TrustZone setup: partition_<Device>.h

The TrustZone header file contains the initial setup of the TrustZone hardware in an Armv8-M system.

This file implements the function TZ_SAU_Setup that is called from SystemInit. It uses settings in these files:

• partition_<Device>.h that defines the initial system configuration and during SystemInit in Secure state.
• partition_gen.h that contains SAU region and interrupt target assignments. This file may be generated using CMSIS-Zone.

Note

partition_gen.h is optional and can be generated using CMSIS-Zone. In previous versions of CMSIS-Core(M) this settings were part of partition_<Device>.h.

The partition_<Device>.h file contains the following configuration settings for:

• SAU CTRL register settings provides settings for the SAU CTRL register.
• Configuration of Sleep and Exception behaviour provides device-specific deep-sleep and exception settings.
• Configuration of Floating Point Unit defines the usage of the Floating Point Unit in secure and non-secure state.

The partition_<Device>.h file includes the partition_gen.h file with configuration settings for:

• Configuration of the SAU Address Regions provides configuration of the SAU Address Regions.
• Configuration of Interrupt Target settings provides device-specific interrupt target settings.

SAU CTRL register settings

#define	Value Range	Default	Description
SAU_INIT_CTRL	0 .. 1	0	Initialize SAU CTRL register or not 0: do not initialize SAU CTRL register 1: initialize SAU CTRL register
SAU_INIT_CTRL_ENABLE	0 .. 1	0	enable/disable the SAU 0: disable SAU 1: enable SAU
SAU_INIT_CTRL_ALLNS	0 .. 1	0	value for SAU_CTRL register bit ALLNS 0: all Memory is Secure 1: all Memory is Non-Secure

Configuration of Sleep and Exception behaviour

#define	Value Range	Default	Description
SCB_CSR_AIRCR_INIT	0 .. 1	1	Setup behaviour of Sleep and Exception Handling 0: not setup of CSR and AIRCR registers; the values below are not relevant 1: setup of CSR and AIRCR registers with values below
CSR_INIT_DEEPSLEEPS_VAL	0 .. 1	1	value for SCB_CSR register bit DEEPSLEEPS 0: Deep Sleep can be enabled by Secure and Non-Secure state 1: Deep Sleep can be enabled by Secure state only
AIRCR_INIT_SYSRESETREQS_VAL	0 .. 1	1	value for SCB_AIRCR register bit SYSRESETREQS 0: System reset request accessible from Secure and Non-Secure state 1: System reset request accessible from Secure state only
AIRCR_INIT_PRIS_VAL	0 .. 1	1	value for SCB_AIRCR register bit PRIS 0: Priority of Non-Secure exceptions is Not altered 1: Priority of Non-Secure exceptions is Lowered to 0x80-0xFF
AIRCR_INIT_BFHFNMINS_VAL	0 .. 1	0	value for SCB_AIRCR register bit BFHFNMINS 0: BusFault, HardFault, and NMI target are Secure state 1: BusFault, HardFault, and NMI target are Non-Secure state

Configuration of Floating Point Unit

#define	Value Range	Default	Description
TZ_FPU_NS_USAGE	0 .. 1	1	Setup behaviour of Floating Point Unit 0: not setup of NSACR and FPCCR registers; the values below are not relevant 1: setup of NSACR and FPCCR registers with values below
SCB_NSACR_CP10_11_VAL	0 or 3	3	Floating Point Unit usage (Value for SCB->NSACR register bits CP10, CP11) 0: Secure state only 3: Secure and Non-Secure state
FPU_FPCCR_TS_VAL	0 .. 1	0	Treat floating-point registers as Secure (value for FPU->FPCCR register bit TS) 0: Disable 1: Enabled
FPU_FPCCR_CLRONRETS_VAL	0 .. 1	0	Clear on return (CLRONRET) accessibility (Value for FPU->FPCCR register bit CLRONRETS) 0: Secure and Non-Secure state 1: Secure state only
FPU_FPCCR_CLRONRET_VAL	0 .. 1	1	Clear floating-point caller saved registers on exception return (Value for FPU->FPCCR register bit CLRONRET) 0: Disabled 1: Enabled

Region/ISR setup: partition_gen.h

The partition_gen.h header file can be generated using CMSIS-Zone.

