13.2.8 Mix-Secure Peripherals
There are five Mix-Secure peripherals that allow internal resources to be shared between the Secure and Non-Secure applications:
- The PAC controller which manages peripherals security attribution (Secure or Non-Secure).
- The Flash memory controller (NVMCTRL) which supports Secure and Non-Secure Flash regions programming.
- The I/O controller (PORT) which allows to individually allocate each I/O to the Secure or Non-Secure applications.
- The External Interrupt Controller (EIC) which allows to individually assign each external interrupt to the Secure or Non-Secure applications.
- The Event System (EVSYS) allows to individually assign each event channel to the Secure or Non-Secure applications.
When a Mix-Secure peripheral is configured as Secure in the PAC, its
register map is automatically duplicated in a Secure and Non-Secure alias:
- The Non-Secure alias is at the peripheral base address.
- The Secure alias is located at the peripheral base address:
- + 0x200 offset for the
PAC, EIC, PORT and EVSYS peripherals
- + 0x1000 offset for the
NVMCTRL peripheral.
- + 0x200 offset for the
PAC, EIC, PORT and EVSYS peripherals
The Secure alias has the following characteristics:
- All of the peripheral registers are available for the Secure application through the Secure alias
- When an internal resource becomes available to the Non-Secure application, the corresponding registers (called Mix-Secure registers) or bitfields in registers are still accessible through this Secure alias by the Secure application
- Non-Secure accesses to this Secure alias are discarded (Write is ignored, Read is 0x0) and a PAC error is triggered
- Only a restricted set of registers are available for the Non-Secure application through the Non-Secure alias
- It is the responsibility of the
Secure application to assign some resources to the Non-Secure application. This
is done by setting the corresponding bits in the NONSECx registers of the
Mix-Secure peripheral.
- When an internal resource becomes available for the Non-Secure application, the corresponding registers (called Mix-Secure and Write-Mix-Secure registers) or bitfields in the registers are accessible through the Non-Secure alias by the Non-Secure application
- Non-Secure accesses to Secure resources (registers, bitfields) are silently discarded (Write is ignored, Read is 0x0) and no error is generated
- Secure accesses to the Non-Secure alias are silently discarded (Write is ignored, Read is 0x0) and no error is generated
Mix-Secure peripherals have always the following registers:
- NONSEC register is a generic register that tells the Non-Secure application which resources inside a Mix-Secure peripheral can be used
- NSCHK register is a register allowing the Non-Secure application to be notified when the security configuration of a Mix-Secure peripheral is being modified during application execution
Important: It is recommended
that the Non-Secure application first copy the content of NONSEC register inside
NSCHK register, and then enable the NSCHK interrupt flags. Once done, any changes to
the NONSEC register by the Secure application will trigger an interrupt so that
Non-Secure application can take appropriate actions. This mechanism allows the
Secure application to dynamically change the security attribution of a Mix-Secure
peripheral and avoid illegal accesses from the Non-Secure application. The
interrupt handler should always copy the NONSEC register to NSCHK register before
exiting it.
Mix-Secure peripherals can have five type of registers:
- Non-Secure: these registers will always be available in both the Secure and Non-Secure aliases
- Secure: these registers will never be available in the Non-Secure alias and always available in the Secure alias
- Write-Secure: these are
registers than can:
- Be written or read by the Secure application only in the Secure alias
- Only read by the Non-Secure application in Non-Secure alias. Write is forbidden
- Mix-Secure registers :
these ones are used when a resource can be allocated to either the Secure and
Non-Secure alias
- Note that, in some cases, the Mix-Secure properties apply to a bitfield only (like one I/O bit in the PORT peripheral register)
- Write-Mix-Secure registers
(NVMCTRL peripheral only): these are Mix-Secure registers, which:
- can be written or read by the Secure application only in the Secure alias
- can only be read by the Non-Secure application in Non-Secure alias except if Non-Secure writes are authorized in NVMCTRL.NONSEC register
| Mix-Secure Peripheral Register | Secure Host Access | Non-Secure Host Access | ||
|---|---|---|---|---|
| Secure Alias | Non-Secure Alias | Secure Alias | Non-Secure Alias | |
| Non-Secure | Read / Write |
Discarded (Write ignored / Read 0x0) No Error is generated |
Discarded (Write ignored / Read 0x0) PAC Error is generated |
Read / Write |
| Secure |
Discarded (Write ignored / Read 0x0) No Error is generated |
|||
| Write-Secure |
Read-only (Write ignored) No Error is generated |
|||
| Mix-Secure |
Read/Write if the resource is available for the Non-Secure Application Discarded if not (Write ignored / Read 0x0) and no error is generated |
|||
| Write-Mix-Secure |
Read /Write if the resource is available for the Non-Secure Application Read-only if not (Write ignored) and no error is generated |
|||