Advertisement
RM0432
end code needs to embed an IAP located in a write protected segment in order to allow
future code updates when the production parts will be Level 2 ROP.
Write protection
In order to offer a maximum security level, the following points need to be respected:
•
It is mandatory to keep a write protection on the part of the code enabling the Firewall.
This activation code should be located outside the segments protected by the Firewall.
•
The write protection is also mandatory on the code segment protected by the Firewall.
•
The page including the reset vector must be write-protected.
Interrupts management
The code protected by the Firewall must not be interruptible. It is up to the user code to
disable any interrupt source before executing the code protected by the Firewall. If this
constraint is not respected, if an interrupt comes while the protected code is executed
(Firewall opened), the Firewall will be closed as soon as the interrupt subroutine is
executed. When the code returns back to the protected code area, a Firewall alarm will raise
since the "call gate" sequence will not be applied and a reset will be generated.
Concerning the interrupt vectors and the first user page in the Flash memory:
•
If the first user page (including the reset vector) is protected by the Firewall, the NVIC
vector should be reprogrammed outside the protected segment.
•
If the first user page is not protected by the Firewall, the interrupt vectors may be kept
at this location.
There is no interrupt generated by the Firewall.
4.3.3
Firewall segments
The Firewall has been designed to protect three different segment areas:
Code segment
This segment is located into the Flash memory. It should contain the code to execute which
requires the Firewall protection. The segment must be reached using the "call gate" entry
sequence to open the Firewall. A system reset is generated if the "call gate" entry sequence
is not respected (refer to
FWDIS bit in the system configuration register. The length of the segment and the segment
base address must be configured before enabling the Firewall (refer to
Firewall
initialization).
Non-volatile data segment
This segment contains non-volatile data used by the protected code which must be
protected by the Firewall. The access to this segment is defined into
accesses and
area. The Non-Volatile data segment should be located into the Flash memory. The
segment length and the base address of the segment must be configured before enabling
the Firewall (refer to
Opening the
properties. The Firewall must be opened before accessing the data in this
Section 4.3.5: Firewall
RM0432 Rev 6
Firewall) and if the Firewall is enabled using the
initialization).
Firewall (FW)
Section 4.3.5:
Section 4.3.4: Segment
171/2301
181
Advertisement
Need help?
Do you have a question about the STM32L4+ Series and is the answer not in the manual?