/*\r
- * Copyright 2018 NXP\r
+ * Copyright 2017-2019 NXP\r
+ * All rights reserved.\r
*\r
* SPDX-License-Identifier: BSD-3-Clause\r
*/\r
\r
+/***********************************************************************************************************************\r
+ * This file was generated by the MCUXpresso Config Tools. Any manual edits made to this file\r
+ * will be overwritten if the respective MCUXpresso Config Tools is used to update this file.\r
+ **********************************************************************************************************************/\r
+\r
+/* clang-format off */\r
+/* TEXT BELOW IS USED AS SETTING FOR TOOLS *************************************\r
+!!GlobalInfo\r
+product: TEE v1.0\r
+processor: LPC55S69\r
+package_id: LPC55S69JBD100\r
+mcu_data: ksdk2_0\r
+processor_version: 0.2.6\r
+ * BE CAREFUL MODIFYING THIS COMMENT - IT IS YAML SETTINGS FOR TOOLS **********/\r
+/* clang-format on */\r
+\r
#include "fsl_common.h"\r
#include "tzm_config.h"\r
\r
-/*******************************************************************************\r
- * Definitions\r
- ******************************************************************************/\r
-#define CODE_FLASH_START_NS 0x00010000 \r
-#define CODE_FLASH_SIZE_NS 0x00072000\r
-#define CODE_FLASH_START_NSC 0x1000FE00\r
-#define CODE_FLASH_SIZE_NSC 0x200\r
-#define DATA_RAM_START_NS 0x20008000\r
-#define DATA_RAM_SIZE_NS 0x0002B000\r
-#define PERIPH_START_NS 0x40000000\r
-#define PERIPH_SIZE_NS 0x00100000\r
-\r
-/*******************************************************************************\r
- * Variables\r
- ******************************************************************************/\r
-#if defined(__MCUXPRESSO)\r
-extern unsigned char _start_sg[];\r
-#endif\r
+//********************************************************************\r
+//*** Definitions ****************************************************\r
+//********************************************************************\r
+/* SAU region boundaries */\r
+#define REGION_0_BASE 0\r
+#define REGION_0_END 0x0FFFFFFFU\r
+#define REGION_1_BASE 0x20000000U\r
+#define REGION_1_END 0xFFFFFFFFU\r
+#define REGION_2_BASE 0x1000FE00U\r
+#define REGION_2_END 0x1000FFFFU\r
+\r
+/* clang-format off */\r
+/* TEXT BELOW IS USED AS SETTING FOR TOOLS *************************************\r
+tee:\r
+- ahb:\r
+ - regions:\r
+ - relative_region: {memory: PROGRAM_FLASH, security: s_priv, start: '0x00000000', size: '0x00010000'}\r
+ - relative_region: {memory: PROGRAM_FLASH, security: ns_user, start: '0x00010000', size: '0x00090000'}\r
+ - relative_region: {memory: BootROM, security: ns_user, start: '0x00000000', size: '0x00020000'}\r
+ - relative_region: {memory: SRAMX, security: ns_user, start: '0x00000000', size: '0x00008000'}\r
+ - relative_region: {memory: SRAM0, security: s_priv, start: '0x00000000', size: '0x00008000'}\r
+ - relative_region: {memory: SRAM0, security: ns_user, start: '0x00008000', size: '0x00008000'}\r
+ - relative_region: {memory: SRAM1, security: ns_user, start: '0x00000000', size: '0x00010000'}\r
+ - relative_region: {memory: SRAM2, security: ns_user, start: '0x00000000', size: '0x00010000'}\r
+ - relative_region: {memory: SRAM3, security: ns_user, start: '0x00000000', size: '0x00010000'}\r
