Suppose I want to implement firmware for STM32U3 without TZ enabled and without the use of GTZC, then I could mostly use the MPU_NS and the TZ-Aware peripheral protection (EXTI, FLASH, RCC, PWR, GPDMA, SYSCFG, RTC & TAMP).
My goal is to limit unprivileged code execution to main FLASH, no SRAM, no OCTOSPI NOR/PSRAM.
The problem is now the ICACHE. Is there a way to force it to be privileged only ?
If not, assuming that I am allowing only unprivileged execution access via MPU_NS to the main FLASH (0x08000000 - (0x08000000 + size of flash)), could the remapping feature of the ICACHE be used to map say SRAM into this region and somehow unprivileged execution access this way ?
The docs are unclear there. The remap mechanism is described as a generic mechanism, not limited to any subset of the 0x00000000 - 0x1fffffff address space. Which means that in theory one could replace the mapping at 0x08000000 to say the SRAM1 base address.
- Thomas
