SPU is the central point in the system to control access to memories, peripherals and other resources.
Listed here are the main features of the SPU:
External domain access protection, controlling access rights from other MCUs
SPU provides a register interface to control the various internal logic blocks that monitor access to memory-mapped slave devices (RAM, flash, peripherals, etc) and other resources (device pins, DPPI channels, etc).
An error is reported through dedicated error signals. For security state violations from an M33 master this will be a SecureFault exception, for other violations this will be an SPU event. The SPU event can be configured to generate an interrupt towards the CPU.
Other resources like pins and DPPI channels are protected by comparing the security attributes of the protected resource with the security attribute of the peripheral that wants to access it. The SPU is the only place where those security attributes can be configured.
For a ARM® TrustZone® for Cortex®-M enabled CPU, the SPU also controls custom logic.
Custom logic is shown as the implementation defined attribution unit (IDAU) in figure Simplified view of the protection of RAM, flash and peripherals using SPU. Full support is provided for:
The SPU provides the necessary registers to configure the security attributes for memory regions and peripherals. However, as a requirement to use the SPU, the secure attribution unit (SAU) needs to be disabled and all memory set as non-secure in the ARM core. This will allow the SPU to control the IDAU and set the security attribution of all addresses as originally intended.
The flash memory space is divided in regions, each of them with configurable permissions settings.
The flash memory space is divided into 32 regions of 32 KiB .
For each region, four different types of permissions can be configured:
Permissions can be set independently. For example, it is possible to configure a flash region to be accessible only through secure transfer, being read-only (no write allowed) and non-executable (no code fetch allowed). For each region, permissions can be set and then locked by using the FLASHREGION[n].PERM.LOCK bit, to prevent subsequent modifications.
Note that the debugger is able to step through execute-protected memory regions.
The following figure shows the flash memory space and the divided regions:
The SPU provides support for the definition of non-secure callable (NSC) sub-regions to allow non-secure to secure function calls.
A non-secure callable sub-region can only exist within an existing secure region and its definition is done using two registers:
The NSC sub-region will be defined from the highest address in that region, going downwards. Figure below illustrates the NSC sub-regions and the registers used for their definition:
The NSC sub-region will only be defined if:
If FLASHNSC[i].REGION and FLASHNSC[j].REGION have the same value, there is only one sub-region defined as NSC, with the size given by the maximum of FLASHNSC[i].SIZE and FLASHNSC[j].SIZE.
If FLASHNSC[i].REGION defines a non-secure region, then there is no non-secure callable region defined and the selected region stays non-secure.
The SPU and the logic controlled by it will respond with a certain behavior once an access violation is detected.
The following will happen once the logic controlled by the SPU detects an access violation on one of the flash ports:
The following table summarizes the SPU behavior based on the type of initiator and access violation:
Master type | Security violation | Read/Write/Execute protection violation |
---|---|---|
Cortex®-M33 | SecureFault exception | BusFault exception, FLASHACCERR event |
EasyDMA | RAZ/WI, FLASHACCERR event | RAZ/WI, FLASHACCERR event |
Other masters | RAZ/WI, FLASHACCERR event | RAZ/WI, FLASHACCERR event |
For a Cortex®-M33 master, the SecureFault exception will take precedence over the BusFault exception if a security violation occurs simultaneously with another type of violation.
The user information configuration registers (UICR) and factory information configuration registers (FICR) are always considered as secure. FICR registers are read-only. UICR registers can be read and written by secure code only.
Writing new values to user information configuration registers must follow the procedure described in NVMC — Non-volatile memory controller. Code execution from FICR and UICR address spaces will always be reported as access violation, an exception to this rule applies during a debug session.
The RAM memory space is divided in regions, each of them with configurable permissions settings.
The RAM memory space is divided into 32 regions of 8 KiB.