+ - relative_region: {memory: SRAM4, security: ns_user, start: '0x00000000', size: '0x00004000'}\r
+ - relative_region: {memory: USB_RAM, security: ns_user, start: '0x00000000', size: '0x00004000'}\r
+ - masters:\r
+ - ns_user: {id: HASH, id: MCM33C, id: MCM33S, id: PQ, id: SDIO, id: SDMA0, id: SDMA1, id: USBFSD, id: USBFSH}\r
+ - peripherals:\r
+ - ns_user: {id: ADC0, id: AHB_SECURE_CTRL, id: ANACTRL, id: CASPER, id: CRC_ENGINE, id: CTIMER0, id: CTIMER1, id: CTIMER2, id: CTIMER3, id: CTIMER4, id: DBGMAILBOX,\r
+ id: DMA0, id: DMA1, id: FLASH, id: FLEXCOMM1, id: FLEXCOMM2, id: FLEXCOMM3, id: FLEXCOMM4, id: FLEXCOMM5, id: FLEXCOMM6, id: FLEXCOMM7, id: GINT0, id: GINT1,\r
+ id: GPIO, id: HASHCRYPT, id: INPUTMUX, id: MAILBOX, id: MRT0, id: OSTIMER, id: PINT, id: PLU, id: PMC, id: POWERQUAD, id: PRINCE, id: PUF, id: RNG, id: RTC,\r
+ id: SCT0, id: SDIF, id: SECGPIO, id: SECPINT, id: SPI8, id: SYSCTL, id: USB0, id: USBFSH, id: USBHSD, id: USBHSH, id: USBPHY, id: UTICK0, id: WWDT}\r
+ - s_priv: {id: FLEXCOMM0, id: IOCON, id: SYSCON}\r
+ - interrupts:\r
+ - masking:\r
+ - Non-masked: {id: acmp_capt_irq, id: adc_irq, id: casper_irq, id: ctimer0_irq, id: ctimer1_irq, id: ctimer2_irq, id: ctimer3_irq, id: ctimer4_irq, id: flexcomm0_irq,\r
+ id: flexcomm1_irq, id: flexcomm2_irq, id: flexcomm3_irq, id: flexcomm4_irq, id: flexcomm5_irq, id: flexcomm6_irq, id: flexcomm7_irq, id: global_irq0, id: global_irq1,\r
+ id: lspi_hs_irq, id: mailbox_irq, id: mrt_irq, id: os_event_irq, id: pin_int4, id: pin_int5, id: pin_int6, id: pin_int7, id: pin_irq0, id: pin_irq1, id: pin_irq2,\r
+ id: pin_irq3, id: plu_irq, id: pq_irq, id: qddkey_irq, id: rtc_irq, id: sct_irq, id: sdio_irq, id: sdma0_irq, id: sdma1_irq, id: sec_hypervisor_call_irq,\r
+ id: sec_int0, id: sec_int1, id: sec_vio_irq, id: sha_irq, id: sys_irq, id: usb0_irq, id: usb0_needclk_irq, id: usb1_irq, id: usb1_needclk_irq, id: usb1_utmi_irq,\r
+ id: utick_irq}\r
+ - security:\r
+ - Secure: {id: acmp_capt_irq, id: adc_irq, id: casper_irq, id: ctimer0_irq, id: ctimer1_irq, id: ctimer2_irq, id: ctimer3_irq, id: ctimer4_irq, id: flexcomm0_irq,\r
+ id: flexcomm1_irq, id: flexcomm2_irq, id: flexcomm3_irq, id: flexcomm4_irq, id: flexcomm5_irq, id: flexcomm6_irq, id: flexcomm7_irq, id: global_irq0, id: global_irq1,\r
+ id: lspi_hs_irq, id: mailbox_irq, id: mrt_irq, id: os_event_irq, id: pin_int4, id: pin_int5, id: pin_int6, id: pin_int7, id: pin_irq0, id: pin_irq1, id: pin_irq2,\r
+ id: pin_irq3, id: plu_irq, id: pq_irq, id: qddkey_irq, id: rtc_irq, id: sct_irq, id: sdio_irq, id: sdma0_irq, id: sdma1_irq, id: sec_hypervisor_call_irq,\r
+ id: sec_int0, id: sec_int1, id: sec_vio_irq, id: sha_irq, id: sys_irq, id: usb0_irq, id: usb0_needclk_irq, id: usb1_irq, id: usb1_needclk_irq, id: usb1_utmi_irq,\r
+ id: utick_irq}\r
+ - pins_masks:\r
+ - pio0:\r
+ - Non-masked: {id: '0', id: '1', id: '10', id: '11', id: '12', id: '13', id: '14', id: '15', id: '16', id: '17', id: '18', id: '19', id: '2', id: '20', id: '21',\r
+ id: '22', id: '23', id: '24', id: '25', id: '26', id: '27', id: '28', id: '29', id: '3', id: '30', id: '31', id: '4', id: '5', id: '6', id: '7', id: '8',\r
+ id: '9'}\r
+ - pio1:\r
+ - Non-masked: {id: '0', id: '1', id: '10', id: '11', id: '12', id: '13', id: '14', id: '15', id: '16', id: '17', id: '18', id: '19', id: '2', id: '20', id: '21',\r
