ACL — Access control lists

The Access control lists (ACL) peripheral is designed to assign and enforce access permission schemes for different regions of the on-chip flash memory map.

Flash memory regions can be assigned individual ACL permission schemes. The following registers are involved:

  • PERM register - configures permission schemes
  • ADDR register - defines the flash page start address (word-aligned)
  • SIZE register - determines the size of the region where the permission schemes are applied
Note: The size of the region is restricted to a multiple of the flash page size, measured in bytes. The maximum region is limited to half the size of the flash page. See Memory for more information.
Figure 1. On-chip flash memory protected regions
Protected regions of on-chip flash memory

There are four defined ACL permission schemes, each with different combinations of read/write permissions, as shown in the following table.

Table 1. ACL permission schemes
Read Write Protection description
0 0 No protection. Entire region can be executed, read, written to, or erased.
0 1 Region can be executed and read, but not written to or erased.
1 0 Region can be written to and erased, but not executed or read.
1 1 Region is locked for all access until next reset.
Note: If a permission violation to a protected region is detected by the ACL peripheral, the request is blocked and a Bus Fault exception is triggered.

Access control to a configured region is enforced by the hardware. This goes into effect two CPU clock cycles after the ADDR, SIZE, and PERM registers for an ACL instance are written successfully. There are two dependencies for protection to be enforced. First, a valid start address for the flash page boundary must be written to the ADDR register. Second, the SIZE and PERM registers cannot be zero.

The ADDR, SIZE, and PERM registers can only be written once. All ACL configuration registers are cleared on reset by resetting the device from a reset source. This is the only way of clearing the configuration registers. To ensure that the ACL peripheral always enforces the desired permission schemes, the device boot sequence must perform the necessary configuration.

Debugger read access to a read-protected region will be Read-As-Zero (RAZ), while debugger write access to a write-protected region will be Write-Ignored (WI).

Registers

Table 2. Instances
Base address Peripheral Instance Description Configuration
0x4001E000 ACL ACL

Access control lists

    
Table 3. Register overview
Register Offset Description
ACL[0].ADDR 0x800

Start address of region to protect. The start address must be word-aligned.

  
ACL[0].SIZE 0x804

Size of region to protect counting from address ACL[0].ADDR. Writing a '0' has no effect.

  
ACL[0].PERM 0x808

Access permissions for region 0 as defined by start address ACL[0].ADDR and size ACL[0].SIZE

  
ACL[0].UNUSED0 0x80C  

Reserved
ACL[1].ADDR 0x810

Start address of region to protect. The start address must be word-aligned.

  
ACL[1].SIZE 0x814

Size of region to protect counting from address ACL[1].ADDR. Writing a '0' has no effect.

  
ACL[1].PERM 0x818

Access permissions for region 1 as defined by start address ACL[1].ADDR and size ACL[1].SIZE

  
ACL[1].UNUSED0 0x81C  

Reserved
ACL[2].ADDR 0x820

Start address of region to protect. The start address must be word-aligned.

  
ACL[2].SIZE 0x824

Size of region to protect counting from address ACL[2].ADDR. Writing a '0' has no effect.

  
ACL[2].PERM 0x828

Access permissions for region 2 as defined by start address ACL[2].ADDR and size ACL[2].SIZE

  
ACL[2].UNUSED0 0x82C  

Reserved
ACL[3].ADDR 0x830

Start address of region to protect. The start address must be word-aligned.

  
ACL[3].SIZE 0x834

Size of region to protect counting from address ACL[3].ADDR. Writing a '0' has no effect.

  
ACL[3].PERM 0x838

Access permissions for region 3 as defined by start address ACL[3].ADDR and size ACL[3].SIZE

  
ACL[3].UNUSED0 0x83C  

Reserved
ACL[4].ADDR 0x840

Start address of region to protect. The start address must be word-aligned.

  
ACL[4].SIZE 0x844

Size of region to protect counting from address ACL[4].ADDR. Writing a '0' has no effect.

  
ACL[4].PERM 0x848

Access permissions for region 4 as defined by start address ACL[4].ADDR and size ACL[4].SIZE

  
ACL[4].UNUSED0 0x84C  

Reserved
ACL[5].ADDR 0x850

Start address of region to protect. The start address must be word-aligned.

  
ACL[5].SIZE 0x854

Size of region to protect counting from address ACL[5].ADDR. Writing a '0' has no effect.

  
ACL[5].PERM 0x858

Access permissions for region 5 as defined by start address ACL[5].ADDR and size ACL[5].SIZE

  
ACL[5].UNUSED0 0x85C  

Reserved
ACL[6].ADDR 0x860

Start address of region to protect. The start address must be word-aligned.

  
ACL[6].SIZE 0x864

Size of region to protect counting from address ACL[6].ADDR. Writing a '0' has no effect.

  
ACL[6].PERM 0x868

Access permissions for region 6 as defined by start address ACL[6].ADDR and size ACL[6].SIZE

  
ACL[6].UNUSED0 0x86C  

Reserved
ACL[7].ADDR 0x870

Start address of region to protect. The start address must be word-aligned.

  
ACL[7].SIZE 0x874

Size of region to protect counting from address ACL[7].ADDR. Writing a '0' has no effect.

  
ACL[7].PERM 0x878

Access permissions for region 7 as defined by start address ACL[7].ADDR and size ACL[7].SIZE

  
ACL[7].UNUSED0 0x87C  

Reserved

ACL[n].ADDR (n=0..7)

Address offset: 0x800 + (n × 0x10)

Start address of region to protect. The start address must be word-aligned.

This register can only be written once.

Bit number 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
ID A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A
Reset 0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ID Access Field Value ID Value Description
A RW1

ADDR

    

Start address of flash region n. The start address must point to a flash page boundary.

ACL[n].SIZE (n=0..7)

Address offset: 0x804 + (n × 0x10)

Size of region to protect counting from address ACL[n].ADDR. Writing a '0' has no effect.

This register can only be written once.

Bit number 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
ID A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A
Reset 0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ID Access Field Value ID Value Description
A RW1

SIZE

    

Size of flash region n in bytes. Must be a multiple of the flash page size.

ACL[n].PERM (n=0..7)

Address offset: 0x808 + (n × 0x10)

Access permissions for region n as defined by start address ACL[n].ADDR and size ACL[n].SIZE

This register can only be written once.

Bit number 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
ID                                                           C B
Reset 0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ID Access Field Value ID Value Description
B RW1

WRITE

    

Configure write and erase permissions for region n. Writing a '0' has no effect.

     

Enable

0

Allow write and erase instructions to region n.

     

Disable

1

Block write and erase instructions to region n.

C RW1

READ

    

Configure read permissions for region n. Writing a '0' has no effect.

     

Enable

0

Allow read instructions to region n.

     

Disable

1

Block read instructions to region n.