For each region, four different types of permissions can be configured:
Permissions can be set independently. For example, it is possible to configure a RAM region to be accessible only through secure transfer, being read-only (no write allowed) and non-executable (no code fetch allowed). For each region, permissions can be set and then locked to prevent subsequent modifications by using the RAMREGION[n].PERM.LOCK bit.
The following figure shows the RAM memory space and the devided regions:
The SPU provides support for the definition of non-secure callable (NSC) sub-regions to allow non-secure to secure function calls.
A non-secure callable sub-region can only exist within an existing secure region and its definition is done using two registers:
The NSC sub-region will be defined from the highest address in that region, going downwards. Figure below illustrates the NSC sub-regions and the registers used for their definition:
The NSC sub-region will only be defined if:
If RAMNSC[i].REGION and RAMNSC[j].REGION have the same value, there is only one sub-region defined as NSC, with the size given by the maximum of RAMNSC[i].SIZE and RAMNSC[j].SIZE.
If RAMNSC[i].REGION defines a non-secure region, then there is no non-secure callable region defined and the selected region stays non-secure.
The SPU and the logic controlled by it will respond with a certain behavior once an access violation is detected.
The following will happen once the logic controlled by the SPU detects an access violation on one of the RAM ports:
The following table summarizes the SPU behavior based on the type of initiator and access violation:
Master type | Security violation | Read/Write/Execute protection violation |
---|---|---|
Cortex®-M33 | SecureFault exception | BusFault exception, RAMACCERR event |
EasyDMA | RAZ/WI, RAMACCERR event | RAZ/WI, RAMACCERR event |
Other masters | RAZ/WI, RAMACCERR event | RAZ/WI, RAMACCERR event |
For a Cortex®-M33 master, the SecureFault exception will take precedence over the BusFault exception if a security violation occurs simultaneously with another type of violation.
Access controls are defined by the characteristics of the peripheral.
Peripherals can have their security attribute set as:
The full list of peripherals and their corresponding security attributes can be found in Memory map. For each peripheral with ID n, PERIPHID[n]. PERM will show whether the security attribute for this peripheral is configurable or not.
If not hardcoded, the security attribute can configured using the PERIPHID[id].PERM.
At reset, all user-selectable and split security peripherals are set to be secure, with secure DMA where present.
Secure code can access both secure peripherals and non-secure peripherals.
The nRF9160 does not support runtime security configuration of peripherals. It is thus, advisable that all security settings on peripherals are set during boot time. Doing so will ensure the desired system security configuration is deployed simultaneously system-wide.
Peripherals with split security are defined to handle use-cases when both secure and non-secure code needs to control the same resource.
When peripherals with split security have their security attribute set to non-secure, access to specific registers and bitfields within some registers is dependent on the security attribute of the bus transfer. For example, some registers will not be accessible for a non-secure transfer.
When peripherals with split security have their security attribute set to secure, then only secure transfers can access their registers.
See Instantiation for an overview of split security peripherals. Respective peripheral chapters explain the specific security behavior of each peripheral.
Peripherals that have non-secure security mapping have their address starting with 0x4XXX_XXXX. Peripherals that have secure security mapping have their address starting with 0x5XXX_XXXX.
Peripherals with a user-selectable security mapping are available at an address starting with:
Secure code accessing the 0x5XXX_XXXX address range of a peripheral marked as non-secure will also result in a bus-error.
Peripherals with a split security mapping are available at an address starting with:
Any attempt to access the 0x5000_0000-0x5FFF_FFFF address range from non-secure code will be ignored and generate a SecureFault exception.
The table below illustrates the address mapping for the three type of peripherals in all possible configurations
Security-features and configuration | Is mapped at 0x4XXX_XXXX? | Is mapped at 0x5XXX_XXXX? |
---|---|---|
Secure peripheral | No | Yes |
Non-secure peripheral | Yes | No |
Split-security peripheral, with attribute=secure | No | Yes |
Split-security peripheral, with attribute=non-secure | Yes, restricted functionality | Yes |
Peripherals containing a DMA master can be configured so the security attribute of the DMA transfers is different from the security attribute of the peripheral itself. This allows a secure peripheral to do non-secure data transfers to or from the system memories.
