I want to use the Cortex-M3 MPU to protect the memory from unintended access. For this purpose I configured the MPU. But I did not get any exception at all. Other exceptions as BusFault, HardFault has been forced with appropriate "bad code".
The current initialization is
MPU->CTRL &= ~MPU_CTRL_ENABLE_Msk; // disable MPU
MPU->RNR = 0
MPU->RBAR = 0x20000000;
MPU->RASR = 0x03000019; // 0x03UL << (MPU_RASR_ATTRS_Pos+8) | (0x19UL << 0);
MPU->RNR = 1;
MPU->RBAR = 0x8000000; // read back as 0x8000001
MPU->RASR = 0x03000027; // 0x03UL << (MPU_RASR_ATTRS_Pos+8) | (0x27UL << 0);
MPU->RNR = 2;
MPU->RBAR = 0x40000000; // read back as 0x40000002
MPU->RASR = 0x13000039; // 0x13UL << (MPU_RASR_ATTRS_Pos+8) | (0x39UL << 0);
SCB->SHCSR |= SCB_SHCSR_MEMFAULTENA_Msk; // Enable the memory fault exception
MPU->CTRL |= MPU_CTRL_PRIVDEFENA_Msk | MPU_CTRL_ENABLE_Msk; // Enable MPU
Until now I can access all memory. Now I add a region to protect a region.
MPU->CTRL &= ~MPU_CTRL_ENABLE_Msk; // disable MPU
MPU->RNR = 3;
MPU->RBAR = 0x20002000; // read back as 0x20002003
MPU->RASR = 0x00000009; // 0x00UL << (MPU_RASR_ATTRS_Pos+8) | (0x09UL << 0);
MPU->CTRL |= MPU_CTRL_PRIVDEFENA_Msk | MPU_CTRL_ENABLE_Msk; // re-enable MPU
The region number 3 should hide all other MPU regions. Now the memory at 0x20002000 should not be accessible neither readable not writable. But I can still read and even write the memory at this address.
What can inhibit the memory protection in a NXP LPC1788 CPU?
Related
I am trying to copy array using DMA MEM2MEM mode in STM32F103C8
But when i run this below code, the dest array still remains empty, no interrupt event fired
Please give me solutions or notice me if i missed any config, thanks very much
My code:
uint32_t source[MEMSIZE];
uint32_t dest[MEMSIZE];
for (i = 0; i < MEMSIZE; i++) {
source[i] = i;
}
//Reset CCR and CNDTR register
DMA1_Channel1->CCR &= ~0x7FFF;
DMA1_Channel1->CNDTR &= ~0xFFFF;
/*
* DMA configure:
* MEM 2 MEM: Enabled
* Priority: Medium
* Memory size: 32 bit
* Peripheral size: 32bit
* Memory increment: ON
* Peripheral Increment: ON
* Circular: OFF
* Direction: Copy from peripheral
* Transfer error IR: OFF
* Haft Transferred IR: OFF
* Transfer complete IR: ON
* Channel Enable: OFF
*/
DMA1_Channel1->CCR |= 0x00005AC2;
// Setting number of data
DMA1_Channel1->CNDTR |= MEMSIZE;
// Setting Peripheral address
DMA1_Channel1->CPAR = (uint32_t)source;
// Setting memory address
DMA1_Channel1->CMAR = (uint32_t)dest;
// NVIC setup
NVIC_SetPriority(DMA1_Channel1_IRQn, 0);
NVIC_EnableIRQ(DMA1_Channel1_IRQn);
// Enable DMA channel
DMA1_Channel1->CCR |= 0x00000001;
Update: I tried using GPIO ODR instead of array address for memory, and thats works perfectly
I'm unable to detect the problem in your code, but I created a minimal example on Blue Pill board. I checked the values in dest array in a debug session. The code seems to work as expected.
