8 Code generation with TrustZone enabled (STM32L5 series only) ¶
A first core booting executing from flash, loads the second core code to the SRAM then enables the second core to boot.
STM32CubeMX uses template files delivered with STM32CubeH7 MCU packages as reference.
Code generation with TrustZone enabled (STM32L5 series only)
8 Code generation with TrustZone enabled (STM32L5 series only) ¶
In STM32CubeMX project manager view, all project generation options remain available.
However, the choice of toolchains is limited to the IDEs/compilers supporting the Cortex ® -M33 core:
EWARM v8.32 or higher
MDK-ARM v5.27 or higher (ARM compiler 6)
STM32CubeIDE (GCC v4.2 or higher)
Makefile (GCC v4.2 or higher)
Upon product selection, STM32CubeMX requires to choose between enabling TrustZone or not.
When TrustZone is enabled, STM32CubeMX generates two C projects: one secure and one nonsecure. After compilation, two images are available for download, one for each context.
When TrustZone is disabled, STM32CubeMX generates a nonsecure C project, as for other products not supporting it.
Specificities ¶
When TrustZone is enabled, the project generation must be adjusted to ensure that secure and nonsecure images can be built.
Figure 581. Building secure and nonsecure images with ARMv8-M TrustZone ¶
Code generation with TrustZone enabled (STM32L5 series only) ¶
When TrustZone is enabled for the project, STM32CubeMX generates three folders:
NonSecure for nonsecure code
Secure for secure code
Secure_nsclib for nonsecure callable region
See Figure 582 (use TZ_BasicStructure_project_inCubeIDE.png) and Figure 583 (use STM32L5_STM32CubeMX_Project_settings_inCubeIDE.png).
Figure 582. Project explorer view for STM32L5 TrustZone enabled projects
|
File |
Folder |
Details |
|---|---|---|
|
The product core secure/nonsecure partitioning .h “template” file Example: partition_stm32l552xx.h |
Secure |
Initial setup for secure/nonsecure zones for ARMCM33 based on CMSIS CORE V5.3.1 partition_ARMCM33.h Template. It initializes Security attribution unit (SAU) CTRL register, setup behavior of Sleep and Exception Handling, Floating Point Unit and Interrupt Target. |
|
secure_nsc.h file |
Secure_nsclib |
Must be filled by the user with the list of nonsecure callable APIs. Templates are available as reference in STM32L5Cube embedded software package in Templates\TrustZone ® \Secure_nsclib folders. |
|
System_stm32l5xx_s.c |
Secure |
CMSIS Cortex-M33 device peripheral access layer system source file to be used in secure application when the system implements security. |
Code generation with TrustZone enabled (STM32L5 series only) ¶
Table 28. Files generated when TrustZone is enabled (continued)
|
File |
Folder |
Details |
|---|---|---|
|
System_stm32l5xx_ns.c |
NonSecure |
CMSIS Cortex-M33 device peripheral access layer system source file to be used in nonsecure application when the system implements security. |