The following conditions must be met:
Then it is possible to select the security attribute of the DMA transfers using the field DMASEC (PERIPHID[n].PERM.DMASEC == Secure and PERIPHID[n].PERM.DMASEC == NonSecure) in PERIPHID[n].PERM.
Peripherals send error reports once access violation is detected.
The following will happen if the logic controlled by the SPU detects an access violation on one of the peripherals:
Access to device pins can be controlled by the SPU. A pin can be declared as secure so that only secure peripherals or secure code can access it. Pins declared as non-secure can be accessed by both secure and non-secure peripherals or code.
The security attribute of each pin can be individually configured in SPU's GPIOPORT[n].PERM register. When the secure attribute is set for a pin, only peripherals that have the secure attribute set will be able to read the value of the pin or change it.
Peripherals can select the pin(s) they need access to through their PSEL register(s). If a peripheral has its attribute set to non-secure, but one of its PSEL registers selects a pin with the attribute set to secure, the SPU controlled logic will ensure that the pin selection is not propagated. In addition, the pin value will always be read as zero, to prevent a non-secure peripheral from obtaining a value from a secure pin. Whereas access to other pins with attribute set as non-secure will not be blocked.
Pins can be assigned to other domains than the application domain by changing the MCUSEL value in the GPIO PIN_CNF[n] register. Domains that do not have a pin assigned to them can neither control that pin nor read its status. Any pin configuration set in a domain that doesn't have ownership of that pin will not take effect until the MCUSEL is updated to assign that pin to the domain. Within each domain, pin access is controlled by that domain's local security configuration and peripheral PSEL registers. This is illustrated in the following figure:
Access to DPPI channels can be restricted. A channel can be declared as secure so that only secure peripherals can access it.
The security attribute of a DPPI channel is configured in DPPI[n].PERM (n=0..0). When the secure attribute is set for a channel, only peripherals that have the secure attribute set will be able to publish events to this channel or subscribe to this channel to receive tasks.
The DPPI controller peripheral (DPPIC) is a split security peripheral, i.e., its security behavior depends on the security attributes of both the DPPIC and the accessing party. See Special considerations regarding the DPPIC configuration registers for more information about the DPPIC security behavior.
If a non-secure peripheral wants to publish an event on a secure DPPI channel, the channel will ignore the event. If a non-secure peripheral subscribes to a secure DPPI channel, it will not receive any events from this channel. The following figure illustrates the principle of operation of the security logic for a subscribed channel:
No error reporting mechanism is associated with the DPPI access control logic.
DPPI channels can be enabled, disabled and grouped through the DPPI controller (DPPIC). The DPPIC is a split-security peripheral, and handles both secure and non-secure accesses.
A non-secure peripheral access will only be able to configure and control DPPI channels defined as non-secure in SPU's DPPI[n].PERM register(s). A secure peripheral access can control all DPPI channels, independently of the configuration in the DPPI[n].PERM register(s).
The DPPIC allows the creation of group of channels to be able to enable or disable all channels within a group simultaneously. The security attribute of a group of channels (secure or non-secure) is defined as follows:
A non-secure access to a DPPIC register, or a bitfield controlling a channel marked as secure in DPPI[n].PERM register(s), will be ignored:
No exceptions are thrown when a non-secure access targets a register or bitfield controlling a secure channel. For example, if the bit i is set in the DPPI[n].PERM register (declaring the DPPI channel i as secure), then:
For the channel configuration registers (DPPIC.CHG[n]), access from non-secure code is only possible if the included channels are all non-secure, whether the channels are enabled or not. If a DPPIC.CHG[g] register included one or more secure channels, then the group gis considered as secure and only a secure transfer can read or write DPPIC.CHG[g]. A non-secure write will be ignored and a non-secure read will return zero.
