1 /** 2 ****************************************************************************** 3 * @file stm32l4xx_hal_firewall.h 4 * @author MCD Application Team 5 * @brief Header file of FIREWALL HAL module. 6 ****************************************************************************** 7 * @attention 8 * 9 * <h2><center>© Copyright (c) 2017 STMicroelectronics. 10 * All rights reserved.</center></h2> 11 * 12 * This software component is licensed by ST under BSD 3-Clause license, 13 * the "License"; You may not use this file except in compliance with the 14 * License. You may obtain a copy of the License at: 15 * opensource.org/licenses/BSD-3-Clause 16 * 17 ****************************************************************************** 18 */ 19 20 /* Define to prevent recursive inclusion -------------------------------------*/ 21 #ifndef STM32L4xx_HAL_FIREWALL_H 22 #define STM32L4xx_HAL_FIREWALL_H 23 24 #ifdef __cplusplus 25 extern "C" { 26 #endif 27 28 /* Includes ------------------------------------------------------------------*/ 29 #include "stm32l4xx_hal_def.h" 30 31 /** @addtogroup STM32L4xx_HAL_Driver 32 * @{ 33 */ 34 35 /** @addtogroup FIREWALL FIREWALL 36 * @{ 37 */ 38 39 /* Exported types ------------------------------------------------------------*/ 40 /** @defgroup FIREWALL_Exported_Types FIREWALL Exported Types 41 * @{ 42 */ 43 44 /** 45 * @brief FIREWALL Initialization Structure definition 46 */ 47 typedef struct 48 { 49 uint32_t CodeSegmentStartAddress; /*!< Protected code segment start address. This value is 24-bit long, the 8 LSB bits are 50 reserved and forced to 0 in order to allow a 256-byte granularity. */ 51 52 uint32_t CodeSegmentLength; /*!< Protected code segment length in bytes. This value is 22-bit long, the 8 LSB bits are 53 reserved and forced to 0 for the length to be a multiple of 256 bytes. */ 54 55 uint32_t NonVDataSegmentStartAddress; /*!< Protected non-volatile data segment start address. This value is 24-bit long, the 8 LSB 56 bits are reserved and forced to 0 in order to allow a 256-byte granularity. */ 57 58 uint32_t NonVDataSegmentLength; /*!< Protected non-volatile data segment length in bytes. This value is 22-bit long, the 8 LSB 59 bits are reserved and forced to 0 for the length to be a multiple of 256 bytes. */ 60 61 uint32_t VDataSegmentStartAddress; /*!< Protected volatile data segment start address. This value is 17-bit long, the 6 LSB bits 62 are reserved and forced to 0 in order to allow a 64-byte granularity. */ 63 64 uint32_t VDataSegmentLength; /*!< Protected volatile data segment length in bytes. This value is 17-bit long, the 6 LSB 65 bits are reserved and forced to 0 for the length to be a multiple of 64 bytes. */ 66 67 uint32_t VolatileDataExecution; /*!< Set VDE bit specifying whether or not the volatile data segment can be executed. 68 When VDS = 1 (set by parameter VolatileDataShared), VDE bit has no meaning. 69 This parameter can be a value of @ref FIREWALL_VolatileData_Executable */ 70 71 uint32_t VolatileDataShared; /*!< Set VDS bit in specifying whether or not the volatile data segment can be shared with a 72 non-protected application code. 73 This parameter can be a value of @ref FIREWALL_VolatileData_Shared */ 74 75 }FIREWALL_InitTypeDef; 76 77 78 /** 79 * @} 80 */ 81 82 83 /* Exported constants --------------------------------------------------------*/ 84 /** @defgroup FIREWALL_Exported_Constants FIREWALL Exported Constants 85 * @{ 86 */ 87 88 /** @defgroup FIREWALL_VolatileData_Executable FIREWALL volatile data segment execution status 89 * @{ 90 */ 91 #define FIREWALL_VOLATILEDATA_NOT_EXECUTABLE ((uint32_t)0x0000) 92 #define FIREWALL_VOLATILEDATA_EXECUTABLE ((uint32_t)FW_CR_VDE) 93 /** 94 * @} 95 */ 96 97 /** @defgroup FIREWALL_VolatileData_Shared FIREWALL volatile