1 /** 2 ****************************************************************************** 3 * @file stm32l4xx_hal_firewall.h 4 * @author MCD Application Team 5 * @brief Header file of FIREWALL HAL module. 6 ****************************************************************************** 7 * @attention 8 * 9 * <h2><center>© COPYRIGHT(c) 2017 STMicroelectronics</center></h2> 10 * 11 * Redistribution and use in source and binary forms, with or without modification, 12 * are permitted provided that the following conditions are met: 13 * 1. Redistributions of source code must retain the above copyright notice, 14 * this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 3. Neither the name of STMicroelectronics nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * 33 ****************************************************************************** 34 */ 35 36 /* Define to prevent recursive inclusion -------------------------------------*/ 37 #ifndef __STM32L4xx_HAL_FIREWALL_H 38 #define __STM32L4xx_HAL_FIREWALL_H 39 40 #ifdef __cplusplus 41 extern "C" { 42 #endif 43 44 /* Includes ------------------------------------------------------------------*/ 45 #include "stm32l4xx_hal_def.h" 46 47 /** @addtogroup STM32L4xx_HAL_Driver 48 * @{ 49 */ 50 51 /** @addtogroup FIREWALL FIREWALL 52 * @{ 53 */ 54 55 /* Exported types ------------------------------------------------------------*/ 56 /** @defgroup FIREWALL_Exported_Types FIREWALL Exported Types 57 * @{ 58 */ 59 60 /** 61 * @brief FIREWALL Initialization Structure definition 62 */ 63 typedef struct 64 { 65 uint32_t CodeSegmentStartAddress; /*!< Protected code segment start address. This value is 24-bit long, the 8 LSB bits are 66 reserved and forced to 0 in order to allow a 256-byte granularity. */ 67 68 uint32_t CodeSegmentLength; /*!< Protected code segment length in bytes. This value is 22-bit long, the 8 LSB bits are 69 reserved and forced to 0 for the length to be a multiple of 256 bytes. */ 70 71 uint32_t NonVDataSegmentStartAddress; /*!< Protected non-volatile data segment start address. This value is 24-bit long, the 8 LSB 72 bits are reserved and forced to 0 in order to allow a 256-byte granularity. */ 73 74 uint32_t NonVDataSegmentLength; /*!< Protected non-volatile data segment length in bytes. This value is 22-bit long, the 8 LSB 75 bits are reserved and forced to 0 for the length to be a multiple of 256 bytes. */ 76 77 uint32_t VDataSegmentStartAddress; /*!< Protected volatile data segment start address. This value is 17-bit long, the 6 LSB bits 78 are reserved and forced to 0 in order to allow a 64-byte granularity. */ 79 80 uint32_t VDataSegmentLength; /*!< Protected volatile data segment length in bytes. This value is 17-bit long, the 6 LSB 81 bits are reserved and forced to 0 for the length to be a multiple of 64 bytes. */ 82 83 uint32_t VolatileDataExecution; /*!< Set VDE bit specifying whether or not the volatile data segment can be executed. 84 When VDS = 1 (set by parameter VolatileDataShared), VDE bit has no meaning. 85 This parameter can be a value of @ref FIREWALL_VolatileData_Executable */ 86 87 uint32_t VolatileDataShared; /*!< Set VDS bit in specifying whether or not the volatile data segment can be shared with a 88 non-protected application code. 89 This parameter can be a value of @ref FIREWALL_VolatileData_Shared */ 90 91 }FIREWALL_InitTypeDef; 92 93 94 /** 95 * @} 96 */ 97 98 99 /* Exported constants --------------------------------------------------------*/ 100 /** @defgroup FIREWALL_Exported_Constants FIREWALL Exported Constants 101 * @{ 102 */ 103 104 /** @defgroup FIREWALL_VolatileData_Executable FIREWALL volatile data segment execution status 105 * @{ 106 */ 107 #define FIREWALL_VOLATILEDATA_NOT_EXECUTABLE ((uint32_t)0x0000) 108 #define FIREWALL_VOLATILEDATA_EXECUTABLE ((uint32_t)FW_CR_VDE) 109 /** 110 * @} 111 */ 112 113 /** @defgroup FIREWALL_VolatileData_Shared FIREWALL volatile data segment share status 114 * @{ 115 */ 116 #define FIREWALL_VOLATILEDATA_NOT_SHARED ((uint32_t)0x0000) 117 #define FIREWALL_VOLATILEDATA_SHARED ((uint32_t)FW_CR_VDS) 118 /** 119 * @} 120 */ 121 122 /** @defgroup FIREWALL_Pre_Arm FIREWALL pre arm status 123 * @{ 124 */ 125 #define FIREWALL_PRE_ARM_RESET ((uint32_t)0x0000) 126 #define FIREWALL_PRE_ARM_SET ((uint32_t)FW_CR_FPA) 127 128 /** 129 * @} 130 */ 131 132 /** 133 * @} 134 */ 135 136 /* Private macros --------------------------------------------------------*/ 137 /** @defgroup FIREWALL_Private_Macros FIREWALL Private Macros 138 * @{ 139 */ 140 #define IS_FIREWALL_CODE_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= FLASH_BASE) && ((ADDRESS) < (FLASH_BASE + FLASH_SIZE))) 141 #define IS_FIREWALL_CODE_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (FLASH_BASE + FLASH_SIZE)) 142 143 #define IS_FIREWALL_NONVOLATILEDATA_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= FLASH_BASE) && ((ADDRESS) < (FLASH_BASE + FLASH_SIZE))) 144 #define IS_FIREWALL_NONVOLATILEDATA_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (FLASH_BASE + FLASH_SIZE)) 145 146 #define IS_FIREWALL_VOLATILEDATA_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= SRAM1_BASE) && ((ADDRESS) < (SRAM1_BASE + SRAM1_SIZE_MAX))) 147 #define IS_FIREWALL_VOLATILEDATA_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (SRAM1_BASE + SRAM1_SIZE_MAX)) 148 149 150 #define IS_FIREWALL_VOLATILEDATA_SHARE(SHARE) (((SHARE) == FIREWALL_VOLATILEDATA_NOT_SHARED) || \ 151 ((SHARE) == FIREWALL_VOLATILEDATA_SHARED)) 152 153 #define IS_FIREWALL_VOLATILEDATA_EXECUTE(EXECUTE) (((EXECUTE) == FIREWALL_VOLATILEDATA_NOT_EXECUTABLE) || \ 154 ((EXECUTE) == FIREWALL_VOLATILEDATA_EXECUTABLE)) 155 /** 156 * @} 157 */ 158 159 160 /* Exported macros -----------------------------------------------------------*/ 161 /** @defgroup FIREWALL_Exported_Macros FIREWALL Exported Macros 162 * @{ 163 */ 164 165 /** @brief Check whether the FIREWALL is enabled or not. 166 * @retval FIREWALL enabling status (TRUE or FALSE). 167 */ 168 #define __HAL_FIREWALL_IS_ENABLED() HAL_IS_BIT_CLR(SYSCFG->CFGR1, SYSCFG_CFGR1_FWDIS) 169 170 171 /** @brief Enable FIREWALL pre arm. 172 * @note When FPA bit is set, any code executed outside the protected segment 173 * closes the Firewall, otherwise it generates a system reset. 174 * @note This macro provides the same service as HAL_FIREWALL_EnablePreArmFlag() API 175 * but can be executed inside a code area protected by the Firewall. 176 * @note This macro can be executed whatever the Firewall state (opened or closed) when 177 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 178 * 0, that is, when the non volatile data segment is defined), the macro can be 179 * executed only when the Firewall is opened. 180 */ 181 #define __HAL_FIREWALL_PREARM_ENABLE() \ 182 do { \ 183 __IO uint32_t tmpreg; \ 184 SET_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 185 /* Read bit back to ensure it is taken into account by IP */ \ 186 /* (introduce proper delay inside macro execution) */ \ 187 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 188 UNUSED(tmpreg); \ 189 } while(0) 190 191 192 193 /** @brief Disable FIREWALL pre arm. 194 * @note When FPA bit is set, any code executed outside the protected segment 195 * closes the Firewall, otherwise, it generates a system reset. 196 * @note This macro provides the same service as HAL_FIREWALL_DisablePreArmFlag() API 197 * but can be executed inside a code area protected by the Firewall. 198 * @note This macro can be executed whatever the Firewall state (opened or closed) when 199 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 200 * 0, that is, when the non volatile data segment is defined), the macro can be 201 * executed only when the Firewall is opened. 