The DPPIC can subscribe to secure or non-secure channels through SUBSCRIBE_CHG[n] registers in order to trigger task for enabling or disabling groups of channels. But an event from a non-secure channel will be ignored if the group subscribing to this channel is secure. An event from a secure channel can trigger both secure and non-secure tasks.
Other domains with their own CPUs can access peripherals, flash and RAM memories. The SPU allows controlling accesses from those bus masters.
The external domains can access application MCU memories and peripherals. External domains are assigned security attributes as described in register EXTDOMAIN[n].PERM.
Domain | Capability register | Permission register |
---|---|---|
LTE modem | Modem is always a non-secure domain | Not applicable |
The figure below illustrates how the security control units are used to assign security attributes to transfers initiated by the external domains:
Flash and RAM regions, as well as non-secure and secure peripherals, are assigned unique TrustZone® IDs.
The table below shows the TrustZone® ID allocation:
Regions | TrustZone Cortex-M ID |
---|---|
Flash regions 0..31 | 0..31 |
RAM regions 0..15 | 64..79 |
Non-secure peripherals | 253 |
Secure peripherals | 254 |
Base address | Peripheral | Instance | Secure mapping | DMA security | Description | Configuration |
---|---|---|---|---|---|---|
0x50003000 | SPU | SPU | S | NA |
System Protection Unit |
Register | Offset | Security | Description |
---|---|---|---|
EVENTS_RAMACCERR | 0x100 |
A security violation has been detected for the RAM memory space |
|
EVENTS_FLASHACCERR | 0x104 |
A security violation has been detected for the flash memory space |
|
EVENTS_PERIPHACCERR | 0x108 |
A security violation has been detected on one or several peripherals |
|
PUBLISH_RAMACCERR | 0x180 |
Publish configuration for event RAMACCERR |
|
PUBLISH_FLASHACCERR | 0x184 |
Publish configuration for event FLASHACCERR |
|
PUBLISH_PERIPHACCERR | 0x188 |
Publish configuration for event PERIPHACCERR |
|
INTEN | 0x300 |
Enable or disable interrupt |
|
INTENSET | 0x304 |
Enable interrupt |
|
INTENCLR | 0x308 |
Disable interrupt |
|
CAP | 0x400 |
Show implemented features for the current device |
|
EXTDOMAIN[n].PERM | 0x440 |
Access for bus access generated from the external domain n List capabilities of the external domain n |
|
DPPI[n].PERM | 0x480 |
Select between secure and non-secure attribute for the DPPI channels. |
|
DPPI[n].LOCK | 0x484 |
Prevent further modification of the corresponding PERM register |
|
GPIOPORT[n].PERM | 0x4C0 |
Select between secure and non-secure attribute for pins 0 to 31 of port n. This register is retained. |
|
GPIOPORT[n].LOCK | 0x4C4 |
Prevent further modification of the corresponding PERM register |
|
FLASHNSC[n].REGION | 0x500 |
Define which flash region can contain the non-secure callable (NSC) region n |
|
FLASHNSC[n].SIZE | 0x504 |
Define the size of the non-secure callable (NSC) region n |
|
RAMNSC[n].REGION | 0x540 |
Define which RAM region can contain the non-secure callable (NSC) region n |
|
RAMNSC[n].SIZE | 0x544 |
Define the size of the non-secure callable (NSC) region n |
|
FLASHREGION[n].PERM | 0x600 |
Access permissions for flash region n |
|
RAMREGION[n].PERM | 0x700 |
Access permissions for RAM region n |
|
PERIPHID[n].PERM | 0x800 |
List capabilities and access permissions for the peripheral with ID n |
Address offset: 0x100
A security violation has been detected for the RAM memory space
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EVENTS_RAMACCERR |
A security violation has been detected for the RAM memory space |
||||||||||||||||||||||||||||||||
NotGenerated |
0 |
Event not generated |
|||||||||||||||||||||||||||||||||
Generated |
1 |
Event generated |
Address offset: 0x104
A security violation has been detected for the flash memory space
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EVENTS_FLASHACCERR |
A security violation has been detected for the flash memory space |
||||||||||||||||||||||||||||||||
NotGenerated |
0 |
Event not generated |
|||||||||||||||||||||||||||||||||
Generated |
1 |
Event generated |
Address offset: 0x108
A security violation has been detected on one or several peripherals
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EVENTS_PERIPHACCERR |
A security violation has been detected on one or several peripherals |
||||||||||||||||||||||||||||||||
NotGenerated |
0 |
Event not generated |
|||||||||||||||||||||||||||||||||
Generated |
1 |
Event generated |
Address offset: 0x180
Publish configuration for event RAMACCERR
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B | A | A | A | A | A | A | A | A | ||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
CHIDX |
[255..0] |
DPPI channel that event RAMACCERR will publish to |
|||||||||||||||||||||||||||||||
B | RW |
