1 /** 2 ****************************************************************************** 3 * @file stm32l4xx_hal_firewall.h 4 * @author MCD Application Team 5 * @brief Header file of FIREWALL HAL module. 6 ****************************************************************************** 7 * @attention 8 * 9 * Copyright (c) 2017 STMicroelectronics. 10 * All rights reserved. 11 * 12 * This software is licensed under terms that can be found in the LICENSE file 13 * in the root directory of this software component. 14 * If no LICENSE file comes with this software, it is provided AS-IS. 15 * 16 ****************************************************************************** 17 */ 18 19 /* Define to prevent recursive inclusion -------------------------------------*/ 20 #ifndef STM32L4xx_HAL_FIREWALL_H 21 #define STM32L4xx_HAL_FIREWALL_H 22 23 #ifdef __cplusplus 24 extern "C" { 25 #endif 26 27 /* Includes ------------------------------------------------------------------*/ 28 #include "stm32l4xx_hal_def.h" 29 30 /** @addtogroup STM32L4xx_HAL_Driver 31 * @{ 32 */ 33 34 /** @addtogroup FIREWALL FIREWALL 35 * @{ 36 */ 37 38 /* Exported types ------------------------------------------------------------*/ 39 /** @defgroup FIREWALL_Exported_Types FIREWALL Exported Types 40 * @{ 41 */ 42 43 /** 44 * @brief FIREWALL Initialization Structure definition 45 */ 46 typedef struct 47 { 48 uint32_t CodeSegmentStartAddress; /*!< Protected code segment start address. This value is 24-bit long, the 8 LSB bits are 49 reserved and forced to 0 in order to allow a 256-byte granularity. */ 50 51 uint32_t CodeSegmentLength; /*!< Protected code segment length in bytes. This value is 22-bit long, the 8 LSB bits are 52 reserved and forced to 0 for the length to be a multiple of 256 bytes. */ 53 54 uint32_t NonVDataSegmentStartAddress; /*!< Protected non-volatile data segment start address. This value is 24-bit long, the 8 LSB 55 bits are reserved and forced to 0 in order to allow a 256-byte granularity. */ 56 57 uint32_t NonVDataSegmentLength; /*!< Protected non-volatile data segment length in bytes. This value is 22-bit long, the 8 LSB 58 bits are reserved and forced to 0 for the length to be a multiple of 256 bytes. */ 59 60 uint32_t VDataSegmentStartAddress; /*!< Protected volatile data segment start address. This value is 17-bit long, the 6 LSB bits 61 are reserved and forced to 0 in order to allow a 64-byte granularity. */ 62 63 uint32_t VDataSegmentLength; /*!< Protected volatile data segment length in bytes. This value is 17-bit long, the 6 LSB 64 bits are reserved and forced to 0 for the length to be a multiple of 64 bytes. */ 65 66 uint32_t VolatileDataExecution; /*!< Set VDE bit specifying whether or not the volatile data segment can be executed. 67 When VDS = 1 (set by parameter VolatileDataShared), VDE bit has no meaning. 68 This parameter can be a value of @ref FIREWALL_VolatileData_Executable */ 69 70 uint32_t VolatileDataShared; /*!< Set VDS bit in specifying whether or not the volatile data segment can be shared with a 71 non-protected application code. 72 This parameter can be a value of @ref FIREWALL_VolatileData_Shared */ 73 74 }FIREWALL_InitTypeDef; 75 76 77 /** 78 * @} 79 */ 80 81 82 /* Exported constants --------------------------------------------------------*/ 83 /** @defgroup FIREWALL_Exported_Constants FIREWALL Exported Constants 84 * @{ 85 */ 86 87 /** @defgroup FIREWALL_VolatileData_Executable FIREWALL volatile data segment execution status 88 * @{ 89 */ 90 #define FIREWALL_VOLATILEDATA_NOT_EXECUTABLE ((uint32_t)0x0000) 91 #define FIREWALL_VOLATILEDATA_EXECUTABLE ((uint32_t)FW_CR_VDE) 92 /** 93 * @} 94 */ 95 96 /** @defgroup FIREWALL_VolatileData_Shared FIREWALL volatile data segment share