data segment share status 98 * @{ 99 */ 100 #define FIREWALL_VOLATILEDATA_NOT_SHARED ((uint32_t)0x0000) 101 #define FIREWALL_VOLATILEDATA_SHARED ((uint32_t)FW_CR_VDS) 102 /** 103 * @} 104 */ 105 106 /** @defgroup FIREWALL_Pre_Arm FIREWALL pre arm status 107 * @{ 108 */ 109 #define FIREWALL_PRE_ARM_RESET ((uint32_t)0x0000) 110 #define FIREWALL_PRE_ARM_SET ((uint32_t)FW_CR_FPA) 111 112 /** 113 * @} 114 */ 115 116 /** 117 * @} 118 */ 119 120 /* Private macros --------------------------------------------------------*/ 121 /** @defgroup FIREWALL_Private_Macros FIREWALL Private Macros 122 * @{ 123 */ 124 #define IS_FIREWALL_CODE_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= FLASH_BASE) && ((ADDRESS) < (FLASH_BASE + FLASH_SIZE))) 125 #define IS_FIREWALL_CODE_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (FLASH_BASE + FLASH_SIZE)) 126 127 #define IS_FIREWALL_NONVOLATILEDATA_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= FLASH_BASE) && ((ADDRESS) < (FLASH_BASE + FLASH_SIZE))) 128 #define IS_FIREWALL_NONVOLATILEDATA_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (FLASH_BASE + FLASH_SIZE)) 129 130 #define IS_FIREWALL_VOLATILEDATA_SEGMENT_ADDRESS(ADDRESS) (((ADDRESS) >= SRAM1_BASE) && ((ADDRESS) < (SRAM1_BASE + SRAM1_SIZE_MAX))) 131 #define IS_FIREWALL_VOLATILEDATA_SEGMENT_LENGTH(ADDRESS, LENGTH) (((ADDRESS) + (LENGTH)) <= (SRAM1_BASE + SRAM1_SIZE_MAX)) 132 133 134 #define IS_FIREWALL_VOLATILEDATA_SHARE(SHARE) (((SHARE) == FIREWALL_VOLATILEDATA_NOT_SHARED) || \ 135 ((SHARE) == FIREWALL_VOLATILEDATA_SHARED)) 136 137 #define IS_FIREWALL_VOLATILEDATA_EXECUTE(EXECUTE) (((EXECUTE) == FIREWALL_VOLATILEDATA_NOT_EXECUTABLE) || \ 138 ((EXECUTE) == FIREWALL_VOLATILEDATA_EXECUTABLE)) 139 /** 140 * @} 141 */ 142 143 144 /* Exported macros -----------------------------------------------------------*/ 145 /** @defgroup FIREWALL_Exported_Macros FIREWALL Exported Macros 146 * @{ 147 */ 148 149 /** @brief Check whether the FIREWALL is enabled or not. 150 * @retval FIREWALL enabling status (TRUE or FALSE). 151 */ 152 #define __HAL_FIREWALL_IS_ENABLED() HAL_IS_BIT_CLR(SYSCFG->CFGR1, SYSCFG_CFGR1_FWDIS) 153 154 155 /** @brief Enable FIREWALL pre arm. 156 * @note When FPA bit is set, any code executed outside the protected segment 157 * closes the Firewall, otherwise it generates a system reset. 158 * @note This macro provides the same service as HAL_FIREWALL_EnablePreArmFlag() API 159 * but can be executed inside a code area protected by the Firewall. 160 * @note This macro can be executed whatever the Firewall state (opened or closed) when 161 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 162 * 0, that is, when the non volatile data segment is defined), the macro can be 163 * executed only when the Firewall is opened. 164 */ 165 #define __HAL_FIREWALL_PREARM_ENABLE() \ 166 do { \ 167 __IO uint32_t tmpreg; \ 168 SET_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 169 /* Read bit back to ensure it is taken into account by Peripheral */ \ 170 /* (introduce proper delay inside macro execution) */ \ 171 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 172 UNUSED(tmpreg); \ 173 } while(0) 174 175 176 177 /** @brief Disable FIREWALL pre arm. 178 * @note When FPA bit is set, any code executed outside the protected segment 179 * closes the Firewall, otherwise, it generates a system reset. 180 * @note This macro provides the same service as HAL_FIREWALL_DisablePreArmFlag() API 181 * but can be executed inside a code area protected by the Firewall. 182 * @note This macro can be executed whatever the Firewall state (opened or closed) when 183 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 184 * 0, that is, when the non volatile data segment is defined), the macro can be 185 * executed only when the Firewall is opened. 