EN |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable publishing |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable publishing |
Address offset: 0x184
Publish configuration for event FLASHACCERR
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B | A | A | A | A | A | A | A | A | ||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
CHIDX |
[255..0] |
DPPI channel that event FLASHACCERR will publish to |
|||||||||||||||||||||||||||||||
B | RW |
EN |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable publishing |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable publishing |
Address offset: 0x188
Publish configuration for event PERIPHACCERR
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B | A | A | A | A | A | A | A | A | ||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
CHIDX |
[255..0] |
DPPI channel that event PERIPHACCERR will publish to |
|||||||||||||||||||||||||||||||
B | RW |
EN |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable publishing |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable publishing |
Address offset: 0x300
Enable or disable interrupt
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | A | ||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
RAMACCERR |
Enable or disable interrupt for event RAMACCERR |
||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable |
|||||||||||||||||||||||||||||||||
B | RW |
FLASHACCERR |
Enable or disable interrupt for event FLASHACCERR |
||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable |
|||||||||||||||||||||||||||||||||
C | RW |
PERIPHACCERR |
Enable or disable interrupt for event PERIPHACCERR |
||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable |
Address offset: 0x304
Enable interrupt
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | A | ||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
RAMACCERR |
Write '1' to enable interrupt for event RAMACCERR |
||||||||||||||||||||||||||||||||
Set |
1 |
Enable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
B | RW |
FLASHACCERR |
Write '1' to enable interrupt for event FLASHACCERR |
||||||||||||||||||||||||||||||||
Set |
1 |
Enable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
C | RW |
PERIPHACCERR |
Write '1' to enable interrupt for event PERIPHACCERR |
||||||||||||||||||||||||||||||||
Set |
1 |
Enable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
Address offset: 0x308
Disable interrupt
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | A | ||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
RAMACCERR |
Write '1' to disable interrupt for event RAMACCERR |
||||||||||||||||||||||||||||||||
Clear |
1 |
Disable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
B | RW |
FLASHACCERR |
Write '1' to disable interrupt for event FLASHACCERR |
||||||||||||||||||||||||||||||||
Clear |
1 |
Disable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
C | RW |
PERIPHACCERR |
Write '1' to disable interrupt for event PERIPHACCERR |
||||||||||||||||||||||||||||||||
Clear |
1 |
Disable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
Address offset: 0x400
Show implemented features for the current device
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000001 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | R |
TZM |
Show ARM TrustZone status |
||||||||||||||||||||||||||||||||
NotAvailable |
0 |
ARM TrustZone support not available |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
ARM TrustZone support is available |
Address offset: 0x440 + (n × 0x4)
Access for bus access generated from the external domain n
List capabilities of the external domain n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | A | A | |||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | R |
SECUREMAPPING |
Define configuration capabilities for TrustZone Cortex-M secure attribute Note: This does not affect DPPI in the external domain
|
||||||||||||||||||||||||||||||||
NonSecure |
0 |
The bus access from this external domain always have the non-secure attribute set |
|||||||||||||||||||||||||||||||||
Secure |
1 |
The bus access from this external domain always have the secure attribute set |
|||||||||||||||||||||||||||||||||
UserSelectable |
2 |
Non-secure or secure attribute for bus access from this domain is defined by the EXTDOMAIN[n].PERM register |
|||||||||||||||||||||||||||||||||
B | RW |
SECATTR |
Peripheral security mapping Note: This bit has effect only if EXTDOMAIN[n].PERM.SECUREMAPPING reads as UserSelectable
|
||||||||||||||||||||||||||||||||
NonSecure |
0 |
Bus accesses from this domain have the non-secure attribute set |
|||||||||||||||||||||||||||||||||
Secure |
1 |
Bus accesses from this domain have secure attribute set |
|||||||||||||||||||||||||||||||||
C | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x480 + (n × 0x8)
Select between secure and non-secure attribute for the DPPI channels.