#include "stm32f1xx.h"
#define MEMSIZE 32
uint32_t source[MEMSIZE];
uint32_t dest[MEMSIZE];
int main(void) {
RCC->AHBENR |= RCC_AHBENR_DMA1EN; // Enable DMA clock
// Initialize the test data
for (int i = 0; i < MEMSIZE; ++i) {
source[i] = i;
}
DMA1_Channel1->CCR |= DMA_CCR_MEM2MEM // Memory to memory mode
| (0b01 << DMA_CCR_PL_Pos) // Medium priority
| (0b10 << DMA_CCR_MSIZE_Pos) // Memory size: 32-bits
| (0b10 << DMA_CCR_PSIZE_Pos) // Peripheral size: 32-bits
| DMA_CCR_MINC // Memory increment is enabled
| DMA_CCR_PINC; // Peripheral increment is enabled
DMA1_Channel1->CPAR = (uint32_t) source;
DMA1_Channel1->CMAR = (uint32_t) dest;
DMA1_Channel1->CNDTR = MEMSIZE;
DMA1_Channel1->CCR |= DMA_CCR_EN; // Start DMA transfer
while (1) {
}
}
I am trying to configure the MPU of SAMD51 (Cortex-M4) to protect one 1k of FLASH from any access, and 1k of SRAM from write access that would contains sensitive information that should never be access or corrupted (from a SW bug or any other way).
I wish to protect those sections, even in privileged (software has no RTOS and will always be in privileged mode).
As code will be running in privileged mode, I use MPU_CTRL_PRIVDEFENA_Msk flag, and wish to only overwrite access for my two regions.
I have checked the alignment requirements of those sections:
Region 0 (in FLASH) # 0x0001d400 (1k aligned)
Region 1 (in SRAM) # 0x20000000 (1k aligned)
Find below my code to configure the MPU:
__disable_irq();
//
// Region0
//
__DSB();
__ISB();
MPU->RNR = 0;
MPU->RBAR = (0x0001d400 << MPU_RBAR_ADDR_Pos);
// 1k size - log2(1k) = 10
MPU->RASR = ((10 - 1) << MPU_RASR_SIZE_Pos);
// Normal; Not shareable; Cacheable; Inner Write back; no write allocate
MPU->RASR |= ((0x4 << MPU_RASR_TEX_Pos) | (1 << MPU_RASR_C_Pos) | (1 << MPU_RASR_B_Pos));
// No priviledged or unpriviledge access
MPU->RASR |= (0UL << MPU_RASR_AP_Pos);
// Enable
MPU->RASR |= 1UL;
//
// Section 1
//
__DSB();
__ISB();
MPU->RNR = 1;
MPU->RBAR = (0x20000000 << MPU_RBAR_ADDR_Pos);
// 1k size - log2(1k) = 10
MPU->RASR = ((10 - 1) << MPU_RASR_SIZE_Pos);
// Normal; Not shareable; Cacheable; Inner Write back; no write allocate
MPU->RASR |= ((0x4 << MPU_RASR_TEX_Pos) | (1 << MPU_RASR_C_Pos) | (1 << MPU_RASR_B_Pos));
// Read-Only Priviledged or unpriviledge access
MPU->RASR |= (6UL << MPU_RASR_AP_Pos);
// Enable
MPU->RASR |= 1UL;
// Enable MPU
MPU->CTRL = MPU_CTRL_ENABLE_Msk | MPU_CTRL_HFNMIENA_Msk | MPU_CTRL_PRIVDEFENA_Msk;
// Enable MemFault handler
SCB->SHCSR |= SCB_SHCSR_MEMFAULTENA_Msk;
__DSB();
__ISB();
__enable_irq();
It appears the configuration is ignored and it never generates a fault when accessing the configured region.
I have read the ARM documentation many times and cannot see what is wrong...
Is there a mistake in my code?
Is the cache/memory configuration wrong for SAMD51?
Is what I want to do not achievable by staying in privileged mode?
Thanks for you help!
Well there are some clear problems in your code.
Please refer this for bit fields: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0337e/BIHHGADD.html
From the start:
1: Why are you shifting the base address here
MPU->RBAR = (0x0001d400 << MPU_RBAR_ADDR_Pos);
it needs to be like this. Refer for bit fields of this register.
MPU->RBAR = (0x0001d400);
2: This line has no effect. As this field has been already set to zero while setting the size and it is also incorrect. To clear the bit we use & operation not |.