186 */ 187 #define __HAL_FIREWALL_PREARM_DISABLE() \ 188 do { \ 189 __IO uint32_t tmpreg; \ 190 CLEAR_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 191 /* Read bit back to ensure it is taken into account by Peripheral */ \ 192 /* (introduce proper delay inside macro execution) */ \ 193 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_FPA) ; \ 194 UNUSED(tmpreg); \ 195 } while(0) 196 197 /** @brief Enable volatile data sharing in setting VDS bit. 198 * @note When VDS bit is set, the volatile data segment is shared with non-protected 199 * application code. It can be accessed whatever the Firewall state (opened or closed). 200 * @note This macro can be executed inside a code area protected by the Firewall. 201 * @note This macro can be executed whatever the Firewall state (opened or closed) when 202 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 203 * 0, that is, when the non volatile data segment is defined), the macro can be 204 * executed only when the Firewall is opened. 205 */ 206 #define __HAL_FIREWALL_VOLATILEDATA_SHARED_ENABLE() \ 207 do { \ 208 __IO uint32_t tmpreg; \ 209 SET_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 210 /* Read bit back to ensure it is taken into account by Peripheral */ \ 211 /* (introduce proper delay inside macro execution) */ \ 212 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 213 UNUSED(tmpreg); \ 214 } while(0) 215 216 /** @brief Disable volatile data sharing in resetting VDS bit. 217 * @note When VDS bit is reset, the volatile data segment is not shared and cannot be 218 * hit by a non protected executable code when the Firewall is closed. If it is 219 * accessed in such a condition, a system reset is generated by the Firewall. 220 * @note This macro can be executed inside a code area protected by the Firewall. 221 * @note This macro can be executed whatever the Firewall state (opened or closed) when 222 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 223 * 0, that is, when the non volatile data segment is defined), the macro can be 224 * executed only when the Firewall is opened. 225 */ 226 #define __HAL_FIREWALL_VOLATILEDATA_SHARED_DISABLE() \ 227 do { \ 228 __IO uint32_t tmpreg; \ 229 CLEAR_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 230 /* Read bit back to ensure it is taken into account by Peripheral */ \ 231 /* (introduce proper delay inside macro execution) */ \ 232 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDS) ; \ 233 UNUSED(tmpreg); \ 234 } while(0) 235 236 /** @brief Enable volatile data execution in setting VDE bit. 237 * @note VDE bit is ignored when VDS is set. IF VDS = 1, the Volatile data segment can be 238 * executed whatever the VDE bit value. 239 * @note When VDE bit is set (with VDS = 0), the volatile data segment is executable. When 240 * the Firewall call is closed, a "call gate" entry procedure is required to open 241 * first the Firewall. 242 * @note This macro can be executed inside a code area protected by the Firewall. 243 * @note This macro can be executed whatever the Firewall state (opened or closed) when 244 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 245 * 0, that is, when the non volatile data segment is defined), the macro can be 246 * executed only when the Firewall is opened. 247 */ 248 #define __HAL_FIREWALL_VOLATILEDATA_EXECUTION_ENABLE() \ 249 do { \ 250 __IO uint32_t tmpreg; \ 251 SET_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 252 /* Read bit back to ensure it is taken into account by Peripheral */ \ 253 /* (introduce proper delay inside macro execution) */ \ 254 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 255 UNUSED(tmpreg); \ 256 } while(0) 257 258 /** @brief Disable volatile data execution in resetting VDE bit. 259 * @note VDE bit is ignored when VDS is set. IF VDS = 1, the Volatile data segment can be 260 * executed whatever the VDE bit value. 