Hello,
I try to control secure and non-secure area in Flash memory.
There are two type of memory protection unit in PSoC6. one of them is MPU and another is SMPU.
MPU in common function for Cortex-M0+, but SMPU is original function for PSoC6.
I can not understand how the protect context is used in system.
Who set the protect context?
Which resources are assigned to context 0 to 15?
Best regards,
Solved! Go to Solution.
Hello user_474444345,
To your questions -
1. Who set the protection context? - It is you, the user, who can set the protection context for a particular master (through Cy_Prot_SetActivePC API provided in the PDL). This may sound not secure at first, but the value that can be set is controlled by PC_MASK_15_TO_1 bits of another register SMPU_MSx_CTL register. You can configure these registers once on boot and lock it from writes using a SMPU out to prevent accidental/unwanted changes to the PC. This configuration can be done using - Cy_Prot_ConfigBusMaster PDL API.
2. Which resources are assigned to context 0 to 15? - First of, PSoC 6 supports only 8 protection contexts (0 to 7). The resources available to each protection context is defined by SMPUs and PPUs, which define the access rights to different masters with different protection contexts. As I mentioned in 1, you can set the protection context using the PDL API. All SMPU's have a 'ATT' field with PC_MASK_15_TO_1 field, which define which protection context is allowed to access the region protected by the SMPU.
In general, it might be a little difficult to grasp from the details in TRM. We are working on a Secure AN for PSoC 6, which should be out prettu soon and will talk about all these in detail.
For now, you can refer to the PDL documentation (protection unit driver - file:///C:/Program%20Files%20(x86)/Cypress/PDL/3.0.1/doc/pdl_api_reference_manual/html/group__group__prot.html) for details on various APIs that is available for use.
From an application/system point, you will have to first think of which part (peripheral and memory) of the system needs protection, how many levels of protection you need (number of protection contexts) and which bus masters get what kind of access to the protected part of the system. Once you have those requirements in place, you can then use the PDL APIs to put the requirement into code. The PDL documentation does have some good info about the protection units usage, which can be summed up into 4 stages.
I know this may be a bit overwhelming, but I guess once you start using it, you will (hope ) start appreciating it. Once the secure AN comes out, you will have a better document to refer to for these.
Let me know if you need any more info or have any further questions.
Regards,
Meenakshi Sundaram R
Hello user_474444345,
To your questions -
1. Who set the protection context? - It is you, the user, who can set the protection context for a particular master (through Cy_Prot_SetActivePC API provided in the PDL). This may sound not secure at first, but the value that can be set is controlled by PC_MASK_15_TO_1 bits of another register SMPU_MSx_CTL register. You can configure these registers once on boot and lock it from writes using a SMPU out to prevent accidental/unwanted changes to the PC. This configuration can be done using - Cy_Prot_ConfigBusMaster PDL API.
2. Which resources are assigned to context 0 to 15? - First of, PSoC 6 supports only 8 protection contexts (0 to 7). The resources available to each protection context is defined by SMPUs and PPUs, which define the access rights to different masters with different protection contexts. As I mentioned in 1, you can set the protection context using the PDL API. All SMPU's have a 'ATT' field with PC_MASK_15_TO_1 field, which define which protection context is allowed to access the region protected by the SMPU.
In general, it might be a little difficult to grasp from the details in TRM. We are working on a Secure AN for PSoC 6, which should be out prettu soon and will talk about all these in detail.
For now, you can refer to the PDL documentation (protection unit driver - file:///C:/Program%20Files%20(x86)/Cypress/PDL/3.0.1/doc/pdl_api_reference_manual/html/group__group__prot.html) for details on various APIs that is available for use.
From an application/system point, you will have to first think of which part (peripheral and memory) of the system needs protection, how many levels of protection you need (number of protection contexts) and which bus masters get what kind of access to the protected part of the system. Once you have those requirements in place, you can then use the PDL APIs to put the requirement into code. The PDL documentation does have some good info about the protection units usage, which can be summed up into 4 stages.
I know this may be a bit overwhelming, but I guess once you start using it, you will (hope ) start appreciating it. Once the secure AN comes out, you will have a better document to refer to for these.
Let me know if you need any more info or have any further questions.
Regards,
Meenakshi Sundaram R