202 */ 203 #define __HAL_FIREWALL_PREARM_DISABLE() \ 204 do { \ 205 __IO uint32_t tmpreg; \ 206 CLEAR_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 207 /* Read bit back to ensure it is taken into account by IP */ \ 208 /* (introduce proper delay inside macro execution) */ \ 209 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 210 UNUSED(tmpreg); \ 211 } while(0) 212 213 /** @brief Enable volatile data sharing in setting VDS bit. 214 * @note When VDS bit is set, the volatile data segment is shared with non-protected 215 * application code. It can be accessed whatever the Firewall state (opened or closed). 216 * @note This macro can be executed inside a code area protected by the Firewall. 217 * @note This macro can be executed whatever the Firewall state (opened or closed) when 218 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 219 * 0, that is, when the non volatile data segment is defined), the macro can be 220 * executed only when the Firewall is opened. 221 */ 222 #define __HAL_FIREWALL_VOLATILEDATA_SHARED_ENABLE() \ 223 do { \ 224 __IO uint32_t tmpreg; \ 225 SET_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 226 /* Read bit back to ensure it is taken into account by IP */ \ 227 /* (introduce proper delay inside macro execution) */ \ 228 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 229 UNUSED(tmpreg); \ 230 } while(0) 231 232 /** @brief Disable volatile data sharing in resetting VDS bit. 233 * @note When VDS bit is reset, the volatile data segment is not shared and cannot be 234 * hit by a non protected executable code when the Firewall is closed. If it is 235 * accessed in such a condition, a system reset is generated by the Firewall. 236 * @note This macro can be executed inside a code area protected by the Firewall. 237 * @note This macro can be executed whatever the Firewall state (opened or closed) when 238 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 239 * 0, that is, when the non volatile data segment is defined), the macro can be 240 * executed only when the Firewall is opened. 241 */ 242 #define __HAL_FIREWALL_VOLATILEDATA_SHARED_DISABLE() \ 243 do { \ 244 __IO uint32_t tmpreg; \ 245 CLEAR_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 246 /* Read bit back to ensure it is taken into account by IP */ \ 247 /* (introduce proper delay inside macro execution) */ \ 248 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 249 UNUSED(tmpreg); \ 250 } while(0) 251 252 /** @brief Enable volatile data execution in setting VDE bit. 253 * @note VDE bit is ignored when VDS is set. IF VDS = 1, the Volatile data segment can be 254 * executed whatever the VDE bit value. 255 * @note When VDE bit is set (with VDS = 0), the volatile data segment is executable. When 256 * the Firewall call is closed, a "call gate" entry procedure is required to open 257 * first the Firewall. 258 * @note This macro can be executed inside a code area protected by the Firewall. 259 * @note This macro can be executed whatever the Firewall state (opened or closed) when 260 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 261 * 0, that is, when the non volatile data segment is defined), the macro can be 262 * executed only when the Firewall is opened. 263 */ 264 #define __HAL_FIREWALL_VOLATILEDATA_EXECUTION_ENABLE() \ 265 do { \ 266 __IO uint32_t tmpreg; \ 267 SET_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 268 /* Read bit back to ensure it is taken into account by IP */ \ 269 /* (introduce proper delay inside macro execution) */ \ 270 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 271 UNUSED(tmpreg); \ 272 } while(0) 273 274 /** @brief Disable volatile data execution in resetting VDE bit. 275 * @note VDE bit is ignored when VDS is set. IF VDS = 1, the Volatile data segment can be 276 * executed whatever the VDE bit value. 