33.11 PIC32CM SG Specific Secure Access Protection
Depending on the H2PB configuration defined by the user in BOOTCFG fuses, the PORT module can either be configured as Secure or Mix-Secure. Secure or Non-secure transactions can then be filtered by the H2PB bridge. When a write is allowed by the H2PB bridge, it is still subject to the PAC write protection if enabled.
When the PORT is configured as Secure:
- Secure accesses are granted by the H2PB bridge
- Non-secure reads are blocked in the H2PB bridge, return 0 and generate a bus error
- Non-secure writes are blocked in the H2PB bridge, and generate a bus error
When the PORT is configured as Mix-secure, it is possible to open up individual pins for non-secure access. This is done using the NONSEC registers. When a pin has been set as non-secure, it can be handled from non-secure code. Since only Secured code has the rights to modify the NONSEC register, an interrupt-based mechanism has been added to let Non Secured code know when this register has been changed by Secured code. A single flag called NSCHK in the INTFLAG register will rise should changes, conditioned by the NSCHK register, occur in the NONSEC register.
When the PORT is configured as Mix-secure, secure/non-secure accesses respect the following rules:
| ACCESS to | Access type | PORT Function |
|---|---|---|
| Non-Secure Registers : NSCHK, INTENCLR, INTENSET, INTFLAG | Secure access | Access granted |
| Non-secure access | ||
| Secure Registers:
EVCTRL, CTRL | Secure access | Access granted |
| Non-secure access | Read 0, Write Blocked, No bus error generated | |
| Write-Secure Register NONSEC | Secure access | Access granted |
| Non-secure access | Read Enabled, Write Blocked, No bus error generated | |
| Mix-Secure Registers:
DIR*, OUT*, WRCONFIG, PMUXn,PINCFGy, IN | Secure access | Access granted |
| Non-secure access to a non-secure bit (NONSECx=1) | Access granted (per bit/register) | |
| Non-secure access to a secure bit (NONSECx=0) | Read 0, Write Blocked, No bus error generated (per bit/register) |