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | P | O | N | M | L | K | J | I | H | G | F | E | D | C | B | A | |||||||||||||||||||
Reset 0x0000FFFF | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A-P | RW |
CHANNEL[i] (i=0..15) |
Select secure attribute. |
||||||||||||||||||||||||||||||||
Secure |
1 |
Channeli has its secure attribute set |
|||||||||||||||||||||||||||||||||
NonSecure |
0 |
Channeli has its non-secure attribute set |
Address offset: 0x484 + (n × 0x8)
Prevent further modification of the corresponding PERM register
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Locked |
1 |
DPPI[n].PERM register can't be changed until next reset |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
DPPI[n].PERM register content can be changed |
Address offset: 0x4C0 + (n × 0x8)
Select between secure and non-secure attribute for pins 0 to 31 of port n.
This register is retained.
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | f | e | d | c | b | a | Z | Y | X | W | V | U | T | S | R | Q | P | O | N | M | L | K | J | I | H | G | F | E | D | C | B | A | |||
Reset 0xFFFFFFFF | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A-f | RW |
PIN[i] (i=0..31) |
Select secure attribute attribute for PIN i. |
||||||||||||||||||||||||||||||||
Secure |
1 |
Pin i has its secure attribute set |
|||||||||||||||||||||||||||||||||
NonSecure |
0 |
Pin i has its non-secure attribute set |
Address offset: 0x4C4 + (n × 0x8)
Prevent further modification of the corresponding PERM register
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Locked |
1 |
GPIOPORT[n].PERM register can't be changed until next reset |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
GPIOPORT[n].PERM register content can be changed |
Address offset: 0x500 + (n × 0x8)
Define which flash region can contain the non-secure callable (NSC) region n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B |
A |
A |
A |
A |
A |
|||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
REGION |
Region number |
||||||||||||||||||||||||||||||||
B | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x504 + (n × 0x8)
Define the size of the non-secure callable (NSC) region n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B | A | A | A | A | ||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
SIZE |
Size of the non-secure callable (NSC) region n |
||||||||||||||||||||||||||||||||
Disabled |
0 |
The region n is not defined as a non-secure callable region. Normal security attributes (secure or non-secure) are enforced. |
|||||||||||||||||||||||||||||||||
32 |
1 |
The region n is defined as non-secure callable with a 32-byte size |
|||||||||||||||||||||||||||||||||
64 |
2 |
The region n is defined as non-secure callable with a 64-byte size |
|||||||||||||||||||||||||||||||||
128 |
3 |
The region n is defined as non-secure callable with a 128-byte size |
|||||||||||||||||||||||||||||||||
256 |
4 |
The region n is defined as non-secure callable with a 256-byte size |
|||||||||||||||||||||||||||||||||
512 |
5 |
The region n is defined as non-secure callable with a 512-byte size |
|||||||||||||||||||||||||||||||||
1024 |
6 |
The region n is defined as non-secure callable with a 1024-byte size |
|||||||||||||||||||||||||||||||||
2048 |
7 |
The region n is defined as non-secure callable with a 2048-byte size |
|||||||||||||||||||||||||||||||||
4096 |
8 |
The region n is defined as non-secure callable with a 4096-byte size |
|||||||||||||||||||||||||||||||||
B | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x540 + (n × 0x8)
Define which RAM region can contain the non-secure callable (NSC) region n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B |
A |
A |
A |
A |
A |
|||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
REGION |
