_start; box_cfgtbl < (const UvisorBoxConfig * *) __uvisor_config.cfgtbl_ptr_end; box_cfgtbl++) { /* Ensure that the configuration table resides in flash. */ if (!(vmpu_flash_addr((uint32_t) *box_cfgtbl) && vmpu_flash_addr((uint32_t) ((uint8_t *) (*box_cfgtbl)) + (sizeof(**box_cfgtbl) - 1)))) { HALT_ERROR(SANITY_CHECK_FAILED, "invalid address - *box_cfgtbl must point to flash (0x%08X)\n", *box_cfgtbl); } /* Check the magic value in the box configuration table. */ if (((*box_cfgtbl)->magic) != UVISOR_BOX_MAGIC) { HALT_ERROR(SANITY_CHECK_FAILED, "box[%i] @0x%08X - invalid magic\n", box_id, (uint32_t)(*box_cfgtbl)); } /* Check the box configuration table version. */ if (((*box_cfgtbl)->version) != UVISOR_BOX_VERSION) { HALT_ERROR(SANITY_CHECK_FAILED, "box[%i] @0x%08X - invalid version (0x%04X!-0x%04X)\n", box_id, *box_cfgtbl, (*box_cfgtbl)->version, UVISOR_BOX_VERSION); } /* Confirm the minimal size of the box index size. */ if ((*box_cfgtbl)->index_size < sizeof(UvisorBoxIndex)) { HALT_ERROR(SANITY_CHECK_FAILED, "Box index size (%uB) must be large enough to hold UvisorBoxIndex (%uB).\n", (*box_cfgtbl)->index_size, sizeof(UvisorBoxIndex)); } /* Check that the box namespace is not too long. */ vmpu_sanity_check_box_namespace(box_id, (*box_cfgtbl)->box_namespace); /* Load the box ACLs. */ DPRINTF("box[%i] ACL list:\n", box_id); /* Add ACL's for all box stacks. */ vmpu_acl_stack( box_id, (*box_cfgtbl)->index_size + (*box_cfgtbl)->context_size + (*box_cfgtbl)->heap_size, (*box_cfgtbl)->stack_size ); /* Initialize box index. */ vmpu_box_index_init( box_id, *box_cfgtbl ); /* Enumerate the box ACLs. */ region = (*box_cfgtbl)->acl_list; if (region != NULL) { count = (*box_cfgtbl)->acl_count; for (i = 0; i < count; i++) { /* Ensure that the ACL resides in public flash. */ if (!vmpu_public_flash_addr((uint32_t) region)) { HALT_ERROR(SANITY_CHECK_FAILED, "box[%i]:acl[%i] must be in code section (@0x%08X)\n", box_id, i, *box_cfgtbl); } /* Add the ACL and force the entry as user-provided. */ if (region->acl & UVISOR_TACL_IRQ) { vmpu_acl_irq(box_id, region->param1, region->param2); } else { vmpu_acl_add( box_id, region->param1, region->param2, region->acl | UVISOR_TACL_USER ); } /* Proceed to the next ACL. */ region++; } } /* Proceed to the next box. */ box_id++; } /* Load box 0. */ vmpu_load_box(0); *(__uvisor_config.uvisor_box_context) = (uint32_t *) g_context_current_states[0].bss; DPRINTF("vmpu_load_boxes [DONE]\n"); }
static void vmpu_load_boxes(void) { int i, count; const UvisorBoxAclItem *region; const UvisorBoxConfig **box_cfgtbl; uint8_t box_id; /* enumerate and initialize boxes */ g_vmpu_box_count = 0; for(box_cfgtbl = (const UvisorBoxConfig**) __uvisor_config.cfgtbl_ptr_start; box_cfgtbl < (const UvisorBoxConfig**) __uvisor_config.cfgtbl_ptr_end; box_cfgtbl++ ) { /* ensure that configuration resides in flash */ if(!(VMPU_FLASH_ADDR(*box_cfgtbl) && VMPU_FLASH_ADDR( ((uint8_t*)(*box_cfgtbl)) + (sizeof(**box_cfgtbl)-1) ))) HALT_ERROR(SANITY_CHECK_FAILED, "invalid address - \ *box_cfgtbl must point to flash (0x%08X)\n", *box_cfgtbl); /* check for magic value in box configuration */ if(((*box_cfgtbl)->magic)!=UVISOR_BOX_MAGIC) HALT_ERROR(SANITY_CHECK_FAILED, "box[%i] @0x%08X - invalid magic\n", g_vmpu_box_count, (uint32_t)(*box_cfgtbl) ); /* check for magic value in box configuration */ if(((*box_cfgtbl)->version)!=UVISOR_BOX_VERSION) HALT_ERROR(SANITY_CHECK_FAILED, "box[%i] @0x%08X - invalid version (0x%04X!-0x%04X)\n", g_vmpu_box_count, *box_cfgtbl, (*box_cfgtbl)->version, UVISOR_BOX_VERSION ); /* increment box counter */ if((box_id = g_vmpu_box_count++)>=UVISOR_MAX_BOXES) HALT_ERROR(SANITY_CHECK_FAILED, "box number overflow\n"); /* load box ACLs in table */ DPRINTF("box[%i] ACL list:\n", box_id); /* add ACL's for all box stacks, the actual start addesses and * sizes are resolved later in vmpu_initialize_stacks */ vmpu_acl_stack( box_id, (*box_cfgtbl)->context_size, (*box_cfgtbl)->stack_size ); /* enumerate box ACLs */ if( (region = (*box_cfgtbl)->acl_list)!=NULL ) { count = (*box_cfgtbl)->acl_count; for(i=0; i<count; i++) { /* ensure that ACL resides in flash */ if(!VMPU_FLASH_ADDR(region)) HALT_ERROR(SANITY_CHECK_FAILED, "box[%i]:acl[%i] must be in code section (@0x%08X)\n", box_id, i, *box_cfgtbl ); /* add ACL, and force entry as user-provided */ if(region->acl & UVISOR_TACL_IRQ) vmpu_acl_irq(box_id, region->param1, region->param2); else vmpu_acl_add( box_id, region->param1, region->param2, region->acl | UVISOR_TACL_USER ); /* proceed to next ACL */ region++; } } } /* load box 0 */ vmpu_load_box(0); DPRINTF("vmpu_load_boxes [DONE]\n"); }