MPU->RASR |= (0UL << MPU_RASR_AP_Pos);
3: For the testing purpose try with caches off. i-e tex=1, b=0, c=0, s=0. Also set instruction fetches bit XN to disable instruction fetches access.
I am having an issue in getting my computer (virtual COM port, to be exact) to communicate with my STM32L053R8T6 (Nucleo) board by DMA and USART. Here is my code for the DMA and USART part:
#include "Device/Include/stm32l0xx.h" // Device header
#include "JB.h"
#include <string.h>
#define PCLK 32000000
#define BAUD 19200
uint8_t stringtosend[] = "test\n";
uint8_t stringtoreceive[] = " ";
void ENABLE_UART_DMA(void){
RCC->AHBENR |= RCC_AHBENR_DMA1EN; //enable periph.clk for DMA1
/**Enabling DMA for transmission
* DMA1, Channel 4 mapped for USART2TX
* USART2 TDR for peripheral address
* stringtosend for data address
* Memory increment, memory to peripheral | 8-bit transfer | transfer complete interrupt**/
DMA1_CSELR->CSELR = (DMA1_CSELR->CSELR & ~DMA_CSELR_C4S) | (4 << (3 * 4));
DMA1_Channel4->CPAR = (uint32_t)&(USART2->TDR);
DMA1_Channel4->CMAR = (uint32_t)stringtosend;
DMA1_Channel4->CCR = DMA_CCR_MINC | DMA_CCR_DIR | DMA_CCR_TCIE;
/**Enabling DMA for reception
* DMA1, Channel 5 mapped for USART2RX
* USART2 RDR for peripheral address
* stringtoreceive for data address
* Data size given
* Memory increment, peripheral to memory | 8-bit transfer | transfer complete interrupt**/
DMA1_CSELR->CSELR = (DMA1_CSELR->CSELR & ~DMA_CSELR_C5S) | (4 << (4 * 4));
DMA1_Channel5->CPAR = (uint32_t)&(USART2->RDR);
DMA1_Channel5->CMAR = (uint32_t)stringtoreceive;
DMA1_Channel5->CNDTR = sizeof(stringtoreceive);
DMA1_Channel5->CCR = DMA_CCR_MINC | DMA_CCR_TCIE | DMA_CCR_EN;
NVIC_SetPriority(DMA1_Channel4_5_6_7_IRQn, 0); //NVIC enabled, max priority, channels 4-7
NVIC_EnableIRQ(DMA1_Channel4_5_6_7_IRQn);
}
void CONFIGURE_UART_PARAM(void){
RCC->IOPENR |= ( 1ul << 0); //Enable GPIOA clock
RCC->APB1ENR |= ( 1ul << 17); //Enable USART#2 clock
GPIOA->AFR[0] &= ~((15ul << 4* 3) | (15ul << 4* 2) ); //Clear PA2,PA3
GPIOA->AFR[0] |= (( 4ul << 4* 3) | ( 4ul << 4* 2) ); //Set PA2,PA3
GPIOA->MODER &= ~(( 3ul << 2* 3) | ( 3ul << 2* 2) ); //Same as above
GPIOA->MODER |= (( 2ul << 2* 3) | ( 2ul << 2* 2) );
USART2->BRR = PCLK/BAUD;
USART2->CR3 = USART_CR3_DMAT | USART_CR3_DMAR; //Enable DMA mode in transmit and receive
/*UART enabled for transmission and reception*/
USART2->CR1 = USART_CR1_TE | USART_CR1_RE | USART_CR1_UE;
while((USART2->ISR & USART_ISR_TC) != USART_ISR_TC)
{
/* add time out here for a robust application */
}
USART2->ICR = USART_ICR_TCCF;
}
void CONFIGURE_EXTI(void){
SYSCFG->EXTICR[0] = ((SYSCFG->EXTICR[0] & 0x0000) | SYSCFG_EXTICR4_EXTI13_PC); //clear EXTICR and set to PC13(B1)
EXTI->FTSR |= EXTI_FTSR_TR13; //falling edge trigger
EXTI->IMR |= EXTI_IMR_IM13; //unmask
NVIC_SetPriority(EXTI4_15_IRQn, 0); //def interrupt
NVIC_EnableIRQ(EXTI4_15_IRQn);
}
/*************************************************************************************************************************************************************************************************************************/
/*************************************************************************************************************************************************************************************************************************/