+ id: '22', id: '23', id: '24', id: '25', id: '26', id: '27', id: '28', id: '29', id: '3', id: '30', id: '31', id: '4', id: '5', id: '6', id: '7', id: '8',\r
+ id: '9'}\r
+- sau:\r
+ - enabled: 'true'\r
+ - generate_code_for_disabled_regions: 'false'\r
+ - regions:\r
+ - region: {index: '0', enabled: 'true', security: ns, start: '0x00000000', size: '0x10000000'}\r
+ - region: {index: '1', enabled: 'true', security: ns, start: '0x20000000', size: '0xE0000000'}\r
+ - region: {index: '2', enabled: 'true', security: nsc, start: '0x1000FE00', size: '0x00000200'}\r
+ - region: {index: '3', enabled: 'false', security: ns, start: '0x00000000', size: '0x00000020'}\r
+ - region: {index: '4', enabled: 'false', security: ns, start: '0x00000000', size: '0x00000020'}\r
+ - region: {index: '5', enabled: 'false', security: ns, start: '0x00000000', size: '0x00000020'}\r
+ - region: {index: '6', enabled: 'false', security: ns, start: '0x00000000', size: '0x00000020'}\r
+ - region: {index: '7', enabled: 'false', security: ns, start: '0x00000000', size: '0x00000020'}\r
+- global_options:\r
+ - no: {id: AIRCR_PRIS, id: AIRCR_BFHFNMINS, id: AIRCR_SYSRESETREQS, id: SCR_SLEEPDEEPS, id: SHCSR_SECUREFAULTENA, id: NSACR_CP2, id: NSACR_CP3, id: NSACR_CP4,\r
+ id: NSACR_CP5, id: NSACR_CP6, id: NSACR_CP7, id: CPPWR_SU0, id: CPPWR_SUS0, id: CPPWR_SU1, id: CPPWR_SUS1, id: CPPWR_SU2, id: CPPWR_SUS2, id: CPPWR_SU3, id: CPPWR_SUS3,\r
+ id: CPPWR_SU4, id: CPPWR_SUS4, id: CPPWR_SU5, id: CPPWR_SUS5, id: CPPWR_SU6, id: CPPWR_SUS6, id: CPPWR_SU7, id: CPPWR_SUS7, id: CPPWR_SU10, id: CPPWR_SUS10, id: CPPWR_SU11,\r
+ id: CPPWR_SUS11, id: SEC_GPIO_MASK0_LOCK, id: SEC_GPIO_MASK1_LOCK, id: SEC_CPU1_INT_MASK0_LOCK, id: SEC_CPU1_INT_MASK1_LOCK, id: MASTER_SEC_LEVEL_LOCK, id: CPU0_LOCK_NS_VTOR,\r
+ id: CPU0_LOCK_NS_MPU, id: CPU0_LOCK_S_VTAIRCR, id: CPU0_LOCK_S_MPU, id: CPU0_LOCK_SAU, id: CPU0_LOCK_REG_LOCK, id: CPU1_LOCK_NS_VTOR, id: CPU1_LOCK_NS_MPU, id: CPU1_LOCK_REG_LOCK,\r
+ id: AHB_MISC_CTRL_REG_ENABLE_S_PRIV_CHECK, id: AHB_MISC_CTRL_REG_ENABLE_NS_PRIV_CHECK, id: AHB_MISC_CTRL_REG_DISABLE_VIOLATION_ABORT, id: AHB_MISC_CTRL_REG_DISABLE_SIMPLE_MASTER_STRICT_MODE,\r
+ id: AHB_MISC_CTRL_REG_DISABLE_SMART_MASTER_STRICT_MODE, id: AHB_MISC_CTRL_REG_IDAU_ALL_NS}\r
+ - yes: {id: NSACR_CP0, id: NSACR_CP1, id: NSACR_CP10, id: NSACR_CP11, id: AHB_MISC_CTRL_REG_ENABLE_SECURE_CHECKING, id: AHB_MISC_CTRL_REG_WRITE_LOCK}\r
+- user_memory_regions:\r
+ - user_memory_region: {id: Region_1, security: s_priv, name: Secure Code, start: '0x10000000', size: '0x0000FE00'}\r
+ - user_memory_region: {id: Region_2, security: nsc_priv, name: Veneer Table, start: '0x1000FE00', size: '0x00000200'}\r
+ - user_memory_region: {id: Region_3, security: s_priv, name: Secure Stack and Data, start: '0x30000000', size: '0x00008000'}\r
+ - user_memory_region: {id: Region_4, security: ns_user, name: Non-secure Code, description: Privilege check is disabled so reset value (NS-User) can be used,\r
+ start: '0x00010000', size: '0x00062000'}\r
+ - user_memory_region: {id: Region_5, security: ns_user, name: Non-secure Stack and Data, description: 'Privilege check is disabled so reset value (NS-User) can\r
+ be used. ', start: '0x20008000', size: '0x0002B000'}\r
