zephyr/samples/boards/arc_secure_services
Gerard Marull-Paretas 79e6b0e0f6 includes: prefer <zephyr/kernel.h> over <zephyr/zephyr.h>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.

The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.

NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.

Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
2022-09-05 16:31:47 +02:00
..
src includes: prefer <zephyr/kernel.h> over <zephyr/zephyr.h> 2022-09-05 16:31:47 +02:00
CMakeLists.txt
README.rst everywhere: fix typos 2022-03-18 13:24:08 -04:00
em_starterkit_em7d_normal.dts dts: arc: synopsys: Move SoC devicetree includes under a vendor dir 2022-05-09 17:54:48 -04:00
em_starterkit_em7d_normal_defconfig
nsim_sem_normal.dts
nsim_sem_normal_defconfig
sample.yaml tests: fix typos and misnamed platforms 2021-12-17 12:24:37 -05:00

README.rst

.. _arc_secure_service:

ARC Secure Service
##################

Overview
********

This sample implements a simple secure service based on ARC SecureShield to
demonstrate how a secure zephyr application runs together with a normal
Zephyr application.

In this sample:

* Secure application will be in the secure memory space defined in
  ``arc_mpu_regions.c``. Half of RAM and ROM is allocated to secure world,
  the other half is allocated to normal world.

* Memory not allocated to the secure application is allocated to
  the normal application.

* By default, all the peripheral space is normal mode accessible, i.e.,
  the peripherals are shared between normal mode and secure mode. If some
  peripherals are required by secure world, it can be done by adding static
  mpu entry in ``arc_mpu_regions.c``.

* The interrupts of two internal timers are configure as normal interrupts,
  so the normal zephyr's kernel tick can work correctly.

* Secure interrupts priority > secure threads priority > normal interrupts
  priority > normal threads priority.


Requirements
************

To use this sample, ARC processor should be equipped with ARC SecureShield. In
Zephyr, the following board configurations are supported:

* em_starterkit_em7d
  * secure application: em_starterkit_em7d_secure
  * normal application: em_starterkit_em7d_normal
* nsim_sem
  * secure application: nsim_sem
  * normal application: nsim_sem_normal

Building and Running
********************

Building
========

Secure application
^^^^^^^^^^^^^^^^^^

First, you should build the secure application.

.. zephyr-app-commands::
   :zephyr-app: samples/boards/arc_secure_services
   :board: em_starterkit_em7d_secure nsim_sem
   :goals: build
   :compact:

Normal application
^^^^^^^^^^^^^^^^^^

Currently, in normal application, MPU is not accessible, so no user space and
mpu-based stack checking. Please copy the specific dts file and def_config
file to the specific board dir to build normal application.

Here,take :ref:'dining-philosophers-sample' as an example for normal
application.

.. zephyr-app-commands::
   :zephyr-app: samples/philosophers
   :board: em_starterkit_em7d_normal nsim_sem_normal
   :goals: build
   :compact:

Running
=======

* Run using the bootloader

The bootloader should load the secure and normal application into the correct place,
then jump to the entry of the secure application. The entry of normal application
is hardcoded in secure application. Secure application will boot normal application.

* Run using the debugger (recommended)

Use the gdb debugger to load and run the two applications.

For em starter kit, run the following commands

.. code-block:: console

    # load secure application first
    $ cd samples/boards/arc_secure_services/build
    $ west debug
    # load normal application
    $ monitor load_image ../../../philosophers/build/zephyr/zephyr.elf
    $ c

For nsim sem, you need two consoles: one for application output, and one for
debugger.

In the console for output:

.. code-block:: console

    # open debug server
    $ cd samples/boards/arc_secure_services/build
    $ west debugserver

In the console for debugger:

.. code-block:: console

    # open debug server
    $ cd samples/boards/arc_secure_services/build
    $ arc-elf32-gdb zephyr/zephyr.elf
    $ target remote :3333
    # load normal application
    $ load ../../../philosophers/build/zephyr/zephyr.elf
    # load secure application
    $ load
    $ c