/*Interrupt Handlers*/
void DMA1_Channel4_5_6_7IRQHandler(void){
if((DMA1->ISR & DMA_ISR_TCIF4) == DMA_ISR_TCIF4){
DMA1->IFCR = DMA_IFCR_CTCIF4; //Clear Channel 4 Transfer Complete flag
}
else if((DMA1->ISR & DMA_ISR_TCIF5) == DMA_ISR_TCIF5){
DMA1->IFCR = DMA_IFCR_CTCIF5; //Clear Channel 5 Transfer Complete flag
DMA1_Channel5->CCR &= ~DMA_CCR_EN;
DMA1_Channel5->CNDTR = sizeof(stringtoreceive);/* Data size */
DMA1_Channel5->CCR |= DMA_CCR_EN;
}
}
void EXTI4_15_IRQHandler(void){
if(!(GPIOC->IDR & (1 << 13))){
/* Clear EXTI 13 flag */
EXTI->PR = EXTI_PR_PIF13;
/* start 8-bit transmission with DMA */
DMA1_Channel4->CCR &= ~DMA_CCR_EN; //channel disable
DMA1_Channel4->CNDTR = sizeof(stringtosend);/* Data size */
DMA1_Channel4->CCR |= DMA_CCR_EN; //channel enable
}
}
//void EXTI4_15_IRQHandler(void){
// if((EXTI->PR & EXTI_PR_PIF13) == EXTI_PR_PIF13){
// /* Clear EXTI 13 flag */
// EXTI->PR = EXTI_PR_PIF13;
//
// /* start 8-bit transmission with DMA */
// DMA1_Channel4->CCR &= ~DMA_CCR_EN; //channel disable
// DMA1_Channel4->CNDTR = sizeof(stringtosend);/* Data size */
// DMA1_Channel4->CCR |= DMA_CCR_EN; //channel enable
// }
//}
Now then, this specific code is based on an example from the STM32L0 snippets package 1.20, USART/Communcation Using DMA. USART 1 was simply redefined to USART 2 (as that is the one used by the virtual COM port), and the DMA channels were redefined according to that as well. However, the problem here is very simple: it will only print stringtosend once (would like to do it every time button B1 is pressed), and will not receive data by RX either - as if it completely ignores the DMA interrupt handler - which I am not sure how to test (no trace features available on this board). What I have seems to reflect the reference manual well enough, and all the main does is:
int main(){
SystemCoreClockInit();
CONFIGURE_UART_PARAM();
ENABLE_UART_DMA();
pushbutton_def();
CONFIGURE_EXTI();
while(1){
}
...which should just react to the defined interrupts, however it does not, and for the life of me, I cannot see why. I would love if you could help me - I would also like to avoid HAL or LL APIs - this is not a complex enough project to warrant their usage (several inputs, outputs, comms between two boards by USART/DMA), plus I would prefer to learn working closer to the register level.
Thanks!
edit (in response to Berendi's suggestions):
1. GPIOC was defined in another file, called with pushbutton_def():
RCC->IOPENR |= (1UL << 2); //enable GPIOC
I understand exactly what you mean by your explanation (indeed, the register referred by those two is "the same", 0x00000020U), but I am not sure as to how to redefine it: here is my attempt after looking at the reference manual (SYSCFG part) and the source (still, it does not work):
SYSCFG->EXTICR[3] = ((SYSCFG->EXTICR[3] & 0x0000) | SYSCFG_EXTICR4_EXTI13_PC);
As suggested, I have added USART2->ICR = USART_ICR_TCCF; to the EXTIhandler, right after the DMA channels. I have kept it in the USART definition. The message is still only being sent once, though.
GPIOC is not enabled
Here,
RCC->IOPENR |= ( 1ul << 0); //Enable GPIOA clock
you should enable GPIOC too.
EXTI13 is mapped to PA13
Here,
SYSCFG->EXTICR[0] = ((SYSCFG->EXTICR[0] & 0x0000) | SYSCFG_EXTICR4_EXTI13_PC); //clear EXTICR and set to PC13(B1)
you are setting the configuration register for EXTI0-EXTI3, actually mapping EXTI1 to PC1. EXTI13 remains mapped to PA13, which is actually SWDIO, connected to the onboard debugger. I guess the traffic on SWDIO triggers the EXTI interrupt, the handler checks PC13 which is always reading 0 because the port is disabled, and enables DMA. DMA transmit works only once though, because
USART_ISR_TC is not cleared in the interrupt
but only once at startup. You should move this line
USART2->ICR = USART_ICR_TCCF;
to the EXTI interrupt handler.
I'm not sure why receiving doesn't work, perhaps the DMA handler has no chance to run, because EXTI is constantly retriggered by SWD traffic. Both interrupts have the same priority, the one with lower interrupt number wins, which is the EXTI handler. If it's always retriggered before it finishes, then it will be called again, not letting the other handler to run.
I'm currently working on a piece of code, which should wait for a comparator interrupt and execute some other code after a set amount of time. Now, I thought using Timer2 in CTC mode would be a good idea to make sure that the program waits for the right amount of time and came up with this:
void setup(){
...
// Set up the timer
TCCR2A = 0;
TCCR2B = 0;
TCNT2 = 0;
OCR2A = 255; // compare match register
TCCR2A = (1 << WGM21); // CTC mode
TCCR2B = ((1 << CS22) | (1 << CS21)); // 256 prescaler
TIMSK2 &= ~(1 << OCIE2A); // disable interrupt
}
ISR(ANALOG_COMP_vect) {
// switchTime is in µs, usual value: around 500µs
// with a 16 Mhz crystal and a 256 prescale we need to devide
// the switchTime by 16 (2^4)
OCR2A = switchTime >> 4;
TCNT2 = 0; // reset counter
TIMSK2 |= (1 << OCIE2A); // enable timer compare interrupt
}
ISR(TIMER2_COMPA_vect) {
TIMSK2 &= ~(1 << OCIE2A); // disable interrupt
// do stuff
}
The awkward thing is, it doesn't work. The ISR timer is immediately called after we leave the ISR comparator (I checked this by toggling a pin in both routines and measuring with an oscilloscope). After a few hours of reading datasheets and randomly changing the code I came up with a line of code that fixed it:
ISR(TIMER2_COMPA_vect) {
TIMSK2 &= ~(1 << OCIE2A); // disable interrupt
OCR2A = 255; // <- apparently fixes all my problems
// do stuff
}
I'm quite confused about this because the frequency of the timer shouldn't be a matter after we call the routine and deactivate the interrupt.
Now I'm quite glad that I've found the solution but I want to know why it works. Something about knowing how to fish and accidentally catching a fish by randomly inserting code.
I think you missed the clearing of pending timer interrupts.
ISR(TIMER2_COMPA_vect) {
TIMSK2 &= ~(1 << OCIE2A); // disable interrupt
/* Clear pending interrupts */
TIFR2 = (1 << TOV2) | (1 << OCF2A) | (1 << OCF2B);
// do stuff
}
I have STM32F7 Disco board with STM32F723IEK MCU. Trying to trigger a DMA request from a timer causes a DMA error, but only for timers from the APB1 group (TIM2 to TIM7 and others), that are connected to DMA1. Doing the same with TIM1 and TIM8, which are connected to DMA2, works fine. The error manifests itself as the TEIFx flag being set in the appropriate DMA LISR or HISR register and DMA immediately disabled after the first transaction. The NDTR register is decremented by one.
According to the datasheet, the TEIF error may be triggered by a "bus error". I understand this as e.g. trying to access a peripheral that is not accessible from the DMA bus. However, the same setup works well using DMA2 and TIM1/TIM8, without changing the DMA address. So the problem seems to be related to DMA request and not the data transaction itself. Given that there are lot of timer channels defined for DMA1, this should certainly work.
I have tried to vary DMA settings but this made no difference. The relevant portion of the test program is below. The full version https://github.com/ak-hard/stm32-dma-tim/blob/master/main.c is only slightly larger and have no dependencies except CMSIS and STM32 Device headers.
