Set public box main stack non-secure guard protection for v8m

theamirocohen · theamirocohen · commit 476a5bf1dfb2 · 2017-10-16T17:37:22.000+03:00
diff --git a/api/src/uvisor-input.S b/api/src/uvisor-input.S
@@ -114,6 +114,9 @@ uvisor_config:
     /* Debug driver pointer */
     .long __uvisor_debug_driver
 
+    /* Stack limit for publix box MSPLIM_NS, accessed by public_box_stack_limit */
+    .long __uvisor_public_box_stack_limit
+
 /* uVisor mode of operation
  * Modes available: UVISOR_ENABLED, UVISOR_DISABLED, UVISOR_PERMISSIVE. */
 __uvisor_mode:
@@ -134,6 +137,9 @@ __uvisor_debug_driver:
     .long 0
     .long 0
 
+__uvisor_public_box_stack_limit:
+    .long __StackLimit
+
 /* __uvisor_ps is written inside uvisor_init. It must not be
  * overwritten by libc init and therefore is placed in .uninitialized. */
 .section .uninitialized
diff --git a/core/system/inc/linker.h b/core/system/inc/linker.h
@@ -121,6 +121,9 @@ typedef struct {
     UvisorLibHooks const * const lib_hooks;
 
     TUvisorDebugDriver const * const debug_driver;
+
+    /* Stack limit for public box MSPNS_LIM, accessed by __uvisor_public_box_stack_limit*/
+    uint32_t * public_box_stack_limit;
 } UVISOR_PACKED UvisorConfig;
 
 extern UvisorConfig const __uvisor_config;
diff --git a/core/system/src/main.c b/core/system/src/main.c
@@ -161,6 +161,9 @@ void main_init(void)
     /* NS P stack pointer, for the RTOS and the uVisor-ns. */
     __TZ_set_MSP_NS(original_sp);
 
+    /* NS P limit, for the RTOS and the uVisor-ns. */
+    __TZ_set_MSPLIM_NS(*(__uvisor_config.public_box_stack_limit));
+
     /* S NP stack pointer, for the SDSs and the transition gateways. */
     __set_PSP((uint32_t) &__uvisor_stack_top_np__);
 #else /* defined(ARCH_CORE_ARMv8M) */
