2016-11-09 05:57 AM
Hello,
I'm trying to use the firewall on STM32L486 MCU and I'm faced with a problem.I have a security code with one entry point and a private data that should be protected by firewall.I'm trying to prevent reading of private data directly. Only the protected code should operate the private data.Security code and private data are placed in internal flash. Security code starts at address 0x0803D004, size 0x0FFC (code segment).Firewall entry point should be placed with 4 bytes offset from code segment start address.Private data starts at address 0x0803E000, size 0x1000 (non-volatile data segment).According to STM32L486 reference manual the firewall is configured as follow: FIREWALL->CSSA = 0x0803D000; //code segment start address FIREWALL->CSL = 0x1000; //code segment length FIREWALL->NVDSSA = 0x0803E000; //non-volatile data segment start address FIREWALL->NVDSL = 0x1000; //non-volatile data segment lengthTest 1. Main application is running into internal flash. Main application is calling protected code - everything is ok.Test 2. Main application is running into internal flash. Main application is reading private data directly - system reset is occurred as expected.But my main application should be run into external flash.Test 3. Main application is running into external flash. Main application is calling protected code - everything is ok.And the main problem...Test 4. Main application is running into external flash. Direct reading of private data is successfull.I expected that direct reading will cause the system reset. But it's not happeningFirewall is configured properly, security code and private data are placed at the appropriate addresses.Hope you will give me some good suggestions.Thanks, #firewall #stm32l4862016-11-16 07:06 AM
Hi piskun.roman,
You should get more details on how to use efficiently the Firewall protection on STM32L4 devices if you may contact your local ST sales representative as already suggested in .-Mayla-To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.