277 * @note When VDE bit is reset (with VDS = 0), the volatile data segment cannot be executed. 278 * @note This macro can be executed inside a code area protected by the Firewall. 279 * @note This macro can be executed whatever the Firewall state (opened or closed) when 280 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 281 * 0, that is, when the non volatile data segment is defined), the macro can be 282 * executed only when the Firewall is opened. 283 */ 284 #define __HAL_FIREWALL_VOLATILEDATA_EXECUTION_DISABLE() \ 285 do { \ 286 __IO uint32_t tmpreg; \ 287 CLEAR_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 288 /* Read bit back to ensure it is taken into account by IP */ \ 289 /* (introduce proper delay inside macro execution) */ \ 290 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 291 UNUSED(tmpreg); \ 292 } while(0) 293 294 295 /** @brief Check whether or not the volatile data segment is shared. 296 * @note This macro can be executed inside a code area protected by the Firewall. 297 * @note This macro can be executed whatever the Firewall state (opened or closed) when 298 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 299 * 0, that is, when the non volatile data segment is defined), the macro can be 300 * executed only when the Firewall is opened. 301 * @retval VDS bit setting status (TRUE or FALSE). 302 */ 303 #define __HAL_FIREWALL_GET_VOLATILEDATA_SHARED() ((FIREWALL->CR & FW_CR_VDS) == FW_CR_VDS) 304 305 /** @brief Check whether or not the volatile data segment is declared executable. 306 * @note This macro can be executed inside a code area protected by the Firewall. 307 * @note This macro can be executed whatever the Firewall state (opened or closed) when 308 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 309 * 0, that is, when the non volatile data segment is defined), the macro can be 310 * executed only when the Firewall is opened. 311 * @retval VDE bit setting status (TRUE or FALSE). 312 */ 313 #define __HAL_FIREWALL_GET_VOLATILEDATA_EXECUTION() ((FIREWALL->CR & FW_CR_VDE) == FW_CR_VDE) 314 315 /** @brief Check whether or not the Firewall pre arm bit is set. 316 * @note This macro can be executed inside a code area protected by the Firewall. 317 * @note This macro can be executed whatever the Firewall state (opened or closed) when 318 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 319 * 0, that is, when the non volatile data segment is defined), the macro can be 320 * executed only when the Firewall is opened. 321 * @retval FPA bit setting status (TRUE or FALSE). 322 */ 323 #define __HAL_FIREWALL_GET_PREARM() ((FIREWALL->CR & FW_CR_FPA) == FW_CR_FPA) 324 325 326 /** 327 * @} 328 */ 329 330 /* Exported functions --------------------------------------------------------*/ 331 332 /** @addtogroup FIREWALL_Exported_Functions FIREWALL Exported Functions 333 * @{ 334 */ 335 336 /** @addtogroup FIREWALL_Exported_Functions_Group1 Initialization Functions 337 * @brief Initialization and Configuration Functions 338 * @{ 339 */ 340 341 /* Initialization functions ********************************/ 342 HAL_StatusTypeDef HAL_FIREWALL_Config(FIREWALL_InitTypeDef * fw_init); 343 void HAL_FIREWALL_GetConfig(FIREWALL_InitTypeDef * fw_config); 344 void HAL_FIREWALL_EnableFirewall(void); 345 void HAL_FIREWALL_EnablePreArmFlag(void); 346 void HAL_FIREWALL_DisablePreArmFlag(void); 347 348 /** 349 * @} 350 */ 351 352 /** 353 * @} 354 */ 355 356 /** 357 * @} 358 */ 359 360 /** 361 * @} 362 */ 363 364 #ifdef __cplusplus 365 } 366 #endif 367 368 #endif /* __STM32L4xx_HAL_FIREWALL_H */ 369 370 /************************ (C) COPYRIGHT STMicroelectronics *****END OF FILE****/ 371