261 * @note When VDE bit is reset (with VDS = 0), the volatile data segment cannot be executed. 262 * @note This macro can be executed inside a code area protected by the Firewall. 263 * @note This macro can be executed whatever the Firewall state (opened or closed) when 264 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 265 * 0, that is, when the non volatile data segment is defined), the macro can be 266 * executed only when the Firewall is opened. 267 */ 268 #define __HAL_FIREWALL_VOLATILEDATA_EXECUTION_DISABLE() \ 269 do { \ 270 __IO uint32_t tmpreg; \ 271 CLEAR_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 272 /* Read bit back to ensure it is taken into account by Peripheral */ \ 273 /* (introduce proper delay inside macro execution) */ \ 274 tmpreg = READ_BIT(FIREWALL->CR, FW_CR_VDE) ; \ 275 UNUSED(tmpreg); \ 276 } while(0) 277 278 279 /** @brief Check whether or not the volatile data segment is shared. 280 * @note This macro can be executed inside a code area protected by the Firewall. 281 * @note This macro can be executed whatever the Firewall state (opened or closed) when 282 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 283 * 0, that is, when the non volatile data segment is defined), the macro can be 284 * executed only when the Firewall is opened. 285 * @retval VDS bit setting status (TRUE or FALSE). 286 */ 287 #define __HAL_FIREWALL_GET_VOLATILEDATA_SHARED() ((FIREWALL->CR & FW_CR_VDS) == FW_CR_VDS) 288 289 /** @brief Check whether or not the volatile data segment is declared executable. 290 * @note This macro can be executed inside a code area protected by the Firewall. 291 * @note This macro can be executed whatever the Firewall state (opened or closed) when 292 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 293 * 0, that is, when the non volatile data segment is defined), the macro can be 294 * executed only when the Firewall is opened. 295 * @retval VDE bit setting status (TRUE or FALSE). 296 */ 297 #define __HAL_FIREWALL_GET_VOLATILEDATA_EXECUTION() ((FIREWALL->CR & FW_CR_VDE) == FW_CR_VDE) 298 299 /** @brief Check whether or not the Firewall pre arm bit is set. 300 * @note This macro can be executed inside a code area protected by the Firewall. 301 * @note This macro can be executed whatever the Firewall state (opened or closed) when 302 * NVDSL register is equal to 0. Otherwise (when NVDSL register is different from 303 * 0, that is, when the non volatile data segment is defined), the macro can be 304 * executed only when the Firewall is opened. 305 * @retval FPA bit setting status (TRUE or FALSE). 306 */ 307 #define __HAL_FIREWALL_GET_PREARM() ((FIREWALL->CR & FW_CR_FPA) == FW_CR_FPA) 308 309 310 /** 311 * @} 312 */ 313 314 /* Exported functions --------------------------------------------------------*/ 315 316 /** @addtogroup FIREWALL_Exported_Functions FIREWALL Exported Functions 317 * @{ 318 */ 319 320 /** @addtogroup FIREWALL_Exported_Functions_Group1 Initialization Functions 321 * @brief Initialization and Configuration Functions 322 * @{ 323 */ 324 325 /* Initialization functions ********************************/ 326 HAL_StatusTypeDef HAL_FIREWALL_Config(FIREWALL_InitTypeDef * fw_init); 327 void HAL_FIREWALL_GetConfig(FIREWALL_InitTypeDef * fw_config); 328 void HAL_FIREWALL_EnableFirewall(void); 329 void HAL_FIREWALL_EnablePreArmFlag(void); 330 void HAL_FIREWALL_DisablePreArmFlag(void); 331 332 /** 333 * @} 334 */ 335 336 /** 337 * @} 338 */ 339 340 /** 341 * @} 342 */ 343 344 /** 345 * @} 346 */ 347 348 #ifdef __cplusplus 349 } 350 #endif 351 352 #endif /* STM32L4xx_HAL_FIREWALL_H */ 353 354 /************************ (C) COPYRIGHT STMicroelectronics *****END OF FILE****/ 355