Expand description
Cortex-M Security Extensions
This module provides several helper functions to support Armv8-M and Armv8.1-M Security Extensions. Most of this implementation is directly inspired by the “Armv8-M Security Extensions: Requirements on Development Tools” document available here: https://developer.arm.com/docs/ecm0359818/latest
Please note that the TT instructions support as described part 4 of the document linked above is not part of CMSE but is still present in this module. The TT instructions return the configuration of the Memory Protection Unit at an address.
Notes
- Non-Secure Unprivileged code will always read zeroes from TestTarget and should not use it.
- Non-Secure Privileged code can check current (AccessType::Current) and Non-Secure Unprivileged accesses (AccessType::Unprivileged).
- Secure Unprivileged code can check Non-Secure Unprivileged accesses (AccessType::NonSecure).
- Secure Privileged code can check all access types.
Example
use cortex_m::cmse::{TestTarget, AccessType};
// suspect_address was given by Non-Secure to a Secure function to write at it.
// But is it allowed to?
let suspect_address_test = TestTarget::check(0xDEADBEEF as *mut u32,
AccessType::NonSecureUnprivileged);
if suspect_address_test.ns_read_and_writable() {
// Non-Secure can not read or write this address!
}
Structs
Abstraction of TT instructions and helper functions to determine the security and privilege
attribute of a target address, accessed in different ways.
Enums
Memory access behaviour: determine which privilege execution mode is used and which Memory
Protection Unit (MPU) is used.