status 97 * @{ 98 */ 99 #define FIREWALL_VOLATILEDATA_NOT_SHARED ((uint32_t)0x0000) 100 #define FIREWALL_VOLATILEDATA_SHARED ((uint32_t)FW_CR_VDS) 101 /** 102 * @} 103 */ 104 105 /** @defgroup FIREWALL_Pre_Arm FIREWALL pre arm status 106 * @{ 107 */ 108 #define FIREWALL_PRE_ARM_RESET ((uint32_t)0x0000) 109 #define FIREWALL_PRE_ARM_SET ((uint32_t)FW_CR_FPA) 110 111 /** 112 * @} 113 */ 114 115 /** 116 * @} 117 */ 118 119 /* Private macros --------------------------------------------------------*/ 120 /** @defgroup FIREWALL_Private_Macros FIREWALL Private Macros 121 * @{ 122 */ 123 #define IS_FIREWALL_CODE_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= FLASH_BASE) && ((ADDRESS) < (FLASH_BASE + FLASH_SIZE))) 124 #define IS_FIREWALL_CODE_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (FLASH_BASE + FLASH_SIZE)) 125 126 #define IS_FIREWALL_NONVOLATILEDATA_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= FLASH_BASE) && ((ADDRESS) < (FLASH_BASE + FLASH_SIZE))) 127 #define IS_FIREWALL_NONVOLATILEDATA_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (FLASH_BASE + FLASH_SIZE)) 128 129 #define IS_FIREWALL_VOLATILEDATA_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= SRAM1_BASE) && ((ADDRESS) < (SRAM1_BASE + SRAM1_SIZE_MAX))) 130 #define IS_FIREWALL_VOLATILEDATA_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (SRAM1_BASE + SRAM1_SIZE_MAX)) 131 132 133 #define IS_FIREWALL_VOLATILEDATA_SHARE(SHARE) (((SHARE) == FIREWALL_VOLATILEDATA_NOT_SHARED) || \ 134 ((SHARE) == FIREWALL_VOLATILEDATA_SHARED)) 135 136 #define IS_FIREWALL_VOLATILEDATA_EXECUTE(EXECUTE) (((EXECUTE) == FIREWALL_VOLATILEDATA_NOT_EXECUTABLE) || \ 137 ((EXECUTE) == FIREWALL_VOLATILEDATA_EXECUTABLE)) 138 /** 139 * @} 140 */ 141 142 143 /* Exported macros -----------------------------------------------------------*/ 144 /** @defgroup FIREWALL_Exported_Macros FIREWALL Exported Macros 145 * @{ 146 */ 147 148 /** @brief Check whether the FIREWALL is enabled or not. 149 * @retval FIREWALL enabling status (TRUE or FALSE). 150 */ 151 #define __HAL_FIREWALL_IS_ENABLED() HAL_IS_BIT_CLR(SYSCFG->CFGR1, SYSCFG_CFGR1_FWDIS) 152 153 154 /** @brief Enable FIREWALL pre arm. 155 * @note When FPA bit is set, any code executed outside the protected segment 156 * closes the Firewall, otherwise it generates a system reset. 157 * @note This macro provides the same service as HAL_FIREWALL_EnablePreArmFlag() API 158 * but can be executed inside a code area protected by the Firewall. 159 * @note This macro can be executed whatever the Firewall state (opened or closed) when 160 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 161 * 0, that is, when the non volatile data segment is defined), the macro can be 162 * executed only when the Firewall is opened. 163 */ 164 #define __HAL_FIREWALL_PREARM_ENABLE() \ 165 do { \ 166 __IO uint32_t tmpreg; \ 167 SET_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 168 /* Read bit back to ensure it is taken into account by Peripheral */ \ 169 /* (introduce proper delay inside macro execution) */ \ 170 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 171 UNUSED(tmpreg); \ 172 } while(0) 173 174 175 176 /** @brief Disable FIREWALL pre arm. 177 * @note When FPA bit is set, any code executed outside the protected segment 178 * closes the Firewall, otherwise, it generates a system reset. 179 * @note This macro provides the same service as HAL_FIREWALL_DisablePreArmFlag() API 180 * but can be executed inside a code area protected by the Firewall. 181 * @note This macro can be executed whatever the Firewall state (opened or closed) when 182 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 183 * 0, that is, when the non volatile data segment is defined), the macro can be 184 * executed only when the Firewall is opened. 