The partition_<Device>.h file includes the partition_gen.h file with configuration settings for:

• Configuration of the SAU Address Regions provides configuration of the SAU Address Regions.
• Configuration of Interrupt Target settings provides device-specific interrupt target settings.

Note

In previous versions of CMSIS-Core(M) the above settings were part of partition_<Device>.h

Configuration of the SAU Address Regions

#define	Value Range	Default	Description
SAU_REGIONS_MAX	0 .. tbd	8	maximum number of SAU regions
SAU_INIT_REGION<number>	0 .. 1	0	initialize SAU region or not 0: do not initialize SAU region 1: initialize SAU region
SAU_INIT_START<number>	0x00000000 .. 0xFFFFFFE0 [in steps of 32]	0x00000000	region start address
SAU_INIT_END<number>	0x00000000 .. 0xFFFFFFE0 [in steps of 32]	0x00000000	region start address
SAU_INIT_NSC<number>	0 .. 1	0	SAU region attribute 0: Non-Secure 1: Secure, Non-Secure callable

The range of <number> is from 0 .. SAU_REGIONS_MAX. A set of these macros must exist for each <number>.

The following example shows a set of SAU region macros.

#define SAU_REGIONS_MAX   8                 /* Max. number of SAU regions */
 
#define SAU_INIT_REGION0    1
#define SAU_INIT_START0     0x00000000      /* start address of SAU region 0 */
#define SAU_INIT_END0       0x001FFFE0      /* end address of SAU region 0 */
#define SAU_INIT_NSC0       1
 
#define SAU_INIT_REGION1    1
#define SAU_INIT_START1     0x00200000      /* start address of SAU region 1 */
#define SAU_INIT_END1       0x003FFFE0      /* end address of SAU region 1 */
#define SAU_INIT_NSC1       0
 
#define SAU_INIT_REGION2    1
#define SAU_INIT_START2     0x20200000      /* start address of SAU region 2 */
#define SAU_INIT_END2       0x203FFFE0      /* end address of SAU region 2 */
#define SAU_INIT_NSC2       0
 
#define SAU_INIT_REGION3    1
#define SAU_INIT_START3     0x40000000      /* start address of SAU region 3 */
#define SAU_INIT_END3       0x40040000      /* end address of SAU region 3 */
#define SAU_INIT_NSC3       0
 
#define SAU_INIT_REGION4    0
#define SAU_INIT_START4     0x00000000      /* start address of SAU region 4 */
#define SAU_INIT_END4       0x00000000      /* end address of SAU region 4 */
#define SAU_INIT_NSC4       0
 
#define SAU_INIT_REGION5    0
#define SAU_INIT_START5     0x00000000      /* start address of SAU region 5 */
#define SAU_INIT_END5       0x00000000      /* end address of SAU region 5 */
#define SAU_INIT_NSC5       0
 
#define SAU_INIT_REGION6    0
#define SAU_INIT_START6     0x00000000      /* start address of SAU region 6 */
#define SAU_INIT_END6       0x00000000      /* end address of SAU region 6 */
#define SAU_INIT_NSC6       0
 
#define SAU_INIT_REGION7    0
#define SAU_INIT_START7     0x00000000      /* start address of SAU region 7 */
#define SAU_INIT_END7       0x00000000      /* end address of SAU region 7 */
#define SAU_INIT_NSC7       0

Configuration of Interrupt Target settings

Each interrupt has a configuration bit that defines the execution in Secure or Non-secure state. The Non-Secure interrupts have a separate vector table. Refer to Programmers Model with TrustZone for more information.

#define	Value Range	Default	Description
NVIC_INIT_ITNS<number>	0x00000000 .. 0xFFFFFFFF [each bit represents an interrupt]	0x00000000	Interrupt vector target 0: Secure state 1: Non-Secure state

The range of <number> is 0 .. (<number of external interrupts> + 31) / 32.

The following example shows the configuration for a maximum of 64 external interrupts.

#define NVIC_INIT_ITNS0      0x0000122B
#define NVIC_INIT_ITNS1      0x0000003A