Does the MPU limit code running in RAM?

RE: Does the MPU limit code running in RAM?

Branden Ghena — Wed, 15 Jun 2016 18:58:07 GMT

It's disappointing that the MPU cannot protect RAM0, but good to know. Thanks for clarifying this, Kristin.

RE: Does the MPU limit code running in RAM?

FormerMember — Wed, 15 Jun 2016 12:54:48 GMT

It is only possible to protect code region 0. However, as the table shows, code region 1 will only have limited access to RAM 0. It means that for code in region 1 to have full access to RAM 0, the code in region1 has to be run from RAM.

RE: Does the MPU limit code running in RAM?

RK — Tue, 14 Jun 2016 23:47:14 GMT

I think the question is clear and I don't know why the answers keep talking about Code Region protection when you're asking about RAM region protection.

As far as I can see RAM R0 is not protected from code running in RAM R1 so you can write RAM R0 as you suggest. However I'm not sure how much of a security hole that actually is, writing to RAM R0 doesn't let you get any further.

RE: Does the MPU limit code running in RAM?

Branden Ghena — Tue, 14 Jun 2016 16:32:59 GMT

Thank you for clarifying. I think I have not explained my question well enough. I added an update to the original question with the parts I am confused about circled in red. Table 40 seems to show that RAM R0 is not protected from RAM R1.

RE: Does the MPU limit code running in RAM?

FormerMember — Tue, 14 Jun 2016 11:38:28 GMT

I have updated my answer.

RE: Does the MPU limit code running in RAM?

Branden Ghena — Mon, 13 Jun 2016 18:30:39 GMT

Thanks for the response, but it's not quite the question I was asking. As you cited, the MPU protects Code R0 (in Flash) from accesses by Code R1 and RAM R1. But I'm interested in how it protects RAM R0.

In Table 40 in the reference manual, it states that if the request source is RAM R0/R1 and the request target is RAM R0, Full Access is granted (regardless of MPU state). Does this mean that an access from RAM R1 can modify data in RAM R0 even if the MPU is on?

RE: Does the MPU limit code running in RAM?

FormerMember — Mon, 13 Jun 2016 11:30:25 GMT

A memory protect region cannot be accessed by others, but it will have full access to the system. The reference manual says the following regarding memory protection of region 0:

When memory protection is enabled, these regions will be used by the Memory Protection Unit to enforce runtime protection and readback protection of resources classified as region 0.

...

Independent of protection settings, code region R0 (CR0) will always have full access to the system.

...

When enabled, only code running from code region 0 will be able to access the code in code region 0. Accesses generated by code running from code region 1 or from RAM, as well as accesses generated by the debugger (SWD), will not be granted when code region 0 is protected. Independent of readback protection configuration of code

Did this clearify how MPU work?

Update 14.06.16: The UICR register description show that 0x00 enables and 0xFF disables readback protection. Therefore the "request source RAM R0/R1" with setting 0xFF disables readback protection, and hence, there will be full access to all request targets.

When the "request source RAM R0/R1" is set to 0x00 for readback protection on code region 0, there is no access to code region 0.