185 */ 186 #define __HAL_FIREWALL_PREARM_DISABLE() \ 187 do { \ 188 __IO uint32_t tmpreg; \ 189 CLEAR_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 190 /* Read bit back to ensure it is taken into account by Peripheral */ \ 191 /* (introduce proper delay inside macro execution) */ \ 192 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 193 UNUSED(tmpreg); \ 194 } while(0) 195 196 /** @brief Enable volatile data sharing in setting VDS bit. 197 * @note When VDS bit is set, the volatile data segment is shared with non-protected 198 * application code. It can be accessed whatever the Firewall state (opened or closed). 199 * @note This macro can be executed inside a code area protected by the Firewall. 200 * @note This macro can be executed whatever the Firewall state (opened or closed) when 201 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 202 * 0, that is, when the non volatile data segment is defined), the macro can be 203 * executed only when the Firewall is opened. 204 */ 205 #define __HAL_FIREWALL_VOLATILEDATA_SHARED_ENABLE() \ 206 do { \ 207 __IO uint32_t tmpreg; \ 208 SET_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 209 /* Read bit back to ensure it is taken into account by Peripheral */ \ 210 /* (introduce proper delay inside macro execution) */ \ 211 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 212 UNUSED(tmpreg); \ 213 } while(0) 214 215 /** @brief Disable volatile data sharing in resetting VDS bit. 216 * @note When VDS bit is reset, the volatile data segment is not shared and cannot be 217 * hit by a non protected executable code when the Firewall is closed. If it is 218 * accessed in such a condition, a system reset is generated by the Firewall. 219 * @note This macro can be executed inside a code area protected by the Firewall. 220 * @note This macro can be executed whatever the Firewall state (opened or closed) when 221 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 222 * 0, that is, when the non volatile data segment is defined), the macro can be 223 * executed only when the Firewall is opened. 224 */ 225 #define __HAL_FIREWALL_VOLATILEDATA_SHARED_DISABLE() \ 226 do { \ 227 __IO uint32_t tmpreg; \ 228 CLEAR_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 229 /* Read bit back to ensure it is taken into account by Peripheral */ \ 230 /* (introduce proper delay inside macro execution) */ \ 231 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 232 UNUSED(tmpreg); \ 233 } while(0) 234 235 /** @brief Enable volatile data execution in setting VDE bit. 236 * @note VDE bit is ignored when VDS is set. IF VDS = 1, the Volatile data segment can be 237 * executed whatever the VDE bit value. 238 * @note When VDE bit is set (with VDS = 0), the volatile data segment is executable. When 239 * the Firewall call is closed, a "call gate" entry procedure is required to open 240 * first the Firewall. 241 * @note This macro can be executed inside a code area protected by the Firewall. 242 * @note This macro can be executed whatever the Firewall state (opened or closed) when 243 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 244 * 0, that is, when the non volatile data segment is defined), the macro can be 245 * executed only when the Firewall is opened. 246 */ 247 #define __HAL_FIREWALL_VOLATILEDATA_EXECUTION_ENABLE() \ 248 do { \ 249 __IO uint32_t tmpreg; \ 250 SET_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 251 /* Read bit back to ensure it is taken into account by Peripheral */ \ 252 /* (introduce proper delay inside macro execution) */ \ 253 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 254 UNUSED(tmpreg); \ 255 } while(0) 256 257 /** @brief Disable volatile data execution in resetting VDE bit. 258 * @note VDE bit is ignored when VDS is set. IF VDS = 1, the Volatile data segment can be 259 * executed whatever the VDE bit value. 