static void vmpu_load_boxes(void)
{
int i, count;
const UvisorBoxAclItem *region;
const UvisorBoxConfig **box_cfgtbl;
uint8_t box_id;
/* Check heap start and end addresses. */
if (!__uvisor_config.heap_start || !vmpu_sram_addr((uint32_t) __uvisor_config.heap_start)) {
HALT_ERROR(SANITY_CHECK_FAILED, "Heap start pointer (0x%08x) is not in SRAM memory.\n",
(uint32_t) __uvisor_config.heap_start);
}
if (!__uvisor_config.heap_end || !vmpu_sram_addr((uint32_t) __uvisor_config.heap_end)) {
HALT_ERROR(SANITY_CHECK_FAILED, "Heap end pointer (0x%08x) is not in SRAM memory.\n",
(uint32_t) __uvisor_config.heap_end);
}
if (__uvisor_config.heap_end < __uvisor_config.heap_start) {
HALT_ERROR(SANITY_CHECK_FAILED, "Heap end pointer (0x%08x) is smaller than heap start pointer (0x%08x).\n",
(uint32_t) __uvisor_config.heap_end, (uint32_t) __uvisor_config.heap_start);
}
/* Enumerate boxes. */
g_vmpu_box_count = (uint32_t) (__uvisor_config.cfgtbl_ptr_end - __uvisor_config.cfgtbl_ptr_start);
if (g_vmpu_box_count >= UVISOR_MAX_BOXES) {
HALT_ERROR(SANITY_CHECK_FAILED, "box number overflow\n");
}
g_vmpu_boxes_counted = TRUE;
/* Initialize boxes. */
box_id = 0;
for (box_cfgtbl = (const UvisorBoxConfig * *) __uvisor_config.cfgtbl_ptr_start;
box_cfgtbl < (const UvisorBoxConfig * *) __uvisor_config.cfgtbl_ptr_end;
box_cfgtbl++) {
/* Ensure that the configuration table resides in flash. */
if (!(vmpu_flash_addr((uint32_t) *box_cfgtbl) &&
vmpu_flash_addr((uint32_t) ((uint8_t *) (*box_cfgtbl)) + (sizeof(**box_cfgtbl) - 1)))) {
HALT_ERROR(SANITY_CHECK_FAILED, "invalid address - *box_cfgtbl must point to flash (0x%08X)\n",
*box_cfgtbl);
}
/* Check the magic value in the box configuration table. */
if (((*box_cfgtbl)->magic) != UVISOR_BOX_MAGIC) {
HALT_ERROR(SANITY_CHECK_FAILED, "box[%i] @0x%08X - invalid magic\n",
box_id, (uint32_t)(*box_cfgtbl));
}
/* Check the box configuration table version. */
if (((*box_cfgtbl)->version) != UVISOR_BOX_VERSION) {
HALT_ERROR(SANITY_CHECK_FAILED, "box[%i] @0x%08X - invalid version (0x%04X!-0x%04X)\n",
box_id, *box_cfgtbl, (*box_cfgtbl)->version, UVISOR_BOX_VERSION);
}
/* Confirm the minimal size of the box index size. */
if ((*box_cfgtbl)->index_size < sizeof(UvisorBoxIndex)) {
HALT_ERROR(SANITY_CHECK_FAILED, "Box index size (%uB) must be large enough to hold UvisorBoxIndex (%uB).\n",
(*box_cfgtbl)->index_size, sizeof(UvisorBoxIndex));
}
/* Check that the box namespace is not too long. */
vmpu_sanity_check_box_namespace(box_id, (*box_cfgtbl)->box_namespace);
/* Load the box ACLs. */
DPRINTF("box[%i] ACL list:\n", box_id);
/* Add ACL's for all box stacks. */
vmpu_acl_stack(
box_id,
(*box_cfgtbl)->index_size + (*box_cfgtbl)->context_size + (*box_cfgtbl)->heap_size,
(*box_cfgtbl)->stack_size
);
/* Initialize box index. */
vmpu_box_index_init(
box_id,
*box_cfgtbl
);
/* Enumerate the box ACLs. */
region = (*box_cfgtbl)->acl_list;
if (region != NULL) {
count = (*box_cfgtbl)->acl_count;