Region number |
||||||||||||||||||||||||||||||||
B | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x544 + (n × 0x8)
Define the size of the non-secure callable (NSC) region n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | B | A | A | A | A | ||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
SIZE |
Size of the non-secure callable (NSC) region n |
||||||||||||||||||||||||||||||||
Disabled |
0 |
The region n is not defined as a non-secure callable region. Normal security attributes (secure or non-secure) are enforced. |
|||||||||||||||||||||||||||||||||
32 |
1 |
The region n is defined as non-secure callable with a 32-byte size |
|||||||||||||||||||||||||||||||||
64 |
2 |
The region n is defined as non-secure callable with a 64-byte size |
|||||||||||||||||||||||||||||||||
128 |
3 |
The region n is defined as non-secure callable with a 128-byte size |
|||||||||||||||||||||||||||||||||
256 |
4 |
The region n is defined as non-secure callable with a 256-byte size |
|||||||||||||||||||||||||||||||||
512 |
5 |
The region n is defined as non-secure callable with a 512-byte size |
|||||||||||||||||||||||||||||||||
1024 |
6 |
The region n is defined as non-secure callable with a 1024-byte size |
|||||||||||||||||||||||||||||||||
2048 |
7 |
The region n is defined as non-secure callable with a 2048-byte size |
|||||||||||||||||||||||||||||||||
4096 |
8 |
The region n is defined as non-secure callable with a 4096-byte size |
|||||||||||||||||||||||||||||||||
B | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x600 + (n × 0x4)
Access permissions for flash region n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | E | D | C | B | A | ||||||||||||||||||||||||||||||
Reset 0x00000017 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 1 | 1 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EXECUTE |
Configure instruction fetch permissions from flash region n |
||||||||||||||||||||||||||||||||
Enable |
1 |
Allow instruction fetches from flash region n |
|||||||||||||||||||||||||||||||||
Disable |
0 |
Block instruction fetches from flash region n |
|||||||||||||||||||||||||||||||||
B | RW |
WRITE |
Configure write permission for flash region n |
||||||||||||||||||||||||||||||||
Enable |
1 |
Allow write operation to region n |
|||||||||||||||||||||||||||||||||
Disable |
0 |
Block write operation to region n |
|||||||||||||||||||||||||||||||||
C | RW |
READ |
Configure read permissions for flash region n |
||||||||||||||||||||||||||||||||
Enable |
1 |
Allow read operation from flash region n |
|||||||||||||||||||||||||||||||||
Disable |
0 |
Block read operation from flash region n |
|||||||||||||||||||||||||||||||||
D | RW |
SECATTR |
Security attribute for flash region n |
||||||||||||||||||||||||||||||||
Non_Secure |
0 |
Flash region n security attribute is non-secure |
|||||||||||||||||||||||||||||||||
Secure |
1 |
Flash region n security attribute is secure |
|||||||||||||||||||||||||||||||||
E | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x700 + (n × 0x4)
Access permissions for RAM region n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | E | D | C | B | A | ||||||||||||||||||||||||||||||
Reset 0x00000017 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 1 | 1 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EXECUTE |
Configure instruction fetch permissions from RAM region n |
||||||||||||||||||||||||||||||||
Enable |
1 |
Allow instruction fetches from RAM region n |
|||||||||||||||||||||||||||||||||
Disable |
0 |
Block instruction fetches from RAM region n |
|||||||||||||||||||||||||||||||||
B | RW |
WRITE |
Configure write permission for RAM region n |
||||||||||||||||||||||||||||||||
Enable |
1 |
Allow write operation to RAM region n |
|||||||||||||||||||||||||||||||||
Disable |
0 |
