FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32 TrustZone FLASH_NSC vs FLASH memory map overlap

Go to solution
RZub
Associate II

‎2026-01-15 3:41 AM

Hello,

I have a question about the flash memory map in the Secure project.

I’m using the following application as an example:

STM32Cube_FW_H5_V1.5.1\Projects\NUCLEO-H563ZI\Applications\ROT\OEMiROT_Appli_TrustZone\STM32CubeIDE


In the memory map, two flash regions are shown:
 - FLASH:              0x0c018400 - 0x0c01dfff
 - FLASH_NSC:    0x0c01c000 - 0x0c01c3ff

RZub_0-1768476811291.png


Question:

Should the FLASH_NSC region overlap the FLASH area, or should it be placed after the FLASH region?

If it should overlap, what is the purpose of doing that? In this example, it overlaps.

Thank You.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Saket_Om
ST Employee

‎2026-01-19 8:13 AM

Hello @RZub 

Yes, the `FLASH_NSC` region is supposed to overlap the `FLASH` region, and the example you see is correct. On STM32H5 with TrustZone, Non‑Secure Callable (NSC) code must live inside the Secure flash area as a small sub‑region. The linker defines `FLASH` as the whole secure flash range and then carves out a part of it (`FLASH_NSC`) to store the secure gateway functions (functions marked with `cmse_nonsecure_entry`), which are the only legal entry points from Non‑Secure code into Secure code. Declaring `FLASH_NSC` as an overlapping sub‑region is just a convenient way to reserve that area and assign it the NSC security attribute, while keeping the rest of the `FLASH` region as normal Secure code.

To give better visibility on the answered topics, please click on "Accept as Solution" on the reply which solved your issue or answered your question.
Saket_Om

View solution in original post

1 REPLY 1
Go to solution
Saket_Om
ST Employee

‎2026-01-19 8:13 AM

Hello @RZub 

Yes, the `FLASH_NSC` region is supposed to overlap the `FLASH` region, and the example you see is correct. On STM32H5 with TrustZone, Non‑Secure Callable (NSC) code must live inside the Secure flash area as a small sub‑region. The linker defines `FLASH` as the whole secure flash range and then carves out a part of it (`FLASH_NSC`) to store the secure gateway functions (functions marked with `cmse_nonsecure_entry`), which are the only legal entry points from Non‑Secure code into Secure code. Declaring `FLASH_NSC` as an overlapping sub‑region is just a convenient way to reserve that area and assign it the NSC security attribute, while keeping the rest of the `FLASH` region as normal Secure code.

To give better visibility on the answered topics, please click on "Accept as Solution" on the reply which solved your issue or answered your question.
Saket_Om
Top