5.1 Memory Partitioning and Layout
When planning the TrustZone® memory layout, consider the following factors for the Secure region allocation:
- Flash Requirements
- RAM Requirements
The Secure heap must accommodate cryptographic operation buffers and stack space for cryptographic computations. Large asymmetric operations, such as RSA, require substantial stack space.
- Non-Secure Callable (NSC) Region
A dedicated NSC region must be configured to hold the veneer functions serving as the gateway between Non-Secure application code and Secure cryptographic services. This region is marked as Secure but callable from Non-Secure code.
While using the Small or Medium profiles on PIC32CM SG, use the standard partitioning available in the MPLAB® Code Configurator (MCC), with a total of 512 KB of Flash and 128 KB of SRAM. While using the Large and Full profiles, adjust the size as per the code and data segment requirements by increasing the Secure area and reducing the Non-Secure one.
- Flash Layout
| Region | Size | Purpose |
|---|---|---|
| AS (Application Secure) | 258,048 bytes | Secure application code/data |
| ANSC (Application Non-Secure Callable, Veneer) | 4,096 bytes | Secure APIs exposed to the non-secure world |
| ANS (Application Non-Secure) | 262,144 bytes | Non-secure application code |
- SRAM Layout
| Region | Size | Purpose |
|---|---|---|
| RS (RAM Secure) | 65,536 bytes | Secure run-time data |
| RNS (RAM Non-Secure) | 65,536 bytes | Non-secure run-time data |
