Vault 7: Projects
This publication series is about specific projects related to the Vault 7 main publication.
MPLAB
®
XC16 C Compiler Users Guide
DS50002071C-page 152 2012-2013 Microchip Technology Inc.
10.4.1.2 CONST-QUALIFIED VARIABLES IN SECURE FLASH
const-qualified variables with initializers can be supported in secure Flash segments
using PSV constant sections managed by the compiler. For example:
const int __attribute__((boot)) time_delay = 55;
If the const qualifier was omitted from the definition of time_delay, this statement
would be rejected with an error message. (Initialized variables in secure RAM are not
supported).
Since the const qualifier has been specified, variable time_delay can be allocated
in a PSV constant section that is owned by the boot segment. It is also possible to spec-
ify the PSV constant section explicitly with the space(auto_psv) attribute:
int __attribute__((boot,space(auto_psv))) bebop = 20;
Pointer variables initialized with string literals require special processing. For example:
char * const foo __attribute__((boot)) = "eek";
The compiler will recognize that string literal "eek" must be allocated in the same PSV
constant section as pointer variable foo.
Regardless of whether you have selected the constants-in-code or constants-in-data
memory model, the compiler will create and manage PSV constant sections as needed
for secure segments. Support for user-managed PSV sections is maintained through
an object compatibility model explained below.
Upon entrance to a boot or secure function, PSVPAG will be set to the correct value.
This value will be restored after any external function call.
10.4.1.3 STRING LITERALS AS ARGUMENTS
In addition to being used as initializers, string literals may also be used as function
arguments. For example:
myputs("Enter the Dragon code:\n");
Here allocation of the string literal depends on the surrounding code. If the statement
appears in a boot or secure function, the literal will be allocated in a corresponding PSV
constant section. Otherwise it will be placed in general (non-secure) memory,
according to the constants memory model.
Recall that data stored in a secure segment cannot be read by any other segment. For
example, it is not possible to call the standard C library function puts() with a string
that has been allocated in a secure segment. Therefore literals which appear as func-
tion arguments can only be passed to functions in the same security segment. This is
also true for objects referenced by pointers and arrays. Simple scalar types such as
char, int, and float, which are passed by value, may be passed to functions in
different segments.
Protego_Release_01_05-Related-OEM-Documentation-MPLAB-XC16-C-Compiler.pdf