FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32U5A5 Trustzone Application

batuburgu
Associate

‎2026-01-27 1:07 AM

Hi!

I'm working on a Trustzone enabled application in STM32U5A5 nucleo board and have some questions in my mind. 

I have used the configurations of the example project for the Trustzone, which you can find below:

 - TZEN=1
 - SECWM1_PSTRT=0x0  SECWM1_PEND=0xFF  meaning all 128 pages of Bank1 set as secure
 - SECWM2_PSTRT=0xFF SECWM2_PEND=0x0   meaning no page of Bank2 set as secure, hence Bank2 non-secure

I have enabled SAU and left it with the default configuration. I've also enabled the GTZC_S. 

In my application, I'm using TAMP mechanism of the RTC to create an interrupt when the output signal doesn't match the input signal. 

First question:
My application can boot from the secure app and jump to non-secure app without any problems. But in the MX generated NonSecure_Init() function, after the line 

SCB_NS->VTOR = VTOR_TABLE_NS_START_ADDR

The SCB->VTOR_NS register doesn't change, remains as 0x0 (according to the SFR in the debug interface). After the boot to non-secure app, SCB->VTOR_S value appears to be VTOR_TABLE_NS_START_ADDR. When I go to secure app for some reason, the SFR shows the VTOR register as the secure address. Is it normal for VTOR_NS to be always zero and for VTOR_S to be changing in every application change?

 

Second Question:

I've configured TAMP interrupts on the secure application. Therefore; when an interrupt occurs, my code jumps to secure app from the non-secure one. The interrupt does its job and the application can run normally if the TAMP interrupt (or presumabelly any other secure interrupt) doesn't occur until the PC returns to the NS app. (I've checked it with stopping the code at the interrupt, connecting the TAMP pins so that it won't cause an interrupt again and resuming the code.) 

I've also noticed that if I stop the code at the TAMP_IRQ, it can handle the interrupts without any problem even if I don't short the TAMP pins.

But if the TAMP interrupt occurs again before the application returns to the NS (it happens quite often since the TAMP comparator is working parallel to the CPU runtime), my code goes to SecureFault_Handler(). 

How can I overcome this problem? 

Thanks in advance. 

Labels:
0 Kudos
0 REPLIES 0
Top