CMSIS-Core (Cortex-M)  Version 5.4.0
CMSIS-Core support for Cortex-M processor-based devices
 All Data Structures Files Functions Variables Enumerations Enumerator Groups Pages
TrustZone setup: partition_<device>.h

The TrustZone setup: partition_<device>.h header file contains the initial setup of the TrustZone hardware in an Armv8-M system.

This file implements the function TZ_SAU_Setup that is call from SystemInit. It uses settings in these files:

  • partition_<device>.h that defines the initial system configuration and during SystemInit in Secure state.
  • partition_gen.h that contains SAU region and interrupt target assignments. This file may be generated using CMSIS-Zone.
Note
partition_gen.h is optional and can be generated using CMSIS-Zone. In previous versions of CMSIS-Core(M) this settings were part of partition_<device>.h.

 

The partition_<device>.h file contains the following configuration settings for:

The partition_<device>.h file includes the partition_gen.h file with configuration settings for:

SAU CTRL register settings

#define Value Range Default Description
SAU_INIT_CTRL 0 .. 1 0 Initialize SAU CTRL register or not
  • 0: do not initialize SAU CTRL register
  • 1: initialize SAU CTRL register
SAU_INIT_CTRL_ENABLE 0 .. 1 0 enable/disable the SAU
  • 0: disable SAU
  • 1: enable SAU
SAU_INIT_CTRL_ALLNS 0 .. 1 0 value for SAU_CTRL register bit ALLNS
  • 0: all Memory is Secure
  • 1: all Memory is Non-Secure

Configuration of Sleep and Exception behaviour

#define Value Range Default Description
SCB_CSR_AIRCR_INIT 0 .. 1 1 Setup behaviour of Sleep and Exception Handling
  • 0: not setup of CSR and AIRCR registers; the values below are not relevant
  • 1: setup of CSR and AIRCR registers with values below
CSR_INIT_DEEPSLEEPS_VAL 0 .. 1 1 value for SCB_CSR register bit DEEPSLEEPS
  • 0: Deep Sleep can be enabled by Secure and Non-Secure state
  • 1: Deep Sleep can be enabled by Secure state only
AIRCR_INIT_SYSRESETREQS_VAL 0 .. 1 1 value for SCB_AIRCR register bit SYSRESETREQS
  • 0: System reset request accessible from Secure and Non-Secure state
  • 1: System reset request accessible from Secure state only
AIRCR_INIT_PRIS_VAL 0 .. 1 1 value for SCB_AIRCR register bit PRIS
  • 0: Priority of Non-Secure exceptions is Not altered
  • 1: Priority of Non-Secure exceptions is Lowered to 0x80-0xFF
AIRCR_INIT_BFHFNMINS_VAL 0 .. 1 0 value for SCB_AIRCR register bit BFHFNMINS
  • 0: BusFault, HardFault, and NMI target are Secure state
  • 1: BusFault, HardFault, and NMI target are Non-Secure state

Configuration of Floating Point Unit

#define Value Range Default Description
TZ_FPU_NS_USAGE 0 .. 1 1 Setup behaviour of Floating Point Unit
  • 0: not setup of NSACR and FPCCR registers; the values below are not relevant
  • 1: setup of NSACR and FPCCR registers with values below
SCB_NSACR_CP10_11_VAL 0 or 3 3 Floating Point Unit usage (Value for SCB->NSACR register bits CP10, CP11)
  • 0: Secure state only
  • 3: Secure and Non-Secure state
FPU_FPCCR_TS_VAL 0 .. 1 0 Treat floating-point registers as Secure (value for FPU->FPCCR register bit TS)
  • 0: Disable
  • 1: Enabled
FPU_FPCCR_CLRONRETS_VAL 0 .. 1 0 Clear on return (CLRONRET) accessibility (Value for FPU->FPCCR register bit CLRONRETS)
  • 0: Secure and Non-Secure state
  • 1: Secure state only
FPU_FPCCR_CLRONRET_VAL 0 .. 1 1 Clear floating-point caller saved registers on exception return (Value for FPU->FPCCR register bit CLRONRET)
  • 0: Disabled
  • 1: Enabled

 


Region/ISR setup: partition_gen.h

The partition_gen.h header file can be generated using CMSIS-Zone.