+ * BE CAREFUL MODIFYING THIS COMMENT - IT IS YAML SETTINGS FOR TOOLS **********/\r
+/* clang-format on */\r
\r
/*!\r
* @brief TrustZone initialization\r
*\r
- * SAU Configuration\r
- * This function configures 3 regions:\r
- * 0x00010000 - 0x00081FFF - non-secure for code execution\r
- * 0x1000FE00 - 0x1000FFFF - secure, non-secure callable for veneer table\r
- * 0x20000000 - 0x20032FFF - non-secure for data\r
- *\r
- * AHB secure controller settings\r
- * After RESET all memories and peripherals are set to user:non-secure access\r
- * This function configures following memories and peripherals as secure:\r
- * 0x00000000 - 0x0000FFFF - for secure code execution (this is physical FLASH address)\r
- * 0x00008000 - 0x20032FFF - for secure data (this is physical RAM address)\r
- *\r
- * Secure peripherals: SYSCON, IOCON, FLEXCOMM0\r
- * NOTE: This example configures necessary peripherals for this example. \r
- * User should configure all peripherals, which shouldn't be accessible\r
- * from normal world.\r
-*/\r
+ * The function configures SAU and AHB.\r
+ */\r
void BOARD_InitTrustZone()\r
{\r
- /* Disable SAU */\r
- SAU->CTRL = 0U;\r
- \r
- /* Configure SAU region 0 - Non-secure RAM for CODE execution*/\r
+ //####################################################################\r
+ //### SAU configuration ##############################################\r
+ //####################################################################\r
+\r
+ /* Set SAU Control register: Disable SAU and All Secure */\r
+ SAU->CTRL = 0;\r
+\r
/* Set SAU region number */\r
SAU->RNR = 0;\r
- /* Region base address */ \r
- SAU->RBAR = (CODE_FLASH_START_NS & SAU_RBAR_BADDR_Msk);\r
- /* Region end address */\r
- SAU->RLAR = ((CODE_FLASH_START_NS + CODE_FLASH_SIZE_NS-1) & SAU_RLAR_LADDR_Msk) | \r
- /* Region memory attribute index */\r
- ((0U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk) |\r
- /* Enable region */\r
- ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk); \r
- \r
- /* Configure SAU region 1 - Non-secure RAM for DATA */\r
- /* Set SAU region number */\r
- SAU->RNR = 1;\r
- /* Region base address */ \r
- SAU->RBAR = (DATA_RAM_START_NS & SAU_RBAR_BADDR_Msk);\r
+ /* Region base address */\r
+ SAU->RBAR = REGION_0_BASE & SAU_RBAR_BADDR_Msk;\r
/* Region end address */\r
- SAU->RLAR = ((DATA_RAM_START_NS + DATA_RAM_SIZE_NS-1) & SAU_RLAR_LADDR_Msk) | \r
- /* Region memory attribute index */\r
- ((0U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk) |\r
- /* Enable region */\r
- ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk); \r
- \r
- /* Configure SAU region 2 - Non-secure callable FLASH for CODE veneer table*/\r
+ SAU->RLAR = ((REGION_0_END & SAU_RLAR_LADDR_Msk) | ((0U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk)) |\r
+ ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk);\r
+\r
/* Set SAU region number */\r
- SAU->RNR = 2;\r
- /* Region base address */ \r
-#if defined(__MCUXPRESSO)\r
- SAU->RBAR = ((uint32_t)&_start_sg & SAU_RBAR_BADDR_Msk);\r
-#else\r
- SAU->RBAR = (CODE_FLASH_START_NSC & SAU_RBAR_BADDR_Msk);\r
-#endif\r
+ SAU->RNR = 0x00000001U;\r
+ /* Region base address */\r
+ SAU->RBAR = REGION_1_BASE & SAU_RBAR_BADDR_Msk;\r
/* Region end address */\r
-#if defined(__MCUXPRESSO)\r
