diff options
Diffstat (limited to 'cortex-m-rt')
| -rw-r--r-- | cortex-m-rt/CHANGELOG.md | 3 | ||||
| -rw-r--r-- | cortex-m-rt/Cargo.toml | 1 | ||||
| -rwxr-xr-x | cortex-m-rt/ci/script.sh | 2 | ||||
| -rw-r--r-- | cortex-m-rt/link.x.in | 4 | ||||
| -rw-r--r-- | cortex-m-rt/src/lib.rs | 35 |
5 files changed, 37 insertions, 8 deletions
diff --git a/cortex-m-rt/CHANGELOG.md b/cortex-m-rt/CHANGELOG.md index 65144cf..fd45a1a 100644 --- a/cortex-m-rt/CHANGELOG.md +++ b/cortex-m-rt/CHANGELOG.md @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/). ## [Unreleased] +- Add `zero-init-ram` feature to initialize RAM with zeros on startup. This can be necessary on + safety-critical hardware to properly initialize memory integrity measures. + ## [v0.7.3] - Fixed a potential miscompilation caused by the initial stack pointer diff --git a/cortex-m-rt/Cargo.toml b/cortex-m-rt/Cargo.toml index f8438fb..3305d34 100644 --- a/cortex-m-rt/Cargo.toml +++ b/cortex-m-rt/Cargo.toml @@ -45,6 +45,7 @@ required-features = ["device"] device = [] set-sp = [] set-vtor = [] +zero-init-ram = [] [package.metadata.docs.rs] features = ["device"] diff --git a/cortex-m-rt/ci/script.sh b/cortex-m-rt/ci/script.sh index 2941e48..02ba51f 100755 --- a/cortex-m-rt/ci/script.sh +++ b/cortex-m-rt/ci/script.sh @@ -63,6 +63,8 @@ main() { cargo rustc --target "$TARGET" --example minimal --features "set-sp,${needed_features}" -- $linker cargo rustc --target "$TARGET" --example minimal --features "set-sp,${needed_features}" --release -- $linker + cargo rustc --target "$TARGET" --example minimal --features "zero-init-ram,${needed_features}" -- $linker + cargo rustc --target "$TARGET" --example minimal --features "zero-init-ram,${needed_features}" --release -- $linker cargo rustc --target "$TARGET" --example minimal --features "set-vtor,${needed_features}" -- $linker cargo rustc --target "$TARGET" --example minimal --features "set-vtor,${needed_features}" --release -- $linker done diff --git a/cortex-m-rt/link.x.in b/cortex-m-rt/link.x.in index 551f576..01bef98 100644 --- a/cortex-m-rt/link.x.in +++ b/cortex-m-rt/link.x.in @@ -60,7 +60,9 @@ PROVIDE(__pre_init = DefaultPreInit); /* # Sections */ SECTIONS { - PROVIDE(_stack_start = ORIGIN(RAM) + LENGTH(RAM)); + PROVIDE(_ram_start = ORIGIN(RAM)); + PROVIDE(_ram_end = ORIGIN(RAM) + LENGTH(RAM)); + PROVIDE(_stack_start = _ram_end); /* ## Sections in FLASH */ /* ### Vector table */ diff --git a/cortex-m-rt/src/lib.rs b/cortex-m-rt/src/lib.rs index 2070efa..a6d946c 100644 --- a/cortex-m-rt/src/lib.rs +++ b/cortex-m-rt/src/lib.rs @@ -169,6 +169,13 @@ //! `_stack_start` value from the linker script. This is not usually required, but some debuggers //! do not initialise SP when performing a soft reset, which can lead to stack corruption. //! +//! ## `zero-init-ram` +//! +//! If this feature is enabled, RAM is initialized with zeros during startup from the `_ram_start` +//! value to the `_ram_end` value from the linker script. This is not usually required, but might be +//! necessary to properly initialize checksum-based memory integrity measures on safety-critical +//! hardware. +//! //! ## `set-vtor` //! //! If this feature is enabled, the vector table offset register (VTOR) is initialised in the reset @@ -529,9 +536,11 @@ cfg_global_asm! { // Example use cases include disabling default watchdogs or enabling RAM. "bl __pre_init", - // Initialise .bss memory. `__sbss` and `__ebss` come from the linker script. - "ldr r0, =__sbss - ldr r1, =__ebss + // If enabled, initialize RAM with zeros. This is not usually required, but might be necessary + // to properly initialize checksum-based memory integrity measures on safety-critical hardware. + #[cfg(feature = "zero-init-ram")] + "ldr r0, =_ram_start + ldr r1, =_ram_end movs r2, #0 0: cmp r1, r0 @@ -540,17 +549,29 @@ cfg_global_asm! { b 0b 1:", + // Initialise .bss memory. `__sbss` and `__ebss` come from the linker script. + #[cfg(not(feature = "zero-init-ram"))] + "ldr r0, =__sbss + ldr r1, =__ebss + movs r2, #0 + 2: + cmp r1, r0 + beq 3f + stm r0!, {{r2}} + b 2b + 3:", + // Initialise .data memory. `__sdata`, `__sidata`, and `__edata` come from the linker script. "ldr r0, =__sdata ldr r1, =__edata ldr r2, =__sidata - 2: + 4: cmp r1, r0 - beq 3f + beq 5f ldm r2!, {{r3}} stm r0!, {{r3}} - b 2b - 3:", + b 4b + 5:", // Potentially enable an FPU. // SCB.CPACR is 0xE000_ED88. |