Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

MPLAB
®
XC16 C Compiler Users Guide
DS50002071C-page 178 2012-2013 Microchip Technology Inc.
For example:
/* an external function that we wish to call */
extern void __attribute__((boot(3))) boot_service3();
/* local function callable from other segments */
void __attribute__((secure(4))) secure_service4()
{
boot_service3();
}
To specify a secure interrupt handler, use the boot attribute in combination with the
interrupt attribute:
void __attribute__((boot,interrupt)) boot_interrupts();
When an access entry point is specified for an external secure function, that function
need not be included in the project for a successful link. All references to that function
will be resolved to a fixed location in Flash, depending on the security model selected
at link time.
When an access entry point is specified for a locally defined function, the linker will
insert a branch instruction into the secure segment access area. The exception is for
access entry 16, which is represented as a vector (i.e, an instruction address) rather
than an instruction. The actual function definition will be located beyond the access
area; therefore the access area will contain a jump table through which control can be
transferred from another security segment to functions with defined entry points.
Automatic variables are owned by the enclosing function and do not need the boot
attribute. They may be assigned initial values, as shown:
void __attribute__((boot)) chuck_cookies()
{
int hurl;
int them = 55;
char *where = "far";
splat(where);
/* ... */
}
Note that the initial value of where is based on a string literal which is allocated in the
PSV constant section .boot_const. The compiler will set the psv page SFR to the
correct value upon entrance to the function. If necessary, the compiler will also restore
it after the call to splat().
Note: In order to allocate functions with the boot or secure attribute, memory
for the boot and/or secure segment must be reserved. This can be accom-
plished by setting configuration words in source code, or by specifying
linker command options. For more information, see Chapter 8.8, Options
that Specify CodeGuard Security Features, in the linker manual
(DS51317).
If attributes boot or secure are used, and memory is not reserved, then a
link error will result.

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh