diff --git a/hal/rp2350.c b/hal/rp2350.c index c2b4a4d4a0..85052ca69d 100644 --- a/hal/rp2350.c +++ b/hal/rp2350.c @@ -224,7 +224,21 @@ void hal_prepare_boot(void) int RAMFUNCTION hal_flash_write(uint32_t address, const uint8_t *data, int len) { - flash_range_program(address - XIP_BASE, data, len); + uint8_t cache[WOLFBOOT_SECTOR_SIZE]; + uint32_t written = 0; + uint32_t sz; + if (((uintptr_t)data & 0x20000000UL) == 0) { + /* Not in RAM: copy to cache before writing */ + while (written < len) { + sz = WOLFBOOT_SECTOR_SIZE; + if (sz > (len - written)) + sz = len - written; + memcpy(cache, data + written, sz); + flash_range_program(address - XIP_BASE + written, cache, sz); + written += sz; + } + } else + flash_range_program(address - XIP_BASE, data, len); return 0; } diff --git a/include/wolfboot/wolfboot.h b/include/wolfboot/wolfboot.h index 5750244ca9..0f0656c2ef 100644 --- a/include/wolfboot/wolfboot.h +++ b/include/wolfboot/wolfboot.h @@ -411,6 +411,38 @@ int wolfBoot_set_encrypt_key(const uint8_t *key, const uint8_t *nonce); int wolfBoot_get_encrypt_key(uint8_t *key, uint8_t *nonce); int wolfBoot_erase_encrypt_key(void); +#if !defined(__WOLFBOOT) && defined(WOLFCRYPT_SECURE_MODE) + +/* Applications can access update success/trigger and flash erase/write + * via non-secure callable, to facilitate updates + */ + +/* Call wolfBoot_success from non-secure application */ + +__attribute__((cmse_nonsecure_entry)) +void wolfBoot_nsc_success(void); + +/* Call wolfBoot_update_trigger from non-secure application */ +__attribute__((cmse_nonsecure_entry)) +void wolfBoot_nsc_update_trigger(void); + +/* Erase one or more sectors in the update partition. + * - address: offset within the update partition ('0' corresponds to PARTITION_UPDATE_ADDRESS) + * - len: size, in bytes + */ +__attribute__((cmse_nonsecure_entry)) +int wolfBoot_nsc_erase_update(uint32_t address, uint32_t len); + +/* Write the content of buffer `buf` and size `len` to the update partition, + * at offset address, from non-secure application + * - address: offset within the update partition ('0' corresponds to PARTITION_UPDATE_ADDRESS) + * - len: size, in bytes + */ +__attribute__((cmse_nonsecure_entry)) +int wolfBoot_nsc_write_update(uint32_t address, const uint8_t *buf, uint32_t len); + +#endif /* !__WOLFBOOT && WOLFCRYPT_SECURE_MODE */ + #ifdef __cplusplus } diff --git a/src/libwolfboot.c b/src/libwolfboot.c index d6e4109bf1..fb3a20758e 100644 --- a/src/libwolfboot.c +++ b/src/libwolfboot.c @@ -1984,3 +1984,40 @@ int wolfBoot_ram_decrypt(uint8_t *src, uint8_t *dst) } #endif /* MMU */ #endif /* EXT_ENCRYPTED */ + +#if defined(__WOLFBOOT) && defined(WOLFCRYPT_SECURE_MODE) +__attribute__((cmse_nonsecure_entry)) +void wolfBoot_nsc_success(void) +{ + wolfBoot_success(); +} + +__attribute__((cmse_nonsecure_entry)) +void wolfBoot_nsc_update_trigger(void) +{ + wolfBoot_update_trigger(); +} + +__attribute__((cmse_nonsecure_entry)) +int wolfBoot_nsc_erase_update(uint32_t address, uint32_t len) +{ + if (address > WOLFBOOT_PARTITION_SIZE) + return -1; + if (address + len > WOLFBOOT_PARTITION_SIZE) + return -1; + return hal_flash_erase(address + WOLFBOOT_PARTITION_UPDATE_ADDRESS, len); + +} + +__attribute__((cmse_nonsecure_entry)) +int wolfBoot_nsc_write_update(uint32_t address, const uint8_t *buf, uint32_t len) +{ + if (address > WOLFBOOT_PARTITION_SIZE) + return -1; + if (address + len > WOLFBOOT_PARTITION_SIZE) + return -1; + return hal_flash_write(address + WOLFBOOT_PARTITION_UPDATE_ADDRESS, buf, len); +} + +#endif +