github.com/f-secure-foundry/tamago@v0.0.0-20220307101044-d73fcdd7f11b/arm/tz.go (about) 1 // ARM processor support 2 // https://github.com/f-secure-foundry/tamago 3 // 4 // Copyright (c) F-Secure Corporation 5 // https://foundry.f-secure.com 6 // 7 // Use of this source code is governed by the license 8 // that can be found in the LICENSE file. 9 10 package arm 11 12 import ( 13 "runtime" 14 15 "github.com/f-secure-foundry/tamago/internal/reg" 16 ) 17 18 // defined in tz.s 19 func read_scr() uint32 20 func write_nsacr(uint32) 21 22 // NonSecure returns whether the processor security mode is non-secure (e.g. 23 // TrustZone Normal World. 24 func (cpu *CPU) NonSecure() bool { 25 if !cpu.security { 26 return false 27 } 28 29 ramStart, _ := runtime.MemRegion() 30 vecTable := ramStart + vecTableOffset + 8*4 31 undefinedHandler := reg.Read(vecTable + UNDEFINED) 32 33 // NonSecure World cannot read the NS bit, the only way to infer it 34 // status is to trap the exception while attempting to read it. 35 reg.Write(vecTable+UNDEFINED, vector(nullHandler)) 36 defer reg.Write(vecTable+UNDEFINED, undefinedHandler) 37 38 return read_scr()&1 == 1 39 } 40 41 // Secure returns whether the processor security mode is secure (e.g. TrustZone 42 // Secure World). 43 func (cpu *CPU) Secure() bool { 44 return !cpu.NonSecure() 45 } 46 47 // NonSecureAccessControl sets the NSACR register value, which defines the 48 // Non-Secure access permissions to coprocessors. 49 func (cpu *CPU) NonSecureAccessControl(nsacr uint32) { 50 if !cpu.security { 51 return 52 } 53 54 write_nsacr(nsacr) 55 }