HAL GTZC How to Use ¶

group GTZC_How_To_Use

This file provides firmware functions to manage the following functionalities of GTZC peripheral:

Configure securable peripherals security and privilege attributes
Lock the security and privilege attributes configurations of securable peripherals
Configure memory subregion watermark security and privilege attributes
Enable/Disable memory subregion watermark
Lock the configurations of memory subregion watermark
Configure block based memories security and privilege attributes
Configure the clock security state of block based memories
Configure the secure access state of block based memories
Lock the configurations of block based memories
Enable/Disable the illegal access interrupt of peripherals
Treat the illegal access interrupt

GTZC main features ¶

Global TrustZone Controller (GTZC) composed of three sub-blocks:

TZSC: TrustZone security controller This sub-block defines the secure/privileged state of master and slave peripherals. It also controls the secure/privileged state of subregions for the watermark memory peripheral controller (MPCWM).
MPCBB: Block-Based memory protection controller This sub-block defines the secure/privileged state of all blocks (block = 512-byte page) of the associated SRAM.
TZIC: TrustZone illegal access controller This sub-block gathers all illegal access events in the system and generates a secure interrupt towards NVIC.

These sub-blocks are used to configure TrustZone system security in a product having bus agents with programmable-security and privileged attributes (securable) such as:

on-chip RAM with programmable secure and/or privilege blocks (pages)
AHB and APB peripherals with programmable security and/or privilege access
off-chip memories with secure and/or privilege areas

TZIC is accessible only with secure privileged transactions.

Secure and non-secure accesses are supported for privileged and unprivileged settings of TZSC and MPCBB.

GTZC clock configuration ¶

GTZC1 : clocked by AHB1 bus clock
GTZC2 : clocked by AHB3 bus clock

How to use the GTZC HAL module driver ¶

The GTZC HAL driver can be used as follows: ¶

Enable the GTZC low level resources using the functions HAL_RCC_GTZC1_EnableClock() for GTZC1 instance and HAL_RCC_GTZC2_EnableClock() for GTZC2 instance
Declare a hal_gtzc_attr_config_t security attributes configuration structure: hal_gtzc_attr_config_t p_attr;
Set the security and privilege attributes of securable peripherals using: HAL_GTZC_SetPeriphAttr() ;
Get the security and privilege attributes of securable peripherals using: HAL_GTZC_GetPeriphAttr() ;
Lock the security and privilege attributes configurations of securable peripherals using: HAL_GTZC_LockPeriphAttr() ;
Retrieve the lock state of security and privilege attributes configurations of securable peripherals using: HAL_GTZC_IsPeriphAttrLocked() ;
Set the security and privilege attributes configurations of memory subregion watermark using: HAL_GTZC_WATERMARK_SetConfigMemSubRegionAttr() ;
Get the security and privilege attributes configurations of memory subregion watermark using: HAL_GTZC_WATERMARK_GetMemAreaAttr() ;
Get the security and privilege attributes configurations of all watermark memories area using: HAL_GTZC_WATERMARK_GetMemMapAttr() ;
Enable memory subregion watermark using: HAL_GTZC_WATERMARK_EnableMemSubRegionAttr() ;
Disable memory subregion watermark using: HAL_GTZC_WATERMARK_DisableMemSubRegionAttr() ;
Check if memory subregion watermark is enabled or disabled using: HAL_GTZC_WATERMARK_IsEnabledMemSubRegionAttr() ;
Lock the configurations of memory subregion watermark using: HAL_GTZC_WATERMARK_LockMemSubRegionConfig() ;
Check if memory subregion watermark configurations is locked or unlocked using: HAL_GTZC_WATERMARK_IsMemSubRegionConfigLocked() ;
Set the security and privilege attributes of block based memories by block entity using: HAL_GTZC_BLOCKBASED_SetMemBlockAttr() ;
Get the security and privilege attributes of block based memories by block entity using: HAL_GTZC_BLOCKBASED_GetMemBlockAttr() ;
Set the security and privilege attributes of block based memories by address entity using: HAL_GTZC_BLOCKBASED_SetMemAddrAttr() ;
Get the security and privilege attributes of block based memories by address entity using: HAL_GTZC_BLOCKBASED_GetMemAddrAttr() ;
Set the clock security state of block based memories using: HAL_GTZC_BLOCKBASED_SetMemClkSecStateInvertion() ;
Get the clock security state of block based memories using: HAL_GTZC_BLOCKBASED_GetMemClkSecStateInvertion() ;
Set the secure access state of block based memories using: HAL_GTZC_BLOCKBASED_SetMemSecAccessState() ;
Get the secure access state of block based memories using: HAL_GTZC_BLOCKBASED_GetMemSecAccessState() ;
Lock the security and privilege attributes configurations of block based memories by super block entity using: HAL_GTZC_BLOCKBASED_LockMemSuperBlockAttr() ;
Check if the security and privilege attributes configurations of block based memories is locked or unlocked by super block entity using: HAL_GTZC_BLOCKBASED_IsMemSuperBlockAttrLocked() ;
Lock the security and privilege attributes configurations of block based memories by address entity using: HAL_GTZC_BLOCKBASED_LockMemAttr() ;
Check if the security and privilege attributes configurations of block based memories is locked or unlocked by address entity using: HAL_GTZC_BLOCKBASED_IsMemAttrLocked() ;
Lock the block based memories configurations using: HAL_GTZC_BLOCKBASED_LockMemConfig() ;
Check if the block based memories configurations is locked or unlocked using: HAL_GTZC_BLOCKBASED_IsMemConfigLocked() ;
Activate the illegal access interrupt of peripherals using: HAL_GTZC_ILLEGALACCESS_EnableIT() ;
Deactivate the illegal access interrupt of peripherals using: HAL_GTZC_ILLEGALACCESS_DisableIT() ;
Check if the illegal access interrupt of peripheral is enabled or disabled using: HAL_GTZC_ILLEGALACCESS_IsEnabledIT() ;
Illegal access interrupt service routines are served by: HAL_GTZC_ILLEGALACCESS_IRQHandler() ;
User can add his own code using: HAL_GTZC_ILLEGALACCESS_Callback() ;