Block write operation to RAM region n |
|||||||||||||||||||||||||||||||||
C | RW |
READ |
Configure read permissions for RAM region n |
||||||||||||||||||||||||||||||||
Enable |
1 |
Allow read operation from RAM region n |
|||||||||||||||||||||||||||||||||
Disable |
0 |
Block read operation from RAM region n |
|||||||||||||||||||||||||||||||||
D | RW |
SECATTR |
Security attribute for RAM region n |
||||||||||||||||||||||||||||||||
Non_Secure |
0 |
RAM region n security attribute is non-secure |
|||||||||||||||||||||||||||||||||
Secure |
1 |
RAM region n security attribute is secure |
|||||||||||||||||||||||||||||||||
E | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
Address offset: 0x800 + (n × 0x4)
List capabilities and access permissions for the peripheral with ID n
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | F | E | D | C | B | B | A | A | |||||||||||||||||||||||||||
Reset 0x00000012 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | |||
ID | R/W | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | R |
SECUREMAPPING |
Define configuration capabilities for TrustZone Cortex-M secure attribute |
||||||||||||||||||||||||||||||||
NonSecure |
0 |
This peripheral is always accessible as a non-secure peripheral |
|||||||||||||||||||||||||||||||||
Secure |
1 |
This peripheral is always accessible as a secure peripheral |
|||||||||||||||||||||||||||||||||
UserSelectable |
2 |
Non-secure or secure attribute for this peripheral is defined by the PERIPHID[n].PERM register |
|||||||||||||||||||||||||||||||||
Split |
3 |
This peripheral implements the split security mechanism. Non-secure or secure attribute for this peripheral is defined by the PERIPHID[n].PERM register. |
|||||||||||||||||||||||||||||||||
B | R |
DMA |
Indicate if the peripheral has DMA capabilities and if DMA transfer can be assigned to a different security attribute than the peripheral itself |
||||||||||||||||||||||||||||||||
NoDMA |
0 |
Peripheral has no DMA capability |
|||||||||||||||||||||||||||||||||
NoSeparateAttribute |
1 |
Peripheral has DMA and DMA transfers always have the same security attribute as assigned to the peripheral |
|||||||||||||||||||||||||||||||||
SeparateAttribute |
2 |
Peripheral has DMA and DMA transfers can have a different security attribute than the one assigned to the peripheral |
|||||||||||||||||||||||||||||||||
C | RW |
SECATTR |
Peripheral security mapping Note: This bit has effect only if PERIPHID[n].PERM.SECUREMAPPING reads as UserSelectable or Split
|
||||||||||||||||||||||||||||||||
Secure |
1 |
Peripheral is mapped in secure peripheral address space |
|||||||||||||||||||||||||||||||||
NonSecure |
0 |
If SECUREMAPPING == UserSelectable: Peripheral is mapped in non-secure peripheral address space. If SECUREMAPPING == Split: Peripheral is mapped in non-secure and secure peripheral address space. |
|||||||||||||||||||||||||||||||||
D | RW |
DMASEC |
Security attribution for the DMA transfer Note: This bit has effect only if PERIPHID[n].PERM.SECATTR is set to secure
|
||||||||||||||||||||||||||||||||
Secure |
1 |
DMA transfers initiated by this peripheral have the secure attribute set |
|||||||||||||||||||||||||||||||||
NonSecure |
0 |
DMA transfers initiated by this peripheral have the non-secure attribute set |
|||||||||||||||||||||||||||||||||
E | RW |
LOCK |
|||||||||||||||||||||||||||||||||
Unlocked |
0 |
This register can be updated |
|||||||||||||||||||||||||||||||||
Locked |
1 |
The content of this register can't be changed until the next reset |
|||||||||||||||||||||||||||||||||
F | R |
PRESENT |
Indicate if a peripheral is present with ID n |
||||||||||||||||||||||||||||||||
NotPresent |
0 |
Peripheral is not present |
|||||||||||||||||||||||||||||||||
IsPresent |
1 |
Peripheral is present |