- SAU->RLAR = (((uint32_t)&_start_sg + CODE_FLASH_SIZE_NSC-1) & SAU_RLAR_LADDR_Msk) |\r
- /* Region memory attribute index */\r
- ((1U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk) |\r
- /* Enable region */\r
- ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk);\r
-#else\r
- SAU->RLAR = ((CODE_FLASH_START_NSC + CODE_FLASH_SIZE_NSC-1) & SAU_RLAR_LADDR_Msk) | \r
- /* Region memory attribute index */\r
- ((1U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk) |\r
- /* Enable region */\r
- ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk); \r
-#endif\r
-\r
- /* Configure SAU region 3 - Non-secure peripherals address space */\r
+ SAU->RLAR = ((REGION_1_END & SAU_RLAR_LADDR_Msk) | ((0U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk)) |\r
+ ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk);\r
+\r
/* Set SAU region number */\r
- SAU->RNR = 3;\r
+ SAU->RNR = 0x00000002U;\r
/* Region base address */\r
- SAU->RBAR = (PERIPH_START_NS & SAU_RBAR_BADDR_Msk);\r
+ SAU->RBAR = REGION_2_BASE & SAU_RBAR_BADDR_Msk;\r
/* Region end address */\r
- SAU->RLAR = ((PERIPH_START_NS + PERIPH_SIZE_NS-1) & SAU_RLAR_LADDR_Msk) |\r
- /* Region memory attribute index */\r
- ((0U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk) |\r
- /* Enable region */\r
- ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk);\r
+ SAU->RLAR = ((REGION_2_END & SAU_RLAR_LADDR_Msk) | ((1U << SAU_RLAR_NSC_Pos) & SAU_RLAR_NSC_Msk)) |\r
+ ((1U << SAU_RLAR_ENABLE_Pos) & SAU_RLAR_ENABLE_Msk);\r
\r
/* Force memory writes before continuing */\r
__DSB();\r
/* Flush and refill pipeline with updated permissions */\r
- __ISB(); \r
- /* Enable SAU */\r
- SAU->CTRL = 1U; \r
-\r
- /*Configuration of AHB Secure Controller \r
- * Possible values for every memory sector or peripheral rule: \r
- * 0b00 Non-secure and Non-priviledge user access allowed.\r
- * 0b01 Non-secure and Privilege access allowed.\r
- * 0b10 Secure and Non-priviledge user access allowed.\r
- * 0b11 Secure and Priviledge user access allowed. */\r
-\r
- /* FLASH memory configuration from 0x00000000 to 0x0000FFFF, sector size is 32kB */\r
+ __ISB();\r
+ /* Set SAU Control register: Enable SAU and All Secure (applied only if disabled) */\r
+ SAU->CTRL = 0x00000001U;\r
+\r
+ //####################################################################\r
+ //### AHB Configurations #############################################\r
+ //####################################################################\r
+\r
+ //--------------------------------------------------------------------\r
+ //--- AHB Security Level Configurations ------------------------------\r
+ //--------------------------------------------------------------------\r
+ /* Configuration of AHB Secure Controller\r
+ * Possible values for every memory sector or peripheral rule:\r
+ * 0 Non-secure, user access allowed.\r
+ * 1 Non-secure, privileged access allowed.\r
+ * 2 Secure, user access allowed.\r
+ * 3 Secure, privileged access allowed. */\r
+\r
+ //--- Security level configuration of memories -----------------------\r
AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_FLASH_MEM_RULE[0] = 0x00000033U;\r
- AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_FLASH_MEM_RULE[1] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_FLASH_MEM_RULE[2] = 0x00000000U;\r