260 * @note When VDE bit is reset (with VDS = 0), the volatile data segment cannot be executed. 261 * @note This macro can be executed inside a code area protected by the Firewall. 262 * @note This macro can be executed whatever the Firewall state (opened or closed) when 263 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 264 * 0, that is, when the non volatile data segment is defined), the macro can be 265 * executed only when the Firewall is opened. 266 */ 267 #define __HAL_FIREWALL_VOLATILEDATA_EXECUTION_DISABLE() \ 268 do { \ 269 __IO uint32_t tmpreg; \ 270 CLEAR_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 271 /* Read bit back to ensure it is taken into account by Peripheral */ \ 272 /* (introduce proper delay inside macro execution) */ \ 273 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 274 UNUSED(tmpreg); \ 275 } while(0) 276 277 278 /** @brief Check whether or not the volatile data segment is shared. 279 * @note This macro can be executed inside a code area protected by the Firewall. 280 * @note This macro can be executed whatever the Firewall state (opened or closed) when 281 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 282 * 0, that is, when the non volatile data segment is defined), the macro can be 283 * executed only when the Firewall is opened. 284 * @retval VDS bit setting status (TRUE or FALSE). 285 */ 286 #define __HAL_FIREWALL_GET_VOLATILEDATA_SHARED() ((FIREWALL->CR & FW_CR_VDS) == FW_CR_VDS) 287 288 /** @brief Check whether or not the volatile data segment is declared executable. 289 * @note This macro can be executed inside a code area protected by the Firewall. 290 * @note This macro can be executed whatever the Firewall state (opened or closed) when 291 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 292 * 0, that is, when the non volatile data segment is defined), the macro can be 293 * executed only when the Firewall is opened. 294 * @retval VDE bit setting status (TRUE or FALSE). 295 */ 296 #define __HAL_FIREWALL_GET_VOLATILEDATA_EXECUTION() ((FIREWALL->CR & FW_CR_VDE) == FW_CR_VDE) 297 298 /** @brief Check whether or not the Firewall pre arm bit is set. 299 * @note This macro can be executed inside a code area protected by the Firewall. 300 * @note This macro can be executed whatever the Firewall state (opened or closed) when 301 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 302 * 0, that is, when the non volatile data segment is defined), the macro can be 303 * executed only when the Firewall is opened. 304 * @retval FPA bit setting status (TRUE or FALSE). 305 */ 306 #define __HAL_FIREWALL_GET_PREARM() ((FIREWALL->CR & FW_CR_FPA) == FW_CR_FPA) 307 308 309 /** 310 * @} 311 */ 312 313 /* Exported functions --------------------------------------------------------*/ 314 315 /** @addtogroup FIREWALL_Exported_Functions FIREWALL Exported Functions 316 * @{ 317 */ 318 319 /** @addtogroup FIREWALL_Exported_Functions_Group1 Initialization Functions 320 * @brief Initialization and Configuration Functions 321 * @{ 322 */ 323 324 /* Initialization functions ********************************/ 325 HAL_StatusTypeDef HAL_FIREWALL_Config(FIREWALL_InitTypeDef * fw_init); 326 void HAL_FIREWALL_GetConfig(FIREWALL_InitTypeDef * fw_config); 327 void HAL_FIREWALL_EnableFirewall(void); 328 void HAL_FIREWALL_EnablePreArmFlag(void); 329 void HAL_FIREWALL_DisablePreArmFlag(void); 330 331 /** 332 * @} 333 */ 334 335 /** 336 * @} 337 */ 338 339 /** 340 * @} 341 */ 342 343 /** 344 * @} 345 */ 346 347 #ifdef __cplusplus 348 } 349 #endif 350 351 #endif /* STM32L4xx_HAL_FIREWALL_H */ 352
