cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure SAU of Trustzone in .ioc file?

neetha_jyo98
Associate

Hi,

I am trying to understand Trustzone concepts by building my own project. I’m using STM32U5-EVK and I went through the example project(GTZC_MPCWM_IllegalAccess_TrustZone project)to understand the basics. However, in this project, I noticed that they have not enabled the SAU in .ioc file, but still the SAU_CTRL_ENABLE macro has been set to 1. Also, on debugging I saw that all the SAU regions are initialised as well. 

But when I leave the SAU disabled in .ioc, the SAU ENABLE bit is 0 and SAU regions are not initialised. Could someone please explain this? Or am I missing something? Is there any other place where we can configure SAU?

 

@SofLit @Tesla DeLorean 

1 ACCEPTED SOLUTION

Accepted Solutions
Imen.D
ST Employee

Hello @neetha_jyo98 ,

In STM32U5, IDAU is used for default configuration of secure applications.

When SAU disabled, the default memory mapping is inherited from hardware IDAU mapping.
This IDAU memory mapping is detailed in Figure 3 of STM32U5 reference manual RM0456.

In this case, no needed for any SW development (SAU configuration) from User side to get a security mapping.
You could choose to have your own security memory mapping, then you should activate SAU in partition_stm32u5.h file (default SAU regions split are proposed in partition_stm32u5.h file, to be customized).

 

When your question is answered, please close this topic by clicking "Accept as Solution".
Thanks
Imen

View solution in original post

2 REPLIES 2
Imen.D
ST Employee

Hello @neetha_jyo98 ,

In STM32U5, IDAU is used for default configuration of secure applications.

When SAU disabled, the default memory mapping is inherited from hardware IDAU mapping.
This IDAU memory mapping is detailed in Figure 3 of STM32U5 reference manual RM0456.

In this case, no needed for any SW development (SAU configuration) from User side to get a security mapping.
You could choose to have your own security memory mapping, then you should activate SAU in partition_stm32u5.h file (default SAU regions split are proposed in partition_stm32u5.h file, to be customized).

 

When your question is answered, please close this topic by clicking "Accept as Solution".
Thanks
Imen
neetha_jyo98
Associate

Okay, thank you so much for the quick response. Now it makes sense :)