I wonder if someone can comment on or reproduce this problem.
const struct
{
TIM_TypeDef *tim;
DMA_TypeDef *dma;
DMA_Stream_TypeDef *stream;
unsigned channel;
} CFG = {
// uncomment the needed combination below, only TIM1 and TIM8 work
// TIM1, DMA2, DMA2_Stream5, 6
TIM8, DMA2, DMA2_Stream1, 7
// TIM2, DMA1, DMA1_Stream1, 3
// TIM2, DMA1, DMA1_Stream7, 3
// TIM3, DMA1, DMA1_Stream2, 5
// TIM4, DMA1, DMA1_Stream6, 2
// TIM5, DMA1, DMA1_Stream0, 6
// TIM5, DMA1, DMA1_Stream6, 6
// TIM6, DMA1, DMA1_Stream1, 7
// TIM7, DMA1, DMA1_Stream2, 1
// TIM7, DMA1, DMA1_Stream4, 1
};
enum
{
DMA_SxCR_DIR_P2M = 0,
DMA_SxCR_PSIZE_WORD = DMA_SxCR_PSIZE_1,
DMA_SxCR_MSIZE_WORD = DMA_SxCR_MSIZE_1,
};
#define DMA_SxCR_CHSEL_NUM(ch) ((ch) << DMA_SxCR_CHSEL_Pos)
uint32_t buf;
void start(void)
{
SysTick->LOAD = 0xffffffu;
SysTick->VAL = 0;
SysTick->CTRL = 5;
RCC->AHB1ENR |= RCC_AHB1ENR_GPIOAEN;
RCC->APB2ENR |= RCC_APB2ENR_TIM1EN | RCC_APB2ENR_TIM8EN;
RCC->APB1ENR |= RCC_APB1ENR_TIM2EN | RCC_APB1ENR_TIM3EN | RCC_APB1ENR_TIM4EN | RCC_APB1ENR_TIM5EN
| RCC_APB1ENR_TIM6EN | RCC_APB1ENR_TIM7EN;
RCC->AHB1ENR |= RCC_AHB1ENR_DMA1EN | RCC_AHB1ENR_DMA2EN;
LED_PORT->MODER |= 1 << (2 * LED_PIN);
LED_PORT->OSPEEDR |= 3 << (2 * LED_PIN); // fastest speed
CFG.tim->CR1 |= TIM_CR1_ARPE;
CFG.tim->ARR = 16;
CFG.tim->PSC = 1000;
CFG.tim->EGR = TIM_EGR_UG; // Generate Update Event to copy ARR to its shadow
CFG.tim->DIER |= TIM_DIER_UDE;
CFG.stream->CR |= DMA_SxCR_CHSEL_NUM(CFG.channel) | DMA_SxCR_DIR_P2M | DMA_SxCR_PSIZE_WORD | DMA_SxCR_MSIZE_WORD;
CFG.stream->NDTR = 16;
CFG.stream->PAR = (uint32_t) &GPIOA->IDR;
CFG.stream->M0AR = (uint32_t) &buf;
CFG.stream->CR |= DMA_SxCR_EN;
CFG.tim->CR1 |= TIM_CR1_CEN;
// wait until DMA state changes
while (CFG.dma->LISR == 0 && CFG.dma->HISR == 0)
delay_ms(1);
// check for any TEIFx bits
int error = (CFG.dma->LISR | CFG.dma->HISR) & 0x02080208;
while (1)
{
LED_PORT->ODR ^= 1 << LED_PIN;
delay_ms(error ? 100 : 500);
}
}
There used to an answer here but it got deleted for some reason. Thanks to its author though.
Looking at the bus matrix, it becomes clear that the peripheral bus of the DMA1 is only connected to APB1. It is actually not a part of the matrix at all. This probably means that DMA1 can only handle transfers from/to APB1 peripherals. Since GPIO is an AHB peripheral, it is not accessible from DMA1. This should also apply to other APB2 (e.g. SPI1) and AHB peripherals (e.g. OTGFS). Normally, it does not make sense to access AHB or APB2 peripherals from DMA1 because their requests are not routed to DMA1. However, it may be needed for convoluted cases like GPIO by a timer.
I personally think this point could be made more obvious in the documentation.