AnsweredAssumed Answered

STM32F407, PcROP, MPU, Interrupt routines and protection levels

Question asked by shaver.bob on Jul 22, 2014
Latest reply on Aug 11, 2015 by 68516
I have a boot loader and main app.  I am trying to use the MPU to restrict access to parts of the boot loader Flash and to DMA registers so that the app code can't use DMA to read the boot loader Flash (as is done the sample of PcROP app note AN3416 that I received from  the local ST engineer, alas not available on st.com that I can find).  My question is this: the MPU is set to only allow privileged access to the DMA registers.  However, I must allow some interrupt routines through to the application (timers, uarts, etc.).  As far as I can tell, there is no way to make the interrupt handler be "not privileged".  The nPRIV bit in the CONTROL register only affects "thread mode" code, not "handler mode" (i.e. interrupt code).  Without being able to set the CPU to a non-privileged mode, the applications interrupt code can go write over anything it wants to, INCLUDING the MPU registers, thereby defeating the protection I am trying to implement.

For example, the sample code with the app note allows the application code to run the SysTick interrupt.  The vector table points to a boot loader SysTick routine that simply jumps to the address in the application's vector table for the SysTick interrupt, thereby giving the application privileged access to... everything.

Any ideas on how to prevent this?

Outcomes