Firewall Segments - ST STM32L4x6 Reference Manual

RM0351
end code needs to embed an IAP located in a write protected segment in order to allow
future code updates when the production parts will be Level 2 ROP.
Write protection
In order to offer a maximum security level, the following points need to be respected:
•
It is mandatory to keep a write protection on the part of the code enabling the Firewall.
This activation code should be located outside the segments protected by the Firewall.
•
The write protection is also mandatory on the code segment protected by the Firewall.
•
The sector including the reset vector must be write-protected.
Interruptions management
The code protected by the Firewall must not be interruptible. It is up to the user code to
disable any interrupt source before executing the code protected by the Firewall. If this
constraint is not respected, if an interruption comes while the protected code is executed
(Firewall opened), the Firewall will be closed as soon as the interrupt subroutine is
executed. When the code returns back to the protected code area, a Firewall alarm will raise
since the "call gate" sequence will not be applied and a reset will be generated.
Concerning the interrupt vectors and the first user sector in the Flash memory:
• If the first user sector (including the reset vector) is protected by the Firewall, the NVIC
vector should be reprogrammed outside the protected segment.
•
If the first user sector is not protected by the Firewall, the interrupt vectors may be kept
at this location.
There is no interruption generated by the Firewall.
4.3.3

Firewall segments

The Firewall has been designed to protect three different segment areas:
Code segment
This segment is located into the Flash memory. It should contain the code to execute which
requires the Firewall protection. The segment must be reached using the "call gate" entry
sequence to open the Firewall. A system reset is generated if the "call gate" entry sequence
is not respected (refer to
FWDIS bit in the system configuration register. The length of the segment and the segment
base address must be configured before enabling the Firewall (refer to
Firewall initialization).
Non-volatile data segment
This segment contains non-volatile data used by the protected code which must be
protected by the Firewall. The access to this segment is defined into
accesses and
area. The Non-Volatile data segment should be located into the Flash memory. The
segment length and the base address of the segment must be configured before enabling
the Firewall (refer to
Opening the
properties. The Firewall must be opened before accessing the data in this
Section 4.3.5: Firewall
DocID024597 Rev 3
Firewall) and if the Firewall is enabled using the
initialization).
Firewall (FW)
Section 4.3.5:
Section 4.3.4: Segment
123/1693
132