- /* RAM memory configuration from 0x20000000 to 0x20007FFF, sector size is 4kB */\r
- /* Memory settings for user non-secure access (0x0U) is mentioned for completness only. It is default RESET value. */ \r
- AHB_SECURE_CTRL->SEC_CTRL_RAM0[0].MEM_RULE[0] = 0x33333333U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM0[0].MEM_RULE[1] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM1[0].MEM_RULE[0] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM1[0].MEM_RULE[1] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM2[0].MEM_RULE[0] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM2[0].MEM_RULE[1] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM3[0].MEM_RULE[0] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM3[0].MEM_RULE[1] = 0x00000000U;\r
- AHB_SECURE_CTRL->SEC_CTRL_RAM4[0].MEM_RULE[0] = 0x00000000U;\r
- \r
- /* Set SYSCON and IOCON as secure */\r
- AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE0_MEM_CTRL0 = AHB_SECURE_CTRL_SEC_CTRL_APB_BRIDGE_SEC_CTRL_APB_BRIDGE0_MEM_CTRL0_SYSCON_RULE(0x3U) |\r
- AHB_SECURE_CTRL_SEC_CTRL_APB_BRIDGE_SEC_CTRL_APB_BRIDGE0_MEM_CTRL0_IOCON_RULE(0x3U);\r
-\r
- /* Set FLEXCOMM0 as secure */\r
- AHB_SECURE_CTRL->SEC_CTRL_AHB0_0_SLAVE_RULE = AHB_SECURE_CTRL_SEC_CTRL_AHB0_0_SLAVE_RULE_FLEXCOMM0_RULE(0x3U);\r
-\r
- /* Enable AHB secure controller check and lock all rule registers */\r
- AHB_SECURE_CTRL->MISC_CTRL_DP_REG = (AHB_SECURE_CTRL->MISC_CTRL_DP_REG & ~(AHB_SECURE_CTRL_MISC_CTRL_DP_REG_WRITE_LOCK_MASK | \r
- AHB_SECURE_CTRL_MISC_CTRL_DP_REG_ENABLE_SECURE_CHECKING_MASK)) |\r
- AHB_SECURE_CTRL_MISC_CTRL_DP_REG_WRITE_LOCK(0x1U) |\r
- AHB_SECURE_CTRL_MISC_CTRL_DP_REG_ENABLE_SECURE_CHECKING(0x1U);\r
+ AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_FLASH_MEM_RULE[1] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_FLASH_MEM_RULE[2] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_ROM_MEM_RULE[0] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_ROM_MEM_RULE[1] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_ROM_MEM_RULE[2] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_FLASH_ROM[0].SEC_CTRL_ROM_MEM_RULE[3] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAMX[0].MEM_RULE[0] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM0[0].MEM_RULE[0] = 0x33333333U;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM0[0].MEM_RULE[1] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM1[0].MEM_RULE[0] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM1[0].MEM_RULE[1] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM2[0].MEM_RULE[0] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM2[0].MEM_RULE[1] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM3[0].MEM_RULE[0] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM3[0].MEM_RULE[1] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_RAM4[0].MEM_RULE[0] = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_USB_HS[0].MEM_RULE[0] = 0;\r
+\r