for (i = 0; i < count; i++) {
/* Ensure that the ACL resides in public flash. */
if (!vmpu_public_flash_addr((uint32_t) region)) {
HALT_ERROR(SANITY_CHECK_FAILED, "box[%i]:acl[%i] must be in code section (@0x%08X)\n",
box_id, i, *box_cfgtbl);
}
/* Add the ACL and force the entry as user-provided. */
if (region->acl & UVISOR_TACL_IRQ) {
vmpu_acl_irq(box_id, region->param1, region->param2);
} else {
vmpu_acl_add(
box_id,
region->param1,
region->param2,
region->acl | UVISOR_TACL_USER
);
}
/* Proceed to the next ACL. */
region++;
}
}
/* Proceed to the next box. */
box_id++;
}
/* Load box 0. */
vmpu_load_box(0);
*(__uvisor_config.uvisor_box_context) = (uint32_t *) g_context_current_states[0].bss;
DPRINTF("vmpu_load_boxes [DONE]\n");
}
static void vmpu_load_boxes(void)
{
int i, count;
const UvisorBoxAclItem *region;
const UvisorBoxConfig **box_cfgtbl;
uint8_t box_id;
/* enumerate and initialize boxes */
g_vmpu_box_count = 0;
for(box_cfgtbl = (const UvisorBoxConfig**) __uvisor_config.cfgtbl_ptr_start;
box_cfgtbl < (const UvisorBoxConfig**) __uvisor_config.cfgtbl_ptr_end;
box_cfgtbl++
)
{
/* ensure that configuration resides in flash */
if(!(VMPU_FLASH_ADDR(*box_cfgtbl) &&
VMPU_FLASH_ADDR(
((uint8_t*)(*box_cfgtbl)) + (sizeof(**box_cfgtbl)-1)
)))
HALT_ERROR(SANITY_CHECK_FAILED,
"invalid address - \
*box_cfgtbl must point to flash (0x%08X)\n", *box_cfgtbl);
/* check for magic value in box configuration */
if(((*box_cfgtbl)->magic)!=UVISOR_BOX_MAGIC)
HALT_ERROR(SANITY_CHECK_FAILED,
"box[%i] @0x%08X - invalid magic\n",
g_vmpu_box_count,
(uint32_t)(*box_cfgtbl)
);
/* check for magic value in box configuration */
if(((*box_cfgtbl)->version)!=UVISOR_BOX_VERSION)
HALT_ERROR(SANITY_CHECK_FAILED,
"box[%i] @0x%08X - invalid version (0x%04X!-0x%04X)\n",
g_vmpu_box_count,
*box_cfgtbl,
(*box_cfgtbl)->version,
UVISOR_BOX_VERSION
);
/* increment box counter */
if((box_id = g_vmpu_box_count++)>=UVISOR_MAX_BOXES)
HALT_ERROR(SANITY_CHECK_FAILED, "box number overflow\n");
/* load box ACLs in table */
DPRINTF("box[%i] ACL list:\n", box_id);
/* add ACL's for all box stacks, the actual start addesses and
* sizes are resolved later in vmpu_initialize_stacks */
vmpu_acl_stack(
box_id,
(*box_cfgtbl)->context_size,
(*box_cfgtbl)->stack_size
);
/* enumerate box ACLs */
if( (region = (*box_cfgtbl)->acl_list)!=NULL )
{
count = (*box_cfgtbl)->acl_count;
for(i=0; i<count; i++)
{
/* ensure that ACL resides in flash */
if(!VMPU_FLASH_ADDR(region))
HALT_ERROR(SANITY_CHECK_FAILED,
"box[%i]:acl[%i] must be in code section (@0x%08X)\n",
box_id,
i,
*box_cfgtbl
);
/* add ACL, and force entry as user-provided */
if(region->acl & UVISOR_TACL_IRQ)
vmpu_acl_irq(box_id, region->param1, region->param2);
else
vmpu_acl_add(
box_id,
region->param1,
region->param2,
region->acl | UVISOR_TACL_USER
);
/* proceed to next ACL */
region++;
}
}
}
/* load box 0 */
vmpu_load_box(0);
DPRINTF("vmpu_load_boxes [DONE]\n");
}
