14.2.5 Security Control
Important: if BOCOR.SECCFGLOCK
== 0 after exiting the Boot ROM:
- The secure boot flash code, before exiting, must lock the memory security configurations by clearing the IDAU.SECCTRL.SCFGWEN bit.
- Write accesses (W*) are allowed.
| Name: | SECCTRL |
| Offset: | 0x01 |
| Reset: | x/y initially determined after reset from NVM User Row (UROW) / BOCOR.SECCFGLOCK |
| Property: | PAC Write-Protection |
| Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |
| RXN | Reserved | SCFGWEN | |||||||
| Access | R/W* | R | R/W* | ||||||
| Reset | x | 0 | y |
Bit 2 – RXN SRAM eXecute Never
| Value | Description |
|---|---|
| 0 | Execution out of SRAM is authorized. |
| 1 | Execution out of SRAM is not authorized. |
Bit 1 – Reserved Reserved
Bit 0 – SCFGWEN Security Configuration Write Enable
After Boot ROM execution, this bit is:
- Cleared if BOCOR.SECCFGLOCK == 1
- Set if BOCOR.SECCFGLOCK == 0
Important:
- If SCFGWEN = 1, the secure software code of the Flash BOOT region must clear this bit before passing control on to the secure software code of the Flash APPLICATION region in order to lock the IDAU security configurations.
- SCFGWEN must be enabled only when the IDAU is enabled (CTRL.ENABLE == 1).
| Value | Description |
|---|---|
| 0 | CTRL, SCFGB, SCFGA, SCFGR and SECCTRL.SCFGWEN cannot be written until the next reset. |
| 1 | CTRL, SCFGB, SCFGA, SCFGR and SECCTRL.SCFGWEN can be written. |