+ //--- Security level configuration of peripherals --------------------\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE0_MEM_CTRL0 = 0x00000033U;\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE0_MEM_CTRL1 = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE0_MEM_CTRL2 = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE1_MEM_CTRL0 = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE1_MEM_CTRL1 = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE1_MEM_CTRL2 = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_APB_BRIDGE[0].SEC_CTRL_APB_BRIDGE1_MEM_CTRL3 = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_AHB_PORT8_SLAVE0_RULE = 0x03000000U;\r
+ AHB_SECURE_CTRL->SEC_CTRL_AHB_PORT8_SLAVE1_RULE = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_AHB_PORT9_SLAVE0_RULE = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_AHB_PORT9_SLAVE1_RULE = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_AHB_PORT10[0].SLAVE0_RULE = 0;\r
+ AHB_SECURE_CTRL->SEC_CTRL_AHB_PORT10[0].SLAVE1_RULE = 0;\r
+\r
+ //--- Security level configuration of masters ------------------------\r
+ AHB_SECURE_CTRL->MASTER_SEC_LEVEL = 0;\r
+ AHB_SECURE_CTRL->MASTER_SEC_ANTI_POL_REG = 0x3FFFFFFFU;\r
+\r
+ //--------------------------------------------------------------------\r
+ //--- Pins: Reading GPIO state ---------------------------------------\r
+ //--------------------------------------------------------------------\r
+ // Possible values for every pin:\r
+ // 0b0 Deny\r
+ // 0b1 Allow\r
+ //--------------------------------------------------------------------\r
+ AHB_SECURE_CTRL->SEC_GPIO_MASK0 = 0xFFFFFFFFU;\r
+ AHB_SECURE_CTRL->SEC_GPIO_MASK1 = 0xFFFFFFFFU;\r
+\r
+ //--------------------------------------------------------------------\r
+ //--- Interrupts: Interrupt handling by Core1 ------------------------\r
+ //--------------------------------------------------------------------\r
+ // Possible values for every interrupt:\r
+ // 0b0 Deny\r
+ // 0b1 Allow\r
+ //--------------------------------------------------------------------\r
+ AHB_SECURE_CTRL->SEC_CPU_INT_MASK0 = 0xFFFFFFFFU;\r
+ AHB_SECURE_CTRL->SEC_CPU_INT_MASK1 = 0xFFFFFFFFU;\r
+\r
+ //--------------------------------------------------------------------\r
+ //--- Interrupts: Interrupt security configuration -------------------\r
+ //--------------------------------------------------------------------\r
+ // Possible values for every interrupt:\r
+ // 0b0 Secure\r
+ // 0b1 Non-secure\r
+ //--------------------------------------------------------------------\r
+ NVIC->ITNS[0] = 0;\r
+ NVIC->ITNS[1] = 0;\r
+\r
+ //--------------------------------------------------------------------\r
+ //--- Global Options -------------------------------------------------\r
+ //--------------------------------------------------------------------\r
+ SCB->AIRCR = (SCB->AIRCR & 0x000009FF7U) | 0x005FA0000U;\r
+ SCB->SCR &= 0x0FFFFFFF7U;\r
+ SCB->SHCSR &= 0x0FFF7FFFFU;\r
+ SCB->NSACR = 0x00000C03U;\r
+ SCnSCB->CPPWR = 0;\r
+ AHB_SECURE_CTRL->SEC_MASK_LOCK = 0x00000AAAU;\r
+ AHB_SECURE_CTRL->MASTER_SEC_LEVEL = (AHB_SECURE_CTRL->MASTER_SEC_LEVEL & 0x03FFFFFFFU) | 0x080000000U;\r
+ AHB_SECURE_CTRL->MASTER_SEC_ANTI_POL_REG = (AHB_SECURE_CTRL->MASTER_SEC_ANTI_POL_REG & 0x03FFFFFFFU) | 0x080000000U;\r
+ AHB_SECURE_CTRL->CPU0_LOCK_REG = 0x800002AAU;\r
+ AHB_SECURE_CTRL->CPU1_LOCK_REG = 0x8000000AU;\r
+ AHB_SECURE_CTRL->MISC_CTRL_REG = (AHB_SECURE_CTRL->MISC_CTRL_REG & 0x0FFFF0003U) | 0x00000AAA4U;\r
+ AHB_SECURE_CTRL->MISC_CTRL_DP_REG = 0x0000AAA5U;\r
}\r
projects / freertos / blobdiff