Skip to main content
N
neetha_jyo98
Explorer
January 4, 2024
Solved

How to configure SAU of Trustzone in .ioc file?

  • January 4, 2024
  • 2 replies
  • 1817 views

Hi,

I am trying to understand Trustzone concepts by building my own project. I’m using STM32U5-EVK and I went through the example project(GTZC_MPCWM_IllegalAccess_TrustZone project)to understand the basics. However, in this project, I noticed that they have not enabled the SAU in .ioc file, but still the SAU_CTRL_ENABLE macro has been set to 1. Also, on debugging I saw that all the SAU regions are initialised as well. 

But when I leave the SAU disabled in .ioc, the SAU ENABLE bit is 0 and SAU regions are not initialised. Could someone please explain this? Or am I missing something? Is there any other place where we can configure SAU?

 

@mƎALLEm @Tesla DeLorean 

    This topic has been closed for replies.
    Best answer by Imen.D

    Hello @neetha_jyo98 ,

    In STM32U5, IDAU is used for default configuration of secure applications.

    When SAU disabled, the default memory mapping is inherited from hardware IDAU mapping.
    This IDAU memory mapping is detailed in Figure 3 of STM32U5 reference manual RM0456.

    In this case, no needed for any SW development (SAU configuration) from User side to get a security mapping.
    You could choose to have your own security memory mapping, then you should activate SAU in partition_stm32u5.h file (default SAU regions split are proposed in partition_stm32u5.h file, to be customized).

     

    2 replies

    I
    Imen.DAnswer
    Technical Moderator
    January 10, 2024

    Hello @neetha_jyo98 ,

    In STM32U5, IDAU is used for default configuration of secure applications.

    When SAU disabled, the default memory mapping is inherited from hardware IDAU mapping.
    This IDAU memory mapping is detailed in Figure 3 of STM32U5 reference manual RM0456.

    In this case, no needed for any SW development (SAU configuration) from User side to get a security mapping.
    You could choose to have your own security memory mapping, then you should activate SAU in partition_stm32u5.h file (default SAU regions split are proposed in partition_stm32u5.h file, to be customized).

     

    N
    neetha_jyo98Author
    Explorer
    January 14, 2024

    Okay, thank you so much for the quick response. Now it makes sense :)

    Terms & ConditionsAccessibility statement