The partition_<device>.h file includes the partition_gen.h file with configuration settings for:

Note
In previous versions of CMSIS-Core(M) the above settings were part of partition_<device>.h

Configuration of the SAU Address Regions

#define Value Range Default Description
SAU_REGIONS_MAX 0 .. tbd 8 maximum number of SAU regions
SAU_INIT_REGION<number> 0 .. 1 0 initialize SAU region or not
  • 0: do not initialize SAU region
  • 1: initialize SAU region
SAU_INIT_START<number> 0x00000000 .. 0xFFFFFFE0
[in steps of 32]
0x00000000 region start address
SAU_INIT_END<number> 0x00000000 .. 0xFFFFFFE0
[in steps of 32]
0x00000000 region start address
SAU_INIT_NSC<number> 0 .. 1 0 SAU region attribute
  • 0: Non-Secure
  • 1: Secure, Non-Secure callable

The range of <number> is from 0 .. SAU_REGIONS_MAX. A set of these macros must exist for each <number>.

The following example shows a set of SAU region macros.

#define SAU_REGIONS_MAX 8 /* Max. number of SAU regions */
#define SAU_INIT_REGION0 1
#define SAU_INIT_START0 0x00000000 /* start address of SAU region 0 */
#define SAU_INIT_END0 0x001FFFE0 /* end address of SAU region 0 */
#define SAU_INIT_NSC0 1
#define SAU_INIT_REGION1 1
#define SAU_INIT_START1 0x00200000 /* start address of SAU region 1 */
#define SAU_INIT_END1 0x003FFFE0 /* end address of SAU region 1 */
#define SAU_INIT_NSC1 0
#define SAU_INIT_REGION2 1
#define SAU_INIT_START2 0x20200000 /* start address of SAU region 2 */
#define SAU_INIT_END2 0x203FFFE0 /* end address of SAU region 2 */
#define SAU_INIT_NSC2 0
#define SAU_INIT_REGION3 1
#define SAU_INIT_START3 0x40000000 /* start address of SAU region 3 */
#define SAU_INIT_END3 0x40040000 /* end address of SAU region 3 */
#define SAU_INIT_NSC3 0
#define SAU_INIT_REGION4 0
#define SAU_INIT_START4 0x00000000 /* start address of SAU region 4 */
#define SAU_INIT_END4 0x00000000 /* end address of SAU region 4 */
#define SAU_INIT_NSC4 0
#define SAU_INIT_REGION5 0
#define SAU_INIT_START5 0x00000000 /* start address of SAU region 5 */
#define SAU_INIT_END5 0x00000000 /* end address of SAU region 5 */
#define SAU_INIT_NSC5 0
#define SAU_INIT_REGION6 0
#define SAU_INIT_START6 0x00000000 /* start address of SAU region 6 */
#define SAU_INIT_END6 0x00000000 /* end address of SAU region 6 */
#define SAU_INIT_NSC6 0
#define SAU_INIT_REGION7 0
#define SAU_INIT_START7 0x00000000 /* start address of SAU region 7 */
#define SAU_INIT_END7 0x00000000 /* end address of SAU region 7 */
#define SAU_INIT_NSC7 0

Configuration of Interrupt Target settings

Each interrupt has a configuration bit that defines the execution in Secure or Non-secure state. The Non-Secure interrupts have a separate vector table. Refer to Programmers Model with TrustZone for more information.

#define Value Range Default Description
NVIC_INIT_ITNS<number> 0x00000000 .. 0xFFFFFFFF
[each bit represents an interrupt]
0x00000000 Interrupt vector target
  • 0: Secure state
  • 1: Non-Secure state

The range of <number> is 0 .. (<number of external interrupts> + 31) / 32.

The following example shows the configuration for a maximum of 64 external interrupts.

#define NVIC_INIT_ITNS0 0x0000122B
#define NVIC_INIT_ITNS1 0x0000003A